Category
[ ] Enhancement
[x] Bug
[ ] Question
Expected / Desired Behavior / Question
I'm currently building a test application with Node.js and PnP-JS-Core. My setup configuration looks like this:
pnp.setup({
nodeClientOptions: {
clientId: "GUID",
clientSecret: "Secret",
siteUrl: "URL"
},
headers: {
"Accept": "application/json; odata=verbose"
}
});When I try to do something simple, like retrieving the site title I retrieve the following generic error: Error making GET request: Unauthorized. I also saw another issue with the same kind of problem, but apparently, it that one had something to do with the way SP App needed to be registered issue 174. It could be that the issue is not yet solved and that it was a bit of luck with the clientid and secret combination.
In my case, I know that there is no problem with the app registration process. I tried using the clientId and clientSecret in another application which ran fine. To be sure what was going on, I started debugging the code and found a bug in nodefetchclient.ts file.
In the getAddInOnlyAccessToken function, a call is made to retrieve the oAuth token with the provided clientId and secret. In my case it always returns this:
AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.
To be sure, I tried another app registration and got the following message:
AADSTS90014: The request body must contain the following parameter: 'grant_type'.
Finally, I tested out my clientId and secret via Postman, and there I retrieved a correct token:
Apparently, a similar issue was already mentioned on the node-fetch repo: node-fetch POST issue. I tested out a couple of the solution they provided, but none of them worked out. So I updated the code from node-fetch to make use of request-promise module. At the moment with this change in place, all token calls are correctly handled. I will do a PR to show the updated code.
Steps to Reproduce
I think this depends on the client secret which you retrieve. Could have something to do with special characters like plusses. I have tried three different clientIds and secret combinations. One was working fine, and the two others gave the above problems. In both of them, I had a plus + in the secret.
Category
[ ] Enhancement
[x] Bug
[ ] Question
Expected / Desired Behavior / Question
I'm currently building a test application with Node.js and PnP-JS-Core. My setup configuration looks like this:
When I try to do something simple, like retrieving the site title I retrieve the following generic error:
Error making GET request: Unauthorized. I also saw another issue with the same kind of problem, but apparently, it that one had something to do with the way SP App needed to be registered issue 174. It could be that the issue is not yet solved and that it was a bit of luck with the clientid and secret combination.In my case, I know that there is no problem with the app registration process. I tried using the clientId and clientSecret in another application which ran fine. To be sure what was going on, I started debugging the code and found a bug in
nodefetchclient.tsfile.In the
getAddInOnlyAccessTokenfunction, a call is made to retrieve the oAuth token with the provided clientId and secret. In my case it always returns this:AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.To be sure, I tried another app registration and got the following message:
AADSTS90014: The request body must contain the following parameter: 'grant_type'.Finally, I tested out my clientId and secret via Postman, and there I retrieved a correct token:
Apparently, a similar issue was already mentioned on the node-fetch repo: node-fetch POST issue. I tested out a couple of the solution they provided, but none of them worked out. So I updated the code from node-fetch to make use of request-promise module. At the moment with this change in place, all token calls are correctly handled. I will do a PR to show the updated code.
Steps to Reproduce
I think this depends on the client secret which you retrieve. Could have something to do with special characters like plusses. I have tried three different clientIds and secret combinations. One was working fine, and the two others gave the above problems. In both of them, I had a plus
+in the secret.