Skip to content

Commit

Permalink
doc: Update docs for removal of legacy config format
Browse files Browse the repository at this point in the history
  • Loading branch information
RogerSelwyn committed Jan 5, 2024
1 parent d35f39b commit 491f037
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 68 deletions.
3 changes: 1 addition & 2 deletions docs/authentication.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,10 @@ nav_order: 5
---

# Authentication
_**NOTE:** As of version 3.2.0, the primary (default) and alternate authentication methods have essentially reversed. The primary (default) method now DOES NOT require direct access to your HA instance from the internet while the alternate method DOES require direct access. If you previously did NOT set 'alt_auth_flow' or had it set to False, please set 'alt_auth_method' to True and remove 'alt_auth_flow' from your config. This will only be necessary upon re-authentication._

The Primary method of authentication is the simplest to configure and requires no access from the internet to your HA instance, therefore is the most secure method. It has slightly more steps to follow when authenticating.

The alternate method is more complex to set up, since the Azure App that is created in the prerequisites section must be configured to enable authentication from your HA instance whether located in your home network or utilising a cloud service such as Nabu Casa. The actual authentication is slightly simpler with fewer steps.
The alternate method is more complex to set up, since the Azure App that is created in the prerequisites' section must be configured to enable authentication from your HA instance whether located in your home network or utilising a cloud service such as Nabu Casa. The actual authentication is slightly simpler with fewer steps.

During setup, the difference in configuration between each method is the value of the redirect URI on your Azure App. The authentication steps for each method are shown below.

Expand Down
2 changes: 1 addition & 1 deletion docs/calendar_configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ nav_order: 6
---

# Calendar configuration
The integration uses an external `o365_calendars_<account_name>.yaml` file (or `o365_calendars.yaml` for the secondary (deprecated) configuration format) which is stored in the `o365_storage` directory.
The integration uses an external `o365_calendars_<account_name>.yaml` file which is stored in the `o365_storage` directory.
## Example Calendar yaml:
```yaml
- cal_id: xxxx
Expand Down
45 changes: 2 additions & 43 deletions docs/installation_and_configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ nav_order: 4
1. Restart your Home Assistant instance again to enable your configuration.
1. A notification will be shown in the Repairs dialogue of your HA instance. Follow the instructions on this notification (or see [Authentication](./authentication.md)) to establish the link between this integration and the Azure app
* A persistent token will be created in the hidden directory config/o365_storage/.O365-token-cache
* The `o365_calendars_<account_name>.yaml` (or `o365_calendars.yaml` for secondary (deprecated) configuration method) will be created under the config directory in the `o365_storage` directory.
* The `o365_calendars_<account_name>.yaml` will be created under the config directory in the `o365_storage` directory.
* If todo_sensors is enabled then `o365_tasks_<account_name>.yaml` will be created under the config directory in the `o365_storage` directory.
1. [Configure Calendars](./calendar_configuration.md)
1. [Configure To-Dos](./todos_configuration.md) (if required)
Expand All @@ -26,9 +26,8 @@ nav_order: 4

## Configuration examples

### Primary configuration format (as of v3.x.x) - Preferred because it provides improved security and allows for multiple accounts.
### Configuration format
```yaml
# Example configuration.yaml entry for multiple accounts
o365:
accounts:
- account_name: Account1 # Do not use email address or spaces
Expand Down Expand Up @@ -60,37 +59,9 @@ o365:
client_secret: "xx.xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
client_id: "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"
```
### Secondary (DEPRECATED) configuration format - Less preferred and can only use for a single account.
```yaml
# Example configuration.yaml entry for single account
o365:
client_id: "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"
client_secret: "xx.xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
alt_auth_method: False
enable_update: False
email_sensor:
- name: inbox
max_items: 2
is_unread: True
download_attachments: False
query_sensors:
- name: "Example"
folder: "Inbox/Test_Inbox" #Default is Inbox
from: "[email protected]"
subject_contains: "Example subject"
has_attachment: True
max_items: 2
is_unread: True
status_sensors: # Cannot be used for personal accounts
- name: "User Teams Status"
chat_sensors: # Cannot be used for personal accounts
- name: "User Chat"
```
### Configuration variables
#### Primary format
Key | Type | Required | Description
-- | -- | -- | --
`account_name` | `string` | `True` | Uniquely identifying name for the account. Calendars entity names will be suffixed with this. `calendar.calendar_account1`
Expand All @@ -109,18 +80,6 @@ Key | Type | Required | Description
`auto_reply_sensors` | `object<auto_reply_sensors>` | `False` | Auto-reply sensor options *Not for use on shared mailboxes*
`shared_mailbox` | `string` | `False` | Email address or ID of shared mailbox *Only available for calendar and email sensors*

#### Secondary format

Key | Type | Required | Description
-- | -- | -- | --
`client_id` | `string` | `True` | Client ID from your O365 application.
`client_secret` | `string` | `True` | Client Secret from your O365 application.
`alt_auth_method` | `boolean` | `False` | If False (default), authentication is not dependent on internet access to your HA instance. [See Authentication](./authentication.md)
`enable_update` | `boolean` | `False` | If True (**default is True**), this will enable the various services that allow the sending of emails and updates to calendars
`track_new_calendar` | `boolean` | `False` | If True (default), will automatically generate a calendar_entity when a new calendar is detected. The system scans for new calendars only on startup.
`email_sensors` | `list<email_sensors>` | `False` | List of email_sensor config entries
`query_sensors` | `list<query_sensors>` | `False` | List of query_sensor config entries
`status_sensors` | `list<status_sensors>` | `False` | List of status_sensor config entries. *Not for use on personal accounts*

#### email_sensors

Expand Down
18 changes: 0 additions & 18 deletions docs/legacy_migration.md

This file was deleted.

4 changes: 2 additions & 2 deletions docs/permissions.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,8 @@ Under "API Permissions" click Add a permission, then Microsoft Graph, then Deleg
| Chat | Chat.ReadWrite | Y | *Read and write user chat messages* | Not for personal accounts/shared mailboxes |
| ToDo | Tasks.Read | | *Read user's tasks and task lists* | Not for shared mailboxes |
| ToDo | Tasks.ReadWrite | Y | *Create, read, update, and delete user’s tasks and task lists* | Not for shared mailboxes |
| Group Calendar | Group.Read.All | | *Read all groups* | Not supported in legacy installs or shared mailboxes |
| Group Calendar | Group.ReadWrite.All | Y | *Read and write all groups* | Not supported in legacy installs or shared mailboxes |
| Group Calendar | Group.Read.All | | *Read all groups* | Not supported in shared mailboxes |
| Group Calendar | Group.ReadWrite.All | Y | *Read and write all groups* | Not supported in shared mailboxes |
| AutoReply | MailboxSettings.ReadWrite | | *Read and write user mailbox settings* | Not for shared mailboxes |

**Note** It should be noted that these are the permissions that are requested at authentication time (as appropriate for each sensor configured). When `enable_update` is configured to `true` all the associated `ReadWrite` permissions are requested as well, however you do not need to add `ReadWrite` for any sensor type where you do not what update permissions, it will still act as a Read Only sensor. This excludes the AutoReply option which is only `ReadWrite`.
Expand Down
2 changes: 0 additions & 2 deletions docs/prerequisites.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,6 @@ To allow authentication, you first need to register your application at Azure Ap

An alternate method of authentication is available which requires internet access to your HA instance if preferred. The alternate method is simpler to use when authenticating, but is more complex to set up correctly. See [Authentication](./authentication.md) section for more details.

_**NOTE:** As of version 3.2.0, the primary (default) and alternate authentication methods have essentially reversed. The primary (default) method now DOES NOT require direct access to your HA instance from the internet while the alternate method DOES require direct access. If you previously did NOT set 'alt_auth_flow' or had it set to False, please set 'alt_auth_method' to True and remove 'alt_auth_flow' from your config. This will only be necessary upon re-authentication._

4. From the Overview page, copy the Application (client) ID.

5. Under "Certificates & secrets", generate a new client secret. Set the expiration as desired. This appears to be limited to 2 years. Copy the **Value** of the client secret now (not the ID), it will be hidden later on. If you lose track of the secret, return here to generate a new one.
Expand Down

0 comments on commit 491f037

Please sign in to comment.