Refactor PoC of supporting Microsoft Graph API email sending to gem
In #369976 (closed), we created PoC script allows delivery of emails using Microsoft Graph API with OAuth 2.0 client credentials flow.
In the scope of this issue we want to create gem microsoft_graph_mailer
, based on the script. We are not going to publish this gem on https://rubygems.org/ for now. We are going to create this gem as a GitLab-created gem and put it into vendor/gems
folder.
That gem should also implement integration with ActionMailer. It should allow configuring the GitLab app in the following way:
ActionMailer::Base.delivery_method = :microsoft_graph
ActionMailer::Base.microsoft_graph_settings = {
user_id: "YOUR-USER-ID",
tenant: "YOUR-TENANT-ID",
client_id: "YOUR-CLIENT-ID",
client_secret: "YOUR-CLIENT-SECRET-ID"
# Defaults to "https://login.microsoftonline.com".
azure_ad_endpoint: "https://login.microsoftonline.us",
# Defaults to "https://graph.microsoft.com".
graph_endpoint: "https://graph.microsoft.us"
}
Example to follow how to create gem in vendor/gems
!57805 (merged).
Microsoft Graph configuration
To use the Microsoft Graph API to send mails, you will need to create an application in the Azure Active Directory. See the Microsoft instructions for more details:
- Sign in to the Azure portal.
- Search for and select
Azure Active Directory
. - Under
Manage
, selectApp registrations
>New registration
. - Enter a
Name
for your application, such asMicrosoftGraphMailer
. Users of your app might see this name, and you can change it later. - If
Supported account types
is listed, select the appropriate option. - Leave
Redirect URI
blank. This is not needed. - Select
Register
. - Under
Manage
, selectCertificates & secrets
. - Under
Client secrets
, selectNew client secret
, and enter a name. - Under
Expires
, selectNever
, unless you plan on updating the credentials every time it expires. - Select
Add
. Record the secret value in a safe location for use in a later step. - Under
Manage
, selectAPI Permissions
>Add a permission
. SelectMicrosoft Graph
. - Select
Application permissions
. - Under the
Mail
node, selectMail.Send
. Then select Add permissions. - If
User.Read
is listed in the permission list, you can delete this. - Click
Grant admin consent
for these permissions.
-
user_id
- The unique identifier for the user. To use Microsoft Graph on behalf of the user. -
tenant
- The directory tenant the application plans to operate against, in GUID or domain-name format. -
client_id
- The application ID that's assigned to your app. You can find this information in the portal where you registered your app. -
client_secret
- The client secret that you generated for your app in the app registration portal.
GitLab configuration
Related to #365524 (closed)