I am trying to write a small Java client for consuming services provided by Microsoft Exchange server through Exchange Web Services (EWS). For experimenting I set up Exchange Online account from here.
Then I configured my Outlook client to use the newly created mail on exchange and outlook's Test Email Auto-Configuration windows I tried to retrieve the link for Services.wsdl for that client:
Then I tried hitting Availability Services url, entered the username and password and it opened following page:
I then tried to hit the url specified on that page for service.wsdl, but it gave Page Not Found error. SO
Q1 where will I get WSDL file, and
Q2 which link should I hit while developing Java client. In my office environment I get WSDL file over configured Exchange server which directly opens WSDL file but am guessing what should be in case of exchange online.
Q1 - The WSDL file can be downloaded from the Exchange server endpoint that you wish to hit. I don't have credentials to try this, but this should work:
https://outlook.office365.com/EWS/Services.wsdl
It's usually in the EWS directory and named Services.wsdl. I just looked at your other screenshots above and inferred the same format.
Q2 - For Office 365 (which you are testing with), Microsoft recommends this approach for manually finding the URL to hit for API calls. (Alternative much more detailed desciption here: How to get services.wsdl for Office 365?)
However building the stubs yourself and finding URLs to invoke is a lot of work that you don't have to do if you use a pre-built Java library such as Microsoft's own EWS Java API or this 3rd party library. They both do basically the same thing, which is to expose Java classes in a Jar that allow you to make calls to any Exchange server. They will also take care of automatically discovering the URL to use, if you wish (it's a feature called Autodiscover).
Related
I have a java (Spring boot) web service which does not have any UI.
I want to send a dynamic Email (created using Thymeleaf and injecting values from a database) using my web service on a daily Cron schedule, using Microsoft Graph and O365 APIs.
Right now I use SMTP to send emails, but I cannot use it anymore as that is no longer going to be supported by the O365 account that I am using.
I found the SendMail APIs on the Graph Documentation which looks pretty straightforward.
But, using the Graph AIPs requires you to create an Azure AD project first and use their Microsoft Identity platform - which I created.
Now, the problem is that most of the flows also require a user to manually login from a login window.
This is where things get complicated.
I do not have a place to show a Login window to any user from my web service, because it is just a backend service there is no UI. I intend to use a service account for sending the emails through the Application.
I found a Daemon support as well, but it seems to only support Python or .Net code.
Migrating my code from Java to either of those platforms just to be able to send emails
does not feel like a good solution.
And, I'm not even sure if they even offer similar capabilities of sending dynamic emails like Java+Thylemeaf do?
Is there a way to be able to continue doing this using my existing code in Java?
If not, then as the worst case scenario, are there any libraries in Python which can allow me to send dynamic emails like thymeleaf does in Java?
As you don't want to manually login from a login window, you can use the client credential flow.
Here is the guide regarding how to access graph api without user.
Reference:
msgraph-sdk-java-auth (You can choose to use Client credential provider)
We have mobile application backend running in AWS. Backend build using Java spring front end supported for native iOS, native Android and angular js based website, it has own authentication using email id and password. Now we are planning to integrate our app authentication with our organisation Active directory which available in Azure AD.
We have outline idea about Azure portal application creation, use ADAL library to get token from azure. But we are not clear about how we can validate token at web service side. Could you please enlighten us about integration process
Unfortunately, Azure AD doesn't have great guidance on securing a web API in Java at this time. However, taking the open-source approach isn't terribly difficult in this case.
Azure AD's access tokens are JWTs, which are essentially just base64 encoded JSON strings with a signature. jwt.io has compiled a nice list of open-source libraries that can be used to validate JWTs (some libraries for generating them too, fyi). The best reference material available at this time is:
The claims listed in this token reference article where necessary (ignore the comment about id_tokens only, that's incorrect).
The OpenID Connect spec also has some good tidbits on how to validate tokens. You should also make sure to validate the scope claim, which won't be mentioned there.
This code sample shows how to take this approach, but it's in .NET. You can follow its patterns for Java.
The hardest part will be robustly fetching, caching, and refreshing the Azure AD public signing keys, making sure your app can handle key rollover. Microsoft's .NET open source library, for instance, refreshes the keys every 24 hours and refreshes them immediately any time signature validation fails. Most JWT libraries won't do that for you. The signing keys are available via Azure AD's OpenID Connect metadata endpoint,
https://login.microsoftonline.com/<tenant-or-common>/.well-known/openid-configuration
The OpenID Connect spec also has information on the format of the data available there.
I need to upload a file to a sharepoint online repository (Office 365). I need to do this in java and the sharepoint online site uses ADFS for single sign-on.
So far, all of the examples, sample-code, etc I've works for most of those requirements, but fails at one critical part (e.g.: java file upload with sso for a local sharepoint 2013 site, or java file upload to sharepoint online, but without the ADFS part). Authentication against ADFS seems to be one of the big sticking points.
Does anyone have an example of this working that meets all of those requirements?
edit-to-add: and, naturally, I've got no budget to do things like buy a commercial library that might do this quick-and-easy. :\
The below are the steps you need to execute.
Since you are trying to upload from JAVA, the only option SharePoint gives is REST API - I guess you are clear on this part.
O365 identifies you(Java call) only if you send the auth token(SAML token) along with the Request body of your REST API call
So you have to get the SAML token first and pass it with your REST Api call
Check out these links which explain the authentication process to O365 with ADFS.
Other thread in Stackoverflow
Claim auth from ADFS
A blog post about getting auth in a windows 8 app. https://blogs.msdn.microsoft.com/omarv/2012/11/15/developing-windows-8-store-apps-for-sharepoint-online-with-sso-single-sign-on/
Only thing you have to do is, replace the C# parts with equivalent Java API calls.
I am looking for a way to validate the DKIM signature of the incoming email.
I know how to do it in Java SE but it will use classes like javax.naming.directory.DirContext to get data from DNS server and this class is not white listed in App Engine.
Any idea how to communicate with DNS form Google App engine?
There is a blog post that says:
Once you've configured DKIM, just send
an email from your Google Apps account
to:
dkim#dkim-test.appspotmail.com
within minutes, you should get back an
email that says "PASS" or "FAIL". If
your test passed, you're all set!
I tried it and it works!
It seems like a Google App Engine Application. How is it done?!
I'm the author of the dkim-test app. Unfortunately I did not actually find a native way to do DNS queries in AppEngine. There's a feature request in the AppEngine issues tracker here:
http://code.google.com/p/googleappengine/issues/detail?id=354
The way I got around this for dkim-test was to do a HTTP GET request to http://whatsmyip.us/dns_txt.php?host=google.com (where google.com is the host I want to retrieve TXT records for).
Obviously there are some down sides here. dkim-test is entirely dependent on whatsmyip.us to work, should that service go down or they decide to block dkim-test, then it would break. Things would also break if they changed the format of the response.
I am trying to implement hybrid Google OpenID + OAuth protocol in order to identify my users and to access their Google calendar data.
Sample request looks like:
https://www.google.com/accounts/o8/id
?openid.ns=http://specs.openid.net/auth/2.0
&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select
&openid.identity=http://specs.openid.net/auth/2.0/identifier_select
&openid.return_to=http://www.example.com/checkauth
&openid.realm=http://www.example.com
&openid.assoc_handle=ABSmpf6DNMw
&openid.mode=checkid_setup
&openid.ns.oauth=http://specs.openid.net/extensions/oauth/1.0
&openid.oauth.consumer=www.example.com
&openid.oauth.scope=http://docs.google.com/feeds/+http://spreadsheets.google.com/feeds/
I am using openid4java. I tried to follow this post: library-to-integrate-googles-oauth-openid-hybrid-in-java-web-app
But I came into trouble when testing my application on localhost.
As you can see in aforementioned sample request, there are three attributes that must be equal:
openid.realm
openid.oauth.consumer
openid.return_to
I have registered some domain with google and obtained consumer key and secret. But when I want to develop and debug my application on localhost (i. e. openid.return_to=http://localhost:8080/ and openid.realm=http://*.mydomain.com and openid.oauth.consumer=www.mydomain.com) and supply my key and secret, openid4java RealmVerifier rejects such authentication request.
I have even tried to supply completely valid options (my registered domain instead of localhost) - it seemed to function, but the redirection went away (I don't want to/can't deploy the application in that domain because of missing technologies.).
Could you please advise, how to develop such application on localhost? Is there any trick how to test such application?
Thanks for any help!
Try adding your your-machine.your-domain.com which points to 127.0.0.1 in the /etc/hosts (on linux) on your dev box and then hit your application as http://your-machine.your-domain.com
(note: replace your-machine with your machine name and your-domain with the domain you have registered with Google)