Azure Python Flask External app consuming Office365 SharePoint Site
If you are not familiar with Flask, I highly recommend it for small projects with tight deadlines http://flask.pocoo.org/.
You can find the code in Github: https://github.com/pnp/PnP/tree/master/Samples/Python.Office365.AppAuthentication
Prerequisites before we go into the code:
- Office 365 developer tenant
- Visual Studio 2015 installed and Python Tools for Visual Studio installed or favorite IDE, or just a good text editor :).
- Python 2.7 or 3.4 installed
- Flask, requests, PyJWT Python packages installed via pip
Prepare the scenario for the Office 365 Python Flask app authentication sample
The Office 365 Python Flask application will:
- Use Azure AD authorization endpoints to perform authentication
- Use Office 365 SharePoint API's to show the authenticated user's title For these tasks to succeed you need to do additional setups explained below.
- Create Azure trial account with the Office 365 account so the app can be registered, or you can register it with PowerShell. A good tutorial can be found on this link https://github.com/OfficeDev/PnP/blob/497b0af411a75b5b6edf55e59e48c60f8b87c7b9/Samples/AzureAD.GroupMembership/readme.md.
- Register the app in the Azure portal and assign http://localhost:5555 to the Sign-on URL and Reply URL
- Generate a client secret
- Grant the following permission to the Python Flask app: Office 365 SharePoint Online > Delegated Permissions > Read user profiles
- Copy the client secret and the client id from the Azure portal and replace them into the Python Flask config file - Assign URL to the SharePoint site you are going to access to the RESOURCE config variable.
- Open the sample in Visual Studio 2015 - Go to Project > Properties > Debug and dedicate 5555 for Port Number
- Go to Python environments > your active python environment > execute "Install from requirements.txt". This will ensure that all the required Python packages are installed.
Run the Office 365 Python Flask app sample
When you run the sample you'll see the title and login url.
Once you've clicked the sign-in link, the Office 365 API will go through the authentication handshake and the Python Flask home screen will reload with the logged in user title and access token displayed: