I'm seeking to interact with the SP2016 rest api using node-sp-auth to authenticate via NTLM. Node doesn't pick up the appropriate certs from the windows certificate store. I can successfully inject the certs to POST and GET requests via an express proxy but when I send node-sp-auth via the proxy I get and Invalid argument from Object.decodeType2Message from node-ntlm-client. It appears it is being passed 'undefined' from OnpremiseUserCredentials.getAuth(). I'm guessing my issue is relating to my use of the proxy rather than node-sp-auth. Is there a better way of getting node to register the cert? Your advice is much appreciated.
I hadn't. the only reason I am going through a proxy is to insert certs. If I set process.env.NODE_TLS_REJECT_UNAUTHORIZED='0'; and don't go through the proxy i get a 401 response with authorizationError:'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'. If I go through the proxy (with https_proxy and http_proxy env variables set) I get Invalid argument error I got before.
If I attempt a POST request without using any authentication I get a 401 through the proxy and a cert error when I don't go through the proxy. That suggests to me that the certificates are fine. Would you agree? My proxy is only inserting certificates to post requests - not anything that node-sp-auth is doing - might the issue be related to that?
you can try to test it with nodejs request module - https://www.npmjs.com/package/request
it has an option called
also could you check that browser doesn't complaint about your certificate?
it has an option called
rejectUnauthorized which bypasses certifcate errorsalso could you check that browser doesn't complaint about your certificate?
no problems through the browser. I'm using the request module for the post. Bypassing the proxy without the rejectUnathorized:false flag i get 'requestError: Error: unable to get local issuer certificate'. With the flag i get a 'StatusCodeError: 401 - "401 UNAUTHORIZED"' with the response IncomingMessage TSLSocket authorizationError 'UNABLE_TO_GE_ISSUER_CERT_LOCALLY'.
Is this an unusual scenario? I would have thought connecting to the SharePoint Rest API from NodeJS over SSL would be a fairly common. Should I try added the certs via NODE_EXTRA_CA_CERTS? A colleague of mine suggested using pem certs was really painful so inserting certs via a proxy was simpler.
to be honest I don't know how to help here, because I've never seen this kind of error
I use node-sp-auth and related modules to connect to development farm with self-signed certificate, to production farms with SSL without issues
In that regard I'm not sure what is the root cause of the issue in your specific case
I use node-sp-auth and related modules to connect to development farm with self-signed certificate, to production farms with SSL without issues
rejectUnauthorized flag usually solves all problems related to self-signed, expired or other kind of invalid certificatesIn that regard I'm not sure what is the root cause of the issue in your specific case
maybe @koltyakov has an idea..
Hi @shaunpitt, nope, it's for fetching document to a local disk within dev pipelines or some Node.js processes.
Theoretically you can download with sppull/sp-download and upload to another location with spsave, however metadata, versions, permissions will/might be lost.
Why not move/copy documents with the API? Or it's a migration and different farms?
Theoretically you can download with sppull/sp-download and upload to another location with spsave, however metadata, versions, permissions will/might be lost.
Why not move/copy documents with the API? Or it's a migration and different farms?
Yes it was for migration project.
Different tenants SP online
Hi @marsbaa,
With 2FA it's possible authenticating using:
- On-Demand authentication
- Add-In Only permissions
- Creating App Password
Hi, is there a way to Bind share point list to a Sql Db tables to fetch updates dynamically. Example: I have a share point list of 2 columns and, I have a azure sql Db table with 2 columns. I would like to bind them together so when an update is happened in DB column, respective share point list column data will be updated.
Hi @rjgmail88! You can sync the list data with a custom handler, a job which checks updates in SharePoint list and sync data to the table. Change API can be handy to track what was changed since the last sync session (including service metadata changes, like permissions, and deletions or item recycle/restore). Based on SharePoint version (On-Prem/Online) events can be used to shrink the actuality time, in On-Prem it can be an event receiver, in SPO - remote event receiver or, what is better, webhooks. Also, a variety of ETL support SharePoint list as data source, e.g. SSIS can consume a list as OData data source.
@rjgmail88, SQL data can be exposed as an external list using BCS. However, it can be a bit tricky and itchy configure-wise and external lists have their own nuances which distinguish them from the ordinary SharePoint lists.
So depending on a task, BCS can be considered. But synchronization from SQL to SharePoint list with a custom job can be more beneficial and even smooth.
So depending on a task, BCS can be considered. But synchronization from SQL to SharePoint list with a custom job can be more beneficial and even smooth.
The tools for a sync job can vary based on your programming language preference. Node.js with node-sp-auth and sp-request or PnPjs do their job nicely on SharePoint side, tedious or any other SQL lib can be used for fetching SQL data. If preferred, C# + CSOM can be the thing. PoSH can be used as well. Or even Golang.
@koltyakov Have you or anyone else tried to use https://pnp.github.io/pnpjs/nodejs/docs/sp-fetch-client/ to talk to on premise SharePoint?
Do you see an error "SPFetchClient TypeError: Cannot read property 'filter' of undefined" - described at pnp/pnpjs#603 ?
Do you see an error "SPFetchClient TypeError: Cannot read property 'filter' of undefined" - described at pnp/pnpjs#603 ?
@williamyinssw sp fetch client shipped with pnpjs doesn't work with on-premises sharepoint (in nodejs)
you should use https://github.com/SharePoint-NodeJS/pnp-auth to add support of on-premises sharepoint in your nodejs app
you should use https://github.com/SharePoint-NodeJS/pnp-auth to add support of on-premises sharepoint in your nodejs app
Thanks @s-KaiNet If that's the case, I think the instruction at https://pnp.github.io/pnpjs/nodejs/docs/sp-fetch-client/ | "Register An Add-In" section is misleading, it's saying "but can work on-premises if you configure your farm accordingly."
sp-fetch-client uses azure access control services (aka ACS) in order to create oauth access token and to further authenticate http requests. It's called low-trust authentication. That's the default flow used for add-in for sp online. on-premises SharePoint uses different technique for authentication, thus it's not possible to directly use authentication from sp-fetch-client. However you can configure your on-premises sharepoint to run apps in low trust scenario (in the save way as for sp online), in that case you will be able to use sp-fetch-client. However the process of configuring is very complicated and error prone (from my experience).
Hi, you can try https://github.com/koltyakov/sppull
under the hood it uses sp-request, thus most likely you're doning something wrong
under the hood it uses sp-request, thus most likely you're doning something wrong
@s-KaiNet thanks, the code is very basic but doesn't seem to work as intended
const credentialOptions = { username: '', password: '' };
const spr = sprequest.create(credentialOptions);
spr.get('http://mysites/User%20Photos/Profile%20Pictures/nhayman_LThumb.jpg').then(function (response) {
return response.body;
});
normal SP requests made work fine, but somehow reading images don't
it won't work, because for downloads you should use SharePoint REST api, ie. to download a file
Here is some documentation - https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/working-with-folders-and-files-with-rest#working-with-files-by-using-rest
/_api/Web/GetFileByServerRelativeUrl(@FileServerRelativeUrl)/$valueHere is some documentation - https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/working-with-folders-and-files-with-rest#working-with-files-by-using-rest
e.g. should this work with the
sp-request lib and return the raw image data?http://mysites/_api/web/GetFolderByServerRelativeUrl('/User%20Photos/Profile%20Pictures')/Files('nhayman_LThumb.jpg')/$value
you can also use raw "node request", but in that case you should provide authentication headers, here is an example I found
https://sharepoint.stackexchange.com/questions/214212/download-sharepoint-document-with-rest-as-binary-file-not-working-for-me
https://sharepoint.stackexchange.com/questions/214212/download-sharepoint-document-with-rest-as-binary-file-not-working-for-me