Oauth2 authentication for Microsoft OneDrive


EzyOauth2 has now been superseded by Goa, so this document is for legacy information. For more information see OAuth2 for Apps Script in a few lines of code. If you are using EzyOauth2, it's easy to migrate. If you are starting up, consider using Goa instead - it's easier and has more features.

In EzyOauth2 - taking some pain out of Apps Script API authentication, I provided a library to simplify oAuth2, then in EzyOauth2 patterns I showed simple patterns for creating apps. Multiple oAuth2 authentication packages showed how to create multiple authentication packages in the same project. 

Here's a new one - this time for the Microsoft Live SDK


Getting started

You need to set up your application on the Microsoft Applications Dashboard. You'll get a client id and a secret. You can get the redirect URL for your webapp by publishing it, running it, and taking note of the Url it shows. You don't need to bother with most the fields on the dashboard.

Scopes

Although this example is for OneDrive, just like with Google Oauth2, the scopes you select control the API you intend to use. You can find details of Microsoft API scopes here. 

Package Names

You need to add these to your one time credential storing function.  I've called it onedrive.


  setAuthenticationPackage_ ({ 
    clientId : "xxxxxxxxx",
    clientSecret : "xxxxxxxxxxxxxxxxxxxxxxxxxxx",
    scopes : ["wl.signin","wl.basic","wl.offline_access","wl.skydrive_update"],
    service: 'live',
    packageName: 'onedrive'
  });

Service names

I've already added the Live SDK service to the latest  cEzyOauth2 library, so as long as you picking up the latest version it will know how to handle Live SDK requests. This maps to the service name in your credentials package. It looks like this


      { name:'live',
         authUrl : "https://login.live.com/oauth20_authorize.srf",
         tokenUrl: "https://login.live.com/oauth20_token.srf",
         refreshUrl: "https://login.live.com/oauth20_token.srf",
      }


The gadget spec URL could not be found
The gadget spec URL could not be found


The gadget spec URL could not be found


A web application.

The only difference between this and the example shown in EzyOauth2 patterns, is that I am calling different function names and package name. You have to run this at least once to set up the token/refresh structure. It will show you the redirect URI, which you can add to your onedrive application definition, then it will take you through the Live authentication dialog. Future accesses to onedrive will pick up the access or refresh token from your script properties (webapp or not - they use the same token). If you've copied the patterns from EzyOauth2 patterns, you'll already have something that looks like this. I just made a couple of tweaks (in red) to access the live credentials you just created, and to do a test access to onedrive.





/** 
 * this is your web app
 * @param {object} webapp param object
 * return {HtmlOutput} 
 */

function doGet (e) {
  return doGetPattern(e, constructConsentScreen, doSomething, 'onedrive') ;
}

/**
 * tailor your consent screen with an html template
 * @param {string} consentUrl the url to click to provide user consent
 * @param {string} redirectUrl the url that redirect will happen on
 * @return {string} the html for the consent screen
 */
function constructConsentScreen (consentUrl,redirectUrl) {
  return '<p>Redirect URI to be added to cloud console is ' + redirectUrl + '</p><a href = "' + consentUrl + '">Click to authenticate to microsoft</a> ';
}

/**
 * this is your main processing - will be called with your access token
 * @param {string} accessToken - the accessToken
 */
function doSomething (accessToken) {
 
   var options = {
     method: "GET",
     headers: {
       authorization: "Bearer " + accessToken
     }
   };

  var result = UrlFetchApp.fetch("https://apis.live.net/v5.0/me/skydrive/quota", options);
  return HtmlService.createHtmlOutput (' it worked ' + accessToken + '<br>' + result.getContentText());

}

/**
 * gets the property key against which you want the authentication package stored
 * @param {string} optPackageName
 * @return {string}
 */
function getPropertyKey_ (optPackageName) {
  
  return "EzyOauth2Datastore" + (optPackageName ? '_' + optPackageName : '');
}

and we get this .. the access token is massive compared to most services.
EwBoAq1DBAAUGCCXc8wU/zFu9QnLdZXy+YnElFkAAU7qNnFIPZM18CwBZrTmVHEtjjtU1CAuboKmAofHUzvPj78Hz23kMt5qEjAQ0GpVXr3pL8sadEA9pXa+dmya+YY2b/At6Rc2GOrjW5cBDgYvFH+JUNKfb+ah2S1yMpJ+qsXzFJfN0Ueo3QDDc3UnrCrcQyxcgGWnLnczL0AoTliuM7L+Fqo2GGtgc6tMkH4DxSgycNTMHEN69iUMzK2f/09LvBFmi2uwXXsIWeGcPKSHv1Anh/pWuqJjxnfiifjD0FoxMrF0A8b32vOUR3Aev4qhdE/q+LjtdQpQtDyLzGgboUzVeEc2kK32O2bW10txcg51sWDBAEdRuiQMVbjwOF8DZgAACBW2mTeNvlhjOAH7vKsHBjQaNIF2wavleIP6pxTEcjh0z94xLQOgX9o3NpgKSFg45QYmV2kd+ywbwniHuWywO4UyKmLfSDFqNJU+n/aibYl36Jgb5n0/AsGCBwo3iuv3OLYl69PMJt3Z0zJQoe+xdXKyAgAewKjwgh+Qk4U/cBdZV40WUveaSsbZ/h/gW4h9j3mpFC+hVybCGz3b4VDaJKFa7cGcftm2o03WifXGshPDsE4HblVKNR279McWilPTqKjmujApZZCKCiJvbQKMCtp9xt2MJDq3KEzTWX6upytRY6MTapYiA0AKFGTDg+6X83IpZfql4sGAf+oovkKWgW+SAYC0NErsJTJQEcxYbMHWmJqa2U2QLI0DQHjx9bGJY4/l5aJuyhVM8T3BIFA3FSXp8Sk0hpFab6YexUdcTDGlvUljAQ==

{ "quota": 1115617755136, "available": 1115614588857 }

Summary

Once your credentials are set up, all you have to do is pass the function that does the work to doGetPattern(e, constructConsentScreen , doSomething ,"onedrive")   and it will be called with a fresh accessCode. 
Comments