Sample script that connects to Microsoft Graph using Authorization Code (implies user must sign in). This script does 4 actions: 1) Read files from OneDrive for Business (ODB), 2) Read files from SPO site library 3) Create a demo file in ODB and 4) Create a demo file in SPO site
clear | |
# The resource URI | |
$resource = "https://graph.microsoft.com" | |
# Your Client ID and Client Secret obainted when registering your Azure AD (AAD) APP | |
$clientid = "AAD APP ID"; | |
$clientSecret = "AAD APP CLIENT SECRET"; | |
$redirectUri = "https://localhost" | |
# UrlEncode the ClientID and ClientSecret and URL's for special characters | |
Add-Type -AssemblyName System.Web | |
$clientIDEncoded = [System.Web.HttpUtility]::UrlEncode($clientid) | |
$clientSecretEncoded = [System.Web.HttpUtility]::UrlEncode($clientSecret) | |
$redirectUriEncoded = [System.Web.HttpUtility]::UrlEncode($redirectUri) | |
$resourceEncoded = [System.Web.HttpUtility]::UrlEncode($resource) | |
$scopeEncoded = [System.Web.HttpUtility]::UrlEncode("https://outlook.office.com/user.readwrite.all") | |
# Function to popup Auth Dialog Windows Form | |
Function Get-AuthCode { | |
Add-Type -AssemblyName System.Windows.Forms | |
$form = New-Object -TypeName System.Windows.Forms.Form -Property @{Width=440;Height=640} | |
$web = New-Object -TypeName System.Windows.Forms.WebBrowser -Property @{Width=420;Height=600;Url=($url -f ($Scope -join "%20")) } | |
$DocComp = { | |
$Global:uri = $web.Url.AbsoluteUri | |
if ($Global:uri -match "error=[^&]*|code=[^&]*") {$form.Close() } | |
} | |
$web.ScriptErrorsSuppressed = $true | |
$web.Add_DocumentCompleted($DocComp) | |
$form.Controls.Add($web) | |
$form.Add_Shown({$form.Activate()}) | |
$form.ShowDialog() | Out-Null | |
$queryOutput = [System.Web.HttpUtility]::ParseQueryString($web.Url.Query) | |
$output = @{} | |
foreach($key in $queryOutput.Keys){ | |
$output["$key"] = $queryOutput[$key] | |
} | |
$output | |
} | |
# Get AuthCode | |
#$url = "https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&redirect_uri=$redirectUriEncoded&client_id=$clientID&resource=$resourceEncoded&prompt=admin_consent&scope=$scopeEncoded" | |
$url = "https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&redirect_uri=$redirectUriEncoded&client_id=$clientID&resource=$resourceEncoded&prompt=admin_consent" | |
Get-AuthCode | |
# Extract Access token from the returned URI | |
$regex = '(?<=code=)(.*)(?=&)' | |
$authCode = ($uri | Select-string -pattern $regex).Matches[0].Value | |
#Write-output "Received an authCode, $authCode" | |
#get Access Token | |
$body = "grant_type=authorization_code&redirect_uri=$redirectUri&client_id=$clientId&client_secret=$clientSecretEncoded&code=$authCode&resource=$resource" | |
$tokenResponse = Invoke-RestMethod https://login.microsoftonline.com/common/oauth2/token ` | |
-Method Post -ContentType "application/x-www-form-urlencoded" ` | |
-Body $body ` | |
-ErrorAction STOP | |
$Tokenresponse.access_token | clip | |
#Get files from SPO library | |
$apiUrl = 'https://graph.microsoft.com/v1.0/sites/root/lists/45c12593-c895-478c-916c-15c6368a40dc/items' | |
try { | |
$spoResult = Invoke-RestMethod -Headers @{Authorization = "Bearer $($Tokenresponse.access_token)"} -Uri $apiUrl -Method Get | |
Write-output "Received SPO lib items" | |
Write-output $spoResult.value.count | |
} | |
catch { | |
Write-Output "Failed to get files from SPO" | |
Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__ | |
Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription | |
} | |
#Get files from ODB | |
$apiUrl = 'https://graph.microsoft.com/v1.0/me/drive/root/children' | |
try { | |
$odbResult = Invoke-RestMethod -Headers @{Authorization = "Bearer $($Tokenresponse.access_token)"} -Uri $apiUrl -Method Get | |
Write-output "Received ODB items" | |
Write-output $odbResult.value.count | |
} | |
catch { | |
Write-Output "Failed to get files from ODB" | |
Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__ | |
Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription | |
} | |
#Create file in ODB | |
$apiUrl = 'https://graph.microsoft.com/v1.0/me/drive/root:/DemoFile.txt:/content' | |
$body = "This is sample text that goes into the text file" | |
try { | |
$odbData = Invoke-RestMethod -Headers @{Authorization = "Bearer $($Tokenresponse.access_token)"} -Uri $apiUrl -Method Put -Body $body -ContentType "text/plain" -ResponseHeadersVariable odbRespHeaders | |
Write-output "Created ODB file" | |
Write-output $odbData.webUrl | |
#Write-Output $odbRespHeaders | |
} | |
catch { | |
Write-Output "Failed to create file in ODB" | |
Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__ | |
Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription | |
} | |
#Create file in SPO | |
$apiUrl = 'https://graph.microsoft.com/v1.0/sites/root/drive/items/root:/DemoFile.txt:/content' | |
$body = "This is sample text that goes into the text file" | |
try { | |
$spoData = Invoke-RestMethod -Headers @{Authorization = "Bearer $($Tokenresponse.access_token)"} -Uri $apiUrl -Method Put -Body $body -ContentType "text/plain" -ResponseHeadersVariable spoRespHeaders | |
Write-output "Created SPO file" | |
Write-output $spoData.webUrl | |
#Write-Output $spoRespHeaders | |
} | |
catch { | |
Write-Output "Failed to create file in SPO" | |
Write-Host "StatusCode:" $_.Exception.Response.StatusCode.value__ | |
Write-Host "StatusDescription:" $_.Exception.Response.StatusDescription | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment