Python Adal - 无法使用访问令牌检索 Outlook 邮件
Python Adal - Can't use Access Token to retrieve Outlook Messages
我最近一直在尝试使用 Python 库的 Azure 活动目录将电子邮件提取过程从 Powershell 移植到 Python。我一直在尝试使用 acquire_token_with_client_credentials 函数来执行此操作,但遇到了障碍。
我可以使用下面的代码 return 访问代码,但我不能使用生成的令牌 return 任何邮箱项目。
我已经成功创建了一个 本地应用程序 并使用 acquire_token_with_username_password 成功访问了消息,但无法获取一组代码在我的远程桌面上工作,因为它打印错误阅读:
"Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication"
我已经准备好客户端凭据流程,但仍然无法让下面的示例正常工作。谁能看出我哪里出错了?
def test8():
import adal
import requests
authority_url = "https://login.microsoftonline.com/"+lf_tenantid
context = adal.AuthenticationContext(
authority_url,
validate_authority=True,
api_version=None
)
resource = 'https://outlook.office.com/'
token = context.acquire_token_with_client_credentials(
resource=resource,
client_id = etl_clientid2,
client_secret = etl_clientsecret2
)
access_token = token['accessToken']
print(token)
#######################################NONE OF THIS PART WORKS
#######################################
#######################################
folder_id = etl_folderid
url = "https://outlook.office.com/api/v2.0/me/MailFolders/"+folder_id+"/messages"
headers = {
'Authorization': 'Bearer '+access_token
}
r = requests.get(url, headers=headers)
print(r)
您正在收到带有 acquire_token_with_username_password() 的消息,因为您正在通过用户凭据获取给定资源的令牌。
因为客户端凭据流用于反向通道(服务器到服务器通信),所以用户不参与其中,您正在获取服务主体令牌。
我建议使用代表流或授权代码流 (acquire_token_with_authorization_code) 通过服务器应用程序的授权代码获取给定资源的令牌并调用 outlook api 阅读消息。
下面是 link(Outlook 邮件 API 和 Python):
https://github.com/jasonjoh/python_tutorial/tree/outlook-api
Python adal 库支持其他身份验证方法。下面是文档 link:
https://adal-python.readthedocs.io/en/latest/
我们建议现在在 Microsoft Graph 中公开 OneNote、Outlook、Excel、OneDrive、Microsoft Teams、Planner 和 SharePoint 等 Office 365 服务。
https://docs.microsoft.com/en-us/previous-versions/office/office-365-api/
对于任何感兴趣的人,这是我用来解决我的访问令牌问题的代码:
def save_windows_refreshtoken(app_name, client_id, client_secret):
#import adal
#import requests
import json
import pandas as pd
# OAuth endpoints given in Outlook API documentation
authorization_base_url = 'https://login.microsoftonline.com/common/oauth2/authorize'
token_url = 'https://login.microsoftonline.com/common/oauth2/token' #provides a refresh and access token
redirect_uri = "http://localhost:8000"
from requests_oauthlib import OAuth2Session
outlook = OAuth2Session(client_id,redirect_uri=redirect_uri)
# Redirect the user owner to the OAuth provider (i.e. Outlook) using an URL with a few key OAuth parameters.
authorization_url, state = outlook.authorization_url(authorization_base_url)
print('Please go here and authorize,', authorization_url)
#The above redirects you to a localhost page (which is blank) but returns a string containing a code which can be used below
#rememebr the search for "&" because there's a couple of bits of data after the code that need to be deleted from the code string before it can be used
# Get the authorization verifier code from the callback url
redirect_response = input('Paste the full redirect URL here:')
# Fetch the access token
token = outlook.fetch_token(token_url,client_secret=client_secret,code=redirect_response)
#convert the returned token json into a dataframe
j_dump = json.dumps(token, sort_keys=True,indent=4, separators=(',', ': ')) #pull out the value data from the json file, messages are stored in value
df = pd.read_json(j_dump) #read the json file into a dataframe
first_row = df.iloc[0] #pull the first row so we can format a new table from it
d = {
'app_name' : pd.Series([app_name]),
'refresh_token' : pd.Series([first_row.refresh_token])
}
data = pd.DataFrame(d)
我最近一直在尝试使用 Python 库的 Azure 活动目录将电子邮件提取过程从 Powershell 移植到 Python。我一直在尝试使用 acquire_token_with_client_credentials 函数来执行此操作,但遇到了障碍。
我可以使用下面的代码 return 访问代码,但我不能使用生成的令牌 return 任何邮箱项目。
我已经成功创建了一个 本地应用程序 并使用 acquire_token_with_username_password 成功访问了消息,但无法获取一组代码在我的远程桌面上工作,因为它打印错误阅读:
"Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication"
我已经准备好客户端凭据流程,但仍然无法让下面的示例正常工作。谁能看出我哪里出错了?
def test8():
import adal
import requests
authority_url = "https://login.microsoftonline.com/"+lf_tenantid
context = adal.AuthenticationContext(
authority_url,
validate_authority=True,
api_version=None
)
resource = 'https://outlook.office.com/'
token = context.acquire_token_with_client_credentials(
resource=resource,
client_id = etl_clientid2,
client_secret = etl_clientsecret2
)
access_token = token['accessToken']
print(token)
#######################################NONE OF THIS PART WORKS
#######################################
#######################################
folder_id = etl_folderid
url = "https://outlook.office.com/api/v2.0/me/MailFolders/"+folder_id+"/messages"
headers = {
'Authorization': 'Bearer '+access_token
}
r = requests.get(url, headers=headers)
print(r)
您正在收到带有 acquire_token_with_username_password() 的消息,因为您正在通过用户凭据获取给定资源的令牌。
因为客户端凭据流用于反向通道(服务器到服务器通信),所以用户不参与其中,您正在获取服务主体令牌。
我建议使用代表流或授权代码流 (acquire_token_with_authorization_code) 通过服务器应用程序的授权代码获取给定资源的令牌并调用 outlook api 阅读消息。
下面是 link(Outlook 邮件 API 和 Python):
https://github.com/jasonjoh/python_tutorial/tree/outlook-api
Python adal 库支持其他身份验证方法。下面是文档 link: https://adal-python.readthedocs.io/en/latest/
我们建议现在在 Microsoft Graph 中公开 OneNote、Outlook、Excel、OneDrive、Microsoft Teams、Planner 和 SharePoint 等 Office 365 服务。
https://docs.microsoft.com/en-us/previous-versions/office/office-365-api/
对于任何感兴趣的人,这是我用来解决我的访问令牌问题的代码:
def save_windows_refreshtoken(app_name, client_id, client_secret):
#import adal
#import requests
import json
import pandas as pd
# OAuth endpoints given in Outlook API documentation
authorization_base_url = 'https://login.microsoftonline.com/common/oauth2/authorize'
token_url = 'https://login.microsoftonline.com/common/oauth2/token' #provides a refresh and access token
redirect_uri = "http://localhost:8000"
from requests_oauthlib import OAuth2Session
outlook = OAuth2Session(client_id,redirect_uri=redirect_uri)
# Redirect the user owner to the OAuth provider (i.e. Outlook) using an URL with a few key OAuth parameters.
authorization_url, state = outlook.authorization_url(authorization_base_url)
print('Please go here and authorize,', authorization_url)
#The above redirects you to a localhost page (which is blank) but returns a string containing a code which can be used below
#rememebr the search for "&" because there's a couple of bits of data after the code that need to be deleted from the code string before it can be used
# Get the authorization verifier code from the callback url
redirect_response = input('Paste the full redirect URL here:')
# Fetch the access token
token = outlook.fetch_token(token_url,client_secret=client_secret,code=redirect_response)
#convert the returned token json into a dataframe
j_dump = json.dumps(token, sort_keys=True,indent=4, separators=(',', ': ')) #pull out the value data from the json file, messages are stored in value
df = pd.read_json(j_dump) #read the json file into a dataframe
first_row = df.iloc[0] #pull the first row so we can format a new table from it
d = {
'app_name' : pd.Series([app_name]),
'refresh_token' : pd.Series([first_row.refresh_token])
}
data = pd.DataFrame(d)