IRIS Legacy

""" Test script per verificare che i permessi OAuth funzionano Test ULTRA SOFT - solo lettura, niente modifiche! """ import json import requests import os from pathlib import Path # Carica il token TOKEN_PATH = Path("/tmp/iris_oauth_tokens.json") # Credenziali OAuth CLIENT_ID = os.getenv("MICROSOFT_CLIENT_ID", "22ef08fc-5d2c-4bcc-8a64-0b2feb48f946") CLIENT_SECRET = os.getenv("MICROSOFT_CLIENT_SECRET", "<your_microsoft_client_secret>") TENANT_ID = os.getenv("MICROSOFT_TENANT_ID", "e159c0a6-837c-4629-bf29-5ae43de9fb34") def refresh_access_token(refresh_token): """Rinnova l'access token usando il refresh token""" print("🔄 Token scaduto, rinnovo in corso...") token_url = f"https://login.microsoftonline.com/{TENANT_ID}/oauth2/v2.0/token" data = { "client_id": CLIENT_ID, "client_secret": CLIENT_SECRET, "refresh_token": refresh_token, "grant_type": "refresh_token" } response = requests.post(token_url, data=data) if response.status_code == 200: token_data = response.json() print("✅ Token rinnovato con successo!") # Salva il nuovo token if TOKEN_PATH.exists(): with open(TOKEN_PATH, 'r') as f: tokens = json.load(f) else: tokens = {} # Aggiorna il token per l'utente tokens["YYI9910@infocert.it"] = token_data with open(TOKEN_PATH, 'w') as f: json.dump(tokens, f, indent=2) return token_data.get("access_token") else: print(f"❌ Errore nel rinnovo: {response.status_code}") print(response.text) return None def load_token(): """Carica il token dall'archivio e rinnovalo se necessario""" if not TOKEN_PATH.exists(): print("❌ Token non trovato!") return None with open(TOKEN_PATH, 'r') as f: tokens = json.load(f) # Prendi il token per YYI9910@infocert.it token_data = tokens.get("YYI9910@infocert.it") if not token_data: print("❌ Token per YYI9910@infocert.it non trovato!") return None access_token = token_data.get("access_token") refresh_token = token_data.get("refresh_token") # Prova a usare il token, se è scaduto rinnovalo # Test rapido con una chiamata headers = {"Authorization": f"Bearer {access_token}"} response = requests.get("https://graph.microsoft.com/v1.0/me", headers=headers) if response.status_code == 401: # Token scaduto, rinnova if refresh_token: access_token = refresh_access_token(refresh_token) else: print("❌ Nessun refresh token disponibile!") return None return access_token def test_user_profile(access_token): """Test 1: Leggi profilo utente (User.Read)""" print("\n" + "="*60) print("TEST 1: User Profile (User.Read)") print("="*60) headers = { "Authorization": f"Bearer {access_token}", "Content-Type": "application/json" } response = requests.get("https://graph.microsoft.com/v1.0/me", headers=headers) if response.status_code == 200: user = response.json() print(f"✅ SUCCESS!") print(f" Nome: {user.get('displayName')}") print(f" Email: {user.get('mail') or user.get('userPrincipalName')}") print(f" Job Title: {user.get('jobTitle', 'N/A')}") print(f" Office: {user.get('officeLocation', 'N/A')}") return True else: print(f"❌ FAILED: {response.status_code}") print(f" {response.text}") return False def test_calendar_read(access_token): """Test 2: Leggi eventi calendario (Calendars.Read)""" print("\n" + "="*60) print("TEST 2: Calendar Events (Calendars.Read)") print("="*60) headers = { "Authorization": f"Bearer {access_token}", "Content-Type": "application/json" } # Leggi solo i prossimi 3 eventi response = requests.get( "https://graph.microsoft.com/v1.0/me/calendar/events?$top=3&$select=subject,start,end,organizer", headers=headers ) if response.status_code == 200: events = response.json().get('value', []) print(f"✅ SUCCESS! Trovati {len(events)} eventi") for i, event in enumerate(events, 1): print(f"\n Evento {i}:") print(f" - Oggetto: {event.get('subject')}") print(f" - Inizio: {event.get('start', {}).get('dateTime')}") print(f" - Organizzatore: {event.get('organizer', {}).get('emailAddress', {}).get('name', 'N/A')}") return True else: print(f"❌ FAILED: {response.status_code}") print(f" {response.text}") return False def test_mail_read(access_token): """Test 3: Leggi ultime email (Mail.Read)""" print("\n" + "="*60) print("TEST 3: Recent Emails (Mail.Read)") print("="*60) headers = { "Authorization": f"Bearer {access_token}", "Content-Type": "application/json" } # Leggi solo le ultime 3 email response = requests.get( "https://graph.microsoft.com/v1.0/me/messages?$top=3&$select=subject,from,receivedDateTime,isRead", headers=headers ) if response.status_code == 200: messages = response.json().get('value', []) print(f"✅ SUCCESS! Trovati {len(messages)} messaggi") for i, msg in enumerate(messages, 1): print(f"\n Email {i}:") print(f" - Oggetto: {msg.get('subject')}") print(f" - Da: {msg.get('from', {}).get('emailAddress', {}).get('name', 'N/A')}") print(f" - Ricevuta: {msg.get('receivedDateTime')}") print(f" - Letta: {'Sì' if msg.get('isRead') else 'No'}") return True else: print(f"❌ FAILED: {response.status_code}") print(f" {response.text}") return False def test_presence_read(access_token): """Test 4: Leggi stato presenza (Presence.Read)""" print("\n" + "="*60) print("TEST 4: Presence Status (Presence.Read)") print("="*60) headers = { "Authorization": f"Bearer {access_token}", "Content-Type": "application/json" } response = requests.get("https://graph.microsoft.com/v1.0/me/presence", headers=headers) if response.status_code == 200: presence = response.json() print(f"✅ SUCCESS!") print(f" Disponibilità: {presence.get('availability')}") print(f" Attività: {presence.get('activity')}") return True else: print(f"❌ FAILED: {response.status_code}") print(f" {response.text}") return False def test_onedrive_read(access_token): """Test 5: Leggi info OneDrive (Files.Read)""" print("\n" + "="*60) print("TEST 5: OneDrive Info (Files.Read)") print("="*60) headers = { "Authorization": f"Bearer {access_token}", "Content-Type": "application/json" } # Leggi info root OneDrive response = requests.get( "https://graph.microsoft.com/v1.0/me/drive", headers=headers ) if response.status_code == 200: drive = response.json() quota = drive.get('quota', {}) print(f"✅ SUCCESS!") print(f" Totale: {quota.get('total', 0) / (1024**3):.2f} GB") print(f" Usato: {quota.get('used', 0) / (1024**3):.2f} GB") print(f" Libero: {quota.get('remaining', 0) / (1024**3):.2f} GB") return True else: print(f"❌ FAILED: {response.status_code}") print(f" {response.text}") return False def main(): print("🧪 IRIS - Test Permessi OAuth (ULTRA SOFT - SOLO LETTURA)") print("=" * 60) # Carica token access_token = load_token() if not access_token: print("\n❌ Impossibile procedere senza token!") return print("✅ Token caricato con successo!") # Esegui i test results = [] results.append(("User Profile", test_user_profile(access_token))) results.append(("Calendar", test_calendar_read(access_token))) results.append(("Mail", test_mail_read(access_token))) results.append(("Presence", test_presence_read(access_token))) results.append(("OneDrive", test_onedrive_read(access_token))) # Riepilogo finale print("\n" + "="*60) print("RIEPILOGO FINALE") print("="*60) for test_name, result in results: status = "✅ PASS" if result else "❌ FAIL" print(f"{test_name:20s} : {status}") passed = sum(1 for _, result in results if result) total = len(results) print(f"\nRisultato: {passed}/{total} test superati") if passed == total: print("\n🎉 TUTTI I TEST SUPERATI! OAuth funziona perfettamente!") elif passed > 0: print(f"\n⚠️ Alcuni test falliti, ma {passed} funzionano!") else: print("\n❌ Tutti i test falliti, controlla il token!") if __name__ == "__main__": main()