似乎UserIdentityToken无法用于识别Exchange Online用户。该令牌可以被第三方服务(即自定义聊天帐户)用于识别当前用户的可靠方式。
如果我们想从Exchange Online检索某些内容但 5分钟的时间限制,我们可以依赖回调令牌。
如果我们绝对想要避免此限制,我找到的唯一其他方法是要求他们的Office 365凭据。我是这样做的:
// Send Basket Button | Send the basket to Sharepoint
$("#sendMails").click(function () {
var mailsId = getMailIds();
if (mailsId != null) saveMails(mailsId);
});
function saveMails(mailsId) {
$.post(
"/AJAX/SaveMails"
{
mailsId: JSON.stringify(mailsId),
login: "mymail@onmicrosoft.com",
password: "mypass",
},
function(result) {
console.log("saveMails : ", result);
},
"text"
);
}
[HttpPost]
public ActionResult SaveMails()
{
// Office365 credentials
var login = Request["login"];
var password = Request["password"];
// mailsID to retrieve from Exchange
// IDs come from Office.context.mailbox.item.itemId
var mailsID = JsonConvert.DeserializeObject<List<string>>(Request["mailsID"]);
// Set credentials and EWS url for the Exchange connection
var exService = new ExchangeService
{
// User's credentials
Credentials = new WebCredentials(login, password),
// Exchange Uri (always the same for Office365)
Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx")
}
foreach(var mail in mailsID)
{
var itemId = new ItemId(mail);
// Get mails from Exchange Online
var email = EmailMessage.Bind(exService, itemId);
// ... Do something with the mail
}
// ... Rest of the code
}
现在你可以用你的邮件做你需要的了。
(旧帖子)
我为此奋斗。我想从Outlook在线检索一堆带有 ASP.NET MVC Web服务器的电子邮件,而没有物品令牌的限制,其生命周期仅为5分钟。
我目前正在尝试的是:
显然,它不起作用。但是,我尝试通过输入我的Office帐户的登录名和密码进行身份验证,此处确实有效。
我在其他地方读到我们必须在尝试使用它进行身份验证之前验证我们的令牌,但它似乎只涉及带有Azure AD的外部应用程序?就我而言,那只是一个Outlook Online WEB插件。
嗯,这是我控制器中的当前代码(处理身份验证并尝试从Exchange检索邮件)
[HttpPost]
public ActionResult GetMails()
{
// Token from getUserIdentityTokenAsync() as a string
var token = Request["token"];
// mailsID to retrieve from Exchange
// IDs come from Office.context.mailbox.item.itemId
var mailsID = JsonConvert.DeserializeObject<List<string>>(Request["mailsID"]);
var exService = new ExchangeService
{
Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx"),
Credentials = new OAuthCredentials(token),
// WebCredentials works but I don't want the user to enter that
// Credentials = new WebCredentials("mymail@onmicrosoft.com", "mypass");
}
foreach(var mail in mailsID)
{
var itemId = new ItemId(mail);
// Try to get the mail from Exchange Online
var email = EmailMessage.Bind(exService, itemId);
// ... Rest of the code
}
// ... Rest of the method
}
Office.context.mailbox.item.itemId reference
我的目标是避免用户再次输入他们的Office Online凭据,这会很奇怪......我认为不安全。我错过了什么呢?
提前致谢。
答案 0 :(得分:1)
来自Office.context.mailbox.getUserIdentityTokenAsync()的ID令牌只能用于识别和authenticate the add-in and user with a third-party system。
如果要使用令牌通过EWS从Exchange获取项目,我们需要使用getCallbackTokenAsync方法中的令牌。以下是供您参考的样本:
//HTML
<h1 id="fonty">Size of font in pixels?</h1>
//CSS
#fonty {
font-size: 8px;
font-family: Arial;
}
//Javascript
var height = $("#fonty").height();
console.log(height);
Web API:
function getMails2() {
Office.context.mailbox.getCallbackTokenAsync(function (rs) {
callMyWebService(rs.value, Office.context.mailbox.item.itemId)
})
}
function callMyWebService(token, itemID) {
var customer = { "token": token, "id": itemID };
$.ajax({
url: '../../api/Default',
type: 'POST',
data: JSON.stringify(customer),
contentType: 'application/json;charset=utf-8'
}).done(function (response) {
if (!response.isError) {
var names = "<h2>Attachments processed using " +
serviceRequest.service +
": " +
response.attachmentsProcessed +
"</h2>";
for (i = 0; i < response.attachmentNames.length; i++) {
names += response.attachmentNames[i] + "<br />";
}
document.getElementById("names").innerHTML = names;
} else {
app.showNotification("Runtime error", response.message);
}
}).fail(function (status) {
}).always(function () {
$('.disable-while-sending').prop('disabled', false);
})
};