No, bash/curl nor Perl fails. The problem was between the keyboard and the chair, as allways.
After an "Oh shit" experience when I found out I had forgotten to define the scope for the token request it still did not work. After some (actually a lot) googling I found that I allso had to ad a resouce in the request. In the process learned about "jq" and came up with the following bash script:
#! /usr/bin/bash
token=`curl \
-d grant_type=client_credentials \
-d client_id=[client_id] \
-d client_secret=[client_secret] \
-d scope=https://graph.microsoft.com/.default \
-d resource=https://graph.microsoft.com \
https://login.microsoftonline.com/[tenant_id]/oauth2/token \
| jq -j .access_token`
curl -X GET \
-H "Authorization: Bearer $token" \
-H "Content-Type: application/json" \
https://graph.microsoft.com/v1.0/groups \
| jq .
This does the job. Gets a token an uses that token to request a listing of groups.
Getting that I could use the curl2lwp site and came up with the following Perl script
#! /usr/bin/perl -W
use strict;
use Data::Dumper;
use JSON;
use Config::Simple;
use FindBin;
#use lib "$FindBin::Bin/../lib";
use LWP::UserAgent;
my %config;
Config::Simple->import_from("$FindBin::Bin/groups.cfg",\%config) or di
+e("No config: $!");
my $ua = LWP::UserAgent->new(
'send_te' => '0',
);
sub login_app { # {{{1
my $url = "$config{'LOGIN_ENDPOINT'}/$config{'TENANT_ID'}/oauth2/t
+oken";
my $r = HTTP::Request->new(
'POST' => $url,
[
'Accept' => '*/*',
'User-Agent' => 'curl/7.55.1',
'Content-Type' => 'application/x-www-form-urlenc
+oded'
],
"grant_type=client_credentials&client_id=$config{'APP_ID'}
+&client_secret=$config{'APP_PASS'}&scope=$config{'GRAPH_ENDPOINT'}/.d
+efault&resource=$config{'GRAPH_ENDPOINT'}"
);
my $result = $ua->request($r);
if ($result->is_success){
return decode_json($result->decoded_content)
}else{
print Dumper $result;
die $result->status_line;
}
}# }}}
sub fetch { # {{{1
my $token = shift;
my $url = shift;
my $r = HTTP::Request->new(
'GET' => $url,
[
'Accept' => '*/*',
'Authorization' => "Bearer $token",
'User-Agent' => 'curl/7.55.1',
'Content-Type' => 'application/json'
],
);
my $result = $ua->request($r);
if ($result->is_success){
return decode_json($result->decoded_content)
}else{
print Dumper $result;
die $result->status_line;
}
}# }}}
my $token_request = login_app();
print Dumper $token_request;
if ($$token_request{'access_token'}){
my $url = "$config{'GRAPH_ENDPOINT'}/v1.0/groups";
my $groups = fetch($$token_request{'access_token'}, $url);
print Dumper $groups;
}
I think the data line in the request is kinda ugly. There is problably a better/neater way of doing that. But I'm satisfied for now
Thanks all for the help, appreciate it a lot!