Hi fellow developers.
I am doing an app, where I want to integrate with Microsoft To Do. I’m developing an app with a card to create a task to a provided list. I really like Microsoft To Do and want to integrate with flows and think its useful for others as well.
Perhaps in the future, I want to integrate with Microsoft Teams as well.
Microsoft To Do, and Teams, a Microsoft account is required. Microsoft personal account is what this app will support.
To integrate with Microsoft To Do - one way is to use Graph Api.
The following flow is required:
- Authenticate with Microsoft Identity
- Register an app in Azure Entra Directory (generic Homey-app on “my account”)
- Setup permissions for this app to specific Graph Api (in this case Tasks.ReadWrite)
- Trigger authentication flow from Homey-app to “concent” the logged in user (A)
- The user will have to accept that Homey-app will access Tasks etc. - in a popup.
- Integration with Microsoft To Do
- From the homey app, call Login.microsoft.com and get a Bearer token in return, use this bearer token for further Graph Api actions.
- To do so, the login-call must be provided with a “secret” wich is setup in App Registration
My findings so far
A I am able to do a partial authentication in a popup, by trigger a popup:
https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize?client_id=${clientId}&response_type=code&redirect_uri=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fnativeclient&response_mode=query&scope=api%3A%2F%2F6a90c318-a2c5-42fb-8a76-d4b03d25f8e7/TODO&state=My8evpyCmsouwMwb
;
Most flows, ends with a callback. This callback calls your backend and is exposed by web. But with Homey I do not think it is possible to expose a callback url - also running a Homey app inside a node/container does not have a direct url for external services to call.
I know the description for this is kinda messy, have been struggling with this for while now and quite confused atm.
I’ve done Microsoft Authentication before, but inside Azure with msal and a lot of this is “automatic”. But with Homey-App and simple http-client - I’m struggling here
Remarks
I know this can be achieved, I’ve seen it done in like Tesla App and also the Discord App.
But I’ve found very little information about doing so, so maybe one of you, in this community, have a solution or input needed for me to complete this authentication flow.
Also from the description in Homey Cli, the optimal way is to make a repair option, but then I will have to provide own html pages, which I dont have a template to. Maybe someone can provide a template for this.
What am I looking for
Someone who can explain how this can be achieved. Also I could be missing a piece, in the puzzle, where the authentication flow, will provide me with a personal token or somehing to provide to the Microsoft Identity, that identifies the user X so that I can target that specific Microsoft-account.
(from a cookie or something…)
Again, sorry for this fuzzy description, but doing the Tasks operation is super simple - the authentication is a mf’er
Looking forward to your input or guide me in the right direction maby.