microsoftgraph
diff --git a/‎demo/README.md‎
Lines changed: 1 addition & 5 deletions b/‎demo/README.md‎
Lines changed: 1 addition & 5 deletions
diff --git a/‎demo/graph-tutorial/.env.example‎
Lines changed: 0 additions & 8 deletions b/‎demo/graph-tutorial/.env.example‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎demo/graph-tutorial/app.js‎
Lines changed: 33 additions & 96 deletions b/‎demo/graph-tutorial/app.js‎
Lines changed: 33 additions & 96 deletions
diff --git a/‎demo/graph-tutorial/example.env‎
Lines changed: 5 additions & 0 deletions b/‎demo/graph-tutorial/example.env‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎demo/graph-tutorial/graph.js‎
Lines changed: 60 additions & 8 deletions b/‎demo/graph-tutorial/graph.js‎
Lines changed: 60 additions & 8 deletions
@@ -32,10 +32,6 @@ If you don't have a Microsoft account, there are a couple of options to get a fr
 
     ![A screenshot of the application ID of the new app registration](/tutorial/images/aad-application-id.png)
 
-1. Select **Authentication** under **Manage**. Locate the **Implicit grant** section and enable **ID tokens**. Choose **Save**.
-
-    ![A screenshot of the Implicit grant section](/tutorial/images/aad-implicit-grant.png)
-
 1. Select **Certificates & secrets** under **Manage**. Select the **New client secret** button. Enter a value in **Description** and select one of the options for **Expires** and choose **Add**.
 
     ![A screenshot of the Add a client secret dialog](/tutorial/images/aad-new-client-secret.png)
@@ -49,7 +45,7 @@ If you don't have a Microsoft account, there are a couple of options to get a fr
 
 ## Configure the sample
 
-1. Rename the `.env.example` file to `.env`.
+1. Rename the `example.env` file to `.env`.
 1. Edit the `.env` file and make the following changes.
     1. Replace `YOUR_APP_ID_HERE` with the **Application Id** you got from the App Registration Portal.
     1. Replace `YOUR_APP_PASSWORD_HERE` with the password you got from the App Registration Portal.
 
@@ -6,99 +6,45 @@ var express = require('express');
 var path = require('path');
 var cookieParser = require('cookie-parser');
 var logger = require('morgan');
-var session = require('express-session');
-var flash = require('connect-flash');
+const session = require('express-session');
+const flash = require('connect-flash');
+const msal = require('@azure/msal-node');
 require('dotenv').config();
 
-var passport = require('passport');
-var OIDCStrategy = require('passport-azure-ad').OIDCStrategy;
+var indexRouter = require('./routes/index');
+var usersRouter = require('./routes/users');
+var authRouter = require('./routes/auth');
+var calendarRouter = require('./routes/calendar');
 
-// Configure passport
+var app = express();
 
+// <MsalInitSnippet>
 // In-memory storage of logged-in users
 // For demo purposes only, production apps should store
 // this in a reliable storage
-var users = {};
-
-// Passport calls serializeUser and deserializeUser to
-// manage users
-passport.serializeUser(function(user, done) {
-  // Use the OID property of the user as a key
-  users[user.profile.oid] = user;
-  done (null, user.profile.oid);
-});
-
-passport.deserializeUser(function(id, done) {
-  done(null, users[id]);
-});
+app.locals.users = {};
 
-// <ConfigureOAuth2Snippet>
-// Configure simple-oauth2
-const oauth2 = require('simple-oauth2').create({
-  client: {
-    id: process.env.OAUTH_APP_ID,
-    secret: process.env.OAUTH_APP_PASSWORD
-  },
+// MSAL config
+const msalConfig = {
   auth: {
-    tokenHost: process.env.OAUTH_AUTHORITY,
-    authorizePath: process.env.OAUTH_AUTHORIZE_ENDPOINT,
-    tokenPath: process.env.OAUTH_TOKEN_ENDPOINT
-  }
-});
-// </ConfigureOAuth2Snippet>
-
-// Callback function called once the sign-in is complete
-// and an access token has been obtained
-// <SignInCompleteSnippet>
-async function signInComplete(iss, sub, profile, accessToken, refreshToken, params, done) {
-  if (!profile.oid) {
-    return done(new Error("No OID found in user profile."));
-  }
-
-  try{
-    const user = await graph.getUserDetails(accessToken);
-
-    if (user) {
-      // Add properties to profile
-      profile['email'] = user.mail ? user.mail : user.userPrincipalName;
+    clientId: process.env.OAUTH_APP_ID,
+    authority: process.env.OAUTH_AUTHORITY,
+    clientSecret: process.env.OAUTH_APP_SECRET
+  },
+  system: {
+    loggerOptions: {
+      loggerCallback(loglevel, message, containsPii) {
+        console.log(message);
+      },
+      piiLoggingEnabled: false,
+      logLevel: msal.LogLevel.Verbose,
     }
-  } catch (err) {
-    return done(err);
   }
+};
 
-  // Create a simple-oauth2 token from raw tokens
-  let oauthToken = oauth2.accessToken.create(params);
-
-  // Save the profile and tokens in user storage
-  users[profile.oid] = { profile, oauthToken };
-  return done(null, users[profile.oid]);
-}
-// </SignInCompleteSnippet>
-
-// Configure OIDC strategy
-passport.use(new OIDCStrategy(
-  {
-    identityMetadata: `${process.env.OAUTH_AUTHORITY}${process.env.OAUTH_ID_METADATA}`,
-    clientID: process.env.OAUTH_APP_ID,
-    responseType: 'code id_token',
-    responseMode: 'form_post',
-    redirectUrl: process.env.OAUTH_REDIRECT_URI,
-    allowHttpForRedirectUrl: true,
-    clientSecret: process.env.OAUTH_APP_PASSWORD,
-    validateIssuer: false,
-    passReqToCallback: false,
-    scope: process.env.OAUTH_SCOPES.split(' ')
-  },
-  signInComplete
-));
-
-var indexRouter = require('./routes/index');
-var usersRouter = require('./routes/users');
-var authRouter = require('./routes/auth');
-var calendarRouter = require('./routes/calendar');
-var graph = require('./graph');
-
-var app = express();
+// Create msal application object
+app.locals.msalClient = new msal.ConfidentialClientApplication(msalConfig);
+// </MsalInitSnippet>
 
 // <SessionSnippet>
 // Session middleware
@@ -127,6 +73,12 @@ app.use(function(req, res, next) {
     res.locals.error.push({message: 'An error occurred', debug: errs[i]});
   }
 
+  // Check for an authenticated user and load
+  // into response locals
+  if (req.session.userId) {
+    res.locals.user = app.locals.users[req.session.userId];
+  }
+
   next();
 });
 // </SessionSnippet>
@@ -150,21 +102,6 @@ app.use(express.urlencoded({ extended: false }));
 app.use(cookieParser());
 app.use(express.static(path.join(__dirname, 'public')));
 
-// Initialize passport
-app.use(passport.initialize());
-app.use(passport.session());
-
-// <AddProfileSnippet>
-app.use(function(req, res, next) {
-  // Set the authenticated user in the
-  // template locals
-  if (req.user) {
-    res.locals.user = req.user.profile;
-  }
-  next();
-});
-// </AddProfileSnippet>
-
 app.use('/', indexRouter);
 app.use('/auth', authRouter);
 app.use('/calendar', calendarRouter);
 
@@ -0,0 +1,5 @@
+OAUTH_APP_ID=YOUR_APP_ID_HERE
+OAUTH_APP_SECRET=YOUR_APP_SECRET_HERE
+OAUTH_REDIRECT_URI=http://localhost:3000/auth/callback
+OAUTH_SCOPES='user.read,calendars.readwrite,mailboxsettings.read'
+OAUTH_AUTHORITY=https://login.microsoftonline.com/common/
@@ -8,23 +8,75 @@ module.exports = {
   getUserDetails: async function(accessToken) {
     const client = getAuthenticatedClient(accessToken);
 
-    const user = await client.api('/me').get();
+    const user = await client
+      .api('/me')
+      .select('displayName,mail,mailboxSettings,userPrincipalName')
+      .get();
     return user;
   },
 
-  // <GetEventsSnippet>
-  getEvents: async function(accessToken) {
+  // <GetCalendarViewSnippet>
+  getCalendarView: async function(accessToken, start, end, timeZone) {
     const client = getAuthenticatedClient(accessToken);
 
     const events = await client
-      .api('/me/events')
+      .api('/me/calendarview')
+      // Add Prefer header to get back times in user's timezone
+      .header("Prefer", `outlook.timezone="${timeZone}"`)
+      // Add the begin and end of the calendar window
+      .query({ startDateTime: start, endDateTime: end })
+      // Get just the properties used by the app
       .select('subject,organizer,start,end')
-      .orderby('createdDateTime DESC')
+      // Order by start time
+      .orderby('start/dateTime')
+      // Get at most 50 results
+      .top(50)
       .get();
 
     return events;
-  }
-  // </GetEventsSnippet>
+  },
+  // </GetCalendarViewSnippet>
+
+  // <CreateEventSnippet>
+  createEvent: async function(accessToken, formData, timeZone) {
+    const client = getAuthenticatedClient(accessToken);
+
+    // Build a Graph event
+    const newEvent = {
+      subject: formData.subject,
+      start: {
+        dateTime: formData.start,
+        timeZone: timeZone
+      },
+      end: {
+        dateTime: formData.end,
+        timeZone: timeZone
+      },
+      body: {
+        contentType: 'text',
+        content: formData.body
+      }
+    };
+
+    // Add attendees if present
+    if (formData.attendees) {
+      newEvent.attendees = [];
+      formData.attendees.forEach(attendee => {
+        newEvent.attendees.push({
+          type: 'required',
+          emailAddress: {
+            address: attendee
+          }
+        });
+      });
+    }
+
+    // POST /me/events
+    await client
+      .api('/me/events')
+      .post(newEvent);
+  },
+  // </CreateEventSnippet>
 };
 
 function getAuthenticatedClient(accessToken) {
@@ -38,4 +90,4 @@ function getAuthenticatedClient(accessToken) {
   });
 
   return client;
-}
+}