vgrem / Office365-REST-Python-Client

Microsoft 365 & Microsoft Graph Library for Python
MIT License
1.35k stars 336 forks source link

access sharepoint using personal account (with 2FA setup) #876

Open frankShih opened 4 months ago

frankShih commented 4 months ago

I need to download all files from certain path. Now I do it manually

Therefore, I want to access sharepoint files with my personal account and download files manually. Below is my code snippet:


    import os
    import webbrowser
    from office365.runtime.auth.authentication_context import AuthenticationContext
    from office365.runtime.auth.token_response import TokenResponse
    from office365.sharepoint.client_context import ClientContext
    # from office365.runtime.auth.token_provider import TokenProvider
    from office365.sharepoint.files.file import File

    # Initialize the SharePoint client context
    site_url = "https://MY_TENANT.sharepoint.com/sites/MY_SITE"  #

    # method 1: provide access token directly
    access_token = 'MY_TOKEN'
    ctx = ClientContext(site_url).with_access_token(
        lambda: TokenResponse(access_token=access_token)
    )

    # method 2: interactive login (unauthorized)
    '''
    from msal import PublicClientApplication
    client_id = "ID_FROM_APP_REGISTRATION"
    tenant = "MY_TENANT.onmicrosoft.com"
    tenant_name = "MY_TENANT"
    def acquire_token():
        app = PublicClientApplication(
            client_id,
            authority='https://login.microsoftonline.com/{0}'.format(tenant),
            client_credential=None
        )
        scopes = ["https://{0}.sharepoint.com/.default".format(tenant_name)]
        result = app.acquire_token_interactive(scopes=scopes)
        return TokenResponse.from_json(result)

    ctx = ClientContext(site_url).with_access_token(acquire_token)
    '''

    # Folder path to start downloading from
    start_folder_path = "/Shared%20Documents"

    # Recursive function to download files
    def download_folder(ctx, folder_rel_url, local_path):
        folder = ctx.web.get_folder_by_server_relative_url(folder_rel_url)
        ctx.load(folder)
        # ctx.load(folder.files)
        # ctx.load(folder.folders)
        ctx.execute_query()

For method 1, do not know how to get the token because my account has 2FA setup. So I can not get token from account&password directly. I go to https://developer.microsoft.com/en-us/graph/graph-explorer to get an access token (I do not know if it is OK) Then I got ('-2147024891, System.UnauthorizedAccessException', 'Attempted to perform an unauthorized operation.', "403 Client Error: Forbidden for url: https://MY_TENANT.sharepoint.com/sites/MY_SITE/_api/Web/getFolderByServerRelativeUrl('%2FShared%20Documents')")

For method 2, I got message from a popup webpage: AADSTS50011: The redirect URI 'http://localhost:54764' specified in the request does not match the redirect URIs configured for the application '3b3555c0-1822-46a7-9a03-2979989152e9'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.

Please give me some suggestions. Thanks .

OleksanderShevchenko commented 4 months ago

In my case for method 2 error message is: Message: AADSTS700016: Application with identifier 'client_id' was not found in the directory 'MY_TENANT'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.