Office365-REST-Python-Client icon indicating copy to clipboard operation
Office365-REST-Python-Client copied to clipboard
verified publisher icon vgrem

Cannot get binary security token for from https://login.microsoftonline.com/extSTS.srf

Open thibedi-phathela opened this issue 1 year ago • 4 comments

Hello!

Has anyone encountered an authentication issue recently using the Office365 library?

ERROR:office365.runtime.auth.providers.saml_token_provider.SamlTokenProvider._process_service_token_response:Cannot get binary security token for from https://login.microsoftonline.com/extSTS.srf An error occurred: Cannot get binary security token for from https://login.microsoftonline.com/extSTS.srf

site_url = "" username = "" password = ""

ctx_auth = AuthenticationContext(url=site_url) if not ctx_auth.acquire_token_for_user(username=username, password=password): exit(1)

ctx = ClientContext(site_url, ctx_auth)

def download_files_from_folder(folder_url, local_path): try: folder = ctx.web.get_folder_by_server_relative_url(folder_url) ctx.load(folder) ctx.execute_query()

    if not os.path.exists(local_path):
        os.makedirs(local_path)

    files = folder.files
    ctx.load(files)
    ctx.execute_query()
    for file in files:
        download_path = os.path.join(local_path, file.name)
        with open(download_path, "wb") as local_file:
            file.download(local_file)
            ctx.execute_query()
        print(f"File downloaded: {download_path}")
except Exception as e:
    print(f"An error occurred: {e}")

folder_url = "" local_path = ""

download_files_from_folder(folder_url, local_path)

Is there anything that has changed or that I'm missing ?

thibedi-phathela avatar May 15 '24 21:05 thibedi-phathela

Same issue here ✋
When I login manually, no additional verification is required, only name + pass

adamhospodka avatar Aug 08 '24 07:08 adamhospodka

The problem is with authentication. In my case, I couldn't use my credentials (user and password) because of the way my company setup the access to the Sharepoint.

The solution can be found in the section "Setting up an app-only principal with tenant permissions" of https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs

Once you have access to client_id and client_secret, use them to create the authentication. Please, see the example below:

from office365.sharepoint.client_context import ClientContext from office365.runtime.auth.authentication_context import AuthenticationContext

client_id="{client id}" client_secret="{client secret}" url = "https://{tenant}.sharepoint.com/sites/{site}"

ctx_auth = AuthenticationContext(url) if ctx_auth.acquire_token_for_app(client_id, client_secret): ctx = ClientContext(url, ctx_auth) web = ctx.web ctx.load(web) ctx.execute_query() print("Web title: {0}".format(web.properties['Title']))

else: print(ctx_auth.get_last_error())

ClearSafety avatar Nov 07 '24 17:11 ClearSafety

If my company does not permit us to create apps, what is the suggested alternative?

abubelinha avatar Dec 03 '25 14:12 abubelinha

You could try to use PowerAutomate to intermediate the connection between you code and the sharepoint. In the premium license, you can create a webhook as a trigger, do whatever you need in the sharepoint.

ClearSafety avatar Dec 03 '25 14:12 ClearSafety