Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
By Sarah Gooding - Jan 30, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@colorfullife/ms365-graph-api-auth
Advanced tools
@colorfullife/ms365-graph-api-auth
Get the authenticated Azure app to CRUD Sharepoint by Microsoft Graph API
Microsoft 365 GraphAPI auth tool
checkout tutorials:
This package allows you to get the authenticated Azure app to CRUD Sharepoint by Microsoft Graph API.
The project is built on top of Azure auth example
NOTE This library is only available on Nodejs environment. Not for browser.
How to use
Register a Azure client app. Check the tutorial here
Install The Package
npm install ms365-graph-api-auth
// or
yarn add ms365-graph-api-auth
Import relevant modules to get started
CRUD LIST in Sharepoint
require("dotenv").config();
import { getAccessToken, GraphApiQuery } from "ms365-graph-api-auth";
// Credentials
const tenantId = process.env.TENANT_ID;
const clientId = process.env.CLIENT_ID;
const clientSecret = process.env.CLIENT_SECRET;
(async () => {
try {
const authResponse = await getAccessToken(
clientId!,
clientSecret!,
tenantId!
);
if (!authResponse) return;
const query = new GraphApiQuery(authResponse.accessToken);
//1. GET SHAREPOINT SITES
console.log("1. GET SHAREPOINT SITES ***");
// SEARCH CERTAIN SITE BY NAME.
const mySite = await query.getSites("<your-sharepoint-site-name>");
console.log({
sites: mySite.value.map((site) => ({
name: site.name,
displayName: site.displayName,
})),
});
// FETCH ALL SITES : await query.getSites();
//2. GET LISTS IN CERTAIN SHAREPOINT SITE
console.log("\n\n\n2. GET LISTS IN CERTAIN SHAREPOINT SITE ***");
// SEARCH CERTAIN LIST BY NAME
const myList = await query.getListsInSite(
mySite.value[0].id,
"Work progress tracker"
);
console.log(
myList.value.map((list) => ({
name: list.name,
displayName: list.displayName,
}))
);
//3. GET ITEMS IN LIST
console.log("\n\n\n3. GET ITEMS IN LIST ***");
const items = await query.getItemsInList(
mySite.value[0].id,
myList.value[0].id
);
const itemInfos = items.value.map((item) => item.fields);
console.log(itemInfos.map((info) => info?.["Title"]));
console.log(items);
//4. CRUD ITEM IN LIST // https://learn.microsoft.com/ja-jp/graph/api/resources/listitem?view=graph-rest-1.0
//4.1 CREATE
console.log("\n\n\n4.1. CREATE NEW ITEM IN LIST ***");
const newItem = {
Title: `My new item create at ${Date.now()}`,
Description: `Created by ms365-graph-api test`,
};
const createdItem = await query.postCreateListItem(
mySite.value[0].id,
myList.value[0].id,
newItem
);
console.log(createdItem);
//4.2 UPDATE // https://learn.microsoft.com/ja-jp/graph/api/listitem-update?view=graph-rest-1.0&tabs=http
console.log("\n\n\n4.2 UPDATE ITEM IN LIST ***");
const data = {
Notes: `Updated by ms365-graph-api test`,
};
const updatedItem = await query.patchUpdateListItem(
mySite.value[0].id,
myList.value[0].id,
createdItem.id,
data
);
console.log(updatedItem);
//4.3 DELETE // https://learn.microsoft.com/ja-jp/graph/api/listitem-delete?view=graph-rest-1.0&tabs=http
// It will not be working using application permission.
// The only way to delete objects is using user delegated auth with a token from a user that has sufficient permissions to do so (generally an admin).
console.log("\n\n\n4.3 DELETE ITEM IN LIST ***");
// const res = await query.deleteListItem(mySite.value[0].id, myList.value[0].id, items.value[0].id);
// console.log(res);
} catch (error) {
console.log(error);
}
})();
CRUD DRIVE files in Sharepoint
require("dotenv").config();
import { getAccessToken, GraphApiQuery } from "../src";
import fs from "fs";
// Credentials
const tenantId = process.env.TENANT_ID;
const clientId = process.env.CLIENT_ID;
const clientSecret = process.env.CLIENT_SECRET;
(async () => {
try {
const authResponse = await getAccessToken(
clientId!,
clientSecret!,
tenantId!
);
if (!authResponse) return;
const query = new GraphApiQuery(authResponse.accessToken);
//1. GET SHAREPOINT SITES
console.log("1. GET SHAREPOINT SITES ***");
// SEARCH CERTAIN SITE BY NAME.
const mySite = await query.getSites(process.env.SITE_NAME);
console.log({
sites: mySite.value.map((site) => ({
name: site.name,
displayName: site.displayName,
})),
});
// FETCH ALL SITES : await query.getSites();
//2. GET DRIVES
console.log("\n\n\n2. GET DRIVES IN CERTAIN SHAREPOINT SITE ***");
const myDrives = await query.getDrives(
mySite.value[0].id,
process.env.DRIVE_NAME
);
console.log(myDrives);
//3.1. GET ALL ITEMS IN DRIVE
console.log("\n\n\n3.1. GET ALL ITEMS IN CERTAIN DRIVE ***");
const myItems = await query.getDriveItems(
mySite.value[0].id,
myDrives.value[0].id
);
console.log(myItems);
// 3.2 GET CERTAIN ITEM IN DRIVE BY FILE NAME
console.log("\n\n\n3.2. GET CERTAIN ITEM IN DRIVE BY FILE NAME ***");
const myItem1 = await query.getDriveItemByFileName(
mySite.value[0].id,
myDrives.value[0].id,
"TainanView2.jpg"
);
console.log(myItem1);
// 3.3 GET CERTIAN ITEM IN DRIVE BY FILE ID
console.log("\n\n\n3.3. GET CERTAIN ITEM IN DRIVE BY FILE ID ***");
const myItem2 = await query.getDriveItemById(
mySite.value[0].id,
myDrives.value[0].id,
myItems.value[0].id
);
console.log(myItem2);
// 4. UPLOAD DRIVE ITEM
console.log("\n\n\n4. UPLOAD DRIVE ITEM ***");
const filePath = process.env.UPLOAD_FILE_PATH;
const fileData = fs.readFileSync(filePath!);
/**
* @fileName w/o slash
* @folder with trailing slash
*/
const createdItem = await query.putUploadDriveItem(
mySite.value[0].id,
myDrives.value[0].id,
`file${Date.now()}.jpg`,
fileData,
`folder${Date.now()}/`
);
console.log(createdItem);
// 5. DELETE DRIVE ITEM
console.log("\n\n\n5. DELETE DRIVE ITEM ***");
const res = await query.deleteDriveItem(
mySite.value[0].id,
myDrives.value[0].id,
myItems.value[0].id
);
console.log(res);
} catch (error) {
console.log(error);
}
})();
Release note
Checkout the github page
Any contribution will be welcome TODO
- Personal List & Drive (Currently only support Sharepoint)
FAQs
Get the authenticated Azure app to CRUD Sharepoint by Microsoft Graph API
The npm package @colorfullife/ms365-graph-api-auth receives a total of 5 weekly downloads. As such, @colorfullife/ms365-graph-api-auth popularity was classified as not popular.
We found that @colorfullife/ms365-graph-api-auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 04 Jan 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
North Korean APT Lazarus Targets Developers with Malicious npm Package
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
By Kirill Boychenko, Peter van der Zee - Jan 29, 2025
Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025