accessing sharepoint REST apis using msal throws 401

一曲冷凌霜 提交于 2019-12-11 08:48:05

问题


If i go to https://developer.microsoft.com/en-us/graph/graph-explorer# and use URL like:

https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items I can see request succeeds.

Now if i use the angular app from github https://github.com/AzureAD/microsoft-authentication-library-for-js

and the code like

 private sharePointHost: string = "https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items"

  getDocuments(token){
    const httpOptions = {
      headers: new HttpHeaders({
          'Accept':  'application/json;odata=verbose'
          ,'Authorization' : "Bearer " + token
        })
      };

    this.http.get(this.sharePointHost, httpOptions).subscribe(
      (resp) => console.log("respon is::: " + JSON.stringify(resp)),
      (err) => console.log("error:::" + JSON.stringify(err))
    )
  }

It throws:

error:::`{"headers":{"normalizedNames":{},"lazyUpdate":null},"status":401,"statusText":"OK","url":"https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items","ok":false,"name":"HttpErrorResponse","message":"Http failure response for https://4development106.sharepoint.com/sites/DBSchenker/_api/web/lists/getByTitle('OEC_Docs')/items: 401 OK","error":{"error_description":"Invalid JWT token. No certificate thumbprint specified in token header."}}`

changing the host to (which works in graph api explorer)

private sharePointHost: string = "https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items"

throws

error:::{"headers":{"normalizedNames":{},"lazyUpdate":null},"status":401,"statusText":"Unauthorized","url":"https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items","ok":false,"name":"HttpErrorResponse","message":"Http failure response for https://graph.microsoft.com/beta/sites/4development106.sharepoint.com:/sites/DBSchenker:/lists/OEC_Docs/items: 401 Unauthorized","error":{"error":{"code":"InvalidAuthenticationToken","message":"Access token validation failure.","innerError":{"request-id":"f5a77afc-0d92-49a0-92c4-e727e056d0a9","date":"2018-10-30T01:42:02"}}}}

not sure what i am doing wrong


回答1:


I've been having the same problem. The only solution I could find was to use ADAL instead of MSAL for the time being. I'm not quite sure why, but SharePoint Online only seems to work with ADAL the way you're using it.

Initially I thought it might be because of the "common" endpoint in MSAL, but switching to "Accounts in this organizational directory only (...)" didn't solve the problem either.

You might also want to take a look at https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/521 for a similar issue (though this didn't resolve my issue as well).



来源:https://stackoverflow.com/questions/53056265/accessing-sharepoint-rest-apis-using-msal-throws-401

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!