search

vgrem / Office365-REST-Python-Client

Microsoft 365 & Microsoft Graph Library for Python
MIT License
1.29k stars 332 forks source link

assertion_node = dom.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", 'Assertion')[0].toxml() #492

Open sant3e opened 2 years ago

sant3e commented 2 years ago

I'm trying to connect to my organization's SharePoint (end purpose is to be able to read a list within a folder) I tried the following: 

from office365.sharepoint.client_context import ClientContext
from office365.runtime.auth.user_credential import UserCredential
site_url = "https://domain.sharepoint.com/sites/folder"
ctx = ClientContext(site_url).with_credentials(UserCredential("username@domain.com", "password"))
web = ctx.web
ctx.load(web)
ctx.execute_query()
print("Web title: {0}".format(web.properties['Title']))

I'm getting these errors: Traceback (most recent call last): File "C:\Users\tdiacon\Pyproj\PySharePoint\project.py", line 10, in ctx.execute_query() File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\client_runtime_context.py", line 134, in execute_query self.pending_request().execute_query() File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\client_request.py", line 79, in execute_query response = self.execute_request_direct(request) File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\odata\odata_request.py", line 36, in execute_request_direct return super(ODataRequest, self).execute_request_direct(request) File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\client_request.py", line 91, in execute_request_direct self.context.authenticate_request(request) File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\sharepoint\client_context.py", line 230, in authenticate_request self._auth_context.authenticate_request(request) File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\auth\authentication_context.py", line 89, in authenticate_request
self._provider.authenticate_request(request) File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\auth\providers\saml_token_provider.py", line 77, in authenticate_requ est self.ensure_authentication_cookie() File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\auth\providers\saml_token_provider.py", line 84, in ensure_authentica tion_cookie self._cached_auth_cookies = self.get_authentication_cookie() File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\auth\providers\saml_token_provider.py", line 97, in get_authenticatio n_cookie token = self._acquire_service_token_from_adfs(user_realm.STSAuthUrl) File "C:\Users\tdiacon\Pyproj\PySharePoint\venv\lib\site-packages\office365\runtime\auth\providers\saml_token_provider.py", line 140, in _acquire_service _token_from_adfs assertion_node = dom.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", 'Assertion')[0].toxml() IndexError: list index out of range

Vel-San commented 2 years ago

+1, started happening all of a sudden.

Dhyanesh97 commented 2 years ago

+1, we are also facing same issue all of a sudden. Please suggest workaround asap.

Dhyanesh97 commented 2 years ago

While debugging we found that recently our identity provider for sharepoint online was changed from ADFS to NetIQ.

The NetIQ SAML endpoint is named …/nidp/saml2/soap. However, it looks like the Office365 python package is building SAML 1.0 requests (i.e. xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" in the SOAP envelope). So while logging into sharepoint using user_id and password we were facing issues.

We tried alternate way to login using Client Id and client secrete and it worked.

from office365.runtime.auth.authentication_context import AuthenticationContext
from office365.sharepoint.client_context import ClientContext
from office365.sharepoint.files.file import File
app_settings = {
    'url': 'https://{domain}.sharepoint.com/XXXXX/XXXXX/XXX/',
    'client_id': '{client_id}',
    'client_secret': '{app secret here}',
}
context_auth = AuthenticationContext(app_settings['url'])
context_auth.acquire_token_for_app(client_id=app_settings['client_id'], client_secret=app_settings['client_secret'])
ctx = ClientContext(app_settings['url'], context_auth)
web = ctx.web
ctx.load(web)
ctx.execute_query()
print("Web site title: {0}".format(web.properties['Title']))
Madhu419 commented 2 years ago

Hi , Do we have a solution to connect using User credentials. ? am using Office365-REST-Python-Client-2.3.13 and still seeing this issue while connecting using User Credentials.

cilles commented 2 years ago

+1 also started experiencing this error out of nowhere, was working for ~3 months and then started receiving these errors out of the blue (no code changes).

Using Office365-REST-Python-Client 2.3.11, but also tested with 2.3.13 and getting the same error

HybridNeos commented 2 years ago

Also facing this issue. I have tried many different versions and still no luck.

elixapesa commented 2 years ago

Any updates on this? I am using Office365-REST-Python-Client==2.3.13 and I have no way to obtain client id and secret as of the moment.

StaalRehems commented 2 years ago

Hello, any updates on this issue using User credentials for Office365-REST-Python ? Appreciate if there are workarounds as well! thanks

Dhyanesh97 commented 2 years ago

Workaround

from office365.runtime.auth.authentication_context import AuthenticationContext
from office365.sharepoint.client_context import ClientContext
from office365.sharepoint.files.file import File

app_settings = {
                'url': 'sharepoint_url,
                'client_id': 'client_id,
                'client_secret': 'client_secret,
            }
sharepoint_file_path = sharepoint_file_path
context_auth = AuthenticationContext(app_settings['url'])
context_auth.acquire_token_for_app(client_id=app_settings['client_id'], client_secret=app_settings['client_secret'])
ctx = ClientContext(app_settings['url'], context_auth)
response = File.open_binary(ctx, sharepoint_file_path )
with open(loca_file_path, "wb") as local_file:
    local_file.write(response.content)
StaalRehems commented 2 years ago

Hi Dhyanesh, like elixapesa above, I'm not able to get client_id and client_secret. thanks

Dhyanesh97 commented 2 years ago

Go to below URL to generate client id and secret.

https://domain-name.sharepoint.com/personal/user_name/_layouts/15/appregnew.aspx

Append "_layouts/15/appregnew.aspx" to your share point URL.

image

App Domain: https://www.localhost.com Redirect URL: https://www.localhost.com/default.aspx

If you don't have access to it please ask admin to generate it for you.

Append "_layouts/15/appinv.aspx" to get the already created App based on App Id Append "_layouts/15/appprincipals.aspx?Scope=Web" to list down all the apps created.

StaalRehems commented 2 years ago

oh cool didn’t know i could do that! Managed to get the client id and secret but unfortunately i’ve a new error :(

ValueError: Cannot get binary security token for from https://login.microsoftonline.com/extSTS.srf is this.. firewall/policy related? thanks

Dhyanesh97 commented 2 years ago

Not sure about it. Already there is open ticket for this issue I guess. Let me check and come back.

StaalRehems commented 2 years ago

Thanks! any updates or could you direct me to the ticket so i can get updates too? thanks

Dhyanesh97 commented 2 years ago

Please find link below. https://github.com/vgrem/Office365-REST-Python-Client/issues/333

PGsjohnson commented 1 year ago

anyone know if this will be fixed? it is still happening as of 2.4

cobbie commented 6 months ago

+1, still getting this issue