我正在尝试使用REST API远程访问SharePoint 。已为该站点启用Office 365智能链接。根据此博客,我没有收到wsse\\:BinarySecurityToken
回复。我的代码如下:
$.ajax({
'url': 'https://sts.something.com/adfs/ls/?&wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=wa%3Dwsignin1.0%26rpsnv%3D4%26ct%3D1417151170%26rver%3D6.1.6206.0%26wp%3DMBI%26wreply%3Dhttps:%252F%252Fsomethingonline.sharepoint.com%252F_forms%252Fdefault.aspx%26lc%3D16393%26id%3D500046%26bk%3D1417151171%26LoginOptions%3D3',
dataType: 'text',
type:'POST',
'data': '<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><s:Header><a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action><a:MessageID>urn:uuid:40c1407d-b2a4-4e05-8248-8a92b71102b6</a:MessageID><a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo><a:To s:mustUnderstand="1">https://login.microsoftonline.com/extSTS.srf</a:To><o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><u:Timestamp u:Id="_0"><u:Created>2012-07-26T16:13:00.622Z</u:Created><u:Expires>2012-07-26T16:18:00.622Z</u:Expires></u:Timestamp><o:UsernameToken u:Id="uuid-69882db9-2d6b-45d3-b016-c2156cb6c01d-1"><o:Username>[email protected]</o:Username><o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*********</o:Password></o:UsernameToken></o:Security></s:Header><s:Body><t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"><wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><a:EndpointReference><a:Address>https://somthingonline.sharepoint.com/_forms/default.aspx?wa=wsignin1.0</a:Address></a:EndpointReference></wsp:AppliesTo><t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType><t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType><t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType></t:RequestSecurityToken></s:Body></s:Envelope>',
headers: {
Accept : "application/soap+xml; charset=utf-8"
},
success: function(result, textStatus, jqXHR) {
console.log('done in login ');
console.log('result '+result);
var xmlDoc = $.parseXML( result );
console.log("xmlDoc:"+xmlDoc);
var xml = $( xmlDoc )
console.log("xml:"+xml);
var binToken= xml.find( "wsse\\:BinarySecurityToken" ).text();
console.log("Binary Token:"+binToken);
alert("Binary Token:"+binToken);
// alert( localStorage.getItem('BinaryToken') );
wsignin(binToken);
},
error:function (jqXHR, textStatus, errorThrown){
console.log(errorThrown+'error login:' + jqXHR.responseText);
},
complete:function(jqXHR, textStatus) {
console.log('login completed ' + textStatus);
}
});
我对提琴手的回答如下:
<html><head><title>Working...</title></head><body><form method="POST" name="hiddenform" action="https://login.microsoftonline.com/login.srf"><input type="hidden" name="wa" value="wsignin1.0" /><input type="hidden" name="wresult" value="<t:RequestSecurityTokenResponse xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"><t:Lifetime><wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-11-28T18:37:25.272Z</wsu:Created><wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-11-28T19:37:25.272Z</wsu:Expires></t:Lifetime><wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsa:Address>urn:federation:MicrosoftOnline</wsa:Address></wsa:EndpointReference></wsp:AppliesTo><t:RequestedSecurityToken><saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="_7f55172b-43f9-466c-bede-436d794119e2" Issuer="http://sts.something.com/adfs/services/trust" IssueInstant="2014-11-28T18:37:25.274Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Conditions NotBefore="2014-11-28T18:37:25.272Z" NotOnOrAfter="2014-11-28T19:37:25.272Z"><saml:AudienceRestrictionCondition><saml:Audience>urn:federation:MicrosoftOnline</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AttributeStatement><saml:Subject><saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">ddcNR0t/6kWEAp4knvEteA==</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:Attribute AttributeName="UPN" AttributeNamespace="http://schemas.xmlsoap.org/claims"><saml:AttributeValue>[email protected]</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName="ImmutableID" AttributeNamespace="http://schemas.microsoft.com/LiveID/Federation/2008/05"><saml:AttributeValue>ddcNR0t/6kWEAp4knvEteA==</saml:AttributeValue></saml:Attribute></saml:AttributeStatement><saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2014-11-28T18:37:24.943Z"><saml:Subject><saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">ddcNR0t/6kWEAp4knvEteA==</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><Reference URI="#_7f55172b-43f9-466c-bede-436d794119e2"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><DigestValue>9Jldbpiqe7ie6Q4R9MBRBL3y3to=</DigestValue></Reference></SignedInfo><SignatureValue>geVzxtwW4bSbLRCEUTgIdn3xwZFnyHXLBamGlnudEwBdxpUrtlyUZBD71zpbP85AIuoFTNPsAGwDsknaRa5jhurDIJ2AsR2rsOh8dlnFDEwCK76zldPVXWIVIat255ShMDRLG3dlBDuHN1h8rdBihKrMD2tfS4xJ8KAI1+jwhaeM8/RYIFktCQUhjnUszmiChOfiqSl+a0aitgboGmP9blDrZcEu8UflslAgnmRr0mRg3NP8JoRqhNH/XuqEXNJUihuGmGqK8pwbSQpPGMl2qmBk20F3lliOFXcToQCFHBMY52c4jix2X8yxvFTU5Wx0JLYqoOo8FKPBEwfPtGD01g==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIC2jCCAcKgAwIBAgIQN5pkvQA4VKJHhmyqe1c7EzANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBzdHMuYnJpbGxpby5jb20wHhcNMTQwMzE0MTk1NDEyWhcNMTUwMzE0MTk1NDEyWjApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBzdHMuYnJpbGxpby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnGPNSXDlOvjxlT8qOk2apR0OUfCgDHD14zL0v+YCochzKSmvz8c7W8o5Bs36JFYPHqTYI0SnsrYM5IspGoET1rjc+8oUTQHs9QY41F8edq8DgMGBfIfkffEuKEtfnblBAWFsGWI94XZFl5wXcsunR+UqkcdaAlitPJ4tGTMF2G4LW8HCYu9uR9mkpT19/HGlhncAi8dHpmrzQ9yoIt4PRDFzECRwBbbpxxB1K4Sae8rb5GNE8b5IVKVAD7sIqI8UShcMaOTT357Esvm9MGB4aJH1BpW3qUa63vOc834nvE2EgBff3CXW1cwnOtLkiQ0xQW3otdCHm8lZdT0YNpPHNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIC75Yfa+EhA/0vbKVhdib9yBa7F3fS1UmLz+Zzxij2AkIvSmGb3sf95OX6lwAuCAgVTTcU/qy2LMgUFUWNsxOxsDmeDbeOUdHjILgRAZnE+8kQTVagws4w5T+AFXAIeqVuYxxUqtP33prECzxwklwYW9FOLD4nGx4w5uz/rfP7yfxN+q1XdZu/U1WiRcYd7cSIsLlceNF5yA0yey9L24iEPBZDjAQAatppws4pusHyEJVL3gFLnvJWGlC4Khtb/41LFAe16n8LTKS4jJcx3Msu7TkHKfZYX7lIufAKK6ObyenGKszTdLvemZO46RicG0Dlm9PtaEjoqUn3Iok4/KEk=</X509Certificate></X509Data></KeyInfo></Signature></saml:Assertion></t:RequestedSecurityToken><t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType><t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType><t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType></t:RequestSecurityTokenResponse>" /><input type="hidden" name="wctx" value="wa=wsignin1.0&rpsnv=4&ct=1417199483&rver=6.1.6206.0&wp=MBI&wreply=https:%2F%2Fsomethingonline.sharepoint.com%2F_forms%2Fdefault.aspx&lc=1033&id=500046&bk=1417199484&LoginOptions=3" /><noscript><p>Script is disabled. Click Submit to continue.</p><input type="submit" value="Submit" /></noscript></form><script language="javascript">window.setTimeout('document.forms[0].submit()', 0);</script></body></html>
当我在域中时,会收到上述响应,否则,由于已配置智能链接,因此会获得用于自定义登录页面的html。我不确定是否要发布到正确的网址。如何获得回复BinarySecurityToken
?
此问题已解决。我SharePointOnlineCredentials
使用提琴手在CSOM中按类跟踪了请求和响应,并进行了跟踪。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句