microsoftgraph / microsoft-graph-explorer Goto Github PK

Add a step to the azure-pipelines.yml to create a copy of our explorer.js and explorer.js.map files with a version suffix. We can either get the version from the package.json or from the build environment. We should try and identify what the best practices are.

I want to implement MFA to my Angular App, that gets the Access Token via my NodeJS server. Normal users without MFA can get an AccessToken, but others with MFA failed. They get: 400 Bad Request: interaction_required error. How can i implement it?

My Code for getting an Access Token looks like this:

const jwt = require('jsonwebtoken');
var cryptoJS = require("../API/CryptoJS");
require('dotenv').config();

const credentials = {
    client: {
        id: process.env.MS_APP_CLIENT_ID,
        secret: process.env.AZURE_CLIENT_SECRET
    },
    auth: {
        tokenHost: 'https://login.microsoftonline.com',
        authorizePath: '[TENANT-ID]/oauth2/authorize',   // [TENANT-ID] Authentication!
        tokenPath: '[TENANT-ID]/oauth2/token',   // // [TENANT-ID] Token!
    }
};

const oauth2 = require('simple-oauth2').create(credentials);

// Callbacks
// Save the access token
module.exports.login = function (req, res, next) {

    var userpw = cryptoJS.decrypt(req.body.password);

    // Get the access token object.    
    const tokenConfig = {
        username: req.body.username,
        password: userpw,
        resource: 'https://graph.microsoft.com'
    };

    oauth2.ownerPassword.getToken(tokenConfig, (error, result) => {
        if (error) {
            console.log('Access Token Error: ', error);
            return res.status(401).json({
                message: error
            });
        } else {
            const accessToken = oauth2.accessToken.create(result);
            const decoded = jwt.decode(accessToken.token.access_token);


            return res.status(200).json({
                message: "Authentication successfull",
                token: accessToken.token,
                decode: decoded
            });

        }
    });
}

Hope you can help me.

Thanks.
Rebar

I have tried to install this project and got error:
ECMDERR Failed to execute "git ls-remote --tags --heads [email protected]:dan-silver/hello.js.git", exit code of #128 Host key verification failed. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
I have tried it on Windows 10 OS and Ubuntu 16.04 machines. Results are the same.

Please add new queries to en-US.json so we can localize them. Thanks.

Please add tokenPlease() somewhere in the UI with a mini explanation for how to use it.
Very useful function if people want to use it to run in Postman or somewhere else.

Check the GIF

2121648

Expected behavior

The OneDrive SharedWithMe endpoint should return values for the files and folders that have been shared with the given user.

I should be seeing the files and folders that are shared with me in the values array.

Actual behavior

OneDrive SharedWithMe endpoint returns nothing in the graph explorer when there are files and folders that should appear.

This is what I'm given:
{ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(driveItem)", "value": [] }

Steps to reproduce the behavior

On the graph explorer, open Sample Queries and under OneDrive select the files shared with me query. In the Response Preview, values is in fact empty.

We are seeing Graph Explorer send our Workload (Microsoft.Notifications) expired AAD tickets. "Lifetime validation failed. The token is expired"

We are seeing this when users are logged in for a long time as well as when users have just logged in.
I can provide our server-side logs if needed as well as the request-id.

Expected behavior

Adding a new scope in the modify permissions UI only adds a single scope to the OAuth request. This appeared to be fixed with #165. I seem to be mistaken.

Actual behavior

We are now seeing many OAuth scopes being sent when only one is selected. This includes the default scopes which require admin consent. This shouldn't happen.

It almost seems like user consent is disabled as a new default. This includes demo tenants.

Steps to reproduce the behavior

1. Login to GE with a non-admin account.
2. Open the modify permissions UI.
3. Add a user consentable scope and select modify.
4. Get redirected to a request for admin consent.

HTTP traffic capture

GET /common/oauth2/v2.0/authorize?nonce=graph_explorer&prompt=select_account&client_id=de8bc8b5-d9f9-48b1-a8ad-b748da725064&response_type=token&redirect_uri=https%3A%2F%2Fdeveloper.microsoft.com%2Fen-us%2Fgraph%2Fgraph-explorer&state=%7B%22client_id%22%3A%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%22%2C%22network%22%3A%22msft%22%2C%22display%22%3A%22page%22%2C%22callback%22%3A%22_hellojs_4eh1jgbe%22%2C%22state%22%3A%22%22%2C%22redirect_uri%22%3A%22https%3A%2F%2Fdeveloper.microsoft.com%2Fen-us%2Fgraph%2Fgraph-explorer%22%7D&scope=Calendars.Read%20Calendars.ReadWrite%20Contacts.ReadWrite%20DeviceManagementApps.Read.All%20DeviceManagementApps.ReadWrite.All%20DeviceManagementConfiguration.Read.All%20DeviceManagementConfiguration.ReadWrite.All%20DeviceManagementManagedDevices.PrivilegedOperations.All%20DeviceManagementManagedDevices.Read.All%20DeviceManagementManagedDevices.ReadWrite.All%20DeviceManagementRBAC.Read.All%20DeviceManagementRBAC.ReadWrite.All%20DeviceManagementServiceConfig.Read.All%20DeviceManagementServiceConfig.ReadWrite.All%20Directory.AccessAsUser.All%20Directory.ReadWrite.All%20Files.ReadWrite.All%20Group.ReadWrite.All%20IdentityRiskEvent.Read.All%20Mail.ReadWrite%20MailboxSettings.ReadWrite%20Notes.ReadWrite.All%20Notifications.ReadWrite.CreatedByApp%20openid%20People.Read%20Reports.Read.All%20Sites.ReadWrite.All%20Tasks.ReadWrite%20User.ReadBasic.All%20User.ReadWrite%20User.ReadWrite.All

Expected behavior

The query is expected to succeed, for example:

https://graph.microsoft.com/v1.0/me/

Actual behavior

Instead the generic error message is getting displayed:

We had an issue sending this request to the Graph API. For assistance, connect with us on StackOverflow with the tag [microsoftgraph].

Steps to reproduce the behavior

• visit Graph Explorer via Google Chrome browser and click SignIn button
• try to execute any query, for example: https://graph.microsoft.com/v1.0/me/
• when History log reaches certain size (in my case it was more than 2400 log entries), the error started to appear no matter what the query is submitted

Root cause

The error is caused by by history component, in particular when saveHistoryToLocalStorage method is called:

export function saveHistoryToLocalStorage(requestHistory) {
    localStorage.setItem(LocalStorageKeyGraphRequestHistory, JSON.stringify(requestHistory));
}

the following exception occurs:

Failed to execute 'setItem' on 'Storage': Setting the value of 'GRAPH_V4.1_REQUEST_HISTORY' exceeded the quota.

Turns out it is browser specific issue related with Local Storage limit, meaning once the size of History log which is stored in Local Storage reaches this limit, the error started to appear.

Per Chrome official documentation

APIs like Local Storage and Session Storage, which still has a limit of 5 MB per origin

Workaround

one option to circumvent this error would be to clear history log:

• under History panel click Show More link and dialog will appear

• click Remove All button to clear history log

That's it, the specified error should no longer occur.

Sign in with Microsoft Overlaps with Sample Query in IE , and its impossible to Sign-in. See the below image.

IE details.

Hi

I've been using graph explorer to experiment with bringing back events in my calendar. Details here:
https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_list_calendarview

I've noticed that I never seem to get back more than 10 entries, even when I specify a period when there are more than 10 entries in my calendar for that time period. The documentation doesn't seem to mention this limit so I wondered whether it was the intended behaviour?

Steps to reproduce:

• go to https://developer.microsoft.com/en-us/graph/graph-explorer#
• click show more samples
• check outlook calendar
• make sure you have more than 10 entries in your outlook calendar
• check 'All events in my calendar for next week'
• only 10 objects are returned in the 'value' array

Thanks

This issue is a continuation of the issue

Expected behavior:

1. Localized terms of use messages:
   "When you use the Microsoft Graph API, you agree to the Microsoft Graph Terms of Use",
   "View the Microsoft Graph Terms of Use",
   "View the Microsoft Privacy Statement"
2. Links "View the Microsoft Graph Terms of Use" and "View the Microsoft Privacy Statement" should redirect to localized sites for seven languages: de-de; es-es; fr-fr; ja-jp; pr-br; ru-ru; zh-cn.

Actual behavior:

1. Unlocalized terms of use messages:
   "When you use the Microsoft Graph API, you agree to the Microsoft Graph Terms of Use",
   "View the Microsoft Graph Terms of Use",
   "View the Microsoft Privacy Statement"
2. Links are redirected to en-us sites rather than to localized sites: de-de; es-es; fr-fr; ja-jp; pr-br; ru-ru; zh-cn.
   Note: by using aka.ms link you have hardcoded en-us locale into the link.

Steps to reproduce the behavior: go to GE intl site, for instance, https://developer.microsoft.com/ru-ru/graph/graph-explorer.

To fix this issue you need to pick localized resources from translated json files and fix the links.

HTTP traffic capture

Now hard to know that is a share button.

Maybe change to this?

Type any full URL in Graph Explorer, then keep pressing backspace button, you will notice the version selection lookup box collapses.

checked in Firefox and IE edge.

Expected behavior

Following docs links next to samples opens the docs page

Actual behavior

Clicking on some links do not work.

Steps to reproduce the behavior

Click on "all items in my drive"
Link should be https://docs.microsoft.com/en-us/graph/api/driveitem-list-children?view=graph-rest-1.0

Sorry if this is the wrong repository to post this issue - I couldn't find a repository specifically for the graph API. If it is the wrong place to ask this, please point me to the right one!

Expected behavior

https://www.office.com/?auth=2 shows all the recently used documents. https://graph.microsoft.com/beta/me/insights/used only returns a subset (e.g. opened documents don't show up in the result).

Actual behavior

I'm using the https://graph.microsoft.com/beta/me/insights/used endpoint to get all the items recently used (e.g. opened) by the current user. This only returns a subset of items though. I checked the results with the one returned from the Recently used list, shown in https://www.office.com/?auth=2.

Steps to reproduce the behavior

With my user, I open various files on our sharepoint tenant, then refresh https://www.office.com/?auth=2 and call https://graph.microsoft.com/beta/me/insights/used via the Graph Explorer.

Right now I can only add new permissions, I cannot remove/disable default permissions.
If I remove one permission, when I re-login, it is back.

When we get a response back, we should check the response headers and look for a content-disposition header. If the header contains the filename parameter then we should use that to prompt the browser to download the response to a file.

The following code may be modified to trigger the file download behavior in the browser.

function download(url, filename) {
fetch(url).then(function(t) {
    return t.blob().then((b)=>{
        var a = document.createElement("a");
        a.href = URL.createObjectURL(b);
        a.setAttribute("download", filename);
        a.click();
    }
    );
});
}

Use the issues in this repository to open issues about the Graph Explorer application. Questions about the Microsoft Graph should be directed to StackOverflow. Use the [microsoftgraph] tag on StackOverflow.

Expected behavior

Graph should return the owners of a distribution list.

Actual behavior

The list of owners is empty.

Steps to reproduce the behavior

Full description of the problem and repro steps are described in the StackOverflow question I posted:
https://stackoverflow.com/questions/52826474/how-do-i-retrieve-the-owners-of-a-distribution-list-using-microsoft-graph

HTTP traffic capture

I'm attempting to test Graph Notifications in Graph Explorer using my AAD account. After signing in with my AAD account, I attempt to enable the Notifications.ReadWrite.CreatedByApp, which prompts me to sign in again. When I select my AAD account, I get the following error:

Request Id: 0cb8756d-11e6-49d2-8ab1-9bb2201f0e00
Correlation Id: 67a61c4a-e561-42ea-a142-f0cedf7495fa
Timestamp: 2018-09-20T17:21:20Z
Message: AADSTS90094: Graph explorer is requesting permissions, which you are not authorized to grant. Contact your administrator, who can grant permissions to this application on your behalf.

I was able to enable the permission with my MSA, but not my AAD account. How should I proceed to get my AAD account working?

Could it be possible that failure to update this version is what prevented the cache from being updated?

This is a bug in our query importer and/or our sample input format.
https://github.com/microsoftgraph/microsoft-graph-explorer/blob/dev/util-scripts/query-importer.js#L117

Expected behavior

Actual behavior

Steps to reproduce the behavior

• Sign in to GE.
• Choose the Get sections sample and run it. Capture a section id.
• Chose the Create page sample. Add the section to the URL. Run the sample.

Since refreshing token does not work for me, I need sign in again I think every around half hour.
Tried Chrome and Safari.

Currently in tst the version is showing 1.7.10 which is not correct as soon as we merge any changes to dev.

Response didn't show after sending email.

POST https://graph.microsoft.com/v1.0/me/sendMail

Request Body:

{
  "message": {
    "subject": "Meet for lunch?",
    "body": {
      "contentType": "Text",
      "content": "The new cafeteria is open."
    },
    "toRecipients": [
      {
        "emailAddress": {
          "address": "[email protected]"
        }
      }
    ]
  }
}

Below are the libraries that need to be updated

The scope selection dialog is missing the following SharePoint scopes:

• Sites.Manage.All - Create, edit, and delete items and lists in all site collections (non-admin)
• Sites.FullControl.All - Have full control of all site collections (admin consent)

The SP list with filter sample is broken - the service API has changed. We'll need to disable that sample if the API is not fixed/rolled back by the time we need to update GE.

Would it possible to expose this string to localization:

This is a legal requirement and it should be localized.

i am try to create schemaextension via Graph Explorer

i confirm that i have select required permission, but always get error below, why?

This should mitigate the upgrading problems that users are currently seeing.

Use the issues in this repository to open issues about the Graph Explorer application. Questions about the Microsoft Graph should be directed to StackOverflow. Use the [microsoftgraph] tag on StackOverflow.

Expected behavior: Translations for "Sign-in with Microsoft" fit in the button boundaries.

Actual behavior: Translations for "Sign-in with Microsoft" don't fit in the button, get truncated and in some languages lose the meaning. Note: we can't shorten translations as we must use the full term "Microsoft account

".
This is repro for all European languages: de-de; fr-fr; es-es; ru-ru.
Please provide more space (especially for ru-ru). You can also use the correct term on English page: "Sign-in with Microsoft account" .

Steps to reproduce the behavior: go to any of the sites below and observe "Sign in with Microsoft" button:

https://developer.microsoft.com/de-de/graph/graph-explorer
https://developer.microsoft.com/fr-fr/graph/graph-explorer
https://developer.microsoft.com/es-es/graph/graph-explorer
https://developer.microsoft.com/ru-ru/graph/graph-explorer

Hello, after I granted many permissions to Graph Explorer, I sign-out and remove Graph Explorer app from https://account.activedirectory.windowsazure.com/r#/applications as documented in #103.
Then I sign-in again

Expected behavior

Consent to only default permissions Graph Explorer requests on 1st time use

Actual behavior

I get the consent to grant all permissions I granted before.

The graph explorer gives access to a lot of Exchange items like emails, calendar items, contacts. But I am missing the tasks. Is it planned to add them as well?

Even with documentation, developers still think that /v1.0/me and /v1.0/users is not GA because it has only a subset of the properties that are in /beta. However v1.0 has all the same properties, but has a "default properties" behavior. For all other properties developers need to use $select.
I get a report of this weekly, and recently even an escalation from a big ISV.

So looking for a new feature in Graph Explorer

For:
GET ../v1.0/me
GET ../v1.0/users
GET ../v1.0/users/{id}

Could have a banner that reminds them that to get additional user profile properties, they need to use $select. It could even link to the user documentation that points this out

In graph explorer ODATA queries with filter of startswith on list items does not work. All of the ODATA filter functions I tried return itemNotFound error. See an example below https://graph.microsoft.com/v1.0/sites/root/lists('Documents')/Items?$filter=startswith(webURL, 'https') eq true

Expected behavior

This should have returned items which are have a weburl with the word sharepoint in it

Actual behavior

Graph returns itemNotFound error

Steps to reproduce the behavior

The stackoverflow post has more details about the same

HTTP traffic capture

When selecting, 'Show more samples,' on a machine with low resolution or smaller screen sizes, samples at the bottom of the list may be cut off.

On some screens, this may just cut off the Notifications (beta) halfway through, but on smaller screens, the sample is completely hidden.

Hi,

OneDrive File/Content
https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/driveitem_get_content

OneDrive File/Content?Format=PDF
https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/driveitem_get_content_format

both endpoints returns 302 redirect response header these should work in graph explorer
I also think these are great for OneDrive samples.

They also should work for SharePoint DocLib. (They work if I call them directly via postman, but not in Graph Explorer).

Use the issues in this repository to open issues about the Graph Explorer application. Questions about the Microsoft Graph should be directed to StackOverflow. Use the [microsoftgraph] tag on StackOverflow.

Expected behavior

https://stackoverflow.com/questions/42701107/how-do-i-update-the-value-of-person-or-group-columns-in-sharepoint-lists-using-t

Actual behavior

Steps to reproduce the behavior

HTTP traffic capture

Expected behavior

Suppose I have a set of permissions, some of which were already granted by an admin.
I should be able to add any new non-admin privileges without requiring admin approval.

Actual behavior

When I open permissions I see a lot of admin-granted privileges, and adding a new privilege that normally doesn't require admin approval leads to the admin approval workflow.

Steps to reproduce the behavior

Open permissions and try to add non-admin privileges. This must be done on an account that already has some admin-granted privileges.

See also issue #102.

I'd like to use Microsoft Graph Explorer to obtain any person's photo (that is associated to their Microsoft Personal account) based on their email address.

The documentation on MSDN only seems to refer to Microsoft Organizational Accounts. I was able to obtain photos for an Organizational Account, but not for Personal Accounts.

Once this PR clears, johnpapa/lite-server#138, and the package is published, we can update this dependency.

796090

Hi everyone,

I am not sure if this is the right place for my question. I am struggling to find the right place for questions about graph (and actually get a reply).

We want to use graph to collect the views, likes and comment for news in SharePoint Online. However, since a couple of days it takes a long time before for instance the likecount gets updated. The footer of the page immediately shows the correct number of likes but using graph (explorer) it takes hours. The graph call appears to be correct because it worked up unto a couple of days before. If we use the REST API, the data is updated instantly.
The call we use is: https://graph.microsoft.com/v1.0/sites/{siteID}/lists/{listId}/items/{listItemId}

Expected behavior

To have updated like and comment count within minutes

Actual behavior

It takes hours.

Steps to reproduce the behavior

Update a news post
Check through the call if it updates: https://graph.microsoft.com/v1.0/sites/{siteID}/lists/{listId}/items/{listItemId}