Last active
June 10, 2020 06:43
-
-
Save gscales/9c2eb16cecf3bdad2ef6501934648b06 to your computer and use it in GitHub Desktop.
EWS MSAL Modern Authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013_SP1); | |
String ClientId = "111111-52b3-4102-aeff-aad2292ab01c"; | |
String MailboxName = "gscales@datarumble.com"; | |
HttpClient httpClient = new HttpClient(); | |
httpClient.DefaultRequestHeaders.UserAgent.ParseAdd("Mozilla/5.0 (compatible; AcmeInc/1.0)"); | |
StringContent RealmRequest = new StringContent("{\"username\":\"" + MailboxName + "\"}"); | |
String DiscoveryURL = "https://login.microsoftonline.com/common/GetCredentialType"; | |
dynamic RealmDiscover = JsonConvert.DeserializeObject(httpClient.PostAsync(DiscoveryURL, RealmRequest).Result.Content.ReadAsStringAsync().Result); | |
if((Int32)RealmDiscover.EstsProperties.DomainType == 1 || (Int32)RealmDiscover.EstsProperties.DomainType == 2) | |
{ | |
service.Credentials = new WebCredentials("user1@contoso.com", "password"); | |
service.AutodiscoverUrl("user1@contoso.com", RedirectionUrlValidationCallback); | |
} | |
else | |
{ | |
String AutoDiscoverEndpoint = $"https://outlook.office365.com/autodiscover/autodiscover.json/v1.0/{MailboxName}?Protocol=EWS"; | |
dynamic JsonResult = JsonConvert.DeserializeObject(httpClient.GetAsync(AutoDiscoverEndpoint).Result.Content.ReadAsStringAsync().Result); | |
if (IsPropertyExist(JsonResult, "Url")) | |
{ | |
String AudienceHostName = new Uri(JsonResult.Url.ToString()).Host; | |
string scope = "https://" + AudienceHostName + "/EWS.AccessAsUser.All"; | |
PublicClientApplicationBuilder pcaConfig = PublicClientApplicationBuilder.Create(ClientId).WithAuthority(AadAuthorityAudience.AzureAdMultipleOrgs); | |
var IntToken = pcaConfig.Build().AcquireTokenInteractive(new[] { scope }).ExecuteAsync().Result; | |
service.Credentials = new OAuthCredentials(IntToken.AccessToken); | |
service.Url = new Uri(JsonResult.Url.ToString()); | |
} | |
} | |
Folder Inbox = Folder.Bind(service, WellKnownFolderName.Inbox); | |
} | |
public static bool IsPropertyExist(dynamic settings, string name) | |
{ | |
if (settings is Newtonsoft.Json.Linq.JObject) | |
return ((Newtonsoft.Json.Linq.JObject)settings).ContainsKey(name); | |
return settings.GetType().GetProperty(name) != null; | |
} | |
private static bool RedirectionUrlValidationCallback(string redirectionUrl) | |
{ | |
// The default for the validation callback is to reject the URL. | |
bool result = false; | |
Uri redirectionUri = new Uri(redirectionUrl); | |
// Validate the contents of the redirection URL. In this simple validation | |
// callback, the redirection URL is considered valid if it is using HTTPS | |
// to encrypt the authentication credentials. | |
if (redirectionUri.Scheme == "https") | |
{ | |
result = true; | |
} | |
return result; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment