search

OneDrive / samples

Contains samples, scenarios, and guidance for integrating with OneDrive and SharePoint drives, drive items, and files.
MIT License
58 stars 59 forks source link

FilePicker v8.0 triggers call to `my.sharepoint` endpoint #65

Closed laikathesobaka closed 10 months ago

laikathesobaka commented 10 months ago

Describe the bug Am developing a feature for a web app that allows users to select and upload files using FilePicker v8.0 SDK and azure/msal-browser for auth.

I'm able to successfully auth, launch file picker and browse and upload files belonging to a specific SharePoint site. When browsing files within the site, I see successful calls to https://{my tenant name}.sharepoint.com. However, when clicking on the Shared option in the file picker sidebar, a call to https://{tenant name}-my.sharepoint.com is triggered and returns a 401.

Similarly, when I enable displaying of recent files through the file picker config and click on Recent, I get a 401 for a GET request to https://{tenant name}-my.sharepoint.com/_api/v2.0/drives/me/recent.

  1. My understanding is that a single file picker instance cannot be used to access both Sharepoint and OneDrive items--are the oneDrive and recent options nested in typesAndResources -> pivots applicable only when entry point is OneDrive? In this example config I see oneDrive and recent options set to true even though entry point is SharePoint.

  2. Is it a configuration issue on my end (details posted below) that could be resulting in being able to successfully browse and upload files, but getting 401 when clicking on any of the Pick an item sidebar options (e.g., My files, Recent, Shared)? Is there a way to allow calls to OneDrive resources for this file picker using a SharePoint site as its base url?

  3. Is there an option to hide the Pick an item sidebar? I've tried setting oneDrive, recent, sharedLibraries all to false in file picker typeAndResource -> pivots config.

Thank you in advance!

Details Clicking on Shared (and Recent when enabled), triggers call to {tenant name}-my.sharepoint endpoint which returns 401:

image

File picker config:

const sharepointBaseUrl = "https://{tenant name}.sharepoint.com/sites/test"
const sharepointFilePickerConfig= {
  sdk: '8.0',
  entry: {
    sharePoint: {},
  },
  selection: {
      mode: 'single',
  },
  search: {
    enabled: true,
  },
  authentication: {},
  messaging: {
      origin: location.origin,
      channelId: uuid.v4(),
  },
  typesAndSources: {
    mode: 'all',
    filters: ['.xlsx', '.csv'],
    pivots: {
        oneDrive: false,
        recent: false,
        sharedLibraries: false,
    },
  },
};

Auth code:

import { PublicClientApplication, Configuration, SilentRequest } from "@azure/msal-browser";

let app: any = null;
async function initializeApp() {
  const msalParams = {
    auth: {
      authority: "https://login.microsoftonline.com/common",
      clientId: "SPA CLIENT ID", // SPA client id
      redirectUri: "https://localhost:8080",
    },
  };

  app = await PublicClientApplication.createPublicClientApplication(msalParams);
}

initializeApp().catch(console.error);

export async function getToken(): Promise<string> {
  return getTokenWithScopes(['https://{tenant name}.sharepoint.com/.default']);
}

export async function getTokenWithScopes(scopes: string[], additionalAuthParams?: Omit<SilentRequest, "scopes">): Promise<string> {
  let accessToken = "";
  const authParams = { scopes, ...additionalAuthParams };

  try {
      const resp = await app.acquireTokenSilent(authParams!);
      accessToken = resp.accessToken;
  } catch (e) {
      const resp = await app.loginPopup(authParams!);
      app.setActiveAccount(resp.account);

      if (resp.idToken) {
          const resp2 = await app.acquireTokenSilent(authParams!);
          accessToken = resp2.accessToken;

      } else {
          throw e;
      }
  }

  return accessToken;
}