Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up behavior tests for OneDrive #5653

Open
erickguan opened this issue Feb 23, 2025 · 0 comments
Open

Set up behavior tests for OneDrive #5653

erickguan opened this issue Feb 23, 2025 · 0 comments

Comments

@erickguan
Copy link
Contributor

Hey, based on the review comment #5632, I add this issue for setting up behavior tests for OneDrive in the CI.

This requires a bit admin work, mainly with Microsoft Entra ID.

I investigated how-to but didn't go through the entire process. Some understanding comes from my prior experience, too. And the process can be a bit complicated.

To start, we go for the app-only access. These steps should be:

  1. Register a dev Microsoft account.

  2. Navigate to Microsoft Entra admin center and login. Then we create an application for OpenDAL in CI to access the dev account files.

  3. Go to Applications - App registrations

  4. Enroll in the M365 Developer Program or sign up for Azure with the dev account from 1.

  5. Register an application

    • Supported account types: "Accounts in any organizational directory and personal Microsoft accounts". This type should work for the CI purpose.

  6. Obtain Application (client) ID and client secrets.

  7. Configure Platform Settings, desktop application type should work. If not, we can revise.

  8. Now OAuth 2.0 flow. Read here.

  9. Now configure permissions for Microsoft Graph, go to the application's API permissions page

  10. Add a permission, select "Files.ReadWrite".

  11. Go to Microsoft Entra admin center and find the application (in "Applications").

  12. You should be able to find admin consent with a few clicks and navigations.

  13. Validate if you can get a token:

    // Line breaks are for legibility only.

    POST https://login.microsoftonline.com/common/oauth2/v2.0/token HTTP/1.1
    Host: login.microsoftonline.com
    Content-Type: application/x-www-form-urlencoded

    client_id=535fb089-9ff3-47b6-9bfb-4f1264799865
    &scope=https%3A%2F%2Fgraph.microsoft.com%2F.default
    &client_secret=qWgdYA....L1qKv5bPX
    &grant_type=client_credentials

  14. Store credentials to 1Password.

The workflow should be somewhat straightforward:

name: onedrive
description: 'Behavior test for OneDrive'

runs:
  using: "composite"
  steps:
    - name: Setup
      uses: 1password/load-secrets-action@v1
      with:
        export-env: true
      env:
        OPENDAL_ONEDRIVE_ROOT: op://services/onedrive/root
        OPENDAL_ONEDRIVE_CLIENT_ID: op://services/onedrive/client_id
        OPENDAL_ONEDRIVE_CLIENT_SECRET: op://services/onedrive/client_secret

    - name: Get OneDrive access token
      run: |
        TOKEN=$(curl --location --request POST 'https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token' \
          --header 'Content-Type: application/x-www-form-urlencoded' \
          --data-urlencode 'client_id=535fb089-9ff3-47b6-9bfb-4f1264799865' \
          --data-urlencode 'scope=https://graph.microsoft.com/.default' \
          --data-urlencode 'client_secret=qWgdYA....L1qKv5bPX' \
          --data-urlencode 'grant_type=client_credentials' | jq ".access_token")

        echo "OPENDAL_ONEDRIVE_ACCESS_TOKEN=$TOKEN" >> "$GITHUB_ENV"

Open question

What about supporting the auth and refresh token for OneDrive service?

IMO, this can wait as the access token is enough to test. Authentication, once set up, is trivial.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@erickguan