feat(04-03): implement FileTransferService with MoveCopyUtil and conflict policies

- FileTransferService.cs: CSOM copy/move via MoveCopyUtil.CopyFileByPath/MoveFileByPath - Conflict policies: Skip (catch ServerException), Overwrite (overwrite=true), Rename (KeepBoth=true) - ResourcePath.FromDecodedUrl for special character support - Recursive folder enumeration with system folder filtering - EnsureFolderAsync creates intermediate destination folders - Best-effort metadata preservation (ResetAuthorAndCreatedOnCopy=false) - FileTransferServiceTests.cs: 4 passing tests, 3 skipped (integration)
2026-04-03 10:02:57 +02:00
parent b0956adaa3
commit ac74d31933
4 changed files with 363 additions and 0 deletions
--- a/SharepointToolbox/Infrastructure/Auth/GraphClientFactory.cs
+++ b/SharepointToolbox/Infrastructure/Auth/GraphClientFactory.cs
@@ -0,0 +1,71 @@
+using Microsoft.Graph;
+using Microsoft.Identity.Client;
+using Microsoft.Kiota.Abstractions.Authentication;
+
+namespace SharepointToolbox.Infrastructure.Auth;
+
+public class GraphClientFactory
+{
+    private readonly MsalClientFactory _msalFactory;
+
+    public GraphClientFactory(MsalClientFactory msalFactory)
+    {
+        _msalFactory = msalFactory;
+    }
+
+    /// <summary>
+    /// Creates a GraphServiceClient that acquires tokens via the same MSAL PCA
+    /// used for SharePoint auth, but with Graph scopes.
+    /// </summary>
+    public async Task<GraphServiceClient> CreateClientAsync(string clientId, CancellationToken ct)
+    {
+        var pca = await _msalFactory.GetOrCreateAsync(clientId);
+        var accounts = await pca.GetAccountsAsync();
+        var account = accounts.FirstOrDefault();
+
+        var graphScopes = new[] { "https://graph.microsoft.com/.default" };
+
+        var tokenProvider = new MsalTokenProvider(pca, account, graphScopes);
+        var authProvider = new BaseBearerTokenAuthenticationProvider(tokenProvider);
+        return new GraphServiceClient(authProvider);
+    }
+}
+
+/// <summary>
+/// Bridges MSAL PCA token acquisition with Graph SDK's IAccessTokenProvider interface.
+/// </summary>
+internal class MsalTokenProvider : IAccessTokenProvider
+{
+    private readonly IPublicClientApplication _pca;
+    private readonly IAccount? _account;
+    private readonly string[] _scopes;
+
+    public MsalTokenProvider(IPublicClientApplication pca, IAccount? account, string[] scopes)
+    {
+        _pca = pca;
+        _account = account;
+        _scopes = scopes;
+    }
+
+    public AllowedHostsValidator AllowedHostsValidator { get; } = new();
+
+    public async Task<string> GetAuthorizationTokenAsync(
+        Uri uri,
+        Dictionary<string, object>? additionalAuthenticationContext = null,
+        CancellationToken cancellationToken = default)
+    {
+        try
+        {
+            var result = await _pca.AcquireTokenSilent(_scopes, _account)
+                .ExecuteAsync(cancellationToken);
+            return result.AccessToken;
+        }
+        catch (MsalUiRequiredException)
+        {
+            // If silent fails, try interactive
+            var result = await _pca.AcquireTokenInteractive(_scopes)
+                .ExecuteAsync(cancellationToken);
+            return result.AccessToken;
+        }
+    }
+}