This GAS sample is for retrieving access token to use OneDrive APIs using Google Apps Script.
In this script, the authorization code is automatically retrieved.
In order to use this, both accounts of Google and OneDrive (MSN) are required.
- Copy and paste the sample script to your script editor. You can use the standalone script for this.
- Deploy Web Apps.
- On the Script Editor
- File
- -> Manage Versions
- -> Save New Version
- Publish
- -> Deploy as Web App
- -> At Execute the app as, select "your account"
- -> At Who has access to the app, select "Only myself"
- -> Click "Deploy"
- -> Copy URL of "latest code" (This is important!)
- -> Click "OK"
- On the Script Editor
- URL of "latest code" is
https://script.google.com/macros/s/###/dev
. So please modify this URL. Replace from "dev" to "usercallback" for the URL. And copy this modified URL.- From :
https://script.google.com/macros/s/###/dev
- To :
https://script.google.com/macros/s/###/usercallback
- From :
- Log in to Microsoft Azure portal.
- Search "Azure Active Directory" at the top of text input box. And open "Azure Active Directory".
- Click "App registrations" at the left side bar.
- In my environment, when I used Chrome as the browser, no response occurred. So in that case, I used Microsoft Edge.
- Click "New registration"
- app name: "sample app name"
- Supported account types: "Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)"
- Redirect URI (optional): Web
- URL:
https://script.google.com/macros/s/###/usercallback
- URL:
- Click "Register"
- Copy "Application (client) ID".
- Click "Certificates & secrets" at the left side bar.
- Click "New client secrets".
- After input the description and select "expire", click "Add" button.
- Copy the created secret value.
By above operation, the preparation is done.
In order to run the script, please launch as follows.
- Input "Application (client) ID" and "Created secret value" from OneDrive to
clientId
andclientSecret
in the functionsetProp()
of the sample script of Google Apps Script. - Run
setProp()
.
As a next step, launch as follows.
- On the Script Editor
- Publish
- -> Deploy as Web App
- -> Click
Test web app for your latest code.
.
By this, the script is run.
Refresh token can be retrieved by including offline_access
in the Scope.
This is Google Apps Script.
function setProp() {
PropertiesService.getScriptProperties().setProperties({
clientId: "### application ID ###",
clientSecret: "### application secret ###",
scope: "offline_access files.readwrite.all" // This is sample. So please modify for your environment.
});
}
function doGet() {
var prop = PropertiesService.getScriptProperties().getProperties();
var url = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
var param = {
response_type: "code",
client_id: prop.clientId,
redirect_uri: getCallbackURL(),
state: ScriptApp.newStateToken()
.withMethod("callback")
.withTimeout(300)
.createToken(),
scope: prop.scope
};
var params = [];
for (var name in param) {
params.push(name + "=" + encodeURIComponent(param[name]));
}
var html =
'<input type="button" value="auth" onclick="window.open(\'' +
url +
"?" +
params.join("&") +
"', 'Authorization', 'width=500,height=600');\">";
return HtmlService.createHtmlOutput(html);
}
function getCallbackURL() {
var url = ScriptApp.getService().getUrl();
if (url.indexOf("/exec") >= 0) {
url = url.slice(0, -4) + "usercallback";
}
url = url.slice(0, -3) + "usercallback";
PropertiesService.getScriptProperties().setProperties({
redirect_uri: url
});
return url;
}
function callback(e) {
var credentials = fetchAccessToken(e.parameter.code);
return HtmlService.createHtmlOutput(JSON.stringify(credentials, null, " "));
}
function fetchAccessToken(code) {
var prop = PropertiesService.getScriptProperties().getProperties();
var payload = {
code: code,
client_id: prop.clientId,
client_secret: prop.clientSecret,
redirect_uri: prop.redirect_uri,
grant_type: "authorization_code"
};
var res = UrlFetchApp.fetch(
"https://login.microsoftonline.com/common/oauth2/v2.0/token",
{
method: "POST",
payload: payload,
muteHttpExceptions: true
}
);
return JSON.parse(res.getContentText());
}
- At January 3, 2019, I could know that the flow for retrieving the client ID and secret had been changed by an email. By this, I could update this. The sample script is not changed.
- At August 19, 2020, it could confirm that above sample script worked. In the current stage, it seems that the specification of this is not changed.
works great! Thanks