Closed drewler closed 2 years ago
Tested with the following script:
import requests
from authalligator_client.client import Client
from authalligator_client.enums import ProviderType
test_username = "your-test-username-here"
test_account_key = "your-test-account-key-here"
test_provider = ProviderType.MICROSOFT
token = "your-AUTHENTICATION_KEYS-here"
authalligator_url = "http://host.docker.internal:5002"
graph_me = "https://graph.microsoft.com/v1.0/me"
outlook_me = "https://outlook.office.com/api/v2.0/me"
client = Client(token=token, service_url=authalligator_url)
base_account = client.query_account(
provider=test_provider,
username=test_username,
account_key=test_account_key
)
assert base_account.access_token
# Graph scoped access token
graph_scoped_account = client.query_account(
provider=test_provider,
username=test_username,
account_key=test_account_key,
scopes=["User.Read"]
)
headers = {"Authorization": f"Bearer {graph_scoped_account.access_token}"}
graph_result = requests.get(graph_me, headers=headers)
print(graph_result.json())
assert graph_result.status_code == 200
outlook_result = requests.get(outlook_me, headers=headers)
assert outlook_result.status_code == 401
# Outlook scoped access token
outlook_scoped_account = client.query_account(
provider=test_provider,
username=test_username,
account_key=test_account_key,
scopes=["https://outlook.office.com/User.Read"]
)
headers = {"Authorization": f"Bearer {outlook_scoped_account.access_token}"}
outlook_result = requests.get(outlook_me, headers=headers)
print(outlook_result.json())
assert outlook_result.status_code == 200
graph_result = requests.get(graph_me, headers=headers)
assert graph_result.status_code == 401
With the new API changes, the
accessToken
andaccessTokenExpiresAt
fields will be affected by thescopes
parameter so theaccess
field is no longer necessary.