2025-01-12 04:36:52 +08:00

56 lines
2.3 KiB
R

# !!! The special redirect URI "urn:ietf:wg:oauth:2.0:oob used
# !!! by httr in case httuv is not installed is currently not
# !!! supported by Azure Active Directory (AAD).
# !!! Therefore it is required to install httpuv to make this work.
# 1. Register an app app in AAD, e.g. as a "Native app", with
# redirect URI <http://localhost:1410/>.
# 2. Insert the App name:
app_name <- "myapp" # not important for authorization grant flow
# 3. Insert the created apps client ID which was issued after app creation:
client_id <- "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
# In case your app was registered as a web app instead of a native app,
# you might have to add your secret key string here:
client_secret <- NULL
# API resource ID to request access for, e.g. Power BI:
resource_uri <- "https://analysis.windows.net/powerbi/api"
# Obtain OAuth2 endpoint settings for azure:
# This uses the "common" endpoint.
# To use a tenant url, create an
# oauth_endpoint(authorize = "https://login.windows.net/<tenant_id>/oauth2/authorize",
# access = "https://login.windows.net/<tenant_id>/oauth2/token")
# with <tenant_id> replaced by your endpoint ID.
azure_endpoint <- oauth_endpoints("azure")
# Create the app instance.
myapp <- oauth_app(
appname = app_name,
key = client_id,
secret = client_secret
)
# Step through the authorization chain:
# 1. You will be redirected to you authorization endpoint via web browser.
# 2. Once you responded to the request, the endpoint will redirect you to
# the local address specified by httr.
# 3. httr will acquire the authorization code (or error) from the data
# posted to the redirect URI.
# 4. If a code was acquired, httr will contact your authorized token access
# endpoint to obtain the token.
mytoken <- oauth2.0_token(azure_endpoint, myapp,
user_params = list(resource = resource_uri),
use_oob = FALSE
)
if (("error" %in% names(mytoken$credentials)) && (nchar(mytoken$credentials$error) > 0)) {
errorMsg <- paste("Error while acquiring token.",
paste("Error message:", mytoken$credentials$error),
paste("Error description:", mytoken$credentials$error_description),
paste("Error code:", mytoken$credentials$error_codes),
sep = "\n"
)
stop(errorMsg)
}
# Resource API can be accessed through "mytoken" at this point.