Added code for custom setting of the scope to be used. This has not b…

…een tested yet.

EWSEditor/Common/Auth/AuthenticationHelper.cs

@@ -83,28 +83,8 @@ public class AuthenticationHelper
             return Do_OAuth(ref MailboxBeingAccessed, ref AccountAccessingMailbox,
              sAuthority, sAppId, sRedirectURL, sServername, ref sBearerToken, PromptBehavior.Always);
 
-            //ExchangeCredentials oExchangeCredentials = null;
-
             //// See // https://msdn.microsoft.com/en-us/library/office/dn903761(v=exchg.150).aspx
-            //// get authentication token
-            //string authority = sAuthority;
-            //string clientID = sAppId;
-            //Uri clientAppUri = new Uri(sRedirectURL);
-            //string serverName = sServername;
-
-            //AuthenticationContext authenticationContext = new AuthenticationContext(authority, false);
-            //PlatformParameters oPlatformParameters = new PlatformParameters(PromptBehavior.Always);
-            //AuthenticationResult authenticationResult = authenticationContext.AcquireTokenAsync (serverName, clientID, clientAppUri, oPlatformParameters).Result;
-
-            //sBearerToken = authenticationResult.AccessToken;
-
-            //// Add authenticaiton token to requests
-            //oExchangeCredentials = new OAuthCredentials(authenticationResult.AccessToken);
-
-            //MailboxBeingAccessed = authenticationResult.UserInfo.DisplayableId;
-            //AccountAccessingMailbox = authenticationResult.UserInfo.DisplayableId;  // oAuth at this time does not support delegate or impersonation access - may need to change this in the future.
 
-           // return oExchangeCredentials;
 
         }
 

EWSEditor/Common/Auth/oAuthHelper.cs

@@ -23,6 +23,7 @@
 //using Microsoft.IdentityModel.Clients.ActiveDirectory;
 using System.Web.UI.WebControls;
 using System.Xml.Linq;
+using System.Net.NetworkInformation;
 
 // For reference:
 //      https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-client-application-configuration
@@ -62,17 +63,30 @@ public PublicClientApplication CurrentPublicClientApplication
         }
 
 
-
-
+        ///------------------------------------------------------------------------------------------------------
+        /// <summary>
+        ///  
+        /// </summary>
+        /// <param name="ClientId"></param>
+        /// <param name="TenantId"></param>
+        /// <param name="OAuth2RedirectUrl"></param>
+        /// <param name="OAuth2Authority"></param>
+        /// <param name="OAuth2ValidateAuthority"></param>
+        /// <returns></returns>
         public async Task<AuthenticationResult> GetDelegateToken(
                 string ClientId, 
                 string TenantId, 
                 string OAuth2RedirectUrl, 
                 string OAuth2Authority, 
-                bool OAuth2ValidateAuthority)
+                bool OAuth2ValidateAuthority,
+                string OAuth2Scope
+                )
         {
             _Success = false;
 
+            //var ewsScopes = new string[] { "https://outlook.office365.com/EWS.AccessAsUser.All" };
+            string[] ewsScopes = { OAuth2Scope };
+
             // Using Microsoft.Identity.Client 4.22.0
             PublicClientApplicationOptions pcaOptions = null;
 
@@ -105,7 +119,7 @@ public PublicClientApplication CurrentPublicClientApplication
                 .CreateWithApplicationOptions(pcaOptions).Build();
 
             // The permission scope required for EWS access
-            var ewsScopes = new string[] { "https://outlook.office365.com/EWS.AccessAsUser.All" };
+             
 
             AuthenticationResult oResult = null;
 
@@ -131,21 +145,34 @@ public PublicClientApplication CurrentPublicClientApplication
             return null;
 
         }
-
-
 
 
+        // ------------------------------------------------------------------------------------------------------
+        /// <summary>
+        /// 
+        /// </summary>
+        /// <param name="ClientId"></param>
+        /// <param name="TenantId"></param>
+        /// <param name="ClientSecret"></param>
+        /// <param name="OAuth2RedirectUrl"></param>
+        /// <param name="OAuth2Authority"></param>
+        /// <param name="OAuth2ValidateAuthority"></param>
+        /// <param name="OAuth2Scope"></param>
+        /// <returns></returns>
         public async Task<AuthenticationResult> GetApplicationToken(
                 string ClientId, 
                 string TenantId, 
                 string ClientSecret, 
                 string OAuth2RedirectUrl,
                 string OAuth2Authority,
-                bool OAuth2ValidateAuthority)
+                bool OAuth2ValidateAuthority,
+                string OAuth2Scope )
         {
 
             // Configure the MSAL client to get tokens
-            var ewsScopes = new string[] { "https://outlook.office.com/.default" };
+            //var ewsScopes = new string[] { "https://outlook.office.com/.default" };
+            string[] ewsScopes = { OAuth2Scope };
+
             IConfidentialClientApplication app = null;
 
             try
@@ -215,16 +242,31 @@ public PublicClientApplication CurrentPublicClientApplication
 
         }
 
+        // ----------------------------------------------------------------------
+        /// <summary>
+        /// 
+        /// </summary>
+        /// <param name="ClientId"></param>
+        /// <param name="TenantId"></param>
+        /// <param name="ClientCertificate"></param>
+        /// <param name="OAuth2RedirectUrl"></param>
+        /// <param name="OAuth2Authority"></param>
+        /// <param name="OAuth2ValidateAuthority"></param>
+        /// <param name="OAuth2Scope"></param>
+        /// <returns></returns>
         public async Task<AuthenticationResult> GetCertificateToken(
                 string ClientId, 
                 string TenantId, 
                 X509Certificate2 ClientCertificate, 
                 string OAuth2RedirectUrl,
                 string OAuth2Authority,
-                bool OAuth2ValidateAuthority)
+                bool OAuth2ValidateAuthority,
+                string OAuth2Scope)
         {
             // Configure the MSAL client to get tokens
-            var ewsScopes = new string[] { "https://outlook.office.com/.default" };
+            //var ewsScopes = new string[] { "https://outlook.office.com/.default" };
+            string[] ewsScopes = { OAuth2Scope };
+
 
             IConfidentialClientApplication app = null;
 
@@ -276,25 +318,9 @@ public async Task<AuthenticationResult> GetRefreshToken(PublicClientApplication
         {
 
             // https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-error-handling-dotnet#msaluirequiredexception
-
-
-            //var pcaOptions = new PublicClientApplicationOptions
-            //{
-            //    ClientId = sClientId,
-            //    TenantId = sTenantId
-            //};
-
-
-
-            //var pca = PublicClientApplicationBuilder
-            //    .CreateWithApplicationOptions(pcaOptions).Build();
-
+
             // https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/AcquireTokenSilentAsync-using-a-cached-token
-
-            //var accounts = await pca.GetAccountsAsync();
-            //var firstAccount = accounts.FirstOrDefault();
-
-
+
 
             var accounts = await oPCA.GetAccountsAsync();
 

EWSEditor/Common/EwsProxyFactory.cs

@@ -59,6 +59,7 @@ public class EwsProxyFactory
         public static string OAuth2RedirectUrl = string.Empty;
         public static string OAuth2Authority = string.Empty;
         public static bool OAuth2ValidateAuthority = true;
+        public static string OAuth2Scope = string.Empty;
 
         public static bool? UseOAuthDelegate = null;
         public static bool? UseOAuthApplication = null;