Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Andrew Koltyakov
    @koltyakov
    Generally you just know what auth strategy to use based on what is configured. It can be different options (https://github.com/s-KaiNet/node-sp-auth/wiki).
    klaydze
    @klaydze
    @koltyakov Ah yes, when I visit https://company.com/sites/test then it will redirect me to a login page where I can input the username and password provided. And also, when I'm successfully logged in, when I hit https://company.com/sites/test/_api/lists I will return some data in xml. BTW, this is On-Prem also.
    Andrew Koltyakov
    @koltyakov

    for troubleshooting can suggest this https://github.com/koltyakov/node-sp-auth-troubleshoot
    you could try different options quickly and see if any works

    for on-prem could be:

    • FBA
    • ADFS

    The page there you were redirected, what does it contain in the URL? E.g. is there /adfs/ls in the url?

    It's likely ADFS, so this article https://github.com/s-KaiNet/node-sp-auth/wiki/ADFS-user-credentials-authentication
    for ADFS, you need not only username and password but relyingParty and adfsUrl
    Andrew Koltyakov
    @koltyakov
    as a hint - adfsUrl is where you're redirected when logging in, relyingParty can be found as a parameter in the url
    klaydze
    @klaydze
    @koltyakov Ohh yeah! you are right when I enter the username and click the Next button my URL contains /adfs/ls?client-request-id=42.... and that's the only time that I can enter my password.
    Andrew Koltyakov
    @koltyakov
    wait a sec, entering username then next? adfs page is usually contain both username/pass on the same form and redirected to right away
    the next step is a common way for AAD when before resolving a username it's not known how to authenticate
    are you sure it's not SPO?
    anyways node-sp-auth-troubleshoot and trying different options is for the rescue
    Ralf Brennscheidt
    @RalfBrennscheidt
    Is SP-Online supported with MFA ? Didn't found anything in the wiki/docs related to MFA
    Andrew Koltyakov
    @koltyakov
    With MFA, these node-sp-auth strategies can be used:
    Ralf Brennscheidt
    @RalfBrennscheidt
    :thumbsup:
    Craig The BabelFish
    @Babelfish112_twitter
    Hi all, newbie here. I'm trying to use spsave for NodeJS but running into some issues. I've tested spauth on its own and it's working (response includes a cookie), but running spsave with my URL is giving me GotError: Unexpected token < in JSON at position 2 in <full URL here>. This is with SharePoint online in our domain. I've tried every form of the URL I can think of (https://<company>.sharepoint.com/sites/<team folder>, https://<company>.sharepoint.com/:f:/s/<team folder> etc) and still no luck
    Would greatly appreciate any pointers! Thanks
    Craig The BabelFish
    @Babelfish112_twitter
    Using https://<company>.sharepoint.com/sites/<team folder>, I'm getting:
    [18:17:52] spsave: Error occured:
    [18:17:52] spsave: Response code 403 (Forbidden)
    [18:17:52] spsave: {"error":{"code":"-2147024891, System.UnauthorizedAccessException","message":{"lang":"en-US","value":"Access denied. You do not have permission to perform this action or access this resource."}}}
    But I am set to "Owner" for group membership in SharePoint
    My NodeJS code:
    var coreOptions = {
    siteUrl: 'https://<company>.sharepoint.com/sites/<team folder>/',
    };
    var creds = {
    username: '<username>',
    password: '<password>',
    // online: true
    };
    var fileOptions = {
    folder: 'Test',
    fileName: 'file.txt',
    fileContent: 'hello world'
};
spsave(coreOptions, creds, fileOptions)
.then(function(){
    console.log('saved');
})
.catch(function(err){
    console.log(err);
});
    Andrew Koltyakov
    @koltyakov

    Hi @Babelfish112_twitter,

    No permissions usually means "no permissions".

    In SPO and when you know you have permissions, e.g. is admin, it's also can be a result of disabled custom scripts.
    This is a good article on the topic how to enable custom scripts: https://www.koskila.net/how-to-enable-custom-scripts-for-a-sharepoint-online-site-collection/
    Or using M365Cli: spo site classic set --url https://<company>.sharepoint.com/sites/<site> --noScriptSite false

    Another thing which might be is than you're providing siteUrl with a wrong path not to the SPWeb but folder.

    Craig The BabelFish
    @Babelfish112_twitter
    Hi @koltyakov, thank you for the suggestions. I will check with the SP admin if custom scripts are disabled

    As for the URL, I am a bit confused what I am meant to use.

    In SP, I am browsing the folder and the URL in the browser is https://<company>.sharepoint.com/sites/<team folder>/Shared%20Documents/Forms/AllItems.aspx?newTargetListUrl=<LONG HTML-formatted STRING!>

    If I put the siteUrl as 'https://<company>.sharepoint.com/' with folder 'sites/<team folder>/Test' spsave apparently works, and says file.txt successfully uploaded to that URL. But the file is not actually there
    Andrew Koltyakov
    @koltyakov
    An example of site url is https://contoso.sharepoint.com/sites/a-site <- valid, https://contoso.sharepoint.com/sites/a-site/folder-path <- invalid
    The API calls are constructed as ${siteUrl}/_api/... and won't be correct with a folder placed in there. The folder path should be in "folder" prop in fileOptions.
    Craig The BabelFish
    @Babelfish112_twitter
    Thanks again. With that form of the URL and folder set, I'm getting the 403 forbidden. Looks like it might be the disabled custom scripts
    Craig The BabelFish
    @Babelfish112_twitter
    So it turns out that custom scripts was already enabled, and my siteUrl was correct. But for the folder I had to prefix it with Shared%20Documents/<folder name>, since my new folder is under Documents. Glad to have this resolved after a day of attempts, and thanks again @koltyakov
    klaydze
    @klaydze
    Can you suggest what is the best way to handle a retry strategy if ever the spr.requestDigest or spr.post have problem connecting to SP?
        await spr.requestDigest(baseUrl)
        .then(async (digest) => {
            const header = {
                'X-RequestDigest': digest,
                'Accept': 'application/json;odata=verbose',
                'Content-Type': 'application/json;odata=verbose',
            };

            return spr.post(`${baseUrl}${itemsPath}`, {
                json: true,
                body: item,
                headers: header
            });
        })
        .then(res => {
            console.log('Successfully inserted in Sharepoint!');
            spItems.push(element);
        }, err => {
            if (err.statusCode === 404) {
                console.log('Not found!');
            } else {
                console.log('error');
            }
        });
    Marten Meijboom
    @MagicMarten
    image.png
    image.png
    Hi, I am creating an excel file using excel4node, which returns a node buffer. I then want to upload this to SharePoint. When I do this the Excel file in SharePoint is corrupted.
    This is my code:
    Oh... uploaded the images first
    I was wondering if you have any experience with such a situation, and, if there is a way for me to see if this is a mistake with my use of excel4node or spsave
    image.png
    Marten Meijboom
    @MagicMarten
    Managed to figure out that the created Excel file is not corrupt before uploading to Sharepoint
    Marten Meijboom
    @MagicMarten
    image.png
    This is my new code. Both test excel files created locally are fine
    12annumishra17
    @12annumishra17
    Hey Team
    Need help in Onpremise sharepoint
    12annumishra17
    @12annumishra17
    I am trying to make a rest CALL which says 402 unauthorized
    While from browser it gives out the response but from postman when I try it says unauthorized
    cardinalpipkin
    @cardinalpipkin
    Hi - I need to know if this still works: https://github.com/s-KaiNet/node-sp-auth
    I need users of an SPFX webpart to be able to make permission changes on a site collection on SPO. Elevated permissions etc.
    cardinalpipkin
    @cardinalpipkin
    @koltyakov - Is https://github.com/koltyakov/sp-rest-proxy
    a way to enable SPFX client side webparts to run with elevated permissions?
    Andrew Koltyakov
    @koltyakov
    Proxy is for local workbench, during dev time. Not for elevating permissions.
    With node-sp-auth you can authenticate a backend in Azure to call SP APIs on demand of a service account.
    The service should be protected with AAD.
    cardinalpipkin
    @cardinalpipkin
    @koltyakov - thanks. Not for me then. Do you know if Graph API can be used to impersonate/elevate permissions for SPFX webpart? I understand that this functionality will be implemented into a future version of SPFX. Do you know if it already has?
    Andrew Koltyakov
    @koltyakov
    There is no client-side way for impersonation. Only:
    • Call a web service which authenticates user, decides if a user allowed for an action, then calls another service with service acc context
    • Indirect delayed impersonation: like create an item which calls a workflow/flow
    cardinalpipkin
    @cardinalpipkin
    @koltyakov - "Indirect delayed impersonation: like create an item which calls a workflow/flow" can you give me an example of this?
    Andrew Koltyakov
    @koltyakov

    @cardinalpipkin this "create an item which calls a workflow/flow" is actually an example =)

    Well ok, let me elaborate:

    • There is a list Customers which is read-only for a user
    • As an elevation scenario a user should update Customer's status
    • There is another Actions list where a user can add items into it
    • In an app, for changing a status a user creates a "signal" item in Actions
    • On item creation in Actions list, a Flow/WF/Webhook* is triggered
    • What is triggered checks is an author has "rights" to update a status and if so, updates Customer's item using permissions elevation step/etc.
    cardinalpipkin
    @cardinalpipkin
    @koltyakov - Thanks. I'm using MS Flow to break inheritance and clear all permissions with an uploaded file, then JavaScript attempts to rename the FileLeafRef of the doc. Problem is....timing. MS Flows are slow to start so the triggering user doesn't have permission on the file and the JavaScript cannot rename the file. I have to clear permissions on each file because it's a shared lib. The limitations of client side coding with SharePoint!!!!
    Tom G
    @t0mgerman

    Is it possible to get user photos from the graph without having my SPFX web part needing to be authorised by admin? I guess I need clarification on this:

    By default, the service principal has no explicit permissions granted to access the Microsoft Graph. However, if you request an access token for the Microsoft Graph, you get a token with the user_impersonation permission scope that can be used for reading information about the users (that is, User.Read.All).

    Source: https://docs.microsoft.com/en-us/sharepoint/dev/spfx/use-msgraph#available-permission-scopes

    The problem I have is that I'm working with an NHS (Health Service) client in the UK - they use the government's Hybrid 365 offering, which melds NHS Mail with Office 365. The central administration / azure stuff is all handled by Accenture, so I don't have easy access to any of that. Its possible to apply via their desk to have something approved but its such a pain and if there's a way to avoid it I'm all ears...

    All I want are profile photos. I am finding /_layouts/15/userphoto.aspx?size=L&username=workemailhere a bit unreliable. https://outlook.office365.com/owa/service.svc/s/GetPersonaPhoto?email=workemailhere works - but I'm finding that if users haven't opened Outlook OWA in addition to SharePoint - the images don't necessarily load. Same thing with Delve.

    Any help most appreciated!

    utahisnotastate
    @utahisnotastate
    probably a long shot but it is absolutely impossible to build a spfx webpart using the yeoman generator but instead of building a .sppkg it creates a html/css/js build we can use in a CEWP instead?
    Mists13
    @Mists13

    Hi Team. I'm having a problem when trying to retrieve information from a list on sharepoint. The following code was working correctly before, and works on my colleague's machine.

    async function getUserIDs (sprequest,spInfo) {

    const credentialOptions = {
        username: spInfo.sp_user,
        password: spInfo.sp_password
    }
    const spr = sprequest.create(credentialOptions)

    const tableInfo  = 'GetByTitle(\'delimitados_qas\')//items?'
    const selectParams  = `U_ID,Title,Subinfotipo`

    return await spr.get(spInfo.sp_url + tableInfo + selectParams)
}

    I'm using the correct credentials, but i'm receiving this error:

    Error: <s:Fault>
    <s:Code>
    <s:Value>s:Sender</s:Value>
    <s:Subcode>
    <s:Value xmlns:a="http://docs.oasis-open.org/ws-sx/ws-trust/200512">a:FailedAuthentication</s:Value>
    </s:Subcode>
    </s:Code>
    <s:Reason>
    <s:Text xml:lang="en-US">MSIS7068: Access denied.</s:Text>
    </s:Reason>
    <s:Detail>
    <IssuanceAuthorizationFault xmlns="http://schemas.microsoft.com/ws/2009/12/identityserver/" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"/>
    </s:Detail>
    </s:Fault>
    at c:\Users\flor_active_msg\node_modules\node-sp-auth\lib\src\utils\AdfsHelper.js:32:23

    nik sur
    @ruskin_twitter
    Hello. Is it possible to only download the files that are new? Like comparing the files from destination folder. I want it to work in a way that it doesn't download the same files over and over again? Thank you. =)