Office365-rest-python-client: Error in acquire_token_for_user

I have got the exact same issue

Same, this just popped up, can't access share point anymore.

I have the same issue and can't access to the enterprise sharepoint. In other issue (#76 , at 5 Aug 2018) shows the next solution (that did not works for me yet):

_Resolved. The issue was the use of a company user, for which a check is performed, only via browser, between Azure Active Directory and internal Active Direcotry. For the batch script, I have created a user in the cloud AAD._

Actually, i have my user in the AAD, but i still can't access :( any solution/clue?

My code works:
userName = 'myusername'
passWord = 'mypassword'
ctx_auth.acquire_token_for_user(username=userName, password=passWord)

It works for me too. The URL can also be something like "https://mycompany.sharepoint.com/sites/AnotherSite" or "https://mycompany.sharepoint.com/sites/AnotherSite/Subsite"

Try with this code instead:

from office365.runtime.auth.authentication_context import AuthenticationContext
from office365.runtime.client_request import ClientRequest
from office365.runtime.utilities.request_options import RequestOptions

user_credentials = {
    'username' : '[email protected]',
    'password' : 'my_password'
}

site_url = "https://mycompany.sharepoint.com/"

ctx_auth = AuthenticationContext(site_url)
if ctx_auth.acquire_token_for_user(user_credentials['username'], user_credentials['password']):
  request = ClientRequest(ctx_auth)
  options = RequestOptions("{0}/_api/web/lists".format(site_url))
  options.set_header('Accept', 'application/json')
  options.set_header('Content-Type', 'application/json')
  data = request.execute_request_direct(options)
  s = json.loads(data.content)

This problem should be fixed with PullRequest #168
You should now see a more specific error message.
We got this specific error whenever the authentication failed.

Note: You have to upgrade to the latest version 2.1.6-1

Hey Mark, @KasperSvendsen and @fpinab,

just a small update, since you mentioned:

Actually, i have my user in the AAD

i believe you refer to Office 365 Single Sign-On for ADFS scenario, this flow was not supported and that's probably the reason why the provided error occurred.

The good news, the support for SAML-based federated authentication with SharePoint Online has been introduced in version 2.1.7, meaning authentication with Active Directory user accounts should we working as expected now.

Prerequisites

It is assumed Multi-factor authentication for a user is disabled

Notes

since the new version has not yet been released to PyPi, it needs to be installed from GitHub instead at the moment, like this:

pip install git+https://github.com/vgrem/Office365-REST-Python-Client.git

Cheers,
Vadim

@vgrem
I have updated to the new version in order to try to support ADFS scenario. but i still doesn't work.
below is the code example:

from office365.runtime.auth.authentication_context import AuthenticationContext
account = "[email protected]"
password = "example"
url = "https://example.sharepoint.com/sites/base-dok-testing"

ctx_auth = AuthenticationContext(url)
ctx_auth.acquire_token_for_user(account, password)

below is the log:

16/Jun/2020 10:18:15] DEBUG [none] [office365.runtime.auth.saml_token_provider.SamlTokenProvider.acquire_token:acquire_token:45] acquire_token called
[16/Jun/2020 10:18:15] DEBUG [none] [office365.runtime.auth.saml_token_provider.SamlTokenProvider.acquire_token:acquire_token:48] Acquiring Access Token..
[16/Jun/2020 10:18:15] DEBUG [none] [urllib3.connectionpool:_new_conn:955] Starting new HTTPS connection (1): login.microsoftonline.com:443
[16/Jun/2020 10:18:16] DEBUG [none] [urllib3.connectionpool:_make_request:428] https://login.microsoftonline.com:443 "POST /GetUserRealm.srf HTTP/1.1" 200 1448
[16/Jun/2020 10:18:16] DEBUG [none] [urllib3.connectionpool:_new_conn:955] Starting new HTTPS connection (1): fs.kerialis.fr:443
[16/Jun/2020 10:18:20] DEBUG [none] [urllib3.connectionpool:_make_request:428] https://fs.kerialis.fr:443 "POST /adfs/services/trust/2005/usernamemixed HTTP/1.1" 200 6542
[16/Jun/2020 10:18:20] DEBUG [none] [urllib3.connectionpool:_new_conn:955] Starting new HTTPS connection (1): login.microsoftonline.com:443
[16/Jun/2020 10:18:21] DEBUG [none] [urllib3.connectionpool:_make_request:428] https://login.microsoftonline.com:443 "POST /rst2.srf HTTP/1.1" 200 3499
[16/Jun/2020 10:18:21] DEBUG [none] [urllib3.connectionpool:_new_conn:955] Starting new HTTPS connection (1): kerialisfr.sharepoint.com:443
[16/Jun/2020 10:18:21] DEBUG [none] [urllib3.connectionpool:_make_request:428] https://kerialisfr.sharepoint.com:443 "HEAD /sites/base-dok-testing/_vti_bin/idcrl.svc HTTP/1.1" 401 0
[16/Jun/2020 10:18:21] ERROR [none] [office365.runtime.auth.saml_token_provider.SamlTokenProvider.acquire_authentication_cookie:acquire_authentication_cookie:208] An error occurred while retrieving auth cookies from https://kerialisfr.sharepoint.com/sites/base-dok-testing/_vti_bin/idcrl.svc

@Simplici, are you positive the version v2.1.8 or later is utilized on your side?

Otherwise you might be stumble upon the same issue as was reported here.

@vgrem i was using 2.1.7.post1.

i update to the latest release 2.1.9, the result is the same.

my colleague has made some modification and then it works: https://github.com/vgrem/Office365-REST-Python-Client/issues/210.

@vgrem I have the same issue. The below code returns the error "An error occurred while retrieving auth cookies from https://company.sharepoint.com/_vti_bin/idcrl.svc"

I have 2.1.7.post1 installed as well but I do not have admin access to check on the multi factor authentification.

from office365.runtime.auth.authentication_context import AuthenticationContext
from office365.sharepoint.client_context import ClientContext
from office365.sharepoint.file import File

url = 'https://company.sharepoint.com'
username = '[email protected]'
password = 'xxx'

ctx_auth = AuthenticationContext(url)

if ctx_auth.acquire_token_for_user(username, password):
ctx = ClientContext(url, ctx_auth)
web = ctx.web
...