The support for resource owner password credential (ROPC)flow has been introduced

Author: vgrem

examples/settings.py

@@ -4,13 +4,14 @@
 
 settings = {
     'url': 'https://mediadev88.sharepoint.com/',
+    'tenant': 'mediadev88.onmicrosoft.com',
+    'redirect_url': 'https://github.com/vgrem/Office365-REST-Python-Client/',
     'user_credentials': {
         'username': user_credentials[0],
         'password': user_credentials[1]
     },
     'client_credentials': {
-        'client_id': '',
-        'client_secret': '',
-        'redirect_url': 'https://github.com/vgrem/Office365-REST-Python-Client/'
+        'client_id': 'd4b2d51e-2d8e-4f08-8bce-961a7a435130',
+        'client_secret': 'v+lDZaIvLTHRsZ8/opvurqneZnH/DKXls18MVyX+0BY=',
     }
 }

office365/outlookservices/outlook_client.py

@@ -8,7 +8,8 @@ class OutlookClient(ClientRuntimeContext):
     """Office365 Outlook client context"""
 
     def __init__(self, ctx_auth):
-        self.__service_root_url = "https://outlook.office365.com/api/v1.0/"
+        # self.__service_root_url = "https://outlook.office365.com/api/v1.0/"
+        self.__service_root_url = "https://graph.microsoft.com/v1.0/"
         super(OutlookClient, self).__init__(self.__service_root_url, ctx_auth)
         self.json_format = V4JsonFormat("minimal")
 

office365/runtime/auth/authentication_context.py

@@ -1,5 +1,6 @@
 from office365.runtime.auth.acs_token_provider import ACSTokenProvider
 from office365.runtime.auth.base_authentication_context import BaseAuthenticationContext
+from office365.runtime.auth.oauth_token_provider import OAuthTokenProvider
 from office365.runtime.auth.saml_token_provider import SamlTokenProvider
 
 
@@ -17,15 +18,20 @@ def acquire_token_for_user(self, username, password):
         return self.provider.acquire_token()
 
     def acquire_token_for_app(self, client_id, client_secret):
-        """Acquire token via client credentials"""
+        """Acquire token via client credentials (SharePoint App Principal)"""
         self.provider = ACSTokenProvider(self.url, client_id, client_secret)
         return self.provider.acquire_token()
 
+    def acquire_token_password_grant(self, client_id, client_secret, user_name, password):
+        """Acquire token via resource owner password credential (ROPC) grant"""
+        self.provider = OAuthTokenProvider(self.url, client_id, client_secret, user_name, password)
+        return self.provider.acquire_token()
+
     def authenticate_request(self, request_options):
         """Authenticate request"""
         if isinstance(self.provider, SamlTokenProvider):
             request_options.set_header('Cookie', self.provider.get_authentication_cookie())
-        elif isinstance(self.provider, ACSTokenProvider):
+        elif isinstance(self.provider, ACSTokenProvider) or isinstance(self.provider, OAuthTokenProvider):
             request_options.set_header('Authorization', self.provider.get_authorization_header())
         else:
             raise ValueError('Unknown authentication provider')

office365/runtime/auth/oauth_token_provider.py

@@ -1,8 +1,46 @@
+import requests
+
 from office365.runtime.auth.base_token_provider import BaseTokenProvider
 
 
 class OAuthTokenProvider(BaseTokenProvider):
     """ OAuth security Token Service for O365"""
 
+    def __init__(self, tenant, client_id, client_secret, user_name, password):
+        self.tenant = tenant
+        self.ResourceId = "https://graph.microsoft.com/"
+        self.AuthorityUrl = "https://login.microsoftonline.com/"
+        self.TokenEndpoint = "/oauth2/token"
+        self.error = None
+        self.access_token = None
+        self.client_id = client_id
+        self.client_secret = client_secret
+        self.user_name = user_name
+        self.password = password
+        self.scope = 'user.read openid profile offline_access https://graph.microsoft.com/Contacts.ReadWrite'
+
     def acquire_token(self):
-        pass
+        try:
+            self.access_token = self.request_password_type()
+            return True
+        except requests.exceptions.RequestException as e:
+            self.error = "Error: {}".format(e)
+            return False
+
+    def get_authorization_header(self):
+        return 'Bearer {0}'.format(self.access_token["access_token"])
+
+    def request_password_type(self):
+        url = "https://login.microsoftonline.com/{0}/oauth2/v2.0/token".format(self.tenant)
+        data = {
+            'grant_type': 'password',
+            'client_id': self.client_id,
+            'client_secret': self.client_secret,
+            'username': self.user_name,
+            'password': self.password,
+            'scope': self.scope
+        }
+
+        response = requests.post(url=url, headers={'Content-Type': 'application/x-www-form-urlencoded'},
+                                 data=data)
+        return response.json()

tests/outlook_client_case.py

@@ -1,14 +1,22 @@
 from unittest import TestCase
 from examples.settings import settings
 from office365.outlookservices.outlook_client import OutlookClient
-from office365.runtime.auth.network_credential_context import NetworkCredentialContext
+from office365.runtime.auth.authentication_context import AuthenticationContext
 
 
 class OutlookClientTestCase(TestCase):
     """SharePoint specific test case base class"""
 
     @classmethod
     def setUpClass(cls):
-        ctx_auth = NetworkCredentialContext(username=settings['user_credentials']['username'],
-                                            password=settings['user_credentials']['password'])
+        # Due to Outlook REST API v1.0 BasicAuth Deprecation
+        # (refer https://developer.microsoft.com/en-us/office/blogs/outlook-rest-api-v1-0-basicauth-deprecation/)
+        # NetworkCredentialContext class should be no longer utilized
+        # ctx_auth = NetworkCredentialContext(username=settings['user_credentials']['username'],
+        #                                    password=settings['user_credentials']['password'])
+        ctx_auth = AuthenticationContext(url=settings['tenant'])
+        ctx_auth.acquire_token_password_grant(client_id=settings['client_credentials']['client_id'],
+                                              client_secret=settings['client_credentials']['client_secret'],
+                                              user_name=settings['user_credentials']['username'],
+                                              password=settings['user_credentials']['password'])
         cls.client = OutlookClient(ctx_auth)

tests/test_outlook_calendar.py

@@ -40,7 +40,7 @@ def test3_update_event(self):
         self.client.execute_query()
         if len(results) == 1:
             event = results[0]
-            self.assertIsNotNone(event.properties["Subject"])
+            self.assertIsNotNone(event.properties["subject"])
             event.set_property("Subject", "Discuss the Calendar REST API (updated)")
             event.update()
             self.client.execute_query()

tests/test_outlook_contacts.py

@@ -2,6 +2,11 @@
 
 
 class TestOutlookContacts(OutlookClientTestCase):
+    def test0_ensure_user_context(self):
+        me = self.client.me
+        self.client.load(me)
+        self.client.execute_query()
+        self.assertIsNotNone(me.properties['userPrincipalName'])
 
     def test1_create_contacts(self):
         contact_info = {
@@ -20,7 +25,7 @@ def test1_create_contacts(self):
 
         contact = self.client.me.contacts.add_from_json(contact_info)
         self.client.execute_query()
-        self.assertIsNotNone(contact.properties["GivenName"])
+        self.assertIsNotNone(contact.properties["givenName"])
 
     def test2_get_contacts(self):
         contacts = self.client.me.contacts
@@ -35,7 +40,7 @@ def test3_update_contact(self):
         if len(results) == 1:
             contact = results[0]
             self.assertIsNotNone(contact.url)
-            contact.set_property("Department", "Media")
+            contact.set_property("department", "Media")
             contact.update()
             self.client.execute_query()