azure-samples / ms-identity-python-daemon Goto Github PK
View Code? Open in Web Editor NEWA daemon application in Python calling the Microsoft Graph API
License: MIT License
A daemon application in Python calling the Microsoft Graph API
License: MIT License
I can get user information, but I cannot use other api
only change
"endpoint": "https://graph.microsoft.com/v1.0/users"
"endpoint": "https://graph.microsoft.com/v1.0/me/drive"
Graph API call result:
{
"error": {
"code": "UnknownError",
"message": "Unable to retrieve user's mysite URL.",
"innerError": {
"date": "2021-01-05T06:50:56",
"request-id": "907f7989-d7ae-4795-ba88-0417318b",
"client-request-id": "907f7989-d7ae-4795-ba88-0417718b"
}
}
}
The file appears to have been renamed to confidential_client_secret_sample.py instead of sample.py. The instructions in the comments at the top of the file saying " You can then run this sample with a JSON configuration file: python sample.py parameters.json" are now incorrect.
C:...\ms-identity-python-daemon-master\1-Call-MsGraph-WithSecret>python sample.py parameters.json
python: can't open file 'C:...\ms-identity-python-daemon-master\1-Call-MsGraph-WithSecret\sample.py': [Errno 2] No such file or directory
Request: Sample for MSSQL connection using ADFS
We need have that dependency file requirements.txt inside each sub-folder
It's used from the quickstart
Hello,
I followed the tuto in this repo to create the cert: server.pem
, server.crt
.
Uploading server.crt
to app's Certificates & secrets
as described in the tuto is OK, and the API test is OK too.
But when I tried to upload the cert to Azure Keyvault, server.crt
is not validated as Azure keyvault accepts pem file only, but when uploading server.pem
to Azure keyvault, I got the error: The specified PEM X.509 certificate content can not be read. Please check if certificate is in valid PEM format. Accepted formats: PEM content or Base64 encoded PEM content.
[ ASK ]
I had my own registered with daemon type of App Integration on Azure AD Portal, but when I follow this application daemon first to configure it seems it always create new App Integration.
How to make this configure using existing App Integration ?
Hi everyone
I'm trying to use this library to authenticate with microsoft using a python deamon. I need to use it to access sharepoint lists so the scope I'm using is https://mytenant.sharepoint.com/AllSites.Read
. But I'm always faced with the following error:
AADSTS1002012: The provided value for scope https://mytenant.sharepoint.com/AllSites.FullControl is not valid. Client credential flows must have a scope value with /.default
When trying to use the scope https://mytenant.sharepoint.com/.default
, it returns an access token but the sharepoint api returns Unsupported app only token.
. I've already given the permissions AllSites.FullControl
, Sites.FullControl.All
, Sites.Search.All
and many others related to sharepoint on the apps registration portal of Azure AD.
Is it not possible to query sharepoint with a "deamon". Is it not possible without redirecting the user to a browser login?
Thanks in advance
Traceback (most recent call last):
File "/Users/jcachat/screenpilot/ms-identity-python-daemon-master/2-Call-MsGraph-WithCertificate/confidential_client_certificate_sample.py", line 38, in <module>
app = msal.ConfidentialClientApplication(
File "/Users/jcachat/anaconda3/envs/BingAPI-py39/lib/python3.9/site-packages/msal/application.py", line 572, in __init__
self.client, self._regional_client = self._build_client(
File "/Users/jcachat/anaconda3/envs/BingAPI-py39/lib/python3.9/site-packages/msal/application.py", line 677, in _build_client
assertion = JwtAssertionCreator(
File "/Users/jcachat/anaconda3/envs/BingAPI-py39/lib/python3.9/site-packages/msal/oauth2cli/assertion.py", line 89, in __init__
binascii.a2b_hex(sha1_thumbprint)).decode()
**binascii.Error: Odd-length string**
1-Call-MsGraph-WithSecret WORKED
2-Call-MSGraph-WithCertificate DID NOT!
Still facing this issue even after granting permissions.
Graph API call result:
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"request-id": "d3d91569-9702-478e-90bc-21baa7b31591",
"date": "2020-01-27T19:20:20"
}
}
}
Don't open a file in Python without closing it. This code is bad mojo:
app = msal.ConfidentialClientApplication(
config["client_id"], authority=config["authority"],
client_credential={"thumbprint": config["thumbprint"], "private_key": open(config['private_key_file']).read()},
)
Prefer:
with open(config['private_key_file']) as f:
key = f.read()
app = msal.ConfidentialClientApplication(
config["client_id"], authority=config["authority"],
client_credential={"thumbprint": config["thumbprint"], "private_key": key },
)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.