'How to access OneDrive for business from my MVC app
I have a problem with the authorization service SharePoint Search REST API (https://msdn.microsoft.com/en-us/library/office/jj163876.aspx?f=255&MSPPError=-2147217396).
We have an ASP.NET MVC application that uses AZURE AD for authentication (configured to work with our app). I also have an office 365 subscription, in particular, I use OneDrive for business to store documents there. My application in AZURE AD is configured to work with Office 365 SharePoint Online and Windows Azure Active Directory.
During authorization, the user enters their details on the entry page login.microsoftonline.com. If authentication is successful, AZURE AD returns the page to the user and returns access tokens. Next, we want to use SharePoint Search REST API for text search in documents stored on oneDrive. Using a GET request type https://<my_domain>.sharepoint.com/sites/test/_api/search/query?querytext='doc' returns an error “401 Unauthorized”. When you add in the request body access tokens received from AZURE AD it doesn't solve the problem, the server returns an error "403 Forbidden".
Sample request
stringtenantId = ClaimsPrincipal.Current.FindFirst(AppConfiguration.TenantIdClaimType).Value;
AuthenticationContextauthContext = newAuthenticationContext(string.Format(CultureInfo.InvariantCulture, AppConfiguration.LoginUrl, tenantId));
ClientCredentialcredential = newClientCredential(AppConfiguration.AppPrincipalId, AppConfiguration.AppKey);
AuthenticationResultassertionCredential = authContext.AcquireToken(AppConfiguration.GraphUrl, credential);
stringauthHeader = assertionCredential.CreateAuthorizationHeader();
HttpClientclient = newHttpClient();
HttpRequestMessagerequest = newHttpRequestMessage(HttpMethod.Get, "https://<my_domain>.sharepoint.com/sites/test/_api/search/query?querytext='doc'");
request.Headers.TryAddWithoutValidation("Authorization", authHeader);
request.Headers.TryAddWithoutValidation("Accept", "application/json;odata=minimalmetadata");
HttpResponseMessageresponse = awaitclient.SendAsync(request);
Also
public static class AppConfiguration
{
public static string TenantIdClaimType
{
get
{
return "http://schemas.microsoft.com/identity/claims/tenantid";
}
}
public static string LoginUrl
{
get
{
return "https://login.windows.net/{0}";
}
}
public static string GraphUrl
{
get
{
return "https://graph.windows.net";
}
}
public static string GraphUserUrl
{
get
{
return "https://graph.windows.net/{0}/users/{1}?api-version=2013-04-05";
}
}
public static string AppPrincipalId
{
get
{
return ConfigurationManager.AppSettings["ida:ClientID"];
}
}
public static string AppKey
{
get
{
return ConfigurationManager.AppSettings["ida:Password"];
}
}
}
As I understand, the problem is in the access token. But I didn't find any information on how to properly configure this token. JavaScript requests are not appropriate for my, the request should be processed from the server.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|