Sample code for 30+ languages & platforms
Ruby

SharePoint Rest API using OAuth

See more OAuth2 Examples

Demonstrates how to get an OAuth2 access token for the SharePoint REST API.

Chilkat Ruby Downloads

Ruby
require 'chilkat'

success = false

# To further clarify, see OAuth 2.0 Authorization Flow

oauth2 = Chilkat::CkOAuth2.new()

# The ListenPort should match the port in your localhost Reply URL of your Azure AD app.
# Your Reply URL must be exactly "http://localhost:LISTEN_PORT/"
#    * Do not use "https"
#    * Make sure the ending "/" is included.
#    * You may choose any port number that doesn't collide with anything else.
oauth2.put_ListenPort(3017)

oauth2.put_AuthorizationEndpoint("https://login.microsoftonline.com/TENANT_ID/oauth2/authorize")
oauth2.put_TokenEndpoint("https://login.windows.net/TENANT_ID/oauth2/token?api-version=1.0")

# Replace these with actual values.
# Use the application ID
oauth2.put_ClientId("CLIENT_ID")
# Use the password
oauth2.put_ClientSecret("CLIENT_SECRET")

oauth2.put_CodeChallenge(false)

oauth2.put_Scope("openid")
oauth2.put_Resource("https://graph.microsoft.com/")

oauth2.put_IncludeNonce(true)
oauth2.put_ResponseMode("form_post")
oauth2.put_ResponseType("id_token+code")

# Begin the OAuth2 Authorization code flow.  This returns a URL that should be loaded in a browser.
url = oauth2.startAuth()
if (oauth2.get_LastMethodSuccess() == false)
    print oauth2.lastErrorText() + "\n";
    exit
end

print "url = " + url + "\n";

# Launch the default browser on the system and navigate to the url.
# The LaunchBrowser method was added in Chilkat v10.1.2.
success = oauth2.LaunchBrowser(url)
if (success == false)
    print oauth2.lastErrorText() + "\n";
    exit
end

# Wait for the user to approve or deny authorization in the browser.
numMsWaited = 0
while (numMsWaited < 90000) and (oauth2.get_AuthFlowState() < 3)
    oauth2.SleepMs(100)
    numMsWaited = numMsWaited + 100
end

# If the browser does not respond within the specified time, AuthFlowState will be:
# 
# 1: Waiting for Redirect – The OAuth2 background thread is waiting for the browser's redirect request.
# 2: Waiting for Final Response – The thread is awaiting the final access token response.
# In either case, cancel the background task initiated by StartAuth.

if (oauth2.get_AuthFlowState() < 3)
    oauth2.Cancel()
    print "No response from the browser!" + "\n";
    exit
end

# Check AuthFlowState to determine if authorization was granted, denied, or failed:
# 
# 3: Success – OAuth2 flow completed, the background thread exited, and the successful response is in AccessTokenResponse.
# 4: Access Denied – OAuth2 flow completed, the background thread exited, and the error response is in AccessTokenResponse.
# 5: Failure – OAuth2 flow failed before completion, the background thread exited, and error details are in FailureInfo.

if (oauth2.get_AuthFlowState() == 5)
    print "OAuth2 failed to complete." + "\n";
    print oauth2.failureInfo() + "\n";
    exit
end

if (oauth2.get_AuthFlowState() == 4)
    print "OAuth2 authorization was denied." + "\n";
    print oauth2.accessTokenResponse() + "\n";
    exit
end

if (oauth2.get_AuthFlowState() != 3)
    print "Unexpected AuthFlowState:" + oauth2.get_AuthFlowState().to_s() + "\n";
    exit
end

print "OAuth2 authorization granted!" + "\n";
print "Access Token = " + oauth2.accessToken() + "\n";