One of the cool things with today’s Office 365 API Tooling update is that you can now access the Office 365 APIs using libraries available for .NET and JavaScript.
\\8These libraries make it easier to interact with the REST APIs from the device or platform of your choice. And when I say platform of your choice, it really is! Office 365 API and the client libraries support the following project types in Visual Studio today:https://sharepointsamurai.wordpress.com/wp-admin/post.php?post=1625&action=edit&message=10
- NET Windows Store Apps
- .NET Windows Store Universal Apps
- Windows Forms Applications
- WPF Applications
- ASP.NET MVC Web Applications
- ASP.NET Web Forms Applications
- Xamarin Android and iOS Applications
- Multi-device Hybrid Apps
p.s: support for more projects coming on the way….
Few Things Before We Get Started
- The authentication library is released as “alpha”.
- If you don’t see something you want or if you think we missed addressing some scenarios/capabilities, let us know!
- In this initial release of the authentication library, we focused on simplifying the getting started experience, especially for Office 365 services and not so much on the interoperability across other services (that support OAuth) but that’s something we can start looking for next updates to make it more generic.
- The library is not meant to replace Active Directory Authentication Library (ADAL) but it is a wrapper over it (where it exists) which gives you a focused getting started experience.
- However, If you want to opt out and go “DIY”, you still can.
Setting Up Authentication
The first step to accessing Office 365 APIs via the client library is to get authenticated with Office 365.
Once you configure the required Office 365 service and its permissions, the tool will add the required client libraries for authentication and the service into your project.
Lets quickly look at what authenticating your client looks like.
Getting Authenticated
Office 365 APIs use OAuth Common Consent Framework for authentication and authorization.
Below is the code to authenticate your .NET application:
Authenticator authenticator = new Authenticator();
AuthenticationInfo authInfo =
await authenticator.AuthenticateAsync(ExchangeResourceId);
Below is the JS code snippet used for authentication in Cordova projects:
var authContext = new O365Auth.Context(); authContext.getIdToken('https://outlook.office365.com/') .then((function (token) { var client = new Exchange.Client('https://outlook.office365.com/ews/odata', token.getAccessTokenFn('https://outlook.office365.com')); client.me.calendar.events.getEvents().fetch() .then(function (events) { // get currentPage of events and logout var myevents = events.currentPage; authContext.logOut(); }, function (reason) { // handle error }); }).bind(this), function (reason) { // handle error });
Authenticator Class
The Authenticator class initializes the key stuff required for authentication:
1) Office 365 app client Id
2) Redirect URI
3) Authentication URI
You can find these settings in:
– For Web Applications – web.config
– For Windows Store Apps – App.xaml
– For Desktop Applications (Windows Forms & WPF) – AssemblyInfo.cs/.vb
– For Xamarin Applications – AssemblyInfo.cs
If you would like to provide these values at runtime and not from the config files, you can do so by using the alternate constructor:
To authenticate, you call the AuthenticateAsync method by passing the service’s resource Id:
AuthenticationInfo authInfo = await authenticator.AuthenticateAsync(ExchangeResourceId);
If you are using the discovery service, you can specify the capability instead of the resource Id:
AuthenticationInfo authInfo =
await authenticator.AuthenticateAsync("Mail", ServiceIdentifierKind.Capability);
The string to use for other services if you use discovery service: Calendar, Contacts and MyFiles
NOTE:
– For now, if you want to use the discovery service, you will also need to configure a SharePoint resource, either Sites or My Files. This is because the discovery service currently uses SharePoint resource Id.
– Active Directory Graph & Sites do not support discovery service yet
Depending on your client, the AuthenticateAsync will open the appropriate window for you to authenticate:
– For web applications, you will be redirected to login page to authenticate
– For Windows Store Apps, you will get dialog box to authenticate
– For desktop apps, you will get a dialog window to authenticate
AuthenticatorInfo Class
Once successfully authenticated, the method returns an AuthenticatorInfo object which helps you to get the required access token:
ExchangeClient client = new ExchangeClient(new Uri(ExchangeServiceRoot), authInfo.GetAccessToken);
And also help you re-authenticate for a different resource when you create the service client.
AuthenticationInfo graphAuthInfo =
await authInfo.ReauthenticateAsync("https://graph.windows.net/");
The library automatically handles token lifetime management by monitoring the expiration time of the access token and performing a refresh automatically.
Thats it! – Now you can make subsequent calls to the service to return the items you want!
Authentication Library
For .NET projects:
The library is available as a Nuget package. So, if you want to add it manually to your project without the tool, you could do so. However, you will have to manually register an app in the Azure Active Directory to authenticate against AAD.
– Microsoft Office 365 Authentication Library for ASP.NET
– Microsoft Office 365 Authentication Library for .NET (Android and iOS)
– Microsoft Office 365 Authentication Library for ASP.NET
For Cordova projects:
You will need to use the Office 365 API tool which generates the aadgraph.js under the Scripts folder that handles authentication.