通过REST将事件接收器添加到al List:Msdn有关于添加事件接收器的REST调用的页面。
https://msdn.microsoft.com/en-us/library/office/jj245049.aspx .
POST http://<sitecollection>/<site>/_api/web/lists(listid)/eventReceivers
需要附加的持票人令牌是什么?我获得了具有SharePoint在线权限的OAuth令牌,如果我通过上述POST调用附加事件接收器,我仍无法获取事件。任何人都可以请指出,它需要什么令牌来附加事件接收器,以及如何获得该令牌。
答案 0 :(得分:0)
请在此处添加app上升的http /错误异常。否则没有人会给你很好的答案。
关于office365 oauth,你有两个步骤。首先,您的应用程序要求获取token_id并接收一个,第二阶段是使用您从第一次调用收到的token_id获取access_token。使用access_token,如果您的应用具有必要的权限,则可以使用SharePoint服务。更多详情:https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
我还没有使用REST远程接收器,但这可能是您的任务的替代https://github.com/OfficeDev/PnP/tree/master/Samples/Core.EventReceivers。
这也是一个很好的读取应用程序如何连接到offcie365,但在python:http://dev.office.com/code-samples-detail/2139
您还可以搜索PnP示例,看看是否有符合您要求的示例。
答案 1 :(得分:0)
在创建一个自动创建事件接收器的nodejs应用程序时,我偶然发现了这个问题。我发现,如果使用PnP Powershell模块创建远程事件接收器,则会触发事件。如果我将REST API与承载令牌一起使用,它将无法正常工作。因此,我安装了Fiddler Web调试器,并检查了身份验证时PnP模块执行的调用。
问题似乎是,Event Receiver端点仅仅是基于SOAP的SharePoint API的包装,这要求您在请求中提供cookie和X-RequestDigest标头。 (我认为,SharePoint REST API应该提供有意义的错误消息来指出这一点,但事实并非如此。相反,如果您使用承载令牌执行POST,然后再执行GET,则它将返回204状态代码。似乎就像添加了Remote Event Receiver一样,但是它绝不会触发您所订阅的事件(如前所述)。
我的解决方案仅需要Azure AD中特权用户的用户名/密码。您不需要创建Azure AD应用程序,因为您不需要承载令牌。
对于SharePoint Online,我们必须从以下终结点获取安全令牌:https://login.microsoftonline.com/rst2.srf。稍后,我们将使用此令牌交换cookie,以创建一个正常工作的Remote Event Receiver。
确保在此节点中输入了正确的用户名和密码:
[array([[ 0, 1, 2],
[ 6, 7, 8],
[12, 13, 14],
[18, 19, 20],
[24, 25, 26]]), array([[ 3, 4, 5],
[ 9, 10, 11],
[15, 16, 17],
[21, 22, 23],
[27, 28, 29]])]
此外,更新此节点中的时间戳(不确定是否可以删除此节点):
<wsse:UsernameToken wsu:Id="user">
<wsse:Username>{USERNAME GOES HERE}</wsse:Username>
<wsse:Password>{PASSWORD GOES HERE}</wsse:Password>
</wsse:UsernameToken>
这是请求的样子:
<wsu:Timestamp Id="Timestamp">
<wsu:Created>2019-05-24T09:10:17.3179897Z</wsu:Created>
<wsu:Expires>2019-05-25T09:10:17.3179897Z</wsu:Expires>
</wsu:Timestamp>
响应应该在此节点中包含一个安全令牌(我已经更改了令牌。真正的令牌应该更长):
POST https://login.microsoftonline.com/rst2.srf HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
Host: login.microsoftonline.com
Content-Length: 1869
Expect: 100-continue
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
<S:Header>
<wsa:Action S:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action>
<wsa:To S:mustUnderstand="1">https://login.microsoftonline.com/rst2.srf</wsa:To>
<ps:AuthInfo xmlns:ps="http://schemas.microsoft.com/LiveID/SoapServices/v1" Id="PPAuthInfo">
<ps:BinaryVersion>5</ps:BinaryVersion>
<ps:HostingApp>Managed IDCRL</ps:HostingApp>
</ps:AuthInfo>
<wsse:Security>
<wsse:UsernameToken wsu:Id="user">
<wsse:Username>{USERNAME GOES HERE}</wsse:Username>
<wsse:Password>{PASSWORD GOES HERE}</wsse:Password>
</wsse:UsernameToken>
<wsu:Timestamp Id="Timestamp">
<wsu:Created>2019-05-24T09:10:17.3179897Z</wsu:Created>
<wsu:Expires>2019-05-25T09:10:17.3179897Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body>
<wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" Id="RST0">
<wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>sharepoint.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wsp:PolicyReference URI="MBI"></wsp:PolicyReference>
</wst:RequestSecurityToken>
</S:Body>
</S:Envelope>
这是完整的答复:
<wsse:BinarySecurityToken Id="Compact0"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">t=EwDoAk6hBwAUamW55wMmWmiTTNEIaEUGbezNi9M5dTTKDfrZBTzqBswF4EgpEiBQgG1f9isd0lT3KFDE8pHKDaW0pgjiIbhWejs5SYC&p=
</wsse:BinarySecurityToken>
此请求非常简单,因为不需要正文。只需将安全令牌添加到“授权”中,如下所示。
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/soap+xml; charset=utf-8
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
x-ms-request-id: [REMOVED BY AUTHOR]
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: fpc=[REMOVED BY AUTHOR]; expires=Sun, 23-Jun-2019 09:10:15 GMT; path=/; secure; HttpOnly
Set-Cookie: x-ms-gateway-slice=prod; path=/; secure; HttpOnly
Set-Cookie: stsservicecookie=ests; path=/; secure; HttpOnly
Date: Fri, 24 May 2019 09:10:15 GMT
Content-Length: 3497
<?xml version="1.0" encoding="utf-8"?>
<S:Envelope
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"
xmlns:S="http://www.w3.org/2003/05/soap-envelope">
<S:Header>
<wsa:Action S:mustUnderstand="1" wsu:Id="Action">http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue</wsa:Action>
<wsa:To S:mustUnderstand="1" wsu:Id="To">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:To>
<wsse:Security S:mustUnderstand="1">
<wsu:Timestamp wsu:Id="TS"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2019-05-24T09:10:15.869581Z</wsu:Created>
<wsu:Expires>2019-05-24T09:15:15.869581Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body
xmlns:S="http://www.w3.org/2003/05/soap-envelope">
<wst:RequestSecurityTokenResponse
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
<wst:TokenType>urn:passport:compact</wst:TokenType>
<wsp:AppliesTo>
<wsa:EndpointReference
xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsa:Address>sharepoint.com</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Lifetime>
<wsu:Created>2019-05-24T09:10:15Z</wsu:Created>
<wsu:Expires>2019-05-24T17:10:15Z</wsu:Expires>
</wst:Lifetime>
<wst:RequestedSecurityToken>
<wsse:BinarySecurityToken Id="Compact0"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">t=EwDoAk6hBwAUamW55wMmWmiTTNEIaEUGbezNi9M5dTTKDfrZBTzqBswF4EgpEiBQgG1f9isd0lT3KFDE8pHKDaW0pgjiIbhWejs5SYC&p=
</wsse:BinarySecurityToken>
</wst:RequestedSecurityToken>
<wst:RequestedAttachedReference>
<wsse:SecurityTokenReference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="[REMOVED BY AUTHOR]"></wsse:Reference>
</wsse:SecurityTokenReference>
</wst:RequestedAttachedReference>
<wst:RequestedUnattachedReference>
<wsse:SecurityTokenReference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="[REMOVED BY AUTHOR]"></wsse:Reference>
</wsse:SecurityTokenReference>
</wst:RequestedUnattachedReference>
</wst:RequestSecurityTokenResponse>
</S:Body>
</S:Envelope>
响应应给您一个cookie(示例中的cookie无效。实际的cookie包含一个更长的字符串)。从Cookie中提取GET https://{YOUR TENANT}.sharepoint.com/_vti_bin/idcrl.svc/ HTTP/1.1
Authorization: BPOSIDCRL t=EwDoAk6hBwAUamW55wMmWmiTTNEIaEUGbezNi9M5dTTKDfrZBTzqBswF4EgpEiBQgG1f9isd0lT3KFDE8pHKDaW0pgjiIbhWejs5SYC&p=
X-IDCRL_ACCEPTED: t
Host: {YOUR TENANT}.sharepoint.com
。
SPOIDCRL=SOMETHING我们还需要X-RequestDigest值和cookie,以便对SharePoint REST API进行任何更改。为了获得摘要值,我们将HTTP/1.1 200 OK
Cache-Control: private
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: SPOIDCRL=77u/PD94bWwgdmVyc2lvkE9PTwvU1A+; path=/; secure; HttpOnly
X-SharePointHealthScore: 2
X-AspNet-Version: 4.0.30319
SPRequestGuid: [REMOVED BY AUTHOR]
request-id: [REMOVED BY AUTHOR]
MS-CV: [REMOVED BY AUTHOR]
Strict-Transport-Security: max-age=31536000
X-FRAME-OPTIONS: SAMEORIGIN
SPRequestDuration: 319
SPIisLatency: 0
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.8908
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
X-MSEdge-Ref: Ref A: [REMOVED BY AUTHOR] Ref B: [REMOVED BY AUTHOR] Ref C: 2019-05-24T09:10:15Z
Date: Fri, 24 May 2019 09:10:15 GMT
Content-Length: 0
设为POST。从响应中,我们必须获取{tenant}.sharepoint.com/sites/{your site}/_api/contextinfo的值。请记住附加步骤2中得到的响应中的cookie。
FormDigestValue响应正文:
POST /sites/{YOUR SITE}/_api/contextinfo HTTP/1.1
Host: {TENANT}.sharepoint.com
Content-Type: application/json; charset=utf-8
Accept: application/json
OData-Version: 4.0
Cookie: SPOIDCRL=77u/PD94bWwgdmVyc2lvkE9PTwvU1A+
最后,我们可以做得到的事情,让我们使用SharePoint REST API创建一个新的远程事件接收器。
{
"@odata.context": "https://{tenant}.sharepoint.com/sites/{your site}/_api/$metadata#SP.ContextWebInformation",
"FormDigestTimeoutSeconds": 1800,
"FormDigestValue": "0xA36B0B40BAF03EC,24 May 2019 20:36:14 -0000",
"LibraryVersion": "16.0.8908.1212",
"SiteFullUrl": "https://{tenant}.sharepoint.com/sites/{your site}",
"SupportedSchemaVersions": [
"14.0.0.0",
"15.0.0.0"
],
"WebFullUrl": "https://{tenant}.sharepoint.com/sites/{your site}"
}
我应该指出,如果您需要更新或删除事件接收者,则需要以首先创建接收者的同一用户身份进行身份验证。例如,如果您尝试删除带有承载令牌的接收者,则会收到错误消息。您必须对cookie进行身份验证并将其与x-requestdigest一起使用。如果您只想获取接收者,则可以使用承载令牌。