# # Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one # or more contributor license agreements. Licensed under the Elastic License 2.0; # you may not use this file except in compliance with the Elastic License 2.0. # """ This module is used to generate the access token required to authenticate the Microsoft Graph APIs. """ from msal import ConfidentialClientApplication SCOPE = ["User.Read.All", "TeamMember.Read.All", "ChannelMessage.Read.All", "Chat.Read", "Chat.ReadBasic", "Calendars.Read"] class AccesstokenError(Exception): """Exception raised when there is an error in generating access token. Attributes: message -- explanation of the error """ def __init__(self, message): super().__init__(message) self.message = message class MSALAccessToken: """This class generates and returns the access token.""" def __init__(self, logger, configs): self.logger = logger self.config = configs self.logger.info("Initializing the Token generation") def get_token(self, is_acquire_for_client=False): """Generates the access token to call Microsoft Graph APIs :param is_acquire_for_client: Pass True if want to acquire token by using client_id, tenant_id and secret_key Returns: access_token: Access token for authorization """ self.logger.debug(f'Generating the access token for the tenant ID: {self.config.get_value("tenant_id")}...') authority = f'https://login.microsoftonline.com/{self.config.get_value("tenant_id")}' try: auth_context = ConfidentialClientApplication( self.config.get_value("application_id"), client_credential=self.config.get_value("client_secret"), authority=authority) if is_acquire_for_client: token = auth_context.acquire_token_for_client("https://graph.microsoft.com/.default") else: token = auth_context.acquire_token_by_username_password( self.config.get_value("username"), self.config.get_value("password"), SCOPE) if not token.get("access_token"): raise AccesstokenError( "Could not generate the access token, please verify the Microsoft Teams configuration settings in \ configuration file.") self.logger.info( f"Successfully generated the access token for the tenant ID: {self.config.get_value('tenant_id')}.") return token.get("access_token") except Exception as exception: raise AccesstokenError(f"Error while generating the access token. Error: {exception}")