Security News
vlt Debuts New JavaScript Package Manager and Serverless Registry at NodeConf EU
vlt introduced its new package manager and a serverless registry this week, innovating in a space where npm has stagnated.
node-sp-auth
Advanced tools
node-sp-auth
allows you to perform SharePoint unattended (without user interaction) http authentication with nodejs using different authentication techniques. node-sp-auth
also takes care about caching authentication data for performance (no need for you to think about how long authentication will be available, that's a task for node-sp-auth
, as soon as authentication will be expired, node-sp-auth
will renew it internally).
Versions supported:
Authentication options:
Wiki contains detailed steps you need to perform in order to use any of authentication options as well as sample using.
npm install node-sp-auth --save-dev
import * as spauth from 'node-sp-auth';
import * as request from 'request-promise';
//get auth options
spauth.getAuth(url, credentialOptions)
.then(options => {
//perform request with any http-enabled library (request-promise in a sample below):
let headers = options.headers;
headers['Accept'] = 'application/json;odata=verbose';
request.get({
url: 'https://[your tenant].sharepoint.com/sites/dev/_api/web',
headers: headers
}).then(response => {
//process data
});
});
Promise resolving into object with following properties:
headers
- http headers (normally contain Authorization
header, may contain any other heraders as well)options
- any additional options you may need to include for succesful request. For example, in case of on premise user credentials authentication, you need to set agent
property on corresponding http clienturl
- required, string, url to SharePoint site, https://sp2013/sites/dev/
or https:/[your tenant].sharepoint.com/sites/dev/
credentialOptions
- optional, object in a form of key-value. Each authentication option requires predefined credential object, depending on authentication type. Based on credentials provided, node-sp-auth
automatically determines which authentication strategy to use (strategies listed in the top of the readme file).Possible values for credentialOptions
(depending on authentication strategy):
SharePoint on premise (2013, 2016):
clientId
, issuerId
, realm
, rsaPrivateKeyPath
, shaThumbprint
username
, password
, domain
, workstation
username
, password
, fba
= trueusername
, password
, tmg
= trueSharePoint Online:
clientId
, clientSecret
username
, password
ADFS user credentials:
username
, password
, relyingParty
, adfsUrl
, adfsCookie
On demand authentication
ondemand
= true, electron
, force
, persist
, ttl
no authentication - do not provide any authentication data at all, like spauth.getAuth(url).then(...)
. In that case node-sp-auth
will ask you for the site url and credentials. You will have to select any of the credential options listed above. Credentials will be stored in a user folder in an encrypted manner.
Credits: Andrew Koltyakov @koltyakov and his awesome node-sp-auth-config
Please, use Wiki to see how you can configure your environment in order to use any of this authentication options.
configuration
- object accepting some configuration values for node-sp-auth. Currently it supports only configuration of underline request
module via providing below code (for options available consider request repository):spauth.setup({
requestOptions: {... request options object}
});
I recommend using VS Code for development. Repository already contains some settings for VS Code editor.
Before creating Pull Request you need to create an appropriate issue and reference it from PR.
git clone https://github.com/s-KaiNet/node-sp-auth.git
npm run build
- runs linting and typescript compilationnpm run dev
- setup watchers and automatically runs typescript compilation, tslint and tests when you save files/test/integration/config.sample.ts
to config.ts
.config.ts
with appropriate values (urls, credentials).npm run test:integration
.FAQs
Unattended SharePoint http authentication with nodejs
The npm package node-sp-auth receives a total of 6,582 weekly downloads. As such, node-sp-auth popularity was classified as popular.
We found that node-sp-auth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
vlt introduced its new package manager and a serverless registry this week, innovating in a space where npm has stagnated.
Security News
Research
The Socket Research Team uncovered a malicious Python package typosquatting the popular 'fabric' SSH library, silently exfiltrating AWS credentials from unsuspecting developers.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.