问题
I am building a Outlook Add-in using Node JS and it needs get information from SharePoint Online using SharePoint Rest Api because Graph does`t have an option to get the required information.
Question? I need a SharePoint online auth token to call SP Rest Api which I am getting using OAuth flow (implicit flow) after user enters credentials.
Is there a way to get the SharePoint online auth token using Outlook Rest Api returned by getCallbackTokenAsync() or getUserIdentityTokenAsync() or "getAccessTokenAsync()" method?
回答1:
if you only need the SharePoint REST API Token (I assume you mean the one with URLs starting with _api/[...]) then your best bet is to get that token from the /_api/contextinfo endpoint for your site. You do not need the Outlook REST API to do so if I understand the question correctly. So you need to craft a POST request to:
http://yourspsite/_api/contextinfo
Headers:
accept: application/json
content-type: application/json
Get the token value from the returned JSON: e.g. jsonResponse.FormDigestValue The FormDigestValue field contains the value you want.
There ya go, hope this helps. Cheers, Razvan
UPDATE regarding NodeJS in Outlook Add-in:
As you correctly pointed out I left out the requirement that the token be obtained from within the Addin itself. This is currently only possible from within SSO addins (preview). See the following link for how to implement it and use getAccessTokenAsync to get an Azure AD V2 token: https://docs.microsoft.com/de-de/office/dev/add-ins/develop/sso-in-office-add-ins
Make sure to have created the AzureAD V2 App beforehand using https://apps.dev.microsoft.com
Give the app the necessary permissions for the operation e.g. Sites.Read.All for reading items in all site collections.
The resource for the token should look like:
https://[yourtenant].sharepointonline.com/
Caveat: To create an SSO Addin you currently need to be part of the Office Insider Program at: https://products.office.com/de-DE/office-insider - signup required.
Finally: Use the token to call the regular SharePoint REST API, it should accept it if you stick to operations within the permissions you set in the Azure App above.
来源:https://stackoverflow.com/questions/52544701/outlook-add-in-rest-api-token-to-get-the-sharepoint-rest-api-token