Sample script that connects to Microsoft Graph using Authorization Code (implies user must sign in). This script does 4 actions: 1) Read files from OneDrive for Business (ODB), 2) Read files from SPO site library 3) Create a demo file in ODB and 4) Create a demo file in SPO site
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| clear | |
| # The resource URI | |
| $resource = "https://graph.microsoft.com" | |
| # Your Client ID and Client Secret obainted when registering your Azure AD (AAD) APP | |
| $clientid = "AAD APP ID"; | |
| $clientSecret = "AAD APP CLIENT SECRET"; | |
| $redirectUri = "https://localhost" | |
| # UrlEncode the ClientID and ClientSecret and URL's for special characters | |
| Add-Type -AssemblyName System.Web | |
| $clientIDEncoded = [System.Web.HttpUtility]::UrlEncode($clientid) | |
| $clientSecretEncoded = [System.Web.HttpUtility]::UrlEncode($clientSecret) | |
| $redirectUriEncoded = [System.Web.HttpUtility]::UrlEncode($redirectUri) | |
| $resourceEncoded = [System.Web.HttpUtility]::UrlEncode($resource) | |
| $scopeEncoded = [System.Web.HttpUtility]::UrlEncode("https://outlook.office.com/user.readwrite.all") | |
| # Function to popup Auth Dialog Windows Form | |
| Function Get-AuthCode { | |
| Add-Type -AssemblyName System.Windows.Forms | |
| $form = New-Object -TypeName System.Windows.Forms.Form -Property @{Width=440;Height=640} | |
| $web = New-Object -TypeName System.Windows.Forms.WebBrowser -Property @{Width=420;Height=600;Url=($url -f ($Scope -join "%20")) } | |
| $DocComp = { | |
| $Global:uri = $web.Url.AbsoluteUri | |
| if ($Global:uri -match "error=[^&]*|code=[^&]*") {$form.Close() } | |
| } | |
| $web.ScriptErrorsSuppressed = $true | |
| $web.Add_DocumentCompleted($DocComp) | |
| $form.Controls.Add($web) | |
| $form.Add_Shown({$form.Activate()}) | |
| $form.ShowDialog() | Out-Null | |
| $queryOutput = [System.Web.HttpUtility]::ParseQueryString($web.Url.Query) | |
| $output = @{} | |
| foreach($key in $queryOutput.Keys){ | |
| $output["$key"] = $queryOutput[$key] | |
| } | |
| $output | |
| } | |
| # Get AuthCode | |
| #$url = "https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&redirect_uri=$redirectUriEncoded&client_id=$clientID&resource=$resourceEncoded&prompt=admin_consent&scope=$scopeEncoded" | |
| $url = "https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&redirect_uri=$redirectUriEncoded&client_id=$clientID&resource=$resourceEncoded&prompt=admin_consent" | |
| Get-AuthCode | |
| # Extract Access token from the returned URI | |
| $regex = '(?<=code=)(.*)(?=&)' | |
| $authCode = ($uri | Select-string -pattern $regex).Matches[0].Value | |
| #Write-output "Received an authCode, $authCode" | |
| #get Access Token | |
| $body = "grant_type=authorization_code&redirect_uri=$redirectUri&client_id=$clientId&client_secret=$clientSecretEncoded&code=$authCode&resource=$resource" | |
| $tokenResponse = Invoke-RestMethod https://login.microsoftonline.com/common/oauth2/token ` | |
| -Method Post -ContentType "application/x-www-form-urlencoded" ` | |
| -Body $body ` | |
| -ErrorAction STOP | |
| $Tokenresponse.access_token | clip | |
| #Get files from SPO library | |
| $apiUrl = 'https://graph.microsoft.com/v1.0/sites/root/lists/45c12593-c895-478c-916c-15c6368a40dc/items' | |
| try { | |
| $spoResult = Invoke-RestMethod -Headers @{Authorization = "Bearer $($Tokenresponse.access_token)"} -Uri $apiUrl -Method Get | |
| Write-output "Received SPO lib items" | |
| Write-output $spoResult.value.count | |
| } | |
| catch { | |
| Write-Output "Failed to get files from SPO" | |
| Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__ | |
| Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription | |
| } | |
| #Get files from ODB | |
| $apiUrl = 'https://graph.microsoft.com/v1.0/me/drive/root/children' | |
| try { | |
| $odbResult = Invoke-RestMethod -Headers @{Authorization = "Bearer $($Tokenresponse.access_token)"} -Uri $apiUrl -Method Get | |
| Write-output "Received ODB items" | |
| Write-output $odbResult.value.count | |
| } | |
| catch { | |
| Write-Output "Failed to get files from ODB" | |
| Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__ | |
| Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription | |
| } | |
| #Create file in ODB | |
| $apiUrl = 'https://graph.microsoft.com/v1.0/me/drive/root:/DemoFile.txt:/content' | |
| $body = "This is sample text that goes into the text file" | |
| try { | |
| $odbData = Invoke-RestMethod -Headers @{Authorization = "Bearer $($Tokenresponse.access_token)"} -Uri $apiUrl -Method Put -Body $body -ContentType "text/plain" -ResponseHeadersVariable odbRespHeaders | |
| Write-output "Created ODB file" | |
| Write-output $odbData.webUrl | |
| #Write-Output $odbRespHeaders | |
| } | |
| catch { | |
| Write-Output "Failed to create file in ODB" | |
| Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__ | |
| Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription | |
| } | |
| #Create file in SPO | |
| $apiUrl = 'https://graph.microsoft.com/v1.0/sites/root/drive/items/root:/DemoFile.txt:/content' | |
| $body = "This is sample text that goes into the text file" | |
| try { | |
| $spoData = Invoke-RestMethod -Headers @{Authorization = "Bearer $($Tokenresponse.access_token)"} -Uri $apiUrl -Method Put -Body $body -ContentType "text/plain" -ResponseHeadersVariable spoRespHeaders | |
| Write-output "Created SPO file" | |
| Write-output $spoData.webUrl | |
| #Write-Output $spoRespHeaders | |
| } | |
| catch { | |
| Write-Output "Failed to create file in SPO" | |
| Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__ | |
| Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment