Unable to authenticate using "Rescource Owner Password Credential" method

[soulflyman]

Discussed in #502

^{Originally posted by soulflyman November 4, 2024}
Hi,
I want to use graph-rs-sdk to read and write in ms teams.
But I'm unable to get authenticated using the "Resource Owner Password Credential" (username+password) method.

The error response I got is:

Failed Request: message: "silent token auth failed", response: Response {
    status: 400,
    version: HTTP/1.1,
    headers: {
        "cache-control": "no-store, no-cache",
        "pragma": "no-cache",
        "content-type": "application/json; charset=utf-8",
        "expires": "-1",
        "strict-transport-security": "max-age=31536000; includeSubDomains",
        "x-content-type-options": "nosniff",
        "p3p": "CP=\"DSP CUR OTPi IND OTRi ONL FIN\"",
        "x-ms-request-id": "cea1eec3-455d-4184-9d7e-602376eb1400",
        "x-ms-ests-server": "2.1.19343.4 - WEULR1 ProdSlices",
        "x-ms-srs": "1.P",
        "x-xss-protection": "0",
        "set-cookie": "fpc=ArhsD6XWzV1Fsc6CXZt3Oj0; expires=Wed, 04-Dec-2024 16:14:32 GMT; path=/; secure; HttpOnly; SameSite=None",
        "set-cookie": "x-ms-gateway-slice=estsfd; path=/; secure; httponly",
        "set-cookie": "stsservicecookie=estsfd; path=/; secure; httponly",
        "date": "Mon, 04 Nov 2024 16:14:32 GMT",
        "content-length": "492",
    },
    body: Ok(
        Object {
            "correlation_id": String("96de9466-4e39-4719-9f68-183dfd4ab4db"),
            "error": String("invalid_request"),
            "error_codes": Array [
                Number(900144),
            ],
            "error_description": String("AADSTS900144: The request body must contain the following parameter: 'username'. Trace ID: cea1eec3-455d-4184-9d7e-602376eb1400 Correlation ID: 96de9466-4e39-4719-9f68-183dfd4ab4db Timestamp: 2024-11-04 16:14:32Z"),        
            "error_uri": String("https://login.microsoftonline.com/error?code=900144"),
            "timestamp": String("2024-11-04 16:14:32Z"),
            "trace_id": String("cea1eec3-455d-4184-9d7e-602376eb1400"),
        },
    ),
}

My Code:

pub fn username_password() -> anyhow::Result<GraphClient> {  
    let public_client = EnvironmentCredential::resource_owner_password_credential()?;
    let mut client = GraphClient::from(&public_client);
    //client.use_endpoint(&Url::parse("https://graph.microsoft.de/v1.0")?);
    
    Ok(client)
}

pub async fn get_teams() -> String {
    let client = match username_password() {
        Ok(client) => client,
        Err(e) => {            
            return format!("Failed to get GraphClient: {}", e);
        },
    };

    let response = client.team(TEAM_ID).get_team().send().await;

    match response {
        Ok(response) => response.text().await.unwrap(),
        Err(e) => {
            return format!("Failed Request: {}", e);
        },
    }
}

The following environment Variables were set:

• AZURE_TENANT_ID
• AZURE_CLIENT_ID
• AZURE_USERNAME
• AZURE_PASSWORD

I used this commands to set the values in my powershell on win11:

$env:AZURE_TENANT_ID = "<tenant_id>"
$env:AZURE_CLIENT_ID = "<client_id>"
$env:AZURE_USERNAME = "<username>"
$env:AZURE_PASSWORD = "<password>"

The error message "The request body must contain the following parameter: 'username'." sounds to me like the library is not passing the username from the environment variable to the API. Is this correct, and what can I do to get it working?