Closed zubairk14 closed 1 year ago
Hi @zubairk14,
Based on Client ID/Secret the AddIn Only strategy gets Bearer and uses it as an auth header.
If you already have a Bearer (e.g. retrieved with browser protocol automation) you can use it without other auth strategies.
E.g.:
package main
import (
"fmt"
"log"
"github.com/koltyakov/gosip"
"github.com/koltyakov/gosip/api"
strategy "github.com/koltyakov/gosip/auth/anon"
)
func main() {
auth := &strategy.AuthCnfg{}
client := &gosip.SPClient{AuthCnfg: auth}
sp := api.NewSP(client)
sp.Conf(&api.RequestConfig{Headers: map[string]string{"Authorization": "Bearer eyJr...fq7w"}})
res, err := sp.Web().Select("Title").Get()
if err != nil {
log.Fatal(err)
}
fmt.Printf("%s\n", res.Data().Title)
}
It could be helpful if you describe what you're going to achieve.
Hi Andrew, thank you for the super fast response!
I'm building a tool where users can link their SharePoint and perform a scan of their SharePoint resources. I don't imagine people will be interested in sharing their client secret directly, so I was hoping to use an OAuth2.0 flow (where a bearer token is generated).
If you already have a Bearer (e.g. retrieved with browser protocol automation) you can use it without other auth strategies.
So it won't be through AuthCnfg b/c there's no token field
SiteURL string `json:"siteUrl"` // SPSite or SPWeb URL, which is the context target for the API calls
TenantID string `json:"tenantId"` // Azure Tenant ID
ClientID string `json:"clientId"` // Azure Client ID
CertPath string `json:"certPath"` // Azure certificate (.pfx) file location, relative to config location or absolute
CertPass string `json:"certPass"` // Azure certificate export password
authorizer autorest.Authorizer
privateFile string
masterKey string
}
instead you're saying I can directly pass in like this?
sp.Conf(&api.RequestConfig{Headers: map[string]string{"Authorization": "Bearer eyJr...fq7w"}})
no siteurl, tenantid, clientid necessary?
is Azure Device Flow supported for SharePoint on-premises or only SharePoint Online (Cloud) ?
Yes, Azure AD auth can be only used with SPO, as far as I know.
Going to close it. Feel free to reopen if needed.
Hi Andrew, does your library require app permissions for auth instead of delegated permissions? Or both should work? https://learn.microsoft.com/en-us/graph/auth/auth-concepts
Hi @zubairk14,
Please checkout this this or that for cert based (App permissions). Delegated should work for creds flow in theory (need to check) however I always used App permissions instead.
Describe the bug The AddIn Only Auth section references that we can use OAuth bearer tokens for authenticating HTTP requests, but there's no example of an OAuth credential use...
Versions ALL
To Reproduce n/a
Expected behavior Expecting some field to pass in a bearer token.
Screenshots
Additional context Add any other context about the problem here.