Importing tasks from Microsoft To-Do

Hey guys,

after a bit of work I managed to set up Vikunja and I am really excited.
I am still stuck on one issue and need help :smile:

Briefly for general info. I have set up Vikunja with docker-compose. Here I noticed an issue regarding the migrations. In the part config options within the documentation it says to set VIKUNJA_MIGRATION_MICROSOFTTODO as environment variable. In this case I had understood “VIKUNJA_MIGRATION_MICROSOFTTODO: 1”. But this never showed me the link in Vikunja. Only “VIKUNJA_MIGRATION_MICROSOFTTODO_ENABLE: 1” showed then also the dialog. But I found this only by chance in a search. Doesn’t it make sense to adjust the documentation here?

Well now to my questions:
If I then click on “Get started” in Vikunja it opens the following URL: Sign in to your account
But here the client_id and redirect_uri are missing.
To do this, I then also found the following page again via search and accordingly registered an application in Azure. With this I could at least clarify the question of the client_id.

  1. How do I get Vikunja to click on “Go” and the client_id is used?
  2. Furthermore, I can’t figure out which redirect_uri I need to specify?
  3. Do I also have to write these two values into an environment variable?

Currently I always call the link manually, but always end up back at the migration page <frontend_url>/migrate/microsoft-todo

About help to the problem I would be very happy :smile:

Many greetings
Buddinski88

Hi!

You will need to set the client id and secret from azure. The config docs about this are lacking, please check out the default config file for info about how to do this: api/config.yml.sample at main - api - Gitea. You can still use env variables for this, you’ll need to use VIKUNJA_MIGRATION_MICROSOFTTODO_CLIENTID and VIKUNJA_MIGRATION_MICROSOFTTODO_CLIENTSECRET. If you have the frontend url set up correctly you won’t need to set a redirecturl in Vikunja, but you’ll have to set one in Azure when creating the credentials.

Hi kolaente,

thanks for your answer.

I have already set the values in docker-compose.yml:
VIKUNJA_MIGRATION_MICROSOFTTODO_ENABLE: 1
VIKUNJA_MIGRATION_MICROSOFTTODO_CLIENTID:
VIKUNJA_MIGRATION_MICROSOFTTODO_CLIENTSECRET:
VIKUNJA_MIGRATION_MICROSOFTTODO_REDIRECTURL: https://MYFRONTED-FO/migration/microsoft-todo/migrate/

Then when I click on the link in Vikunja, I am always asked for my Microsoft email address and then Microsoft redirects me right to a page…
“Not found
The requested page does not exist”

Are there any other settings I need to do?

https://MYFRONTED-FO/migration/microsoft-todo/migrate/?error=invalid_request&error_description=The%20request%20is%20not%20valid%20for%20the%20application's%20'userAudience'%20configuration.%20In%20order%20to%20use%20%2Fcommon%2F%20endpoint,%20the%20application%20must%20not%20be%20configured%20with%20'Consumer'%20as%20the%20user%20audience.%20The%20userAudience%20should%20be%20configured%20with%20'All'%20to%20use%20%2Fcommon%2F%20endpoint.

Many greetings,
Buddinski88

You should revoke that client secret you posted above, everyone can now use it to talk to Azure in your name…

The error message in the request says what you need to do (Vikunja can’t handle displaying it directly):

The request is not valid for the application’s ‘userAudience’ configuration. In order to use /common/ endpoint, the application must not be configured with ‘Consumer’ as the user audience. The userAudience should be configured with ‘All’ to use /common/ endpoint.

I think I don’t know enough about Azure to know what that means but I think it’s something google-able?

Thanks for the tip, but you can see that I’m not really familiar with Azure either :frowning:
I will continue to research, but so far Google has really not helped me at all in this context. Maybe it’s just the lack of understanding.
Too bad, would have loved to do the migration.

Maybe it helps, here is the config I’m using for Vikunja Cloud:

I think you need to create an “application” with a redirect url:

And it needs to have user read permissions:

I think that should be it?

Just found you can export the whole azure application manifest, here’s mine (ids obfuscated):

{
	"id": "000000000000000000000000000000000000",
	"acceptMappedClaims": null,
	"accessTokenAcceptedVersion": 2,
	"addIns": [],
	"allowPublicClient": null,
	"appId": "000000000000000000000000000000000000",
	"appRoles": [],
	"oauth2AllowUrlPathMatching": false,
	"createdDateTime": "2021-08-15T13:29:30Z",
	"description": null,
	"certification": null,
	"disabledByMicrosoftStatus": null,
	"groupMembershipClaims": null,
	"identifierUris": [],
	"informationalUrls": {
		"termsOfService": null,
		"support": null,
		"privacy": null,
		"marketing": null
	},
	"keyCredentials": [],
	"knownClientApplications": [],
	"logoUrl": "https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-otrskziqqxxsssdghj7jjfrifoprytjmtmfdfhco0ss/appbranding/uueosigjppd59bmxb-pxz78avd0a8ia1vnso2pba27g/1033/bannerlogo?ts=637646333437092732",
	"logoutUrl": null,
	"name": "Vikunja Cloud",
	"notes": null,
	"oauth2AllowIdTokenImplicitFlow": false,
	"oauth2AllowImplicitFlow": false,
	"oauth2Permissions": [],
	"oauth2RequirePostResponse": false,
	"optionalClaims": {
		"idToken": [],
		"accessToken": []
	},
	"orgRestrictions": [],
	"parentalControlSettings": {
		"countriesBlockedForMinors": [],
		"legalAgeGroupRule": "Allow"
	},
	"passwordCredentials": [
		{
			"customKeyIdentifier": null,
			"endDate": "2023-08-14T22:00:00Z",
			"keyId": "00000000000000000000000000000000",
			"startDate": "2021-08-15T13:32:48.351Z",
			"value": null,
			"createdOn": "2021-08-15T13:33:32.9104206Z",
			"hint": "U~j",
			"displayName": "App Secret"
		}
	],
	"preAuthorizedApplications": [],
	"publisherDomain": null,
	"replyUrlsWithType": [
		{
			"url": "https://app.vikunja.cloud/migrate/microsoft-todo",
			"type": "Web"
		}
	],
	"requiredResourceAccess": [
		{
			"resourceAppId": "00000000-0000-0000-0000-000000000000",
			"resourceAccess": [
				{
					"id": "000000000000000000000000000000000000",
					"type": "Scope"
				}
			]
		}
	],
	"samlMetadataUrl": null,
	"serviceManagementReference": null,
	"signInUrl": "https://vikunja.cloud",
	"signInAudience": "AzureADandPersonalMicrosoftAccount",
	"tags": [],
	"tokenEncryptionKeyId": null
}

Thank you so much for the help!

Actually, it’s fairly straightforward if you set the correct access rights for the API at the beginning. I have made a screenshot.

Now I’ll validate how the import worked. At first glance, it looks like some tasks are missing. But I have a suspicion that it is because these were already done …

Glad you figured it out!

The done tasks are hidden by default in Vikunja but you can enable them under “filters”.

I have seen that with the filter.

I tried to see a pattern there, but a maximum of 10 tasks were imported per list (all were migrated).
That was my assumption that there is a limitation here, but there is also a list where only 8 pieces were imported, although there are significantly more in Microsoft ToDo.
Setting tasks to not done in MS ToDo and synchronizing them did not change the behavior.
There remains a maximum of 10 tasks, which are imported from a list.

@kolaente have you ever been able to reproduce this behavior?

  1. Create list in MS Todo
  2. Add more than 10 tasks
  3. Import in Vikunja

I can confirm this is a problem. Looks like it only imported the last 10 tasks.

1 Like

Thank you for looking into this. Can you tell if this is a bug in Vikunja or is it Microsoft?

It’s a bug in Vikunja. I’m currently looking into it and should have a fix ready soon.

Fix is up: 43f1daf40c. Can you check with the next unstable release once the CI released it? (~30 min)

Sure, I can do it with pleasure. Do I just have to drag a new Vikunja-api image into Docker?

You’ll need to switch to the unstable tag and restart your container.

1 Like

Perfect, now all tasks are imported. Compared the numbers and now they are identical :ok_hand:

1 Like