Spaces:
Running
Running
File size: 6,257 Bytes
320f734 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 |
import os
import streamlit as st
import requests
import msal
import urllib.parse
import base64
import hashlib
import secrets
# π€ Load environment variables (Ensure these are set!)
APPLICATION_ID_KEY = os.getenv('APPLICATION_ID_KEY')
CLIENT_SECRET_KEY = os.getenv('CLIENT_SECRET_KEY')
AUTHORITY_URL = 'https://login.microsoftonline.com/common'
REDIRECT_URI = 'https://huggingface.co/spaces/awacke1/MSGraphAPI'
# Define product to scope mapping
PRODUCT_SCOPES = {
"π§ Outlook": ['Mail.Read', 'Mail.Send', 'Calendars.ReadWrite'],
"π OneNote": ['Notes.Read', 'Notes.Create'],
"π Excel": ['Files.ReadWrite.All'],
"π Word": ['Files.ReadWrite.All'],
"ποΈ SharePoint": ['Sites.Read.All', 'Sites.ReadWrite.All'],
"π
Teams": ['Team.ReadBasic.All', 'Channel.ReadBasic.All'],
"π¬ Viva": ['Analytics.Read'],
"π Power Platform": ['Flow.Read.All'],
"π§ Copilot": ['Cognitive.Read'],
"ποΈ OneDrive": ['Files.ReadWrite.All'],
"π‘ PowerPoint": ['Files.ReadWrite.All'],
"π Microsoft Bookings": ['Bookings.Read.All', 'Bookings.ReadWrite.All'],
"π Loop": ['Files.ReadWrite.All'],
"π£οΈ Translator": ['Translation.Read'],
"π To Do & Planner": ['Tasks.ReadWrite'],
"π Azure OpenAI Service": ['AzureAIServices.ReadWrite.All']
}
# Always include these base scopes
BASE_SCOPES = ['User.Read', 'openid', 'profile', 'offline_access']
# Function to generate PKCE code verifier and challenge
def generate_pkce_codes():
code_verifier = secrets.token_urlsafe(128)[:128]
code_challenge = base64.urlsafe_b64encode(hashlib.sha256(code_verifier.encode()).digest()).decode().rstrip('=')
return code_verifier, code_challenge
def get_msal_app(code_challenge=None):
return msal.PublicClientApplication(
client_id=APPLICATION_ID_KEY,
authority=AUTHORITY_URL
)
# Function to get access token
def get_access_token(code, code_verifier):
client_instance = get_msal_app()
try:
result = client_instance.acquire_token_by_authorization_code(
code=code,
scopes=st.session_state.get('scopes', BASE_SCOPES),
redirect_uri=REDIRECT_URI,
code_verifier=code_verifier
)
if 'access_token' in result:
return result['access_token']
else:
error_description = result.get('error_description', 'No error description provided')
raise Exception(f"Error acquiring token: {error_description}")
except Exception as e:
st.error(f"Exception in get_access_token: {str(e)}")
raise
# Main application function
def main():
st.title("π¦ MS Graph API with AI & Cloud Integration for M365")
# Sidebar for product selection
st.sidebar.title("π M365 Products")
st.sidebar.write("Select products to integrate:")
selected_products = {}
for product in PRODUCT_SCOPES.keys():
selected = st.sidebar.checkbox(product)
if selected:
selected_products[product] = True
# Dynamically build scopes based on selected products
scopes = BASE_SCOPES.copy()
for product in selected_products:
scopes.extend(PRODUCT_SCOPES[product])
scopes = list(set(scopes)) # Remove duplicates
st.session_state['scopes'] = scopes
# Authentication flow
if 'access_token' not in st.session_state:
if 'code_verifier' not in st.session_state:
code_verifier, code_challenge = generate_pkce_codes()
st.session_state['code_verifier'] = code_verifier
else:
code_verifier = st.session_state['code_verifier']
code_challenge = base64.urlsafe_b64encode(hashlib.sha256(code_verifier.encode()).digest()).decode().rstrip('=')
client_instance = get_msal_app()
auth_url = client_instance.get_authorization_request_url(
scopes=scopes,
redirect_uri=REDIRECT_URI,
code_challenge=code_challenge,
code_challenge_method="S256"
)
st.write('π Please [click here]({}) to log in and authorize the app.'.format(auth_url))
# Check for authorization code in query parameters
query_params = st.query_params
if 'code' in query_params:
code = query_params.get('code')
st.write('π Authorization Code Obtained:', code[:10] + '...')
try:
access_token = get_access_token(code, code_verifier)
st.session_state['access_token'] = access_token
st.success("Access token acquired successfully!")
st.rerun()
except Exception as e:
st.error(f"Error acquiring access token: {str(e)}")
st.stop()
else:
# User is authenticated, proceed with the app
access_token = st.session_state['access_token']
# Greet the user
user_info = get_user_info(access_token)
if user_info:
st.sidebar.write(f"π Hello, {user_info.get('displayName', 'User')}!")
# Handle selected products
if selected_products:
st.header("𧩠M365 Product Integrations")
for product in selected_products:
st.subheader(f"{product}")
handle_product_integration(access_token, product)
else:
st.write("No products selected. Please select products from the sidebar.")
# Function to get user info
def get_user_info(access_token):
headers = {'Authorization': f'Bearer {access_token}'}
response = requests.get('https://graph.microsoft.com/v1.0/me', headers=headers)
if response.status_code == 200:
return response.json()
else:
st.error('Failed to fetch user info.')
return None
# Function to handle product integration
def handle_product_integration(access_token, product):
# Implement the integration logic for each product here
# This is a placeholder - you'll need to implement the actual API calls
st.write(f"Integrating {product}...")
# Example: if product == "π§ Outlook": get_outlook_data(access_token)
# Run the main function
if __name__ == "__main__":
main() |