Blog

How to Revoke the Consent for an Office 365 app

To use data from Office 365 Services, like Azure AD, OneDrive, Outlook etc., you can use a single API-endpoint called Microsoft Graph. Everything to get started with the Microsoft Graph is available at the portal under http://graph.microsoft.io.

The steps to build an app are:

  1. Register your app under https://apps.dev.microsoft.com
  2. Add authentication to your app using OpenID Connect / OAuth2
  3. Use the Microsoft Graph
    • either directly via HttpClient and REST
    • or via SDK for your platform

The portal mentioned in the first point assumes that you want to use the Azure AD v2.0-endpoint that sits under this URL:  https://login.microsoftonline.com/common/oauth2/v2.0/authorize. The Azure AD v2.0-endpoint supports not only business & school accounts, it also supports personal Microsoft accounts (former Windows Live accounts).

The best way to get started with app development and Microsoft Graph integration is by looking at the samples from the Microsoft Graph team under https://github.com/microsoftgraph.

After you’ve build an app using the Microsoft Graph and the Azure AD v2.0-endpoint, you’ll notice that the user is redirected to https://login.microsoftonline.com for the authentication/authorization. First he needs to enter username/password and in a second step he needs to consent to the authorization of the application, or for sure he can also cancel. In a UWP-application the two steps happen in a popup. For the second step the popup looks like below:

Office365_MicrosoftGraph_AzureAD_ConsentForAnApp

As you can see, the app ThomasSampleApp (that’s the name I’ve used for the app-registration on https://apps.dev.microsoft.com) wants to view your basic profile, it wants to sign in as you, send emails as you etc. When you’ve accepted this, the app can access the Microsoft Graph to do all that stuff.

Now when you restart the app again, you just have to enter the username/password in the first step, but the second step – asking to consent the authorization of the app like in the picture above – never pops up again. That means that the consent is stored. But where is it stored?

I’ve researched a bit, and then I came across this blog-post: MSDN Blog about consent for apps using office 365 apis. At the bottom it has a section “How end users can revoke consent”. Exactly what I need.

To revoke the consent to the apps authorization, we need to differentiate between Web and native applications.

Let’s start with the native apps:

Native applications like my UWP-app are storing the consent as part of the Refresh Token. This means I need to uninstall the app. When I install the app again, the consent is no more there. If I’m using the app again, it works like for the very first time: In the first step I’m asked to enter my username/password and in the second step I’m asked to consent to the apps authorization.

Now how does it work with web apps?

I just quote from the blog-post mentioned above: “For web server apps, the user can sign on with their organizational account and go to http://myapps.microsoft.com. From there, they can see the applications that they have consented to and they can revoke access.”

So that’s it.

Have fun and happy coding,
Thomas

When the 8GB micro SD card just comes up with a small size: In my case with 63.7 MB

Today I wanted to put some music for my kids on a micro SD card. I hadn’t a free one, so I took one out of my Raspberry PIs 3 that are running Windows IoT.

After I put the card into my computer I noticed that it had a size of just 63.7 MB. But the sticker on the card said 8GB. So what was the problem here? I thought

Sure, there must be a partition of that size of 63.7 MB. And that partition has been used for Windows IoT

I formatted the SD card with Windows, but this did not change the size. So finally I ended up using the diskpart-utility.

If you’re running Windows, just open up a new command prompt and type in “diskpart”.

This opens up a new window with the diskpart command line utility. Here’s what I did to get the full size of the SD-card back again:

diskpart

First I listed the disks. There you see the 7580MB sized disk, which has 214MB free. That is my sd card. I selected that disk with “select disk 1”. Then I just called “clean”. When the disks are listed again after that “clean”-call, you can see that the sd card has now 7579MB free. Now all I needed to do was to create a new primary partition, and then the full storage of my sd card was again available.

BASTA! 2016: Sessions and Slides

Thanks to all of you who attended one or more of my three sessions at the BASTA! Conference about

  • Integrating Office 365 Data into your app by using Microsoft Graph
  • Building Apps with the Universal Windows Platform
  • Input Validation in WPF with INotifyDataErrorInfo and DataAnnotations

Slides and demos are linked to the talks on www.thomasclaudiushuber.com/talks

It was another fantastic BASTA! conference: Great people, great sessions, well organized and a lot of fun. Looking forward to see you at the next BASTA!

UWP: The Master-Detail-Problem with the events SelectionChanged & LostFocus and How to Fix it

While creating apps with the Universal Windows Platform (UWP) I noticed a weird behavior, but I’m not sure if it’s a bug. Let’s just call it the “Master-Detail-Problem”.

To explain it, I stripped  down my code to the XAML-snippet below. No code-behind needed. (more…)

Developer Week 2016 – it was great

Last week I was at the developer week conference in Germany / Nürnberg. It was a great conference with fantastic people and great sessions.

I gave two talks:

  • S.O.L.I.D.-principles for C# Developers
  • Test Driven Development and MVVM: How to write testable ViewModels

(more…)

Calling the Azure Event Hub REST-API – from UWP, WPF and any other .NET (Core) Client

To push events into Azure Event Hub you can use the Nuget-package WindowsAzure.ServiceBus (https://www.nuget.org/packages/WindowsAzure.ServiceBus/). That package works pretty straight forward, but there’s one problem:

(more…)