search

12Knocksinna / Office365itpros

Office 365 for IT Pros PowerShell examples
MIT License
1.28k stars 567 forks source link

Graph access token expire while executing the main loop #21

Closed EMarcais closed 3 years ago

EMarcais commented 3 years ago

Thanks for all your explanations on all o365 apps and PowerShell possibilities with them. Learned a lot and trying to help you a bit. Access token are valid for 60 minutes so if the loop is taking longer than that this on line 239 will fail: $TeamDetails = Get-GraphData -AccessToken $Token -Uri $Uri

Solution I found was:

#Around line 121
   $Version = "V5.1"
   $TimeToRefreshToken = "50" #refresh token if the token is older than 50 minutes
#Around line 149
 #Unpack Access Token
   $token = ($tokenRequest.Content | ConvertFrom-Json).access_token
   $TokenExpiredDate = (Get-date).AddMinutes($TimeToRefreshToken)
#Around line 258
   #### Check if token is older than 50 minutes and request a refresh token ##############
        $TimeRightNow = (Get-date)
        if($TimeRightNow  -ge $TokenExpiredDate){
            $body = @{
                client_id     = $AppId
                scope         = "https://graph.microsoft.com/.default"
                client_secret = $AppSecret
                grant_type    = "client_credentials"
            }

            $Params = @{
                'Uri' = "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/token"
                'Method' = 'Post'
                'Body' = $Body
                'ContentType' = 'application/x-www-form-urlencoded'
            }

        # Get OAuth 2.0 Token
        try{
            $Refreshtoken = Invoke-RestMethod @Params
        }
        catch{
            Write-Host "An error occurred:"
            Write-Host $_ -ForegroundColor Red
            Write-ErrorLog 'An error occurred: {Error}' -PropertyValues $_
        }
        # Unpack Access Token

        if ($null -ne $Refreshtoken) {
            $Token = $Refreshtoken.access_token
            Write-Host "Token Refreshed at $TimeRightNow" -ForegroundColor Red
        }
        else {Write-Host "Not refreshed Token is empty" -ForegroundColor Red}

        }
        Write-Host "Token Not Refreshed at $TimeRightNow" -ForegroundColor Green
    #### END of Check if token is older than 50 minutes and request a refresh token #######

Not sure this will help but that resolved my issues... Hope I did not mess anything. I can try to submit a merge request.

12Knocksinna commented 3 years ago

Thanks. You must be working with a lot of groups... How many are you processing?

EMarcais commented 3 years ago

Not that much actually, I only deal with around 400 groups, but the VM and my own laptop are a tad slow ( it's what I assumed) and the EXO cmdlts always takes forever on my tenant I noticed. I have a strict archiving policy, when a lot of groups are archived if no user activity for 2 weeks either on the SharePoint Library or the chats.

12Knocksinna commented 3 years ago

OK, the change is accepted, so we shall close this issue and work on from this point.

I have a V5.2 under way which eliminates the need for many expensive cmdlet calls to fetch Teams compliance records. The latest run processed 199 groups in 219 seconds...