tomkcook · March 20, 2018 15:50
diff --git a/app.py b/app.py
 # Notes
 # - All IDs are GUIDs
 # - You get the client ID and the client secret by registering your app.  You can
 #   do this through sharepoint online or through Azure AD.
 # - Getting an access token goes in two steps; you request an authorization token from Sharepoint,
 #   then an access token from ACS.
 # - Getting the authorization token from Sharepoint works (returned as a request to
 #   /login?code=XXX )
 # - Getting the access token doesn't work.  Apparently because Sharepoint and ACS disagree about
 #   what is a valid client ID.  Sharepoint wants just the app's GUID, while ACS wants to see
 #   app_id@tenant_realm_id.

 from flask import Flask, request, session
 from . import settings

 app = Flask(__name__)
 app.config.from_object(settings) # for SECRET_KEY

 from flask_oauthlib.client import OAuth

 oauth = OAuth(app)

 sharepoint = oauth.remote_app(
  'sharepoint',
  consumer_key = '<your sharepoint client ID>',
  consumer_secret = '<your sharepoint secret>',
  request_token_params = {'scope': 'AllSites.Manage'},
  base_url = 'https://<yourcompany>.sharepoint.com/sites/<yoursite>/_layouts/15/OAuthAuthorize.aspx',
  request_token_url = None,
  access_token_method = 'POST',
  access_token_url = 'https://accounts.accesscontrol.windows.net/tokens/OAuth/2',
  access_token_params = {'resource': '<your tenant realm ID>'}
 )

 @sharepoint.tokengetter
 def get_sharepoint_token(token=None):
  return session.get('sharepoint_token')

 @app.route('/')
 def index():
  return sharepoint.authorize(callback='https://{}/login'.format(settings.SERVER_NAME))

 @app.route('/login')
 def login():
  resp = sharepoint.authorized_response()
  if resp is None:
    return 'Login failed: ' + request.args.get('error_description')
  
  session['sharepoint_token'] = (
    resp['oauth_token'],
    resp['oauth_token_secret']
  )
  session['sharepoint_user'] = resp['screen_name']
  return 'Hello, ' + resp['screen_name']
	# Notes
	# - All IDs are GUIDs
	# - You get the client ID and the client secret by registering your app. You can
	# do this through sharepoint online or through Azure AD.
	# - Getting an access token goes in two steps; you request an authorization token from Sharepoint,
	# then an access token from ACS.
	# - Getting the authorization token from Sharepoint works (returned as a request to
	# /login?code=XXX )
	# - Getting the access token doesn't work. Apparently because Sharepoint and ACS disagree about
	# what is a valid client ID. Sharepoint wants just the app's GUID, while ACS wants to see
	# app_id@tenant_realm_id.

	from flask import Flask, request, session
	from . import settings

	app = Flask(__name__)
	app.config.from_object(settings) # for SECRET_KEY

	from flask_oauthlib.client import OAuth

	oauth = OAuth(app)

	sharepoint = oauth.remote_app(
	'sharepoint',
	consumer_key = '<your sharepoint client ID>',
	consumer_secret = '<your sharepoint secret>',
	request_token_params = {'scope': 'AllSites.Manage'},
	base_url = 'https://<yourcompany>.sharepoint.com/sites/<yoursite>/_layouts/15/OAuthAuthorize.aspx',
	request_token_url = None,
	access_token_method = 'POST',
	access_token_url = 'https://accounts.accesscontrol.windows.net/tokens/OAuth/2',
	access_token_params = {'resource': '<your tenant realm ID>'}
	)

	@sharepoint.tokengetter
	def get_sharepoint_token(token=None):
	return session.get('sharepoint_token')

	@app.route('/')
	def index():
	return sharepoint.authorize(callback='https://{}/login'.format(settings.SERVER_NAME))

	@app.route('/login')
	def login():
	resp = sharepoint.authorized_response()
	if resp is None:
	return 'Login failed: ' + request.args.get('error_description')

	session['sharepoint_token'] = (
	resp['oauth_token'],
	resp['oauth_token_secret']
	)
	session['sharepoint_user'] = resp['screen_name']
	return 'Hello, ' + resp['screen_name']