GoDocTwitterGitHub
Searchโ€ฆ
Introduction
FAQ
Authentication strategies
Overview
Strategies
Custom Auth
Azure Certificate Auth
Azure Env-based Auth
Azure Creds Auth
Azure Device Flow
On-Demand Auth
Alternative NTLM
Dynamic auth
SharePoint client
HTTP Client
Fluent API
Hooks
Retries
Context
Samples
Library Initiation
Basic CRUD
Documents
Chunk upload
Permissions
Groups & Users
Search API
User Profiles
Change API
Attachments
Record Management
Sending Emails
Property Bags
Recycle Bin
Feature management
Advanced item requests
Advanced add/update
Unmarshaling responses
Sandbox
Overview
Utilities
Headers presets
Cpass
Compatibility matrix
Contributing
Overview
Testing
Powered By GitBook
Azure Env-based Auth
Azure AD environment-cased authentication

Custom auth implementation

Checkout the code.

Azure App registration

1. Create or use existing app registration
2. Make sure that the app is configured for a specific auth scenario:
  • Client credentials (might not work with SharePoint but require a Certificate-based auth)
  • Certificate
  • Username/Password (public clients flows must be enabled)
  • Managed identity
  • O365 Admin -> Azure Active Directory
  • Generate self-signed certificate
1
# PowerShell, run on a Windows machine
2
$certName = "MyCert"
3
$password = "MyPassword"
4
โ€‹
5
$startDate = Get-Date
6
$endDate = (Get-Date).AddYears(5)
7
$securePass = (ConvertTo-SecureString -String $password -AsPlainText -Force)
8
โ€‹
9
.\Create-SelfSignedCertificate.ps1 -CommonName $certName -StartDate $startDate -EndDate $endDate -Password $securePass
Copied!
or on a Linux or macOS client via openssl:
1
chmod +x ./Create-SelfSignedCertificate.sh
2
./Create-SelfSignedCertificate.sh
Copied!
Get scripts.
  • New App Registration
    • Accounts in this organizational directory only
    • API Permissions -> SharePoint :: Application :: Sites.FullControl.All -> Grant Admin Consent
    • Certificates & Secrets -> Upload .cer file
  • Use environment variables to provide creds bindings:
    • AZURE_TENANT_ID - Directory (tenant) ID in App Registration
    • AZURE_CLIENT_ID - Application (client) ID in App Registration
    • For certificate-base auth:
      • AZURE_CERTIFICATE_PATH - path to .pfx file
      • AZURE_CERTIFICATE_PASSWORD - password used for self-signed certificate
    • For username/password auth:
      • AZURE_USERNAME
      • AZURE_PASSWORD

Auth configuration and usage

1
package main
2
โ€‹
3
import (
4
"fmt"
5
"log"
6
"os"
7
โ€‹
8
"github.com/koltyakov/gosip"
9
"github.com/koltyakov/gosip/api"
10
strategy "github.com/koltyakov/gosip-sandbox/strategies/azureenv"
11
)
12
โ€‹
13
func main() {
14
โ€‹
15
// os.Setenv("AZURE_TENANT_ID", "b1bacba7-c38a-414b-8c8b-65df26a15749")
16
// os.Setenv("AZURE_CLIENT_ID", "8ca10ce6-c3d5-47c6-b803-0ef3b619f464")
17
// os.Setenv("AZURE_CERTIFICATE_PATH", "/path/to/cert.pfx")
18
// os.Setenv("AZURE_CERTIFICATE_PASSWORD", "cert-password")
19
โ€‹
20
authCnfg := &strategy.AuthCnfg{
21
SiteURL: os.Getenv("SPAUTH_SITEURL"),
22
}
23
โ€‹
24
client := &gosip.SPClient{AuthCnfg: authCnfg}
25
sp := api.NewSP(client)
26
โ€‹
27
res, err := sp.Web().Select("Title").Get()
28
if err != nil {
29
log.Fatal(err)
30
}
31
โ€‹
32
fmt.Printf("Site title: %s\n", res.Data().Title)
33
โ€‹
34
}
Copied!

Environment variables auto-injection

Environment variables can be automatically injected in a runtime for Azure AAD library. To use injection add correcponding environment variables in private.json into env JSON property:
1
{
2
"siteUrl": "https://contoso.sharepoint.com/sites/site",
3
"env": {
4
"AZURE_TENANT_ID": "1efde0dc-21f5-4d3d-a053-1da762c7838c",
5
"AZURE_CLIENT_ID": "7278fe9b-acd5-4be5-b688-999603560d31",
6
"AZURE_CERTIFICATE_PATH": "./certs/MyCert.pfx",
7
"AZURE_CERTIFICATE_PASSWORD": "MyPassword"
8
}
9
}
Copied!
Previous
Azure Certificate Auth
Next
Azure Creds Auth
Last modified 1yr ago
Export as PDF
Copy link
Contents
Custom auth implementation
Azure App registration
Auth configuration and usage
Environment variables auto-injection