SharePoint Node/Lobby

SharePoint Development with Node.js

peni4142

@peni4142

@koltyakov thanks for help

himyulian

@himyulian

@koltyakov Hi!
I have a question about sp-rest-proxy
In our company, authorization with SP2013 is implemented on Kerberos.
Unfortunately, I didn’t find a suitable type of authorization from the options offered when forming the file privat.json
Can you help please?

Andrew Koltyakov

@koltyakov

Hi @himyulian, unfortunately, Kerberos is not a supported option in node-sp-auth (authentication library behind the magic).

himyulian

@himyulian

@koltyakov It's a pity. As far as I understand, there are no other ways to connect with SP2013 in the environment of the Node.js?

Sergei Sergeev

@s-KaiNet

@himyulian the only option which might work for you is to extend your kerberos sharepoint web application to another url with ntlm auth enabled

Andrew Koltyakov

@koltyakov

AddIn Only permissions can be configured (https://github.com/s-kainet/node-sp-auth/wiki/SharePoint-on-premise-addin-only-authentication) or the web app extended to another auth type support, NTLM.

Hi @s-KaiNet!

Sergei Sergeev

@s-KaiNet

or form-based auth and give permissions only to certain users

Andrew Koltyakov

@koltyakov

will On-Demand theoretically work with Kerberos?

Sergei Sergeev

@s-KaiNet

nope(

Hi @koltyakov :)

himyulian

@himyulian

@s-KaiNet Unfortunately, NTLM authorization is prohibited by company policy.

himyulian

@himyulian

@s-KaiNet Is it possible to add the authorization option by Kerberos to the node-sp-auth library?

Sergei Sergeev

@s-KaiNet

as of now it's way too difficult - involves extend learning of Kerberos protocol and finding a way to implement it in nodejs

himyulian

@himyulian

I see, thanks. And so it would be very good in the future to think about it.

vaderj

@vaderj

So I am a little confused as I have been trying to accomplish this without success for months. Can node-sp-auth actually authenticate with the current users credentials WITHOUT being give the users credentials? The only time I can get node-sp-auth to work is either saving the credentials to the disk or typing them in directly. A working example of the behavior I am trying to achieve is accomplished (in SQL) with the "msnodesqlv8" module (it specifically appears to use Windows ODBC but I could be mistake, which is obviously not an option for SharePoint, I am just using this as an example of the behavior I am trying to get).

Has anyone been able to have node-sp-auth using the current user authentication without storing the credentials? Thanks!

Sergei Sergeev

@s-KaiNet

@vaderj as an author, I can say it's not possible. node-sp-auth uses pure javascript without C++ modules, thus behavior you want isn't available

consider also https://github.com/koltyakov/node-sp-auth-config for file configs. It adds a bit of encryption and allows no to store passwords in clear text
however, it's not pure encryption

vaderj

@vaderj

thanks @s-KaiNet !

Prince PY

@princeppy

Hi When I add node-sp-auth on to a plain fresh create-react-app of node version 8.11.4. on start i am getting error from 'inquirer' enquire module that one file ('readline') cannot be resolved. I tried to change the correct reference, but something else broke. can some one help me.

My aim is to create a react app to get sharepoint url, username and password from user and check for a specific list in that sharepoint site. with out storing username and password for the user.

Sergei Sergeev

@s-KaiNet

@princeppy you can't use node-sp-auth in browser, such kind of scenarios are not supported
however checkout this great article on a possible scenario for react app with sharepoint proxy - https://www.linkedin.com/pulse/local-spfx-workbench-against-real-sharepoint-api-andrew-koltyakov/

ellonimo

@ellonimo_twitter

Hi. Could you please help me make sp-rest-proxy correctly work with batching? It drives me crazy...
Let the example be https://pnp.github.io/pnpjs/sp/docs/items/#update-multiple-items. Proxy gets POST request with payload:

--batch_b18ca450-d9dc-40c7-8855-b7de9a621369
Content-Type: multipart/mixed; boundary="changeset_91eacb9d-a188-47d2-8b97-99f97271f926"

--changeset_91eacb9d-a188-47d2-8b97-99f97271f926
Content-Type: application/http
Content-Transfer-Encoding: binary

MERGE http://localhost:3000/sites/internalsites/Recruiting/_api/web/lists/getByTitle('rapidupdate')/items(1) HTTP/1.1
accept: application/json; odata=verbose
content-type: application/json;odata=verbose;charset=utf-8
if-match: *
x-clientservice-clienttag: PnPCoreJS:@pnp-1.2.8

{"__metadata":{"type":"SP.Data.CustomListListItem"},"Title":"Batch 6"}

--changeset_91eacb9d-a188-47d2-8b97-99f97271f926
Content-Type: application/http
Content-Transfer-Encoding: binary

MERGE http://localhost:3000/sites/internalsites/Recruiting/_api/web/lists/getByTitle('rapidupdate')/items(2) HTTP/1.1
accept: application/json; odata=verbose
content-type: application/json;odata=verbose;charset=utf-8
if-match: *
x-clientservice-clienttag: PnPCoreJS:@pnp-1.2.8

{"__metadata":{"type":"SP.Data.CustomListListItem"},"Title":"Batch 7"}

--changeset_91eacb9d-a188-47d2-8b97-99f97271f926--

--batch_b18ca450-d9dc-40c7-8855-b7de9a621369--

but result is

--batchresponse_c92f0856-7428-4f77-ba5e-a9c84f24bf68
Content-Type: application/http
Content-Transfer-Encoding: binary

HTTP/1.1 400 Bad Request
CONTENT-TYPE: application/json;odata=verbose;charset=utf-8

{"error":{"code":"-1, Microsoft.SharePoint.Client.InvalidClientQueryException","message":{"lang":"en-US","value":"Invalid request."}}}
--batchresponse_c92f0856-7428-4f77-ba5e-a9c84f24bf68
Content-Type: application/http
Content-Transfer-Encoding: binary

HTTP/1.1 400 Bad Request
CONTENT-TYPE: application/json;odata=verbose;charset=utf-8

{"error":{"code":"-1, Microsoft.SharePoint.Client.InvalidClientQueryException","message":{"lang":"en-US","value":"Invalid request."}}}
--batchresponse_c92f0856-7428-4f77-ba5e-a9c84f24bf68--

If I deploy this code to dev SharePoint 2016 page it does updates without errors.
sp-rest-proxy changes site name correctly: POST (batch): http://bss-ihome2016/sites/internalsites/Recruiting/_api/$batch
I've red lots of articles, also this koltyakov/sp-rest-proxy#42 , but in my case it looks OK, but does not OK.

Andrew Koltyakov

@koltyakov

Hi @ellonimo_twitter,
Can you create an issue in sp-rest-proxy's repo? I'll take a look.

Some details might be required. There is even integration test for batch update. So I assume it'll work for me.

ellonimo

@ellonimo_twitter

Hi @koltyakov ,
Thank you

Andrew Koltyakov

@koltyakov

Actually, I've olready figured out, fixed, going to test more and publish an update.

The replacement of the local endpoint didn't happen for MERGE, only for GET and POST.
However, the tests are or, because they use actual endpoint in multipart bodies.

but then faking the context, PnPjs thinks that SharePoint located on localhost and builds multipart using local URIs

long story short, fixed, will inform here after I'll publish an update, just going to add these to integration tests as well

Andrew Koltyakov

@koltyakov

@ellonimo_twitter could you please test with sp-rest-proxy@2.8.6

ellonimo

@ellonimo_twitter

@koltyakov , thank you so much!!! It works like a charm!

Andrew Koltyakov

@koltyakov

Great! Thanks!

userings

@userings

I'm seeking to interact with the SP2016 rest api using node-sp-auth to authenticate via NTLM. Node doesn't pick up the appropriate certs from the windows certificate store. I can successfully inject the certs to POST and GET requests via an express proxy but when I send node-sp-auth via the proxy I get and Invalid argument from Object.decodeType2Message from node-ntlm-client. It appears it is being passed 'undefined' from OnpremiseUserCredentials.getAuth(). I'm guessing my issue is relating to my use of the proxy rather than node-sp-auth. Is there a better way of getting node to register the cert? Your advice is much appreciated.

Andrew Koltyakov

@koltyakov

Hi @userings, did you try setting https_proxy, http_proxy, and NODE_TLS_REJECT_UNAUTHORIZED environment variables?

export https_proxy=http://proxy:port
export http_proxy=http://proxy:port
export NODE_TLS_REJECT_UNAUTHORIZED=0

userings

@userings

I hadn't. the only reason I am going through a proxy is to insert certs. If I set process.env.NODE_TLS_REJECT_UNAUTHORIZED='0'; and don't go through the proxy i get a 401 response with authorizationError:'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'. If I go through the proxy (with https_proxy and http_proxy env variables set) I get Invalid argument error I got before.

Sergei Sergeev

@s-KaiNet

under the hood node-sp-auth ignores certificate errors. I have tested with self-signed ones and it worked just fine. Most likely it's something with your certificates themselves

userings

@userings

If I attempt a POST request without using any authentication I get a 401 through the proxy and a cert error when I don't go through the proxy. That suggests to me that the certificates are fine. Would you agree? My proxy is only inserting certificates to post requests - not anything that node-sp-auth is doing - might the issue be related to that?

Sergei Sergeev

@s-KaiNet

you can try to test it with nodejs request module - https://www.npmjs.com/package/request
it has an option called rejectUnauthorized which bypasses certifcate errors
also could you check that browser doesn't complaint about your certificate?

userings

@userings

no problems through the browser. I'm using the request module for the post. Bypassing the proxy without the rejectUnathorized:false flag i get 'requestError: Error: unable to get local issuer certificate'. With the flag i get a 'StatusCodeError: 401 - "401 UNAUTHORIZED"' with the response IncomingMessage TSLSocket authorizationError 'UNABLE_TO_GE_ISSUER_CERT_LOCALLY'.

userings

@userings

Is this an unusual scenario? I would have thought connecting to the SharePoint Rest API from NodeJS over SSL would be a fairly common. Should I try added the certs via NODE_EXTRA_CA_CERTS? A colleague of mine suggested using pem certs was really painful so inserting certs via a proxy was simpler.

Sergei Sergeev

@s-KaiNet

to be honest I don't know how to help here, because I've never seen this kind of error
I use node-sp-auth and related modules to connect to development farm with self-signed certificate, to production farms with SSL without issues
rejectUnauthorized flag usually solves all problems related to self-signed, expired or other kind of invalid certificates
In that regard I'm not sure what is the root cause of the issue in your specific case

maybe @koltyakov has an idea..

Andrew Koltyakov

@koltyakov

No ideas guys, many environments with SSL and never faced the issue described.
Can it be a reverse proxy in between?

DANESHWARAN M

@Daneshwaran

Hello,
I need to transfer files from SharePoint document library to another server, Please suggest an approach for this task pragmatically.

Tim Parsons

@timmparsons

Hi, what is the best way to pull a list into a sharepoint webpart and have the list rows be able to be dragged and dropped into new positions?

Shaun Pitt

@shaunpitt

Hi there @koltyakov could you tell me if sppull could be used to copy a file from one library to another. thanks

Andrew Koltyakov

@koltyakov

Hi @shaunpitt, nope, it's for fetching document to a local disk within dev pipelines or some Node.js processes.
Theoretically you can download with sppull/sp-download and upload to another location with spsave, however metadata, versions, permissions will/might be lost.
Why not move/copy documents with the API? Or it's a migration and different farms?

marsbaa

@marsbaa

Hi @koltyakov , is there a way for node-sp-auth to work with Two-Factor Authentication?

Shaun Pitt

@shaunpitt

Hey thanks @koltyakov

Where communities thrive

People

Repo info

Activity