Switched to Device code authentication

ConfigData.cs

@@ -7,21 +7,11 @@ public sealed class ConfigData {
     public string IncludeFile { get; }
     public int KeepLast { get; }
 
-    public string TenantId { get; }
-    public string ClientId { get; }
-    public string ClientSecret { get; }
-    public string UserId { get; }
-
     public ConfigData(IConfiguration config) {
         Schedule = config["Schedule"]!;
         BackupUploadRoot = config["UploadRoot"]!;
         LocalRoot = config["LocalRoot"]!;
         IncludeFile = config["IncludeFile"]!;
         KeepLast = int.Parse(config["KeepLast"]!);
-
-        TenantId = config["TenantId"]!;
-        ClientId = config["ClientId"]!;
-        ClientSecret = config["ClientSecret"]!;
-        UserId = config["UserId"]!;
     }
 }

Dockerfile

@@ -1,5 +1,4 @@
 FROM mcr.microsoft.com/dotnet/runtime:10.0 AS base
-RUN apt-get update && apt-get install -y tar && rm /var/lib/apt/lists/*
 USER $APP_UID
 WORKDIR /app
 

OneDriveClient.cs

@@ -13,15 +13,26 @@ public class OneDriveClient {
     public OneDriveClient(ConfigData config) {
         _config = config;
 
-        var credential = new ClientSecretCredential(_config.TenantId, _config.ClientId, _config.ClientSecret);
-        _client = new GraphServiceClient(credential);
+        var options = new DeviceCodeCredentialOptions {
+            TenantId = "consumers",
+            DeviceCodeCallback = (code, _) => {
+                Console.WriteLine(code.Message);
+                return Task.CompletedTask;
+            }
+        };
+
+        _client = new GraphServiceClient(new DeviceCodeCredential(options), ["Files.ReadWrite.All"]);
+    }
+
+    public async Task EnsureAuthenticated(CancellationToken token) {
+        await _client.Me.Drive.GetAsync(cancellationToken: token);
     }
 
     public async Task<UploadResult<DriveItem>> UploadFile(string filePath, CancellationToken token) {
         var fileName = Path.GetFileName(filePath);
         var remoteFilePath = _config.BackupUploadRoot.Trim('/') + '/' + fileName;
 
-        var defaultDrive = await _client.Users[_config.UserId].Drive.GetAsync(cancellationToken: token);
+        var defaultDrive = await _client.Me.Drive.GetAsync(cancellationToken: token);
 
         var driveFile = _client.Drives[defaultDrive!.Id].Items[$"root:/{remoteFilePath}:"]!;
         var uploadSession = await driveFile.CreateUploadSession.PostAsync(new CreateUploadSessionPostRequestBody {
@@ -40,7 +51,7 @@ public class OneDriveClient {
     }
 
     public async Task<int> DeleteOldFiles(CancellationToken token) {
-        var defaultDrive = await _client.Users[_config.UserId].Drive.GetAsync(cancellationToken: token);
+        var defaultDrive = await _client.Me.Drive.GetAsync(cancellationToken: token);
 
         var remoteFolder = _config.BackupUploadRoot.Trim('/');
         var backupFiles = await _client.Drives[defaultDrive!.Id]

Worker.cs

@@ -5,6 +5,8 @@ namespace OneDriveBackupService;
 
 public class Worker(ILogger<Worker> logger, ConfigData config, OneDriveClient client) : BackgroundService {
     protected override async Task ExecuteAsync(CancellationToken stoppingToken) {
+        await client.EnsureAuthenticated(stoppingToken);
+        
         if (Environment.GetCommandLineArgs().Contains("--run-once")) {
             logger.LogInformation("Manual backup triggered");
             await RunBackup(DateTime.Now, stoppingToken);