search

OfficeDev / ews-java-api

A java client library to access Exchange web services. The API works against Office 365 Exchange Online as well as on premises Exchange.
MIT License
869 stars 560 forks source link

Check user credentials against ews #135

Open serious6 opened 9 years ago

serious6 commented 9 years ago

Hi there, I was searching on methods which will allow me to check given user-credentials against the ews-api. But I currently did not find something nice. Perhabs it makes sense to have this implemented since I was wondering if many people would run into that?! I found some explanation on this here.

barisaydinoglu commented 9 years ago

A simple request to EmailMessage.bind() with dummy id like below may be used. This request responses with 401 Unauthorized when the credentials are wrong.

public boolean login(ExchangeService service) {
    try {
        EmailMessage.bind(service, new ItemId("__dummyId__"), PropertySet.IdOnly);
    } catch ( Exception e ) {
        if ( e.getMessage().contains("Unauthorized") ) {
            return false;
        }
    }
    return true;
}
serious6 commented 9 years ago

thanks. I was aware that accessing a given resource would check credentials. In fact I was wondering if there would be a less noisy way to check this while not making expensive operations on the server. But just loading PropertySet.IdOnly seems reasonable.

barisaydinoglu commented 9 years ago

Here another possible solution. May require less effort on server.

public boolean login(ExchangeService service) {
    try {
        AlternateIdBase x = service.convertId(new AlternatePublicFolderId(IdFormat.EwsId, "__dummyId__"), IdFormat.EwsId);
    } catch ( Exception e ) {
        if ( e.getMessage().contains("Unauthorized") ) {
            return false;
        }
    }
    return true;
}
serious6 commented 9 years ago

thanks. Perhabs if anybody could trace the communication and its effort this could be integrated as an official method with the ExchangeService and delegated to a feature-request. It may also be useful if the Service would throw a defined Exception AuthentificationException for example rather than a general one with given String. This may ref #157.

barisaydinoglu commented 9 years ago

i've tested 4 cases with junit. (using id="_")

because of the id is wrong, the requests have same effort on server, and throw "id is malformed". network elapsed time and response+request size of two methods are quite close. however, the communication size of EmailMessage.bind a little less than convertId.

so EmailMessage.bind can be selected.

EmailMessage.bind(...) service.convertId(...)
credentials correct wrong correct wrong
Request size: 545 545 557 557
Response size: 1066 0 1065 0
Total size: 1611 545 1622 557
alexbelevantsev commented 8 years ago

It doesn't work for non-English OS (more accurate, for non-English .Net Frameworks).