Closed tarundhillon closed 4 years ago
Hi @tarundhillon,
Not sure that if CAS policies are applied you can get around it as the goal of conditional access is blocking due to conditions.
What I think might work is Add-In Only auth strategy.
Thanks @koltyakov !! Vaild point and it makes sense.
I was wondering if a semi manual process of such as copy pasting an Auth code from another login window and using that in the sp-rest-proxy to get over CORS could work ?
On-Demand auth does that exactly. After authenticated, it takes auth cookie(s) through electron and uses it in Node. So semi-manual will end up with the same.
Didn't Add-In Only help?
Azure AD auth can be helpful (ADAL.js) but it's not represented in sp-rest-proxy.
Oh, App Password also might work, but most admins disable it as I have seen.
For the add-in since I don't have access to azure console I don't have details on client-id or setup a secret.
Electron triggers an entirely new login flow (I'd token - access token), is there a way to directly pass access token from another session .. sessions can last sometime .. not ideal but will workable I guess
Let me try App password also ..
Thanks
Add-ins don’t require Azure console they are SharePoint scoped. Check the link to the strategy description in my previous message.
There is no existing AdHoc way of passing FedAuth cookie directly. Rather than monkey patch auth library.
My hopes for your case with CAS is Add-in Only and App password still.
Thanks for your help @koltyakov
I think my only option is to wait for IT department to make their judgement
Once again thanks for suggesting options and advise.
Hi Andrew,
One of our clients has recently enabled CAS which in the background redirects the requests to a different URL ending with ...us3.cas.ms, this has blocked our existing dev environment setup using sp-rest-proxy
I am now getting the below error
I have tried both SAML (which previously worked) and On Demand with Electron without much success. Wondering if there were any other work-arounds or alternatives ?
Thanks Tarun