Building Daemon or Service Apps with Office 365 RE

2019-07-16 14:58发布

问题:

I am trying to build a batch job to access Office 365 Mail API. Up on checking the documentation (the concept is very clear), I wasn't able to find a code sample written for Java. I've found this but it relies on the java pom file but I would love to use REST API or Graphi API directly if possible.

Can someone point me on how to get started with building a Daemon service to access Office 365 REST API without users login ?

UPDATE

I've the following code to get the token using AADL library

String tenant="....";
        String authority = "https://login.windows.net/"+tenant+"/oauth2/authorize";
        ExecutorService service=null;
        service= Executors.newFixedThreadPool(1);

        try{

            AuthenticationContext authenticationContext= new AuthenticationContext(authority,false,service);
            String certFile="/mycert2.pfx";
            InputStream pkcs12Cert= new SharedFileInputStream(certFile);

            AsymmetricKeyCredential credential=AsymmetricKeyCredential.create("....",pkcs12Cert,"pass");


            Future<AuthenticationResult> future=authenticationContext.acquireToken("https://outlook.office365.com",credential,null);

            System.out.println("Token Received"+future.get().getAccessToken());
            String token = future.get().getAccessToken();

            HttpGet httpGet = new       HttpGet("https://graph.microsoft.com/v1.0/users");

            httpGet.setHeader("Authorization", "Bearer "+token);


            GraphServices graphServices = new GraphServices();
            ResponseEntity<String> responseEntity;


            //responseEntity = graphServices.getEmails(token); //Throws the same Unauthorized exception 

            HttpClient httpClient= HttpClients.createDefault();

            HttpResponse response=httpClient.execute(httpGet);
//response contains Unauthorized access 
            HttpEntity entity=response.getEntity();

        }
        catch (MalformedURLException e){
            e.printStackTrace();

        }
        catch (Exception e){
            e.printStackTrace();
        }


    }

Here the Unauthorized error from the http.execute method

HttpResponseProxy{HTTP/1.1 401 Unauthorized [Content-Type: application/json; charset=utf-8, Server: Microsoft-IIS/8.5, request-id: 49ca360f-ab4b-42d5-a4b0-9676e4244c21, client-request-id: 49ca360f-ab4b-42d5-a4b0-9676e4244c21, x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"West US","Slice":"SliceA","ScaleUnit":"003","Host":"AGSFE_IN_8","ADSiteName":"WST"}}, X-Powered-By: ASP.NET, Date: Tue, 06 Sep 2016 20:43:24 GMT, Content-Length: 244] ResponseEntityProxy{[Content-Type: application/json; charset=utf-8,Content-Length: 244,Chunked: false]}}

eyJ0eXAiOiJKV1QiLCJxcy76FRUlljRV9tb3RXVkpLSHJ3TEJiZF85cyIsImtpZCI6IlliUkFRUlljRV9tb3RXVkpLSHJ3TEJiZF85cyJ9.eyJhdWdfsas32sub2ZmaWNlMzY1LmNvbSIsImlzcyI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0L2YwMjYzMzUzLWFlYjItNGE4YS1iZThhLTc3Mzc3MmE2MGJlMy8iLCJpYXQiOjE0NzMxOTQ4MjIsIm5iZiI6MTQ3MzE5NDgyMiwiZXhwIjoxNDczMTk4NzIyLCJhcHBpZCI6IjhhNjc2ZjJkLWU1M2MtNDViNy05MzhhLTdiOTE1YjVkZTRiNiIsImFwcGlkYWNyIjoiMasdff4577dHMud2luZG93cy5uZXQvZjAyNjMzNTMtYWViMi00YThhLWJlOGEtNzczNzcyYTYwYmUzLyIsIm9pZCI6IjQ3NDhkZDE5LTAxOTUtNDcwOC04MTNkLTQxMTdhNDhlMTdmOCIsInN1YiI6IjQ3NDhkZDE5LTAxOTUtNDcwOC04MTNkLTQxMTdhNDhlMTdmOCIsInRpZCI6ImYwMjYzMzUzLWFlYjItNGE4YS1iZThhLTc3Mzc3MmE2MGJlMyIsInZlciI6IjEuMCJ9.BKt54345DIfv2WWT4pQ--Nuy-0aHkkht4332r7E4d5mP-EAEKmcQe7y0IPjkYGZTNhyNiG2tVAyb56Gcbessdsfewz_BNoAolTVukxttXc-pFY1_Ol5Adc8T5yio43ixfs88mrVRqZEHsb7c-wjO-otBXocZs8waYXdree83g1JtcnULs7bAGp3VBUhMjuJ2u87363Yq3lfse39_Pt6tRw]

(the token is something similar to this, just changed it to something similar for security)

回答1:

Java walkthrough here (though for a web app using auth code flow): https://dev.outlook.com/restapi/tutorial/java

There's also this sample that uses client credential flow:

https://github.com/jasonjoh/java-calendar-demo



回答2:

To authenticate in the daemon or service apps, we can use Client Credentials flow. After we register the app, we would get the secret. Then we can use the request below direct to get the app-only access token:

POST https://login.microsoftonline.com/<tenantId>/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
&client_id=<clientId>
&client_secret=<clientSecret>
&resource=https://graph.microsoft.com

And to use the Office 365 access token, we can replace the resource with https://outlook.office.com. Here is a detail document about calling Microsoft Graph in a service or daemon app.