App Authentication #371

andreatosato · 2021-06-09T10:05:39Z

andreatosato
Jun 9, 2021

Hi, I'm using last version of PnP.Framework 1.5.0
I want to authenticate my App with ClientId and ClientSecret but not work.

Before try with PNP, I create successful list with Graph and Postman, so, configuration work fine but not via .NET

            IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
                .Create(clientId)
                .WithTenantId(tenantId)
                .WithClientSecret(clientSecret)
                .Build();

            var authResult = await confidentialClientApplication.AcquireTokenForClient(new[] { "https://graph.microsoft.com/.default" })
                .ExecuteAsync();

            UserAssertion userAssertion = new UserAssertion(authResult.AccessToken, "urn:ietf:params:oauth:grant-type:jwt-bearer");
            var authManager = new AuthenticationManager(clientId, clientSecret, userAssertion);
            using (var ctx = authManager.GetContext("https://clentini.sharepoint.com/sites/testDev"))
            {
                var list = ctx.Web.Lists.GetByTitle("Andrea Tosato From Graph");
                ctx.Load(list);
                ctx.Load(list.Fields);
                ctx.ExecuteQuery();
            }

I have this error:
AADSTS50013: Assertion failed signature validation.

I tried with:

var authProvider = new AuthenticationProvider(clientId, clientSecret, scopes, tenantId);
var authManager = new AuthenticationManager(authProvider);
using (var ctx = authManager.GetContext("https://clentini.sharepoint.com"))
{
      var list = ctx.Web.Lists.GetByTitle("Andrea Tosato From Graph");
      ctx.Load(list);
      ctx.Load(list.Fields);
      ctx.ExecuteQuery();
}

 public class AuthenticationProvider : PnP.Core.Services.IAuthenticationProvider
    {
        private readonly string clientId;
        private readonly string clientSecret;
        private readonly string[] appScopes;
        private readonly string tenantId;

        public AuthenticationProvider(string clientId, string clientSecret, string[] appScopes, string tenantId)
        {
            this.clientId = clientId;
            this.clientSecret = clientSecret;
            this.appScopes = appScopes;
            this.tenantId = tenantId;
        }

        ...

        public async Task<string> GetAccessTokenAsync(Uri resource)
        {
            var clientApplication = ConfidentialClientApplicationBuilder.Create(this.clientId)
                .WithClientSecret(this.clientSecret)
                .WithClientId(this.clientId)
                .WithTenantId(this.tenantId)
                .Build();

            var token = (await clientApplication.AcquireTokenForClient(appScopes).ExecuteAsync()).AccessToken;
            return token;
        }
    }

401 Unauthorize!

jansenbe · 2021-08-26T08:47:12Z

jansenbe
Aug 26, 2021
Maintainer

SharePoint API's require certificate when you want to app-only authentication, using a secret is blocked in the backend. This might work for Graph calls, but not for SharePoint REST/CSOM APIs

1 reply

figuerres Oct 6, 2021

hey if anyone is reading i cant even get started with this.... we need documentation on the roles in ad that we need to use the tools!

pnp/powershell#1213
i cant even connect yet to create the settings to use the cert.....

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

App Authentication #371

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

App Authentication #371

andreatosato Jun 9, 2021

Replies: 1 comment · 1 reply

jansenbe Aug 26, 2021 Maintainer

figuerres Oct 6, 2021

andreatosato
Jun 9, 2021

Replies: 1 comment 1 reply

jansenbe
Aug 26, 2021
Maintainer