Hello,
Perhaps this can assist:
class MicrosoftView(APIView):
permission_classes = ()
def post(self, request):
headers = {"Authorization": "Bearer " + request.data.get('token')}
r = requests.get('https://graph.microsoft.com/v1.0/me/', headers=headers)
data = json.loads(r.text)
print(data)
if 'error' in data:
content = {'message': 'Wrong Microsoft token / This Microsoft token is already expired.'}
return Response(content, status.HTTP_401_UNAUTHORIZED)
try:
user = models.CustomUser.objects.get(email=data['userPrincipalName'])
except models.CustomUser.DoesNotExist:
content = {'message': 'Your account doesn\'t exist'}
return Response(content, status.HTTP_403_FORBIDDEN)
token = RefreshToken.for_user(user) # Generate token without username & password
response = {
'username': user.username,
'access_token': str(token.access_token),
'refresh_token': str(token)
}
return Response(response)
Cited from https://www.reddit.com/r/django/comments/jixp7a/django_rest_framework_api_authentication_with/
If this is helpful please accept as answer or upvote.
Best regards,
Dillon Silzer, Director | Cloudaen.com | Cloudaen Computing Solutions