OAuth Support for EWS with Office 365 documentation

barnonline · February 15, 2021, 11:47am

Hi I’m new Aspose, and I’m trying to update an existing application to use OAuth.

We are using version 20.10.0.0, and I have found this documentation:

But if I use the example I get errors on the two lines:

AuthenticationContext authenticationContext = new AuthenticationContext(authority, false);
// it says that the constructor don’t take any arguments

AuthenticationResult authenticationResult = authenticationContext.AcquireToken(resource, clientID, clientAppUri);
// here it says that AuthenticationContext don’t contain a definition for AcuireToken

On the page I linked to, it does not say what versions it covers.
Is the documentation I linked to, only for the newest version?
If yes, does documentation for older versions exists, or do we need to update to newest version?

Andrey_Potapov · February 15, 2021, 11:50am

@barnonline,
Welcome to our community!
To my regret, that documentation article is out of date. Thank you for your notes. I logged the issue in our tracking system with ID EMAILNET-40095 for updating the article.
I hope the next code snippet will help you with actual authentications:

// https://developer.microsoft.com/en-us/graph/blogs/upcoming-changes-to-exchange-web-services-ews-api-for-office-365/
OAuthTestUser oAuthUser = (OAuthTestUser)user;
string[] scopeAr = new string[]
{
    // O365 ----------------------
    // Exchange Web Services will not receive feature updates
    // Basic Authentication for EWS will be decommissioned
    // https://developer.microsoft.com/en-us/graph/blogs/upcoming-changes-to-exchange-web-services-ews-api-for-office-365/
    // https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth#add-code-to-get-an-authentication-token

    "https://outlook.office.com/EWS.AccessAsUser.All",
};

ITokenProvider tokenProvider = new AzureROPCTokenProvider(
    oAuthUser.Tenant,
    oAuthUser.ClientId,
    oAuthUser.ClientSecret,
    oAuthUser.EMail,
    oAuthUser.Password,
    scopeAr);

NetworkCredential credentials = new OAuthNetworkCredential(tokenProvider);
IEWSClient client = EWSClient.GetEWSClient(server.EWSUrl, credentials);

Additional documents:
Authenticate an EWS application by using OAuth
Acquire a token from Azure AD for authorizing requests from a client application

barnonline · February 17, 2021, 9:55am

I tried your code snippet, but now it does not recognize “AzureROPCTokenProvider”

I
I then googled “AzureROPCTokenProvider” and there was only a single link to your support forum.

I then created the sample of simple implementation of ITokenProvider mentioned in the thread, but then the AzureTokenResponse was an unknown type, and finally I found this on stack overflow.

In the end I decided to go with microsofts Identity.Client

        // Using Microsoft.Identity.Client 4.22.0
        var cca = ConfidentialClientApplicationBuilder
            .Create("appID")
            .WithClientSecret("clientsecret")
            .WithTenantId("tenantID")
            .Build();

        // The permission scope required for EWS access
        var ewsScopes = new string[] { "https://outlook.office365.com/.default" };

        //Make the token request
        var authResult = await cca.AcquireTokenForClient(ewsScopes).ExecuteAsync();

Andrey_Potapov · February 17, 2021, 1:30pm

@barnonline,
Thank you for your investigation. Yes, AzureROPCTokenProvider class is our implementation of ITokenProvider interface for tests. My code snippet demonstrates a custom authentication without details. I am glad to see that you found the solution with Identity.Client.