How to verify oauth token generated using Microsoft Graph API
S Andrew
I am getting the oath token using below code:
def get_token():
try:
r = requests.post("https://login.microsoftonline.com/" + config_data['TENNANT_ID'] + "/oauth2/token",
data={"grant_type": "client_credentials",
"client_secret": config_data['CLIENT_SECRET'],
"client_id": config_data['CLIENT_ID'],
"resource": "https://graph.microsoft.com"})
if r.status_code == 200:
ret_body = r.json()
return ret_body['access_token']
else:
log.error("Unable to get token from oauth {}, {}".format(r.status_code, r.json()))
return "false"
except Exception as e:
log.error("Exception occurred while getting oauth token {}".format(e))
I am looking for a microsoft graph api through which I can verify the generated oauth token weather its expired or not. Can anyone please point me to some documentation page for this.?
Hury Shen
As mentioned by Despicable in comments, when you access the token, the response json conntains a field expires_in. Below is the screenshot of response json when I request for access token, the value of expires_in is 82799 in my side but it may be 3599(1 hour) in your side.
You can use ret_body['expires_in'] in your code to get the field.
============================Update================================
As you can only receive the access token but not any more fields, so you can parse(decode) the access token to get the expire date.
When we parse the token in this page for test, we can find there is a claim exp(in timestamp format) which means the expire date of the token. So we just need to parse the token and get the property exp, then convert it from timestamp to datetime. 
Below is part of my code for your reference:
if r.status_code == 200:
ret_body = r.json()
accessToken = ret_body['access_token']
decodedJson = jwt.decode(accessToken, verify=False)
timestamp = decodedJson["exp"]
resultDateTime = datetime.fromtimestamp(timestamp)
The resultDateTime is the expire time of your access token, you can compare it with current time(you can also skip change timestamp to datetime format in your code, compare the timestamp with current date timestamp directly).
To execute the code success, you also need to install pip install pyjwt and add these lines in your python code:
import jwt
import json
from datetime import datetime
Collected from the Internet
Please contact [email protected] to delete if infringement.
edited at
- Prev: INDEX/MATCH with multiple criteria in rows and columns
- Next: How to go about inserting domain objects in db at start of API
Related
TOP Ranking
- 1
Can't pre-populate phone number and message body in SMS link on iPhones when SMS app is not running in the background
- 2
pump.io port in URL
- 3
Failed to listen on localhost:8000 (reason: Cannot assign requested address)
- 4
Unable to use switch toggle for dark mode in material-ui
- 5
grouping by column variables and appending a new variable based on condition
- 6
BigQuery - concatenate ignoring NULL
- 7
Spring Boot JPA PostgreSQL Web App - Internal Authentication Error
- 8
ngClass error (Can't bind ngClass since it isn't a known property of div) in Angular 11.0.3
- 9
Python Read Directory And Output to CSV
- 10
Remove adjacent duplicates in linked list in C
- 11
Angular 8. Unknown amount of http.get requests in array to call, must be sequential, what to use
- 12
How to keep curl session alive between two php processes?
- 13
Limit number of characters in uitextview
- 14
JMeter: Why get error when try to save test plan
- 15
Always setting the text cursor on Textbox
- 16
MTKView Displaying Wide Gamut P3 Colorspace
- 17
Vector input in shiny R and then use it
- 18
How to implement an authentication method using Spring Boot and JPA?
- 19
Laravel getting value from another table using eloquent
- 20
org.springframework.web.client.HttpClientErrorException: 401 null
- 21
When I click any button in my view page the form is submitted
Comments