Run the app
Submitted by Erik Wegner
on
Now it is time for the application to access the SharePoint server. You can find all files within the repository on GitHub: https://github.com/ErikWegner/hightrust-sharepoint-node.js
The source code of the app
var http = require('http'); var jws = require('jws') var fs = require('fs'); var options = { key: fs.readFileSync('../server.key'), cert: fs.readFileSync('../server.crt') }; function base64urlEscape(str) { return str.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); } function base64urlEncode(str) { return new Buffer(str).toString('base64'); } var sharepointhostname = process.argv[2] var clientid = "927e7578-6a96-4120-be36-495a5bbb989b" var realm = "5df7ebc5-9401-43fe-93e2-86a07f62c2b2" // equals to SharePoint Farm ID var issuerid = '2a80398d-800e-44b1-ac67-e34b1207114f' + "@" + realm var audience = '00000003-0000-0ff1-ce00-000000000000/' + sharepointhostname + '@' + realm var x5t = "+NgPPAV6+Nm+sqGz/WHYxq1Mp8E" // do not include any "=" at the end var nameid = "s-1-5-21-1482654976-146172710-446466059-3816" // SID of the acting user var nii = "urn:office:idp:activedirectory" var dateref = parseInt((new Date()).getTime() / 1000) var rs256 = '{"typ":"JWT","alg":"RS256","x5t":"' + x5t + '"}' var actortoken = { aud: audience, iss: issuerid, nameid : clientid + '@' + realm, nbf: (dateref - 21600).toString(), exp: (dateref + 21600).toString(), trustedfordelegation: true } var payload = { aud: audience, iss: clientid + '@' + realm, nbf: (dateref - 21600).toString(), exp: (dateref + 21600).toString(), nameid: nameid, nii: nii, actortoken: jws.sign( { header: JSON.parse(rs256), payload: JSON.stringify(actortoken), privateKey : options.key }) } var authtoken = base64urlEncode(JSON.stringify({"typ":"JWT", "alg":"none"})) + '.' + base64urlEncode(JSON.stringify(payload)) + '.'; authtoken = authtoken.replace(/=/g, '') // my SharePoint does not accept base64 padding var headers = { 'Accept': 'application/json;odata=verbose', 'Authorization' : 'Bearer ' + authtoken }; var options = { host: sharepointhostname, port: 80, path: "/sites/hightrustdemo/" + '_api/web/lists', method: 'GET', headers: headers, agent: false, ciphers: 'RC4', secureOptions: require ('constants').SSL_OP_NO_TLSv1_2 }; var listreq = http.get(options, function(listres) { listres.setEncoding('utf8'); var listdata = ""; listres.on('data', function(data) { listdata += data; }); listres.on('end', function() { /* console.log("Response headers"); console.log(JSON.stringify(listres.headers)); console.log("Request headers"); console.log(JSON.stringify(headers)); console.log("Req fin\n\n");*/ console.log(listdata); listdata = JSON.parse(listdata); var lists = []; if (listdata.d && listdata.d.results) { for (var ri in listdata.d.results) { var list = listdata.d.results[ri]; console.log(list.Title); } } }); }).on('error', function(e) { console.log("Error " + e.message); console.log(JSON.stringify(e)); });
To run the script, please modify these points:
- Line 6: path to the private part of the certificate
- Line 18: the App Id
- Line 19: The SharePoint farm id
- Line 20: The issuer id from the PowerShell script (RegisterCertificate.ps1)
- Line 22: The x5t-code for the generated certificate
- Line 23: The SID of the acting user
- Line 63: The path to the site collection
The first command will install the required node packages. The second command runs the script, use your SharePoint hostname as the third parameter:
npm install npm index.js sharepointserver