Kortel

integration architecture wso2

How to upload files to Sharepoint with WSO2 – complete guide

Upload files to Sharepoint
By kortelPosted on Posted in Integration

Uploading files to Sharepoint through REST API with OAuth2 authorizaton can be tricky as it requires a mixture of Sharepoint web site configuration and OAuth2 API calls to create access token.

It also uses constants and site variables you should find before using the mechanism.

Preparing Sharepoint environment

Getting Sharepoint

If you do not have a sharepoint access, go to https://www.microsoft.com/microsoft-365/business/compare-all-microsoft-365-business-products and register for Microsoft 365 Business Premium trial.

NOTE: This creates a 30-day free trial account. No credit card necessary.

Login to your account and go to Sharepoint application. Mind your Sharepoint URL (this is the one you have chosen during registration).

URL: https://your_site_name.sharepoint.com/_layouts/15/sharepoint.aspx

Take hostname as a tenant your_site_name.sharepoint.com

Creating an application

To authorize with OAuth2 you first need to create an application.

  1. Go to register new application (Settings / add application): https://{{tenant}}/_layouts/15/appregnew.aspx
  2. Set the following options:
  • App Type – Select An app running on a web server. (You may not have this option)
  • Client Id – Click Generate, and copy the generated value to a text file.
  • Client Secret – Click Generate, and copy the generated value to a text file.
  • Title – Enter a name for the app.
  • App Domain – Enter the domain name (127.0.0.1 is a good example).
  • Redirect URL – Enter the Callback URL. It does not have to exist. Remember to use https and add a trailing slash if you use host name only (https://127.0.0.1/ is a good example).
  1. Click create. Save the response with all parameters to a text file, you will need it for accessing Sharepoint.

Getting the Realm

You will need the realm of your site to work with tokens.

Make a get request to your site without being logged in. You can use curl or Postman for that.

GET https://{{tenant}}.sharepoint.com/_vti_bin/client.svc

Authorization: Bearer realm="realm"

Get the Bearer realm component from the response header and save it as realm. You will need it for further calls.

Authorizing the application

Now comes the tricky part. You have to authorize the application to use Sharepoint. Here you have to decide what type of access you need.

To generate a code for creating a token you need to supply the scope. The scope defines which Sharepoint components you will able to see or write to. Common scopes are Web.Read for reading documents and Web.Write for reading and writting. You may have different tokens with different scopes to make sure the application is only permitted to perform authorized operations. If you know you need only to read files and will not write anything it’s good to create a read-only scope to guard against changes.

We will use a Web.Write scope as we are going to create folders and upload files.

Open your browser where you are logged in and go to:

https://{{tenant}}/_layouts/15/OAuthAuthorize.aspx?client_id={{client_id}}&scope=Web.Write&response_type=code&redirect_uri={{redirect_uri}}

Remember to change the client id and redirect uri to what you generated for the app. Mind the parameters should be url-encoded for the operation to succeed (client_id does not contain any characters to be encoded, but redirect uri should have a form of redirect_uri=https%3A%2F%2F127.0.0.1%2F)

Choose the required Sharepoint component if there is a list (choose Documents to work with folder and files) and click trust.

Do not bother seeing page not found as we used our local machine for the redirection. It is intentional not to pass the code to any application.

Save the code for generating the token. The code is everything after https://127.0.0.1/?code= This will be a long string of characters, digits and other characters. Remember to take the whole string as the code. The code will be valid for ony 5 minutes, so you have to create an access token immediately

Creating an access token

You will use the code to create an access token to work with Sharepoint.

You need to POST a request to your realm URL:

https://accounts.accesscontrol.windows.net/{{realm}}/tokens/OAuth/2

The request has to be passed as application/x-www-form-urlencoded (parameters like in GET request, all URL-encoded). You will need all previously saved variables. The resource principal for Sharepoint is 00000003-0000-0ff1-ce00-000000000000 (you have to use it as it is)

grant_type: "authorization_code"
client_id: "{{client_id}}@{{realm}}"
client_secret: "{{client_secret}}"
resource: "00000003-0000-0ff1-ce00-000000000000/{{tenant}}@{{realm}}"
code: "{{code}}"
redirect_uri: "{{redirect_uri}}"

Response

{"token_type":"Bearer","expires_in":"28799","not_before":"1648707835","expires_on":"1648736935","resource":"00000003-0000-0ff1-ce00-000000000000/tenant@realm","access_token":"access","refresh_token":"refresh"}

Save the access_token and the refresh_token. The latter will be necessary to generate another access token when the first one expires.

From now on you will use the access token in the authorization header as follows:

Authorizaton: Bearer {{access_token}}

Working with files and folders

Remember to use the valid access token in each and every request.

Listing folders

You can list folders using a simple GET response.
To list subfolders in a standard Sharepoint documents folder, use:

GET https://{{tenant}}/_api/web/GetFolderByServerRelativeUrl(‘/Shared Documents’)

Listing files

To list files use similar endpoint URI ended with files.

GET https://{{tenant}}/_api/web/GetFolderByServerRelativeUrl(‘/Shared Documents’)/Files

Creating a folder

To create a folder you POST to the folders endpoint:

POST https://{{tenant}}/_api/web/folders

{
  "ServerRelativeUrl": "/Shared Documents/NewFolder1"
}

Uploading a file

To upload a file you use endpoint parameters to define folder path and file name as the body of the request will contain the file itself.

POST https://{{tenant}}/_api/web/GetFolderByServerRelativeUrl(‘/Shared Documents/NewFolder1′)/Files/add(url=’a.txt’,overwrite=true)

Postman

You can use Postman to issue request. All URLs and bodies are in Postman format to use with variables.

WSO2 Sharepoint connector

You can also use WSO2 Sharepoint connector

https://docs.wso2.com/display/ESBCONNECTORS/SharePoint+Connector

Links

https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/authorization-code-oauth-flow-for-sharepoint-add-ins

https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/working-with-folders-and-files-with-rest

https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/authorization-code-oauth-flow-for-sharepoint-add-ins#permission-scope-aliases-and-the-oauthauthorizeaspx-page

Need help?

Need to store files to Sharepoint and do not know where to start?

Do not worry, we are here to help. Drop us a line and we will contact you as soon as we can!

How to upload files to Sharepoint with WSO2 – complete guide
Scroll to top