The_Dj has asked for the wisdom of the Perl Monks concerning the following question:
Greetings Monks!
Does anyone have any experience in getting Perl to talk to EWS using ADFS authentication?
My company's Microsoft exchange tech people are friendly but API programming is well beyond their expertise.
We are migrating from Exchange server to Office365 and I need to migrate my automated mail-based systems. (send and receive)
Thanks, all.
Re: ADFS and EWS
by perlfan (Vicar) on Jul 10, 2020 at 10:46 UTC
|
The seige of alphabet soup confusion levied against tech people by microshaft never ceases to amaze me. don't know how you can work in this space and not walk away with brain damage. It's almost like the do it on purpose. <_<
It appears just from wading in this garbage for 5 minutes to me that you establish an oauth2 token via ADSF, then use that to connect to EWS. I assume you need to have exchange configured against ADFS already.
- https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/authentication-and-ews-in-exchange
- https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/development/ad-fs-openid-connect-oauth-concepts
- https://aws.amazon.com/blogs/mobile/building-adfs-federation-for-your-web-app-using-amazon-cognito-user-pools/
So it looks to me like a combination of various things that Perl supports via CPAN:
- Oauth2 (a valid token provided by ADFS being ultimately what allows you to access exchange)
- XML
- SAML
- Active Directory/LDAP
Good luck, idk how you put up with this unnecessary and never ending complication of permutations. | [reply] |
|
don't know how you can work in this space and not walk away with brain damage.
Who said I didn't?
Anyways; Yes. Something like that.
But some bits are controlled by corporate, in another country (and another language, probably)
I was hoping Email::Folder::Exchange::EWS would shortcut all the other alphabet-soup stuff, but it just gets 401 :'(
I'll check those links.
Thanks.
| [reply] |
|
| [reply] |
|
What you're missing now is the Authentication step. Once you clear security, that package should eliminate most of the soup.
| [reply] |
|