s-kainet / sp-request Goto Github PK

Hi,

It is a bad idea to use a default setting of rejectUnauthorized: false
If anyone uses a local, non public CA for their certificates they need to provide it via https.certificateAuthority to make the request work.
Disabling TLS certificate checks in general - without even mentioning it in the documentation - is a really bad idea.

Appreciate your comments and hopefully a change of this setting with the next release.

When using untrusted certificates wtih on-premise installation you may see this error - UNABLE_TO_VERIFY_LEAF_SIGNATURE.
Default options should include rejectunauthorized property set to false in order to avoid this kind of errors.
Refers this issue

Hello,

I tried using sp-request to upload files from a webserver to sharepoint via stream.

Code:

var request = require("request-promise");

spr.requestDigest(spWebUrl)
    .then(function (digest) {
        globalRequestOptions.headers["X-RequestDigest"] = digest;
        globalRequestOptions.url = spWebUrl + '/_api/web/GetFolderByServerRelativeUrl(\'' + folder + '\')/files/add(url=\'file.pdf\', overwrite=true)';
        globalRequestOptions.method = "POST";
        return request
            .get('http://webserver/Original%20file/917749.pdf')
            .pipe(spr(globalRequestOptions)); // throws error
            // .pipe(request(globalRequestOptions)); // no error
    });

With sp-request i get following error:

TypeError: dest.on is not a function
    at Request.Stream.pipe (stream.js:45:8)
    at Request.pipe (path\node_modules\request\request.js:1502:34)
    at path\server.js:72:30
    at tryCatcher (path\node_modules\bluebird\js\release\util.js:16:23)
    at Promise.module.exports.Promise._settlePromiseFromHandler (path\node_modules\bluebird\js\release\promise.js:512:31)
    at Promise.module.exports.Promise._settlePromise (path\node_modules\bluebird\js\release\promise.js:569:18)
    at Promise.module.exports.Promise._settlePromise0 (path\node_modules\bluebird\js\release\promise.js:614:10)
    at Promise.module.exports.Promise._settlePromises (path\node_modules\bluebird\js\release\promise.js:693:18)
    at Async._drainQueue (path\node_modules\bluebird\js\release\async.js:133:16)
    at Async._drainQueues (path\node_modules\bluebird\js\release\async.js:143:10)
    at Immediate.e.Async.drainQueues (path\node_modules\bluebird\js\release\async.js:17:14)
    at runCallback (timers.js:649:20)
    at tryOnImmediate (timers.js:622:5)
    at processImmediate [as _immediateCallback] (timers.js:594:5)

Just a thank you message for this very useful module 🥇

Hello!
I will be grateful if you explain me how I can get list Items with CAML query.
I can execute simple REST queries (request.get), but now I need to filter items by the CAML query.
It's because I need to filter items by 'contains' filter to the field of type Note (multi line field).
And can I understand, it's possible only through CAML query in the options of request.post? request.get?

With best regards,
Dmitry

Just found out that Typings definition file is missing in npm package. There is no ./lib/src/index.d.ts.
Trying version 2.1.2.

Hi, I am trying to upload a file to sharepoint folder. But, NOT able to authenticate. I am getting below error.

throw new Error(Unable to resolve namespace authentiation type. Type received: ${authType});

Please help.

My Code is as below,

var spauth = require('node-sp-auth');
var request = require('request-promise');
var $REST = require("gd-sprest");

// Log
console.log("Connecting to SPO");

// Connect to 
//https://someurl.sharepoint.com/sites/someteams
var url = "https://someurl.sharepoint.com/sites/someteams/_api/web/lists";
spauth.getAuth(url, {
    username: "username",//"email or username", ?
    password: "password",
    online: true
}).then(options => {
    // Log
    console.log("Connected to SPO");
    let headers = options.headers;
    headers['Accept'] = 'application/json;odata=verbose';

    request.get({
        url: `https://someurl.sharepoint.com/sites/someteams/_api/web`,
        headers: headers
      }).then(response => {
        //process data
      });
    // Code Continues in 'Generate the Request'
});

Upload to SPO works but not to on-premise

my gulp task:

gulp.task('spsave', function() {
  return gulp.src('./dist/*.*')
    .pipe(spsave({
      siteUrl: "https://subdomain.domain.com/communities/site/",
      folder: "app"
    }, {
      username: "[email protected]",
      password: "foooo",
      domain: 'foo'
    }));
});

i get following log:

[13:57:09] Starting 'spsave'...
[13:57:10] spsave: Error occured:
[13:57:10] spsave: Cannot read property 'match' of undefined

[13:57:10] spsave: Stack trace:

[13:57:10] spsave: TypeError: Cannot read property 'match' of undefined
at Object.parseType2Message (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\httpntlm\ntlm.js:114:20)
at C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\node-sp-auth\lib\src\auth\resolvers\OnpremiseUserCredentials.js:35:33
From previous event:
at coreRequest (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\sp-request\lib\src\core\SPRequest.js:15:16)
at spRequestFunc (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\sp-request\lib\src\core\SPRequest.js:56:20)
at Function.spRequestFunc.(anonymous function) [as post] (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\sp-request\lib\src\core\SPRequest.js:96:24)
at C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\sp-request\lib\src\core\SPRequest.js:74:27
From previous event:
at Function.spRequestFunc.requestDigest (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\sp-request\lib\src\core\SPRequest.js:66:16)
at C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\spsave\lib\src\core\FileSaver.js:53:36
at runCallback (timers.js:666:20)
at tryOnImmediate (timers.js:639:5)
at processImmediate [as _immediateCallback] (timers.js:611:5)
From previous event:
at FileSaver.saveFile (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\spsave\lib\src\core\FileSaver.js:52:14)
at FileSaver.save (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\spsave\lib\src\core\FileSaver.js:37:18)
at saveSingleFile (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\spsave\lib\src\core\SPSave.js:74:76)
at C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\spsave\lib\src\core\SPSave.js:40:13
From previous event:
at spsave (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\spsave\lib\src\core\SPSave.js:12:12)
at DestroyableTransform.uploadFile [as _transform] (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\gulp-spsave\index.js:43:7)
at DestroyableTransform.Transform._read (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\gulp-spsave\node_modules\readable-stream\lib_stream_transform.js:159:10)
at DestroyableTransform.Transform.write (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\gulp-spsave\node_modules\readable-stream\lib_stream_transform.js:147:83)
at doWrite (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\gulp-spsave\node_modules\readable-stream\lib_stream_writable.js:313:64)
at writeOrBuffer (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\gulp-spsave\node_modules\readable-stream\lib_stream_writable.js:302:5)
at DestroyableTransform.Writable.write (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\gulp-spsave\node_modules\readable-stream\lib_stream_writable.js:241:11)
at write (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_readable.js:623:24)
at flow (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_readable.js:632:7)
at DestroyableTransform.pipeOnReadable (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_readable.js:664:5)
at emitNone (events.js:86:13)
at DestroyableTransform.emit (events.js:188:7)
at emitReadable (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_readable.js:448:10)
at emitReadable (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_readable.js:444:5)
at readableAddChunk (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_readable.js:187:9)
at DestroyableTransform.Readable.push (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_readable.js:149:10)
at DestroyableTransform.Transform.push (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_transform.js:145:32)
at afterTransform (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_transform.js:101:12)
at TransformState.afterTransform (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_transform.js:79:12)
at DestroyableTransform.noop [as _transform] (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\through2\through2.js:26:3)
at DestroyableTransform.Transform._read (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_transform.js:184:10)
at DestroyableTransform.Transform._write (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_transform.js:172:12)
at doWrite (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_writable.js:237:10)
at writeOrBuffer (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_writable.js:227:5)
at DestroyableTransform.Writable.write (C:\Users\Jonas\Source\Repos\Swisscom.PartnerPortal\node_modules\vinyl-fs\node_modules\readable-stream\lib_stream_writable.js:194:11)
[13:57:10] 'spsave' errored after 471 ms
[13:57:10] TypeError in plugin 'gulp-spsave'

Hello, I've been using this library for development purposes and was if you have an example of adding an attach/removing a file from a list item?

From @zhijunzhou on July 18, 2016 6:6

[14:03:56] spsave: Error occured:
[14:03:56] spsave: Invalid STS request.

[14:03:56] spsave: Stack trace:

[14:03:56] spsave: Error: Invalid STS request.

 at C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\node_module
s\node-spoauth\sharepoint.js:196:13
    at C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\node_module
s\node-spoauth\sharepoint.js:119:21
    at Parser.<anonymous> (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp
-request\node_modules\node-spoauth\sharepoint.js:28:21)
    at emitOne (events.js:77:13)
    at Parser.emit (events.js:169:7)
    at Object.onclosetag (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-
request\node_modules\node-spoauth\node_modules\xml2js\lib\xml2js.js:447:26)
    at emit (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\node_
modules\node-spoauth\node_modules\xml2js\node_modules\sax\lib\sax.js:640:35)
    at emitNode (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\n
ode_modules\node-spoauth\node_modules\xml2js\node_modules\sax\lib\sax.js:645:5)
    at closeTag (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\n
ode_modules\node-spoauth\node_modules\xml2js\node_modules\sax\lib\sax.js:905:7)
    at Object.write (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-reque
st\node_modules\node-spoauth\node_modules\xml2js\node_modules\sax\lib\sax.js:1449:13)
    at Parser.exports.Parser.Parser.parseString (C:\zhou__project_\nodejs\days\process\node_modules\
spsave\node_modules\sp-request\node_modules\node-spoauth\node_modules\xml2js\lib\xml2js.js:508:31)
    at Parser.parseString (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp
-request\node_modules\node-spoauth\node_modules\xml2js\lib\xml2js.js:7:59)
    at parseXml (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\n
ode_modules\node-spoauth\sharepoint.js:31:12)
    at IncomingMessage.<anonymous> (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_m
odules\sp-request\node_modules\node-spoauth\sharepoint.js:112:13)
From previous event:
    at C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\lib\src\cor
e\auth\OnlineResolver.js:24:13
From previous event:
    at OnlineResolver.applyAuthHeaders (C:\zhou__project_\nodejs\days\process\node_modules\spsave\no
de_modules\sp-request\lib\src\core\auth\OnlineResolver.js:13:16)
    at C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\lib\src\cor
e\SPRequest.js:28:18
From previous event:
    at coreRequest (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-reques
t\lib\src\core\SPRequest.js:12:16)
    at spRequestFunc (C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-requ
est\lib\src\core\SPRequest.js:52:20)
    at Function.spRequestFunc.(anonymous function) [as post] (C:\zhou__project_\nodejs\days\process\
node_modules\spsave\node_modules\sp-request\lib\src\core\SPRequest.js:92:24)
    at C:\zhou__project_\nodejs\days\process\node_modules\spsave\node_modules\sp-request\lib\src\cor
e\SPRequest.js:70:27
From previous event:
    at Function.spRequestFunc.requestDigest (C:\zhou__project_\nodejs\days\process\node_modules\spsa
ve\node_modules\sp-request\lib\src\core\SPRequest.js:62:16)
    at C:\zhou__project_\nodejs\days\process\node_modules\spsave\lib\src\core\FileSaver.js:53:36
    at processImmediate [as _immediateCallback] (timers.js:383:17)
From previous event:
    at FileSaver.saveFile (C:\zhou__project_\nodejs\days\process\node_modules\spsave\lib\src\core\Fi
leSaver.js:52:14)
    at FileSaver.save (C:\zhou__project_\nodejs\days\process\node_modules\spsave\lib\src\core\FileSa
ver.js:37:18)
    at saveSingleFile (C:\zhou__project_\nodejs\days\process\node_modules\spsave\lib\src\core\SPSave
.js:69:47)
    at saveFileArray (C:\zhou__project_\nodejs\days\process\node_modules\spsave\lib\src\core\SPSave.
js:54:9)
    at C:\zhou__project_\nodejs\days\process\node_modules\spsave\lib\src\core\SPSave.js:25:13
From previous event:
    at spsave (C:\zhou__project_\nodejs\days\process\node_modules\spsave\lib\src\core\SPSave.js:12:1
2)
    at save (C:\zhou__project_\nodejs\days\process\gulpfile.js:16:3)
    at Gulp.<anonymous> (C:\zhou__project_\nodejs\days\process\gulpfile.js:30:2)
    at module.exports (C:\zhou__project_\nodejs\days\process\node_modules\gulp\node_modules\orchestr
ator\lib\runTask.js:34:7)
    at Gulp.Orchestrator._runTask (C:\zhou__project_\nodejs\days\process\node_modules\gulp\node_modu
les\orchestrator\index.js:273:3)
    at Gulp.Orchestrator._runStep (C:\zhou__project_\nodejs\days\process\node_modules\gulp\node_modu
les\orchestrator\index.js:214:10)
    at Gulp.Orchestrator.start (C:\zhou__project_\nodejs\days\process\node_modules\gulp\node_modules
\orchestrator\index.js:134:8)
    at C:\Users\zhouzh\AppData\Roaming\npm\node_modules\gulp\bin\gulp.js:129:20
    at doNTCallback0 (node.js:419:9)
    at process._tickCallback (node.js:348:13)
    at Function.Module.runMain (module.js:469:11)
    at startup (node.js:136:18)
    at node.js:963:3
{ [Error: Invalid STS request.
]
  cause:
   [Error: Invalid STS request.
   ],
  isOperational: true }

Copied from original issue: s-KaiNet/spsave#15

Implement app only authentication for on-premise environment using approach similar to SharePoint addin uses in TokenHelper.cs (S2S trust through the x509 certificate).

POC solution available here - https://github.com/s-KaiNet/sp-node-apponly-poc

Hi Sergei,

First of all, thank you for this great library, it found a place in our projects and do its job nicely!

Question: Do you have a clue, how to add batch queries support to sp-request library?
To be able to combine the reasonable set of REST queries to one single batch and then send a network request all at once (for SPO and SP2016, not SP2013 for sure, as REST $batch API is absent in SP2013).
With some sort of syntax:

...
var spr = require("sp-request").create(ctx, env);
var batch = spr.createBatch();
var batchResults = [];
spr.getInBatch(restUrl1, batch).then(...);
spr.getInBatch(restUrl2, batch).then(...);
spr.postInBatch(restUrl2, batch, {
   body: { ... },
   headers: { ... }
}).then(...);
...
batch.execute().then(function() {
  console.log("All is done!", batchResults);
});

Hello I'm trying to send an attachment to the list using the sp-request library, when I send it normally the file arrives in the list attachment but the pdf ends up being corrupted when I try to open it inside the sharepoint. Analyzing that the sending is being done in binary in the body. But when I analyze the pdf it is as if the file was not as a binary but as a buffer. Have you ever been through this problem?

@s-KaiNet help me ?

Hi,
I'm using this module, and he is amazing, but in my tests i'm getting Response Code 400 when create a new item in list....

After some hours and thousands of Chrome tabs in Stackoverflow, i did not find any reference about possible incorrect _metadata type format.

Then, i test parsing _metadata like this:
body: { "__metadata": { "type": "SP.List" }, "Title": "New Item" },

And error 400 no more occours....

If you wan't to try or put this in your documentation can be very helpfull for income users.

Here's my full code for consultant:

const spClient = sprequest.create({
  username,
  password
})

spClient.requestDigest(url).then(digest => {
  return spClient.post(`${url}/_api/web/lists/getByTitle('nodejsapp')/items	`, {
    body: {
      "__metadata": {
        "type": "SP.List"
      },
      "Title": "New Item"
    },
    headers: {
      'X-RequestDigest': digest
    }  
  })
}).then(function () {
  console.log('item just created!!!');
}, function (err) {
    // if (err.message.indexOf('-2130575342') === -1) {
    //     console.log('Hmmmmm something went wrong');
    //     console.log(err);
    //     return;
    // }
    // console.log('list already exists!!!');
    
})
    .catch(function (err) {
    console.log('Hmmmmm something went wrong');
    console.log(err);
});

sp-request supports this form of authentication using an AAD app:

    var credentialOptions = {
    		clientId: clientId,
		clientSecret: clientSecret
    }
    let spr = sprequest.create(credentialOptions)

Can this same method be used with user credentials, to support the scenario described here in this Microsoft blog post?
https://blogs.msdn.microsoft.com/kaevans/2014/04/15/calling-o365-apis-from-your-web-api-on-behalf-of-a-user/

I'm willing to keep digging, any input appreciated.

Hi there,

I tried to use this module to retrieve a specific term store but I got an OAuth issue when I tried to hit the following endpoint (which works fine from the browser):

https://<TENANT_ID>.sharepoint.com/_api/v2.1/termStore/groups/<GROUP_ID>/sets/<SET_ID>/terms

So I successfully used pnp_auth and @pnp/sp-taxonomy modules, but I was wondering if I can achieve the same result with sp-request library as it's quite handy the way for the authentication with credentials, and doesn't require other libraries), especially because I had to use an older version of the above modules, which are giving me several warnings (e.g. Accessing non-existent property 'ControlMode' of module exports inside circular dependency ).

If this functionality is already there, would you be able to provide me with an example of how to properly access a term store please? If not, would it be possible to introduce it in the next release?

Thank you very much.

Regards

we are using sp-request 3.0.0 to authentication (basic authentication) to SharePoint on premise 2022 and it is working pretty fine with us.
once we upgrade node.js to V 17.0.0 or higher we are getting the below message:

Error: error:0308010C:digital envelope routines::unsupported
at new Hash (node:internal/crypto/hash:67:19)
at Object.createHash (node:crypto:130:10)
at Object.createNTLMHash (C:\Users\bamustafa\Desktop\download-packager\backend\node_modules\node-ntlm-client\lib\hash.js:77:22)
at Object.createType3Message (C:\Users\bamustafa\Desktop\download-packager\backend\node_modules\node-ntlm-client\lib\ntlm.js:213:23)
at C:\Users\bamustafa\Desktop\download-packager\backend\node_modules\node-sp-auth\lib\src\auth\resolvers\OnpremiseUserCredentials.js:41:35
at processTicksAndRejections (node:internal/process/task_queues:96:5) {
opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
library: 'digital envelope routines',
reason: 'unsupported',
code: 'ERR_OSSL_EVP_UNSUPPORTED'
}

any advise if there will be any compatible version in the coming period of time ?

Many Thanks for your feedback

Are there any plans to implement any authentication methods as an alternative to digest, such as ADFS?

This would be very useful for on premises sharepoint, since most don't support digest.

Hello,

I recently got a security advisory on one of my projects using this package. The issue is with the got package which had a vulnerability found in recently. Patched versions of it are v12.1.0 and v11.8.5.
Github Advisory: GHSA-pfrx-2q88-qq97

I tried manually overriding the got version, but as sp-request is using v10 of got, it is not compatible with the fixed versions (v11.8.5+ and v12).

Would be great to have an update to patch out this vulnerable version of the package.

Thanks!

Hi,

I have tried using both sp-request and sp-download but i could not get actual sharepoint file data in binary.

1. Problem with sp-download is , it downloads the file to disk directly but i can not afford that as it is performance issue for me, i need file binary stream, not sure how to do that.

2. With sp-request, i tries using getfilebyserverrelativeurl(url)$value but it is giving me a whole big xml/xsd(lot of metadata) kind of structure but not binary content, is there any way that i get binary .doc file content with any of these libraries, I have spent lot of time but could not figure out how to do that.