Merge pull request #411 from microsoftgraph/jasonjoh/sdkv6

Updated Graph SDK to v6

Author: jasonjoh

.vscode/settings.json

@@ -27,6 +27,7 @@
     "apponly",
     "autoconfigure",
     "Configurer",
+    "Deserializers",
     "genkey",
     "graphwebhook",
     "HMACSHA",

graphwebhook/pom.xml

@@ -56,7 +56,7 @@
 		<dependency>
 			<groupId>com.microsoft.graph</groupId>
 			<artifactId>microsoft-graph</artifactId>
-			<version>5.80.0</version>
+			<version>6.13.0</version>
 		</dependency>
 
 		<dependency>
@@ -96,6 +96,18 @@
 			<artifactId>bcpkix-jdk14</artifactId>
 			<version>1.78.1</version>
 		</dependency>
+
+		<dependency>
+			<groupId>commons-codec</groupId>
+			<artifactId>commons-codec</artifactId>
+			<version>1.17.0</version>
+		</dependency>
+
+		<dependency>
+			<groupId>com.google.code.gson</groupId>
+			<artifactId>gson</artifactId>
+			<version>2.11.0</version>
+		</dependency>
 	</dependencies>
 
 	<build>

graphwebhook/src/main/java/com/example/graphwebhook/CertificateStoreService.java

@@ -17,7 +17,7 @@
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 
-import org.apache.tomcat.util.codec.binary.Base64;
+import org.apache.commons.codec.binary.Base64;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

graphwebhook/src/main/java/com/example/graphwebhook/GraphClientHelper.java

@@ -3,14 +3,10 @@
 
 package com.example.graphwebhook;
 
-import com.microsoft.graph.logger.DefaultLogger;
-import com.microsoft.graph.logger.LoggerLevel;
-import com.microsoft.graph.requests.GraphServiceClient;
+import com.microsoft.graph.serviceclient.GraphServiceClient;
 import org.springframework.lang.NonNull;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 
-import okhttp3.Request;
-
 public class GraphClientHelper {
 
     /**
@@ -25,14 +21,10 @@ private GraphClientHelper() {
      * @param oauthClient the authorized OAuth2 client to authenticate Graph requests with
      * @return A Graph client object that uses the provided OAuth2 client for access tokens
      */
-    public static GraphServiceClient<Request> getGraphClient(
+    public static GraphServiceClient getGraphClient(
             @NonNull final OAuth2AuthorizedClient oauthClient) {
         final var authProvider = new SpringOAuth2AuthProvider(oauthClient);
 
-        final var logger = new DefaultLogger();
-        logger.setLoggingLevel(LoggerLevel.ERROR);
-
-        return GraphServiceClient.builder().authenticationProvider(authProvider).logger(logger)
-                .buildClient();
+        return new GraphServiceClient(authProvider);
     }
 }

graphwebhook/src/main/java/com/example/graphwebhook/ListenController.java

@@ -3,21 +3,24 @@
 
 package com.example.graphwebhook;
 
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.List;
 import java.util.Objects;
-import java.util.concurrent.CompletableFuture;
-import javax.annotation.Nonnull;
 import com.corundumstudio.socketio.AckRequest;
 import com.corundumstudio.socketio.SocketIOClient;
 import com.corundumstudio.socketio.SocketIONamespace;
 import com.corundumstudio.socketio.SocketIOServer;
 import com.corundumstudio.socketio.listener.DataListener;
-import com.microsoft.graph.logger.DefaultLogger;
-import com.microsoft.graph.models.ChangeNotification;
-import com.microsoft.graph.models.ChangeNotificationCollection;
+import com.example.graphwebhook.notifications.ChangeNotification;
+import com.example.graphwebhook.notifications.ChangeNotificationCollection;
+import com.example.graphwebhook.notifications.ChangeNotificationEncryptedContent;
 import com.microsoft.graph.models.ChatMessage;
 import com.microsoft.graph.models.Message;
-import com.microsoft.graph.serializer.DefaultSerializer;
-
+import com.microsoft.kiota.HttpMethod;
+import com.microsoft.kiota.RequestInformation;
+import com.microsoft.kiota.serialization.KiotaJsonSerialization;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -97,50 +100,54 @@ public ResponseEntity<String> handleValidation(
      * @return A 202 Accepted response
      */
     @PostMapping("/listen")
-    public CompletableFuture<ResponseEntity<String>> handleNotification(
-            @RequestBody @Nonnull final String jsonPayload) {
-        // Deserialize the JSON body into a ChangeNotificationCollection
-        final var serializer = new DefaultSerializer(new DefaultLogger());
-        final var notifications =
-                serializer.deserializeObject(jsonPayload, ChangeNotificationCollection.class);
-
-        if (notifications == null) {
-            return CompletableFuture.completedFuture(ResponseEntity.accepted().body(""));
-        }
+    public ResponseEntity<String> handleNotification(
+            @RequestBody @NonNull final String jsonPayload) {
+        try {
+            // Deserialize the JSON body into a ChangeNotificationCollection
+            final ChangeNotificationCollection notifications =
+                    KiotaJsonSerialization.deserialize(jsonPayload,
+                        ChangeNotificationCollection::createFromDiscriminatorValue);
+
+            if (notifications == null) {
+                return ResponseEntity.accepted().body("");
+            }
 
-        // Check for validation tokens
-        boolean areTokensValid = true;
-        if (notifications.validationTokens != null
-                && !Objects.requireNonNull(notifications.validationTokens).isEmpty()) {
-            areTokensValid = TokenHelper.areValidationTokensValid(new String[] {clientId},
-                    new String[] {tenantId}, Objects.requireNonNull(notifications.validationTokens),
-                    Objects.requireNonNull(keyDiscoveryUrl));
-        }
+            // Check for validation tokens
+            boolean areTokensValid = true;
+            final List<String> validationTokens = notifications.getValidationTokens();
+            if (validationTokens != null && validationTokens.isEmpty()) {
+                areTokensValid = TokenHelper.areValidationTokensValid(new String[] {clientId},
+                        new String[] {tenantId}, Objects.requireNonNull(validationTokens),
+                        Objects.requireNonNull(keyDiscoveryUrl));
+            }
 
-        if (areTokensValid) {
-            for (ChangeNotification notification : Objects.requireNonNull(notifications.value)) {
-                // Look up subscription in store
-                var subscription = subscriptionStore.getSubscription(
-                        Objects.requireNonNull(notification.subscriptionId).toString());
-
-                // Only process if we know about this subscription AND
-                // the client state in the notification matches
-                if (subscription != null
-                        && subscription.clientState.equals(notification.clientState)) {
-                    if (notification.encryptedContent == null) {
-                        // No encrypted content, this is a new message notification
-                        // without resource data
-                        processNewMessageNotification(notification, subscription);
-                    } else {
-                        // With encrypted content, this is a new channel message
-                        // notification with encrypted resource data
-                        processNewChannelMessageNotification(notification, subscription);
+            if (areTokensValid) {
+                for (ChangeNotification notification : Objects.requireNonNull(notifications.getValue())) {
+                    // Look up subscription in store
+                    var subscription = subscriptionStore.getSubscription(
+                            Objects.requireNonNull(notification.getSubscriptionId()));
+
+                    // Only process if we know about this subscription AND
+                    // the client state in the notification matches
+                    if (subscription != null
+                            && subscription.clientState.equals(notification.getClientState())) {
+                        if (notification.getEncryptedContent() == null) {
+                            // No encrypted content, this is a new message notification
+                            // without resource data
+                            processNewMessageNotification(notification, subscription);
+                        } else {
+                            // With encrypted content, this is a new channel message
+                            // notification with encrypted resource data
+                            processNewChannelMessageNotification(notification, subscription);
+                        }
                     }
                 }
             }
+        } catch (IOException e) {
+            e.printStackTrace();
         }
 
-        return CompletableFuture.completedFuture(ResponseEntity.accepted().body(""));
+        return ResponseEntity.accepted().body("");
     }
 
 
@@ -164,12 +171,24 @@ private void processNewMessageNotification(@NonNull final ChangeNotification not
         // so use the customRequest method instead of the fluent API
         // Once message has been retrieved, send the information via SocketIO
         // to subscribed clients
-        graphClient.customRequest("/" + notification.resource, Message.class).buildRequest()
-                .getAsync().thenAccept(message -> {
-                    if (message != null)
-                        socketIONamespace.getRoomOperations(subscription.subscriptionId).sendEvent(
-                                "notificationReceived", new NewMessageNotification(message));
-                });
+
+        final RequestInformation request = new RequestInformation();
+        request.httpMethod = HttpMethod.GET;
+        URI messageUri;
+        try {
+            messageUri = new URI(
+                graphClient.getRequestAdapter().getBaseUrl() + "/" + notification.getResource());
+        } catch (URISyntaxException e) {
+            e.printStackTrace();
+            return;
+        }
+
+        request.setUri(messageUri);
+        final Message message = graphClient.getRequestAdapter().send(request, null,
+                Message::createFromDiscriminatorValue);
+        if (message != null)
+            socketIONamespace.getRoomOperations(subscription.subscriptionId)
+                    .sendEvent("notificationReceived", new NewMessageNotification(message));
     }
 
 
@@ -183,24 +202,30 @@ private void processNewChannelMessageNotification(
             @NonNull final ChangeNotification notification,
             @NonNull final SubscriptionRecord subscription) {
         // Decrypt the encrypted key from the notification
+        final ChangeNotificationEncryptedContent encryptedContent =
+                Objects.requireNonNull(notification.getEncryptedContent());
         final var decryptedKey = Objects.requireNonNull(certificateStore
-                .getEncryptionKey(Objects.requireNonNull(notification.encryptedContent).dataKey));
+                .getEncryptionKey(encryptedContent.getDataKey()));
 
         // Validate the signature
+        final String data = encryptedContent.getData();
         if (certificateStore.isDataSignatureValid(decryptedKey,
-                Objects.requireNonNull(notification.encryptedContent).data,
-                Objects.requireNonNull(notification.encryptedContent).dataSignature)) {
+                data,
+                encryptedContent.getDataSignature())) {
             // Decrypt the data using the decrypted key
-            final var decryptedData = certificateStore.getDecryptedData(decryptedKey,
-                    Objects.requireNonNull(notification.encryptedContent).data);
+            final var decryptedData = certificateStore.getDecryptedData(decryptedKey, data);
 
             // Deserialize the decrypted JSON into a ChatMessage
-            final var serializer = new DefaultSerializer(new DefaultLogger());
-            final var chatMessage = Objects.requireNonNull(serializer
-                    .deserializeObject(Utilities.ensureNonNull(decryptedData), ChatMessage.class));
-            // Send the information to subscribed clients
-            socketIONamespace.getRoomOperations(subscription.subscriptionId)
+            ChatMessage chatMessage;
+            try {
+                chatMessage = KiotaJsonSerialization.deserialize(decryptedData,
+                        ChatMessage::createFromDiscriminatorValue);
+                // Send the information to subscribed clients
+                socketIONamespace.getRoomOperations(subscription.subscriptionId)
                     .sendEvent("notificationReceived", new NewChatMessageNotification(chatMessage));
+            } catch (IOException e) {
+                e.printStackTrace();
+            }
         }
     }
 }

graphwebhook/src/main/java/com/example/graphwebhook/NewChatMessageNotification.java

@@ -24,7 +24,7 @@ public class NewChatMessageNotification {
     public final String body;
 
     public NewChatMessageNotification(@NonNull ChatMessage message) {
-        sender = Objects.requireNonNull(Objects.requireNonNull(message.from).user).displayName;
-        body = Objects.requireNonNull(message.body).content;
+        sender = Objects.requireNonNull(Objects.requireNonNull(message.getFrom()).getUser()).getDisplayName();
+        body = Objects.requireNonNull(message.getBody()).getContent();
     }
 }

graphwebhook/src/main/java/com/example/graphwebhook/NewMessageNotification.java

@@ -25,7 +25,7 @@ public class NewMessageNotification {
 
     public NewMessageNotification(@NonNull Message message) {
         Objects.requireNonNull(message);
-        subject = message.subject;
-        id = message.id;
+        subject = message.getSubject();
+        id = message.getId();
     }
 }

graphwebhook/src/main/java/com/example/graphwebhook/SecurityConfig.java

@@ -20,6 +20,7 @@ public class SecurityConfig {
     @Value("${app.protect.authenticated}")
     private String[] protectedRoutes;
 
+    @SuppressWarnings("removal")
     @Bean
     SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http.securityContext(context -> context.requireExplicitSave(false))

graphwebhook/src/main/java/com/example/graphwebhook/SpringOAuth2AuthProvider.java

@@ -3,19 +3,19 @@
 
 package com.example.graphwebhook;
 
-import java.net.URL;
+import java.net.URISyntaxException;
+import java.util.Map;
 import java.util.Objects;
-import java.util.concurrent.CompletableFuture;
-import javax.annotation.Nonnull;
-import com.microsoft.graph.authentication.IAuthenticationProvider;
+import com.microsoft.kiota.RequestInformation;
+import com.microsoft.kiota.authentication.AuthenticationProvider;
 import org.springframework.lang.NonNull;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 
 /**
  * An implementation of IAuthenticationProvider that uses Spring's OAuth2AuthorizedClient to get
  * access tokens
  */
-public class SpringOAuth2AuthProvider implements IAuthenticationProvider {
+public class SpringOAuth2AuthProvider implements AuthenticationProvider {
 
     private OAuth2AuthorizedClient oauthClient;
 
@@ -24,9 +24,16 @@ public SpringOAuth2AuthProvider(@NonNull OAuth2AuthorizedClient oauthClient) {
     }
 
     @Override
-    @Nonnull
-    public CompletableFuture<String> getAuthorizationTokenAsync(@Nonnull URL requestUrl) {
-        return Utilities.ensureNonNull(
-                CompletableFuture.completedFuture(oauthClient.getAccessToken().getTokenValue()));
+    public void authenticateRequest(RequestInformation request,
+            Map<String, Object> additionalAuthenticationContext) {
+
+        try {
+            if (request.getUri().getHost().equalsIgnoreCase("graph.microsoft.com")) {
+                final String accessToken = oauthClient.getAccessToken().getTokenValue();
+                request.headers.add("Authorization", "Bearer " + accessToken);
+            }
+        } catch (IllegalStateException | URISyntaxException e) {
+            e.printStackTrace();
+        }
     }
 }

graphwebhook/src/main/java/com/example/graphwebhook/SubscriptionStoreService.java

@@ -31,9 +31,9 @@ public class SubscriptionStoreService {
      */
     public void addSubscription(@NonNull @Nonnull final Subscription subscription,
             @NonNull final String userId) {
-        var newRecord = new SubscriptionRecord(subscription.id, Objects.requireNonNull(userId),
-                Objects.requireNonNull(subscription.clientState));
-        subscriptions.put(subscription.id, newRecord);
+        var newRecord = new SubscriptionRecord(subscription.getId(), Objects.requireNonNull(userId),
+                Objects.requireNonNull(subscription.getClientState()));
+        subscriptions.put(subscription.getId(), newRecord);
     }