Chilkat Classic ASP Online Tools

Classic ASP to Obtain Microsoft Graph OAuth2 Access Token

This tool demonstrates how to get a Microsoft Graph OAuth2 access token using three-legged OAuth2 in a Classic ASP application. This is also known as the "authorization code grant flow". This is when your Classic ASP app acts on the behalf of a third-party user, your app must obtain the user's permission before it can make requests that access and update that third-party's confidential resources. A User access token carries a third-party's authorization to access specific resources, and this type of token is obtained through the authorization code grant flow.

* See the corresponding app registration we've defined in the Microsoft App Registration Portal: App Registration Sample PDF

The Classic ASP Source Code for this Page

<%@ Language=VBScript %>
<!DOCTYPE html>
<html lang="en">
    <head>
        <title>Classic ASP OAuth2 Example</title>
        <link rel="apple-touch-icon" sizes="76x76" href="/apple-touch-icon.png">
        <link rel="icon" type="image/png" href="/favicon-32x32.png" sizes="32x32">
        <link rel="icon" type="image/png" href="/favicon-16x16.png" sizes="16x16">

        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
    </head>

    <body>
        <!--#include file="header.shtml" -->
        <div>

<%
    access_token = ""
    state = Request.QueryString("state")

    ' Check to see if this is our redirect containing the access token.
    if state <> "" then

        ' Make sure this is the redirect for our session.
        if state <> Session("oauth2_state") then
            access_token = "invalid_state"
        elseif Request.QueryString("code") <> "" then
            access_token = Request.QueryString("code")
        end if
    end if


    set req = Server.CreateObject("Chilkat_9_5_0.HttpRequest")
    call req.AddParam("client_id", "df815654-02dc-48d0-a066-4871e9dff16c")
    ' Redirect to any ASP page desired.  This example will redirect to this same ASP page..
    call req.AddParam("redirect_uri", "https://tools.chilkat.io/msgraph_oauth2.asp")
    call req.AddParam("response_type", "code")
    call req.AddParam("scope", "openid profile offline_access user.read")
    ' Replace this with random data..
    stateData = "12345678" 
    call req.AddParam("state", stateData)
    Session("oauth2_state") = stateData

    auth_url = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?" + req.GetUrlEncodedParams()

%>

<div class="container">
    <h2>Classic ASP to Obtain Microsoft Graph OAuth2 Access Token</h2>
    <p>
        This tool demonstrates how to get a Microsoft Graph OAuth2 access token using
        three-legged OAuth2 in a Classic ASP application.  This is also known as the "authorization code grant flow".
        This is when your Classic ASP app acts on the behalf of a third-party user, your app must obtain the user's permission
        before it can make requests that access and update that third-party's confidential resources. A User access token carries
        a third-party's authorization to access specific resources, and this type of token is obtained through the authorization code grant flow.
    </p>
    <h4>* See the corresponding app registration we've defined in the Microsoft App Registration Portal:  <a href="ms_app_registration.pdf">App Registration Sample PDF</a></h4>
    <div class="panel panel-default">
        <div class="panel-body">
            <a href="<%=auth_url %>" class="btn btn-primary" role="button">Begin OAuth2</a>
        </div>
    </div>
    <div class="panel panel-default">
          <%
            if access_token <> "" then
                Response.Write("<p><b></b>Microsoft Graph access token:</b>" & access_token & "</p>")
            end if
            if state <> "" then
                Response.Write("<p>state: " & state & "</p>")
            end if
        %>
    </div>
    
    <div class="panel panel-default">
        <h2>The Classic ASP Source Code for this Page</h2>
        <pre><%
    		set fac = Server.CreateObject("Chilkat_9_5_0.FileAccess")
            path = Server.MapPath("msgraph_oauth2.asp")
            src = fac.ReadEntireTextFile(path,"utf-8")
            Response.Write(Server.HTMLEncode(src))
        %>
        </pre>
    </div>

</div>

        </div>
        <!--#include file="footer.shtml" -->
    </body>
</html>