vendredi 28 novembre 2014

Filled Under:

Remote authentication using REST

Posted By: Unknown on 12:35


I am trying to access SharePoint online using REST API's remotely. Office 365 Smart links are enabled for the site. As per this blog I don't receive wsse\\:BinarySecurityToken in the response. My code is as follows:



$.ajax({
'url': 'http://ift.tt/15HXUMk',
           dataType: 'text',
     type:'POST',
'data': '<s:Envelope xmlns:s="http://ift.tt/18hkEkn" xmlns:a="http://ift.tt/HKXHai" xmlns:u="http://ift.tt/Hm2joJ"><s:Header><a:Action s:mustUnderstand="1">http://ift.tt/1iRriyY s:mustUnderstand="1">http://ift.tt/1eD0XsE s:mustUnderstand="1" xmlns:o="http://ift.tt/LRW8Ij"><u:Timestamp u:Id="_0"><u:Created>2012-07-26T16:13:00.622Z</u:Created><u:Expires>2012-07-26T16:18:00.622Z</u:Expires></u:Timestamp><o:UsernameToken u:Id="uuid-69882db9-2d6b-45d3-b016-c2156cb6c01d-1"><o:Username>userid@something.com</o:Username><o:Password Type="http://ift.tt/1aTA7XU">*********</o:Password></o:UsernameToken></o:Security></s:Header><s:Body><t:RequestSecurityToken xmlns:t="http://ift.tt/1iRriz0"><wsp:AppliesTo xmlns:wsp="http://ift.tt/Hm2joK"><a:EndpointReference><a:Address>http://ift.tt/1uSZNKx;',
          headers: {
        Accept : "application/soap+xml; charset=utf-8"
    },
    success: function(result, textStatus, jqXHR) {
        console.log('done in login ');
        console.log('result '+result);
        var xmlDoc = $.parseXML( result );
        console.log("xmlDoc:"+xmlDoc);
        var xml = $( xmlDoc )
        console.log("xml:"+xml);
        var binToken= xml.find( "wsse\\:BinarySecurityToken" ).text();
        console.log("Binary Token:"+binToken);
                                            alert("Binary Token:"+binToken);

        //  alert(  localStorage.getItem('BinaryToken') );
        wsignin(binToken);
    },
    error:function (jqXHR, textStatus, errorThrown){
        console.log(errorThrown+'error login:' + jqXHR.responseText);
    },
    complete:function(jqXHR, textStatus) {
        console.log('login completed ' + textStatus);
    }
});


My response in fiddler is as follows:


<html><head><title>Working...</title></head><body><form method="POST" name="hiddenform" action="http://ift.tt/1sRvdjz"><input type="hidden" name="wa" value="wsignin1.0" /><input type="hidden" name="wresult" value="&lt;t:RequestSecurityTokenResponse xmlns:t=&quot;http://ift.tt/1uSZOhz xmlns:wsu=&quot;http://ift.tt/15HXV2M xmlns:wsu=&quot;http://ift.tt/1uSZOhE xmlns:wsp=&quot;http://ift.tt/15HXXrB xmlns:wsa=&quot;http://ift.tt/1uSZNKD MajorVersion=&quot;1&quot; MinorVersion=&quot;1&quot; AssertionID=&quot;_7f55172b-43f9-466c-bede-436d794119e2&quot; Issuer=&quot;http://ift.tt/15HXV2T; IssueInstant=&quot;2014-11-28T18:37:25.274Z&quot; xmlns:saml=&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;>&lt;saml:Conditions NotBefore=&quot;2014-11-28T18:37:25.272Z&quot; NotOnOrAfter=&quot;2014-11-28T19:37:25.272Z&quot;>&lt;saml:AudienceRestrictionCondition>&lt;saml:Audience>urn:federation:MicrosoftOnline&lt;/saml:Audience>&lt;/saml:AudienceRestrictionCondition>&lt;/saml:Conditions>&lt;saml:AttributeStatement>&lt;saml:Subject>&lt;saml:NameIdentifier Format=&quot;urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified&quot;>ddcNR0t/6kWEAp4knvEteA==&lt;/saml:NameIdentifier>&lt;saml:SubjectConfirmation>&lt;saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer&lt;/saml:ConfirmationMethod>&lt;/saml:SubjectConfirmation>&lt;/saml:Subject>&lt;saml:Attribute AttributeName=&quot;UPN&quot; AttributeNamespace=&quot;http://ift.tt/1uSZNKH AttributeName=&quot;ImmutableID&quot; AttributeNamespace=&quot;http://ift.tt/1uSZNKK AuthenticationMethod=&quot;urn:oasis:names:tc:SAML:1.0:am:password&quot; AuthenticationInstant=&quot;2014-11-28T18:37:24.943Z&quot;>&lt;saml:Subject>&lt;saml:NameIdentifier Format=&quot;urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified&quot;>ddcNR0t/6kWEAp4knvEteA==&lt;/saml:NameIdentifier>&lt;saml:SubjectConfirmation>&lt;saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer&lt;/saml:ConfirmationMethod>&lt;/saml:SubjectConfirmation>&lt;/saml:Subject>&lt;/saml:AuthenticationStatement>&lt;Signature xmlns=&quot;http://ift.tt/15HXXrD Algorithm=&quot;http://ift.tt/1mXLI0V; />&lt;SignatureMethod Algorithm=&quot;http://ift.tt/NWqVuI; />&lt;Reference URI=&quot;#_7f55172b-43f9-466c-bede-436d794119e2&quot;>&lt;Transforms>&lt;Transform Algorithm=&quot;http://ift.tt/1p0glUu; />&lt;Transform Algorithm=&quot;http://ift.tt/1mXLI0V; />&lt;/Transforms>&lt;DigestMethod Algorithm=&quot;http://ift.tt/1mXLI0X; />&lt;DigestValue>9Jldbpiqe7ie6Q4R9MBRBL3y3to=&lt;/DigestValue>&lt;/Reference>&lt;/SignedInfo>&lt;SignatureValue>geVzxtwW4bSbLRCEUTgIdn3xwZFnyHXLBamGlnudEwBdxpUrtlyUZBD71zpbP85AIuoFTNPsAGwDsknaRa5jhurDIJ2AsR2rsOh8dlnFDEwCK76zldPVXWIVIat255ShMDRLG3dlBDuHN1h8rdBihKrMD2tfS4xJ8KAI1+jwhaeM8/RYIFktCQUhjnUszmiChOfiqSl+a0aitgboGmP9blDrZcEu8UflslAgnmRr0mRg3NP8JoRqhNH/XuqEXNJUihuGmGqK8pwbSQpPGMl2qmBk20F3lliOFXcToQCFHBMY52c4jix2X8yxvFTU5Wx0JLYqoOo8FKPBEwfPtGD01g==&lt;/SignatureValue>&lt;KeyInfo>&lt;X509Data>&lt;X509Certificate>MIIC2jCCAcKgAwIBAgIQN5pkvQA4VKJHhmyqe1c7EzANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBzdHMuYnJpbGxpby5jb20wHhcNMTQwMzE0MTk1NDEyWhcNMTUwMzE0MTk1NDEyWjApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBzdHMuYnJpbGxpby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnGPNSXDlOvjxlT8qOk2apR0OUfCgDHD14zL0v+YCochzKSmvz8c7W8o5Bs36JFYPHqTYI0SnsrYM5IspGoET1rjc+8oUTQHs9QY41F8edq8DgMGBfIfkffEuKEtfnblBAWFsGWI94XZFl5wXcsunR+UqkcdaAlitPJ4tGTMF2G4LW8HCYu9uR9mkpT19/HGlhncAi8dHpmrzQ9yoIt4PRDFzECRwBbbpxxB1K4Sae8rb5GNE8b5IVKVAD7sIqI8UShcMaOTT357Esvm9MGB4aJH1BpW3qUa63vOc834nvE2EgBff3CXW1cwnOtLkiQ0xQW3otdCHm8lZdT0YNpPHNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIC75Yfa+EhA/0vbKVhdib9yBa7F3fS1UmLz+Zzxij2AkIvSmGb3sf95OX6lwAuCAgVTTcU/qy2LMgUFUWNsxOxsDmeDbeOUdHjILgRAZnE+8kQTVagws4w5T+AFXAIeqVuYxxUqtP33prECzxwklwYW9FOLD4nGx4w5uz/rfP7yfxN+q1XdZu/U1WiRcYd7cSIsLlceNF5yA0yey9L24iEPBZDjAQAatppws4pusHyEJVL3gFLnvJWGlC4Khtb/41LFAe16n8LTKS4jJcx3Msu7TkHKfZYX7lIufAKK6ObyenGKszTdLvemZO46RicG0Dlm9PtaEjoqUn3Iok4/KEk=&lt;/X509Certificate>&lt;/X509Data>&lt;/KeyInfo>&lt;/Signature>&lt;/saml:Assertion>&lt;/t:RequestedSecurityToken>&lt;t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion&lt;/t:TokenType>&lt;t:RequestType>http://ift.tt/15HXXrJ;" /><input type="hidden" name="wctx" value="wa=wsignin1.0&amp;rpsnv=4&amp;ct=1417199483&amp;rver=6.1.6206.0&amp;wp=MBI&amp;wreply=https:%2F%2Fsomethingonline.sharepoint.com%2F_forms%2Fdefault.aspx&amp;lc=1033&amp;id=500046&amp;bk=1417199484&amp;LoginOptions=3" /><noscript><p>Script is disabled. Click Submit to continue.</p><input type="submit" value="Submit" /></noscript></form><script language="javascript">window.setTimeout('document.forms[0].submit()', 0);</script></body></html>


I get the above response when I am within the domain else I get the html for custom login page as smart links has been configured. I am not sure if I am posting to the right url.How do I get to to the response with BinarySecurityToken?




0 commentaires:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)