/
getTokenForTeamsUser.ts
88 lines (73 loc) · 3.29 KB
/
getTokenForTeamsUser.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.
/**
* @summary Exchange an AAD access token of a Teams user for a new Communication Identity access token.
*/
import {
CommunicationAccessToken,
CommunicationIdentityClient,
} from "@azure/communication-identity";
import { PublicClientApplication } from "@azure/msal-node";
// Load the .env file if it exists
import * as dotenv from "dotenv";
dotenv.config();
// You will need to set this environment variables or edit the following values
const connectionString =
process.env["COMMUNICATION_CONNECTION_STRING"] || "<communication service connection string>";
const aadTenant =
process.env["COMMUNICATION_M365_AAD_TENANT"] || "<azure active directory tenant id>";
const aadAppId = process.env["COMMUNICATION_M365_APP_ID"] || "<azure active directory app id>";
const aadAuthority =
process.env["COMMUNICATION_M365_AAD_AUTHORITY"] || "<azure active directory authority>";
const msalUsername = process.env["COMMUNICATION_MSAL_USERNAME"] || "<msal username>";
const msalPassword = process.env["COMMUNICATION_MSAL_PASSWORD"] || "<msal password>";
export async function main() {
if (process.env["SKIP_INT_IDENTITY_EXCHANGE_TOKEN_TEST"] === "true") {
console.log("Skipping the Get Access Token for Teams User sample");
return;
}
console.log("\n== Get Access Token for Teams User sample ==\n");
const client = new CommunicationIdentityClient(connectionString);
// Get an AAD token and object ID of a Teams user
console.log("Getting an AAD token and an object ID of a Teams user");
// Use MSAL to get the AAD token and object ID of a Teams user
// Create configuration object for PublicClientApplication
const msalConfig = {
auth: {
clientId: aadAppId,
authority: aadAuthority + "/" + aadTenant,
},
};
// Create an instance of PublicClientApplication
const msalInstance = new PublicClientApplication(msalConfig);
const scopes = [
"https://auth.msft.communication.azure.com/Teams.ManageCalls",
"https://auth.msft.communication.azure.com/Teams.ManageChats",
];
// Create request parameters object for acquiring the AAD token and object ID of a Teams user
const usernamePasswordRequest = {
scopes: scopes,
username: msalUsername,
password: msalPassword,
};
// Retrieve the AAD token and object ID of a Teams user
const response = await msalInstance.acquireTokenByUsernamePassword(usernamePasswordRequest);
let teamsToken = response!.accessToken;
console.log(`Retrieved a token with the expiration: ${response!.extExpiresOn}`);
// Retrieve the user object ID
let userObjectId = response!.uniqueId;
console.log("Exchanging the AAD access token for a Communication access token");
// Exchange the AAD access token of a Teams user for a new Communication Identity access token
const communicationAccessToken: CommunicationAccessToken = await client.getTokenForTeamsUser({
teamsUserAadToken: teamsToken,
clientId: aadAppId,
userObjectId: userObjectId,
});
console.log(`Exchanged Communication access token: ${communicationAccessToken.token}`);
}
main().catch((error) => {
console.error("Encountered an error while exchanging token: ");
console.error("Request: \n", error.request);
console.error("\nResponse: \n", error.response);
console.error(error);
});