Python application based on Git Actions that use Microsoft Graph API. This guide will provide you with easy-to-understand steps for setting up and running the application.
- Original version address: github.com/HarryVed/Microsoft-Developer-Subscription-Renew-Free
- A GitHub account
- An existing or new Microsoft Developer E5 account
- Register a new application in Azure Active Directory.
- Go to https://entra.microsoft.com/
- Applications > App reginstrations > New registration
- Select "Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant)"
- Select "Web" for the redirect URL, and enter "http://localhost:53682/" for the redirect URL.
- Save Application ID
- Go to Certificates & Secrets > New
- Save the Secret value.
- Set API permissions. (may not be required)
- Go to API Permissions > NEW
- Select Microsoft graph > Application permissions
- Select the following permissions:
files.read.all,files.readwrite.all,sites.read.all,sites.readwrite.all,user.read.all,user.readwrite.all,directory.read.all,directory.readwrite.all,mail.read,mail.readwrite,mailboxsetting.read, andmailboxsetting.readwrite. - "Grant admin consect for MSFT" for all 13 selected permissions.
- install rclone in your system. It is required to get refresh token (one time only)
- Execute the command
rclone authorize "onedrive" "id" "secret".- id is the Application ID you get it from previous steps
- secret is the Application secret you get it from previous steps
- Execute, When browser window opens and MS login page shows, edit the URL's
scopequery part and replace its value withMail.Read+Mail.ReadWrite+MailboxSettings.Read+MailboxSettings.ReadWrite+Directory.Read.All+Directory.ReadWrite.All+Files.Read.All+Files.ReadWrite.All+Sites.Read.All+Sites.ReadWrite.All+User.Read+User.Read.All+User.ReadWrite.All+offline_access - Press Enter, Select admin account.
- on success, go to the prompt and save the
refresh_tokenvalues from JSON output.
- Keep Application ID, Secret, Refresh_token handly you will need it in the next step
- Go to the project settings and from the left hand side menu select Secrets and Variables > Actions
- Click New repository secrets. and create three variables and set the value as given below
- Name:
CONFIG_APPIDvalue is App ID - Name:
CONFIG_SECRETvalue is App secret - Name:
REFRESH_TOKENvalue is Refresh token
- Name:
- Goto the project setting again and choose Actions menu and scroll down until you see Workflow permissions click Read and write permission option
- Go to your personal settings page on GitHub, select Developer settings > Personal access tokens > Generate new token. (NOT NEEDED ANYMORE)
- Set the name to
GITHUB_TOKEN. - Check the options
repo,admin:repo_hook, andworkflow. - Generate the token.
- Set the name to
- Go to your personal settings page on GitHub, select Developer settings > Personal access tokens > Generate new token.
- Check the options
public_repo. - Generate the token.
- Copy the token.
- Now create a new repository action secret
- Set the name to
GH_PA_TOKEN, and fill the value with personal access token value.
- Check the options
- Run the action Workflow
- Click on the Actions tab above to see the log of each run and check if the API is called correctly and if there are any errors.
- The default setting is to run three rounds every four hours. You can modify your own crontab to change the frequency and time.
- If you need to modify the API calls, you can check the Graph Explorer at https://developer.microsoft.com/graph/graph-explorer/.