Spaces:
Running
Running
File size: 5,657 Bytes
8a41b61 c3ac390 8a41b61 12778c3 8a41b61 c3ac390 8a41b61 12778c3 8a41b61 c3ac390 8a41b61 c3ac390 12778c3 8a41b61 12778c3 8a41b61 c3ac390 8a41b61 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 |
import os
import streamlit as st
import requests
import msal
import urllib.parse
import base64
import hashlib
import secrets
# Configuration
APPLICATION_ID_KEY = os.getenv('APPLICATION_ID_KEY')
CLIENT_SECRET_KEY = os.getenv('CLIENT_SECRET_KEY')
AUTHORITY_URL = 'https://login.microsoftonline.com/common'
REDIRECT_URI = 'https://huggingface.co/spaces/awacke1/MSGraphAPI'
# Define product to scope mapping
PRODUCT_SCOPES = {
"π§ Outlook": ['Mail.Read', 'Mail.Send', 'Calendars.ReadWrite'],
"π OneNote": ['Notes.Read', 'Notes.Create'],
"π Excel": ['Files.ReadWrite.All'],
"π Word": ['Files.ReadWrite.All'],
"ποΈ SharePoint": ['Sites.Read.All', 'Sites.ReadWrite.All'],
"π
Teams": ['Team.ReadBasic.All', 'Channel.ReadBasic.All'],
"π¬ Viva": ['Analytics.Read'],
"π Power Platform": ['Flow.Read.All'],
"π§ Copilot": ['Cognitive.Read'],
"ποΈ OneDrive": ['Files.ReadWrite.All'],
"π‘ PowerPoint": ['Files.ReadWrite.All'],
"π Microsoft Bookings": ['Bookings.Read.All', 'Bookings.ReadWrite.All'],
"π Loop": ['Files.ReadWrite.All'],
"π£οΈ Translator": ['Translation.Read'],
"π To Do & Planner": ['Tasks.ReadWrite'],
"π Azure OpenAI Service": ['AzureAIServices.ReadWrite.All']
}
# Base scopes (non-reserved)
BASE_SCOPES = ['User.Read']
def generate_pkce_codes():
code_verifier = secrets.token_urlsafe(128)[:128]
code_challenge = base64.urlsafe_b64encode(hashlib.sha256(code_verifier.encode()).digest()).decode().rstrip('=')
return code_verifier, code_challenge
def get_msal_app():
return msal.PublicClientApplication(
client_id=APPLICATION_ID_KEY,
authority=AUTHORITY_URL
)
def get_access_token(code, code_verifier):
client_instance = get_msal_app()
try:
result = client_instance.acquire_token_by_authorization_code(
code=code,
scopes=st.session_state.get('request_scopes', BASE_SCOPES),
redirect_uri=REDIRECT_URI,
code_verifier=code_verifier
)
if 'access_token' in result:
return result['access_token']
else:
error_description = result.get('error_description', 'No error description provided')
raise Exception(f"Error acquiring token: {error_description}")
except Exception as e:
st.error(f"Exception in get_access_token: {str(e)}")
raise
def main():
st.title("π¦ MS Graph API with AI & Cloud Integration for M365")
st.sidebar.title("π M365 Products")
st.sidebar.write("Select products to integrate:")
selected_products = {}
for product in PRODUCT_SCOPES.keys():
selected = st.sidebar.checkbox(product)
if selected:
selected_products[product] = True
# Dynamically build scopes based on selected products
request_scopes = BASE_SCOPES.copy()
for product in selected_products:
request_scopes.extend(PRODUCT_SCOPES[product])
request_scopes = list(set(request_scopes)) # Remove duplicates
# Store request scopes in session state
st.session_state['request_scopes'] = request_scopes
if 'access_token' not in st.session_state:
if 'code_verifier' not in st.session_state:
code_verifier, code_challenge = generate_pkce_codes()
st.session_state['code_verifier'] = code_verifier
else:
code_verifier = st.session_state['code_verifier']
code_challenge = base64.urlsafe_b64encode(hashlib.sha256(code_verifier.encode()).digest()).decode().rstrip('=')
client_instance = get_msal_app()
auth_url = client_instance.get_authorization_request_url(
scopes=request_scopes,
redirect_uri=REDIRECT_URI,
code_challenge=code_challenge,
code_challenge_method="S256"
)
st.write('π Please [click here]({}) to log in and authorize the app.'.format(auth_url))
query_params = st.query_params
if 'code' in query_params:
code = query_params.get('code')
st.write('π Authorization Code Obtained:', code[:10] + '...')
try:
access_token = get_access_token(code, code_verifier)
st.session_state['access_token'] = access_token
st.success("Access token acquired successfully!")
st.rerun()
except Exception as e:
st.error(f"Error acquiring access token: {str(e)}")
st.stop()
else:
access_token = st.session_state['access_token']
user_info = get_user_info(access_token)
if user_info:
st.sidebar.write(f"π Hello, {user_info.get('displayName', 'User')}!")
if selected_products:
st.header("𧩠M365 Product Integrations")
for product in selected_products:
st.subheader(f"{product}")
handle_product_integration(access_token, product)
else:
st.write("No products selected. Please select products from the sidebar.")
def get_user_info(access_token):
headers = {'Authorization': f'Bearer {access_token}'}
response = requests.get('https://graph.microsoft.com/v1.0/me', headers=headers)
if response.status_code == 200:
return response.json()
else:
st.error('Failed to fetch user info.')
return None
def handle_product_integration(access_token, product):
st.write(f"Integrating {product}...")
# Implement product-specific API calls here
if __name__ == "__main__":
main() |