Hello Everyone,
Recently, I had a chance to work with windows Azure and SharePoint integration with SAP PI 7.4. In this blog, I will be sharing the use of Advantco REST adapter workbench and how to check AAD/SPO connection from the same.
1. PREPARATION STEPS:
STEP 1: Login to REST Workbench. For example, we have different URLs to access the REST WB in different environments.
DEV | https://vhxxxxxx.rot.hec.sap.biz:50001/webdynpro/dispatcher/advantco.com/rest~workbench/RESTAdapterWorkbench# |
QUAL | https://vhxxxxxx.rot.hec.sap.biz:50001/webdynpro/dispatcher/advantco.com/rest~workbench/RESTAdapterWorkbench# |
PROD | https://vhxxxxxx.rot.hec.sap.biz:44300/webdynpro/dispatcher/advantco.com/rest~workbench/RESTAdapterWorkbench# |
STEP 2: Load the required channel from the options and by clicking “Load from channel configuration”. (Refer below)
Best Practice-Table 1: AAD/SPO Connection details: (Prepare this table for your ease. It will be a single point of reference for all your scenario configurations in various environments)
Eg:
Details | DEV (mysapdev) | TEST (mysaptest) | PREPROD (mysappreprod) |
SPO URL | |||
Service account | |||
Password | 23qc!vA671 | Qom4o80053 | @4R@W96qgd |
Client ID | F122d7dc-b0ca-4a85-8dd9-15bff1662d11 | C456d2ee-c83f-4b03-af4d-a102c9583c84 | 30712d54-a206-48a9-a96e-070052409346 |
Key | pnAM6aEjaOk+hcJlHSuDiqZjl4QcHVvvuk5443os+pPQI= | rORN4T6hX5ksmMnIvaqxQ/2Q+xs/IqP2XRFiI9q87AdXs= | Tpf3gHD7+a8aTOVtwKVfqj1Lba7FAAmRr3FDzvc0vTD8s= |
Token Endpoint | https://login.windows.net/aedd7e88-7532-464b-845a-d2ac5f571dac/ oauth2/token?client_id=f122d7dc-b0ca-4a85-8dd9-15bff1662d11&client_secret=xxxxxxxxxx%2BhcJlHSuDiqZjl | https://login.windows.net/ca65293a-ed1d-48a8-b5ec-820f485de621/ oauth2/token?client_id=c456d2ee-c83f-4b03-af4d-a102c9583c84&client_secret=xxxxxxxxmMnIvaqxQ%2F2Q%2B | https://login.windows.net/cd866524-98aa-4ddc-a1a6-993aa95c19d5 /oauth2/token?client_id=30712d54-a206-48a9-a96e-070052409346&client_secret=xxxxxxx%2Ba8aTOVtwK |
This detail is configured in the “Authentication /Authorization” tab in the REST workbench.
Note:
The Client secret can either encoded or decoded using the online tool, http://www.urldecoder.org/
2. Testing AAD connection:
- Go to “Authentication/Authorization” Tab in the REST workbench.
- Fill in the required details manually from Table1 above to test the AAD connection, in case you are not loading the details from the channel.
- Click “Test Auth Configuration” button. If the connection is successful, we will get HTTP 200 response.
Sample AAD Operation: Eg Update Azure User details
- It is a POST request.
- The resource URL should be https://graph.windows.net/mysaptest.onmicrosoft.com/users/%UserID%
- The highlighted portion is the user ID that we want to update.( Eg: ab.cd@mysaptest.onmicrosoft.com)
- The required HTTP headers are added in the request.
- The response can be HTTP 204 status, without response payload.
Below is an example of updating the Azure user information from REST Workbench.
Azure Screenshot:
This confirms that we could connect to Azure system from REST WB.
Azure related information can be seen under the site, https://msdn.microsoft.com/en-us/library/azure/
3. Testing SPO Connection:
We have to get the Request Digest Token in order to do any SPO operation. This involves three steps;
STEP 1: Get Authorization Token
- It is a POST request.
- Resource URL should be https://login.microsoftonline.com/rst2.srf
- Authentication should be OAuth2.0 with the details given in Table1.
- Refer below, for the request that should be “posted” (remember HTTP Get/Post methods?) in this step. Change the Username and password fields in the below request according to the environment. This is for the service account we have in SPO.
- Click “Execute Request” button.
- The response would be an xml. The value inside the tag “<wsse:BinarySecurityToken Id="Compact0">” is the authorization token.
Eg: The token would be looking like below value;
t=EwAoA06hBwAUbl/sgipYGM8TysUFtClJteGnuzoAAY3+JHj81irl//GZbdH5oWSmnrR5EXZTrjkYiHrdMX0fUn4VBv0fbuNfzlx4lLGV90nnlDYbT cEpBxSXpW2tRqQQmxWPU0e6aynQyqYaNNAQN3R9RHTol1OZkLTbdouV8b/IhC58PHdyE2He4jeGDWVEWt5rWJmYX2P/VT56dJWqwpZgt kZ3NCKc/66h3YbP98aJ4B3UY4Hqst5gHqhGC37ovUgVMRnrTOldqDCHHaMr9OqB7V9X0B4ZRVogdXvQiZb6Afpx66bku4Iig0UwtDtVfbDcGlfq S+BbN72AMQLY5mdM7oG8ERA59GoIl6NDOKtt2dROQI2kwRAEUZihEgUDZgAACBV/+hZAeqGQ+AH36zbAOkcAbUbGfUOExWkzDZOwYa Wv5UdvFITgKELe+RFszeXf0Mzna003KWX/QVEh8Xl1O+F/Y/AGctR4x73zNLwDzrhYEuDASP/3z2oPqQmhHfilhDIFxxilEjhiB99CKIZ/SOqsLsb NSrWbquFo4dVNrOuyMDs/VH95X0qyv36Bey2b2XiOvU0FURvNkwSpm1+IMhtoIKH48DwABIBJHOIY0WeSfEVHq0O7OmIJ2+kv35KuWKyh6 QwTZMKEc4a3716cHaxeUm7k+pRLY4n5LYSBFWo4fDi0czVbGcoHzjQ4CK0+V9jFBZVvg0S8XBUCX8sqzmiBwnuzuwbvi+kF/72/PIim+dRmK nm+AKaLrXZqwituVv15Z+eCiRs35DiwodAgjBrfy3wOLnjLJFVsd3wS6xRXUGwrRrew+8SEHVtzeVEKZT3HRWDqvhgeoUY1JvjDzvI+wAVgKM qQYnw11UPehN99EXKYPYHOTLKbayftghXXDfzCFK/cRbIE1pijq6ioZvyABdw3Chnw7wC1LmPGZkX84+Tr/iPN32obNReN5/dYbwGZ4E1/QLg nM2Na4G3oqOKfxM5AAWP74g79KesJum8FUPoWud+uWfcIa04vkOdwzEgNubX3Ng5ca8WXAQ0B9QydQxp1eBuloyEiQE9iI6c0epZ0Ag==&p= |
- Concatenate “BPOSIDCRL” to the above value. We can call it as “AUTHTOKEN_VALUE”
STEP 2: Get Cookie.
- It is a GET request.
- Resource URL should be https://mysaptest.sharepoint.com/sites/XYZ/_vti_bin/idcrl.svc/
- The above highlighted part will change according to the environment. Refer Table 1.
- From this step, we don’t need OAuth2.0 authorization. So, it should be set to null.
- In the “HTTP Headers” section, paste the “AUTHTOKEN_VALUE” with the name “Authorization“
- Click “Execute Request” button. The successful response is indicated by HTTP 200 status code.
Eg:
- The value returned by the header “Set-Cookie” is the cookie value. Let us call it as “COOKIE_VALUE”.
Sample Cookie Value:
SPOIDCRL=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VHJ1ZSwwaC5mfG1lbWJlcnNoaXB8MTAwM2JmZmQ5Mzg1NGN hYUBsaXZlLmNvbSwwIy5mfG1lbWJlcnNoaXB8bWNsc2FwdGVzdEBtY2xhcmVuc2FwdGVzdC5vbm1pY3Jvc29mdC5jb20sMTMwODk4OTc3MzM1NzM0N zcyLEZhbHNlLGZmNVVHdDNXdWJOWjNtSWFrMlUvc1JkK1AvMXNHS1NCSzF3T09QWCtOL012bEpnYURFb05uWDdyVUorem1WbC9KaFpQc2FpcEpV bWFXdWp6Y3RaaDFpZWZnWFZUVTNrOUJYTjZPalNsNzJ6Nk95STdSZ2dIMHJ1V05sM0FGZ1NhcGE3S1JaQ3dPMEpTQkZsOExsYVh6YTBFQXpVamhl NWhJYnVtTVR1b204WkdqR1dJRHNKQUFyekcxRHR0UzRzckRHU1JXQTVhelpFRkc3Uk1oSzhuUE9LYUNjR1ZPZ0owNStJZ1lZZlBocTRSRmk1TGFRR 3hoZnEvMVJvYUZaNDZZc3UydEx3bURCQzgxTVBKRjYxQVBpVWN2OFoyZ1hnYk1FZ0hqMGZIS0pIYVcrVEJ0RW56V0lrQ0FsRDVWYTBmdTk5dGRhTl R1NnhsT3ZML2pIMWkvQT09LGh0dHBzOi8vbWNsYXJlbnNhcHRlc3Quc2hhcmVwb2ludC5jb20vc2l0ZXMvc3VwcGxpZXJzL192dGlfYmluL2lkY3JsLnN2Yy 88L1NQPg==; path=/; secure; HttpOnly |
STEP 3: Get Digest Token
- It is a POST request.
- The Resource URL should be https://mysaptest.sharepoint.com/sites/XYZ/_api/contextinfo
- The above highlighted part will change according to the environment. Refer Table 1.
- In the “HTTP Headers” section, paste the “COOKIE_VALUE” with the name “Cookie“
- We don’t need to paste anything in the Request Body section.
- The response would be an XML like below;
<?xml version="1.0" encoding="utf-8"?><d:GetContextWebInformation xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata" xmlns:georss="http://www.georss.org/georss" xmlns:gml="http://www.opengis.net/gml" m:type="SP.ContextWebInformation"><d:FormDigestTimeoutSeconds m:type="Edm.Int32">1799</d:FormDigestTimeoutSeconds><d:FormDigestValue>0x8EFFC4D6F2205483163EA201308EB0C8BB9223C78907DBDAF32FEA59DF48F78B2102180B179795A1AF3CC2402CAB5D7E30C3C81A9A4963BDA19199FB191F55BD,16 Oct 2015 10:51:33 -0000</d:FormDigestValue><d:LibraryVersion>16.0.4524.1214</d:LibraryVersion><d:SiteFullUrl>https://mysaptest.sharepoint.com/sites/XYZ</d:SiteFullUrl><d:SupportedSchemaVersions m:type="Collection(Edm.String)"><d:element>14.0.0.0</d:element><d:element>15.0.0.0</d:element></d:SupportedSchemaVersions><d:WebFullUrl>https://mysaptest.sharepoint.com/sites/XYZ</d:WebFullUrl></d:GetContextWebInformation> |
- The Digest Value is the highlighted portion above. (I.e) The value inside the tag, <d:FormDigestValue>.
So, now we have the Digest Token to do any operation in SharePoint site.
SAMPLE SPO OPERATION: Create SPO Site:
- It is a POST request.
- Resource URL should be, https://mysaptest.sharepoint.com/sites/XYZ/_api/web/webinfos/add
- Insert the headers “cookie” and “X-RequestDigest”.
- Click “Execute Request” button.
- The response would be with HTTP 200 or HTTP 204 header with/without an XML depending on the operation.
This confirms that we could connect to SharePoint Online system from REST Workbench.
Happy learning J
Regards,
Stenish Peter. S
- SAP Managed Tags:
