OAuth2 Connector¶
py-ews
now allows the user to authenticate using OAuth2. You can authenticate with OAuth2 using multiple different grant flow types. Below are the list of authentication methods which can be used within the py-ews OAuth2 authentication:
- legacy_app_flow
- auth_code_grant
- client_credentials_grant
- backend_app_flow
- web_application_flow
- implicit_grant_flow
The OAuth2Connector
class also supports both version 1 and 2 of Microsoft’s OAuth2 authentication schema. By default, py-ews
will attempt to use both versions before failing.
You can set the details around OAuth2 authentication using the Authentication
class. At a minimum you must provide values for the following properties on the Authentication
object:
- oauth2_authorization_type (one of the values above)
- client_id
- client_secret
- tenant_id
Additional properties include:
- access_token
- redirect_uri
- oauth2_scope
- username
- password
- resource
Auth Code Grant (Interactive)¶
The auth_code_grant
authorization type is the most common and will suffice for most situations. This method requires the following property values:
- client_id
- client_secret
- tenant_id
- redirect_uri
- oauth2_scope
Once you choose this method you will be prompted to visit a provided URL and then copy the response URL back into the console to generate your required access_token
.
Client Credentials Grant (Non-Interactive)¶
The client_credentials_grant
authorization type is the second most common and will also suffice for most situations. This method requires the following property values:
- client_id
- client_secret
- tenant_id
Once you choose this method you will NOT be prompted. This method is considered a Dameon or non-interactive authentication.
Implict Grant Flow (Interactive)¶
The implicit_grant_flow
authorization requires the following property values:
- client_id
- tenant_id
- redirect_uri
Once you choose this method you will be prompted to visit a provided URL and then copy the response URL back into the console to generate your required access_token
.
Web Application Flow (Non-Interactive)¶
The web_application_flow
authorization requires the following property values:
- client_id
- client_secret
- tenant_id
- redirect_uri
Legacy App Flow (Non-Interactive)¶
The legacy_app_flow
authorization requires the following property values:
- client_id
- client_secret
- tenant_id
- redirect_uri
- username
- password
- scope
Backend App Flow (Non-Interactive)¶
The backend_app_flow
authorization requires the following property values:
- client_id
- client_secret
- tenant_id
- scope or resource
-
class
pyews.core.oauth2connector.
OAuth2Connector
(endpoint_version='v1')¶ OAuth2Connector is the base (parent) class of both Search and Delete classes. It is used to perform either delegated authentication flows like: (Single-Page, Web Apps, Mobile & Native Apps - Grant Auth Flow) or you can use it in the application authentication auth flows like: (Client Credentials Grant Auth Flow)
- Args:
- client_id (str): Your Azure AD Application client ID client_secret (str): Your Azure AD Application client secret tenant_id (str): Your Azure AD tenant ID username (str, optional): A username used to authenticate to Azure or Office 365. Defaults to None. If provided, will use delegated authentication flows password (str, optional): The password used to authenticate to Azure or Office 365. Defaults to None. If provided, will use delegated authentication flows scopes (list, optional): A list of scopes defined during your Azure AD application registration. Defaults to [’https://graph.microsoft.com/.default’]. verify_ssl (bool, optional): Whether to verify SSL or not. Defaults to True.
-
AUTH_MAP
= {'v1': {'authorize_url': 'https://login.microsoftonline.com/{tenant_id}/oauth2/authorize', 'resource': 'https://outlook.office365.com', 'token_url': 'https://login.microsoftonline.com/{tenant_id}/oauth2/token'}, 'v2': {'authorize_url': 'https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/authorize', 'scope': 'https://outlook.office365.com/EWS.AccessAsUser.All', 'token_url': 'https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token'}}¶
-
auth_code_grant
()¶ Authorization Code Flow Grant Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
-
backend_app_flow
()¶
-
client_credentials_grant
()¶ Client Credentials Code Flow Grant Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow
-
implicit_grant_flow
()¶ Implicit Grant Flow Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow
-
legacy_app_flow
()¶ Resource Ownwer Password Credentials Grant Flow Reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc
-
web_application_flow
()¶