[BUG]Modernisation Scanner fails - invalid signature - Is this because the Graph interface has changed ?

[NPrice99]

Thank you for reporting a bug. We appreciate your feedback - to help the team to understand your needs, please complete the below template to ensure we have the necessary details to assist you. Thanks!

Problem Area

[ ] Page Transformation: Error during the use of page transformation from PnP PowerShell [ ] Page Transformation: Error during the use of page transformation from .Net [ ] Page Transformation: Page is not looking correct after transformation [X ] Modernization Scanner: something went wrong...

Expected or Desired Behavior

I expected the Modernisation Scanner to Run without errors

Observed Behavior

PS C:\temp> .\SharePoint.Modernization.Scanner.exe -t mytenant -i -z .onmicrosoft.com -f "C:\Temp\ModernizationScannerApp.pfx" -x password -c -m WorkflowWithDetailsOnly -h 10 -n

Scanning is starting...26/08/2020 14:58:10

Error executing scan: AADSTS700027: Client assertion contains an invalid signature. [Reason - The key was not found., Thumbprint of key used by client: '7DDB09F9E833EB98DD5861ACCBAD44FBA6E11B8D', Please visit the Azure Portal, Graph Explorer or directly use MS Graph to see configured keys for app Id 'fb63b148-11b8-42a3-8e0f-40fe76451e5d'. Review the documentation at https://docs.microsoft.com/en-us/graph/deployments to determine the corresponding service endpoint and https://docs.microsoft.com/en-us/graph/api/application-get?view=graph-rest-1.0&tabs=http to build a query request URL, such as 'https://graph.microsoft.com/beta/applications/fb63b148-11b8-42a3-8e0f-40fe76451e5d'] Trace ID: 9d6744af-6e4e-40a7-bbca-0e638f0da700 Correlation ID: 59fd52a5-3933-4009-8a26-f28fd3095b9d Timestamp: 2020-08-26 13:58:12Z Press any key to continue

Steps to Reproduce

run this command :- .\SharePoint.Modernization.Scanner.exe -t mytenant -i -z .onmicrosoft.com -f "C:\Temp\ModernizationScannerApp.pfx" -x password -c -m WorkflowWithDetailsOnly -h 10 -n

Thanks for your contribution! Sharing is caring.

[jansenbe]

Hmm...seems like a setup issue. Can you confirm the certificate is linked to your Azure AD application? See https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread#setting-up-an-azure-ad-app-for-app-only-access for details on how to configure Azure AD app-only

[NPrice99]

Tried following article - failed at connect-pnponline command - Bug #2879 in PnP-PowerShell raised. Access to -CertificatePath C:\Temp denied. (I tried other paths and they all failed)

[jansenbe]

You only need to follow the steps in the "Setting up an Azure AD app for app-only access" chapter. I've you've created the cert/pfx and have configured the Azure AD app then you can try them in the scanner

[NPrice99]

Now getting

Scanning is starting...28/08/2020 13:00:26

Error executing scan: The remote server returned an error: (401) Unauthorized. Press any key to continue

Using version 2.17

I have tried running and running as Administrator

[jansenbe]

Did you grant the proper permissions to the Azure AD app?

[jansenbe]

And did the admin consent

[NPrice99]

[cid:image002.jpg@01D67D3E.A3FA69F0]

From: Bert Jansen notifications@github.com Sent: 28 August 2020 13:10 To: pnp/sp-dev-modernization sp-dev-modernization@noreply.github.com Cc: Nigel Price pricen@njpenterprises.com; Author author@noreply.github.com Subject: Re: [pnp/sp-dev-modernization] [BUG]Modernisation Scanner fails - invalid signature - Is this because the Graph interface has changed ? (#522)

And did the admin consent

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/pnp/sp-dev-modernization/issues/522#issuecomment-682490252, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ACAXJUHZJVXP4CWBBPKHLTDSC6NCJANCNFSM4QL3TX4Q.

[NPrice99]

Deleted Application Registration and recreated. Worked this time. Thanks for your excellent help Bert.