-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OneDrive integration #6073
base: develop
Are you sure you want to change the base?
OneDrive integration #6073
Conversation
@@ -118,7 +118,7 @@ def reader | |||
when 'file' | |||
File.open(location,'r') | |||
else | |||
Kernel::open(uri.to_s, 'r') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Kernel::open
would fail to find the sharepoint files due to our Ruby version. Using Kernel::open
to call URI.open
was removed in Ruby 3.0, so we need to explictly use URI.open
here.
Although, looks like that caused a test to fail so we maybe need to implement trying URI.open
then fallback to Kernel::open
or vice versa.
settings['sharepoint'] = { client_id: Settings.dropbox.sharepoint.client_id, | ||
client_secret: Settings.dropbox.sharepoint.client_secret, | ||
tenant_id: Settings.dropbox.sharepoint.tenant_id, | ||
grant_type: Settings.dropbox.sharepoint.grant_type, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For current implementation this line is unneeded. However, there are a couple different ways to grant an application access to Microsoft Graph. For our purposes at IU, we need to log in as specific users which requires the authorization_code
grant type. This is currently hardcoded. The other type is for allowing the application itself to get access, so a specific user account is not needed, which uses the client_credentials
grant type.
For the final version of this work it would be ideal to allow implementers to choose which auth flow works best for how they have sharepoint setup so I have left the grant_type
param in place here as a placeholder/reminder.
# client_secret: YOUR_MICROSOFT_GRAPH_CLIENT_SECRET | ||
# tenant_id: YOUR_MICROSOFT_GRAPH_TENANT_ID | ||
# scope: offline_access https://graph.microsoft.com/.default | ||
# redirect_uri: https://example.com/browse/connect |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The redirect_uri
param should be the application's base url appended with /browse/connect
. So Avalon-dev should be https://avalon-dev.dlib.indiana.edu/browse/connect
. This same value should be what is entered in the redirect_uri
setting for the application in the Entra admin center.
This PR adds support for file upload from a user's OneDrive site. The work is primarily contained in our fork of browse-everything, but also includes an updated ActiveEncode to properly parse the download links provided by the Microsoft API.
To implement on Avalon, we will need to have the application registered in the Entra admin center. For initial testing we may be able to use the application information I registered for my local testing, but it may be worthwhile to go ahead and set up an application profile specifically for Avalon-dev. If you go to entra.microsoft.com and login with your IU info, you should be able to go to "Applications -> App Registrations" and look up my test which is called "browseeverything-test" to see the current permissions, ids, redirects, etc.
Once the app is registered, the information can be plugged into Avalon-dev's
settings.yml
and hopefully everything will just work...