0

My project is set up to use azure ad as login(from the dotnet core template). I have successfully managed to log in.

However, i want to use the same logged in user to retrive data from sharepoint rest api.

I have the following method:

public async Task<FileResults> Test()

    {
        var siteUrl = "https://xxxxx.sharepoint.com";

        var username = "xx@xx.no";
        var password = "xxxxxx";
        var securePassword = new SecureString();
        password.ToCharArray().ToList().ForEach(c => securePassword.AppendChar(c));
        var credentials = new SharePointOnlineCredentials(username, securePassword);

        var handler = new HttpClientHandler();
        handler.Credentials = credentials;

        var uri = new Uri(siteUrl);
        handler.CookieContainer.SetCookies(uri, credentials.GetAuthenticationCookie(uri));

        var json = string.Empty;
        using (var client = new HttpClient(handler))
        {
            client.DefaultRequestHeaders.Clear();
            client.DefaultRequestHeaders.Add("Accept", "application/json;odata=verbose");
            var response = await client.GetAsync(siteUrl + "/_api/Web/GetFolderByServerRelativeUrl('/Delte%20dokumenter/Test')/Files");
            json = await response.Content.ReadAsStringAsync();

            var result = Newtonsoft.Json.JsonConvert.DeserializeObject<Rootobject>(json);
            var files = result.FileResults;
            return files;
        }
    }

This is working fine and im getting documents from sharepoint. But, this is when using hardcoded credentials. How do i use the credentials of the logged in user via azure AD? Do i retrive the accesstoken?

Nishant
  • 623
  • 4
  • 10
sindrem
  • 1,211
  • 5
  • 24
  • 45

1 Answers1

0

To use the Azure AD Authentication you need to have one of the Authentication flows.

Note: Username/Password flow is not recommended.

After that you will be getting the tokens according to the scopes that are specified and you need to hit the Microsoft Graph Api, internally you need to hit the SharePoint API endpoints according to your requirement.

You can start exploring with this sample

Shiva Keshav Varma
  • 3,398
  • 2
  • 9
  • 13
  • Hello. Isnt my app already using a authentication flow? Im using the following in startup: services.AddAuthentication(AzureADDefaults.AuthenticationScheme) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { options.ExpireTimeSpan = TimeSpan.FromDays(30); }) .AddAzureAD(options => Configuration.Bind("AzureAd", options)); – sindrem Jun 16 '20 at 06:21
  • @sindrem Yes its an Auth flow but its not recommended. If you still want to use the Username and Password you can follow this [Username/Password Doc](https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-desktop-acquire-token?tabs=dotnet#username-and-password) and this is the [sample](https://learn.microsoft.com/en-us/samples/azure-samples/active-directory-dotnetcore-console-up-v2/aad-username-password-graph/) which can help. – Shiva Keshav Varma Jun 17 '20 at 11:53
  • But i did specify that i wanted to use the azure ad login and not username and password in the last phrase. – sindrem Jun 17 '20 at 15:04
  • @sindrem My bad, please refer to this [Doc](https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-authentication-flows) which tells you which flow you can use,according to the requirement. Ex.,Interactive Flow - prompts the user for credentials through a browser or pop-up window - used in Desktop Apps and Mobile Apps – Shiva Keshav Varma Jun 17 '20 at 15:50
  • Hi, if the posted answer resolves your question please mark it as the answer by clicking the check mark. Doing so helps others find answers to their questions. – Shiva Keshav Varma Jun 22 '20 at 16:58
  • I will check it out soon – sindrem Jun 23 '20 at 17:58