Office365-rest-python-client: An error occurred while retrieving auth cookies from https://mycompany.sharepoint.com/sites/documentssite//_vti_bin/idcrl.svc

Created on 5 Aug 2020 · 3Comments · Source: vgrem/Office365-REST-Python-Client

Hello there,

Context of the issue

I'm working with the version 2.1.7.post1 (according to pip freeze), no MFA required to log in sharepoint.
I'm currently trying to get an excel file from the company's sharepoint, with the following script (built from README of the project) :

from office365.runtime.auth.authentication_context import AuthenticationContext
from office365.sharepoint.client_context import ClientContext
from office365.sharepoint.file import File

url = 'https://mycompany.sharepoint.com/sites/documentssite/'

ctx_auth = AuthenticationContext(url)
if ctx_auth.acquire_token_for_user(username, password):
    ctx = ClientContext(url, ctx_auth)
    web = ctx.web
    ctx.load(web)
    ctx.execute_query()
    print("Web title: {0}".format(web.properties['Title']))

Running this script provides the following output :
An error occurred while retrieving auth cookies from https://mycompany.sharepoint.com/sites/documentssite//_vti_bin/idcrl.svc

Some details about the issue

I noticed by running this script in debug mode, that the issue comes from the method acquire_authentication_cookie of the class SamlTokenProvider
Actually, the method is called with federated=True so the HTTP request is done at https://mycompany.sharepoint.com/sites/documentssite//_vti_bin/idcrl.svc with the HEAD method. You can find below the part where it fails :

     def acquire_authentication_cookie(self, security_token, federated=False):
        ...
        else:
            self._auth_cookies['SPOIDCRL'] = None
            session.head(self.__sts_profile.signInPageUrl,
                         headers={
                             'User-Agent': 'Office365 Python Client',
                             'X-IDCRL_ACCEPTED': 't',
                             'Authorization': 'BPOSIDCRL {0}'.format(security_token),
                             'Content-Type': 'application/x-www-form-urlencoded'
                         })
        logger.debug_secrets("session.cookies: %s", session.cookies)
        cookies = requests.utils.dict_from_cookiejar(session.cookies)
        logger.debug_secrets("cookies: %s", cookies)
        if not cookies:
            self.error = "An error occurred while retrieving auth cookies from {0}".format(self.__sts_profile.signInPageUrl)
            logger.error(self.error)
            return False

The response does not contain any cookie, that's why I get the message error.

By the way, I got the same problem when I set url to 'https://mycompany.sharepoint.com'.

Let me know if I haven't given enough details about the issue.
Thank you in advance !

question

Source

NathanSalez

All 3 comments

Some news about the issue :

When I make a HEAD request to https://mycompany.sharepoint.com/sites/documentssite//_vti_bin/idcrl.svc with curl, I got redirected to https://mycompany.sharepoint.com/_vti_bin/idcrl.svc/ (response code : 307).

So I made a HEAD request to this link, I got a Method Not Allowed response...
I guess the issue comes from my company's side..

NathanSalez on 6 Aug 2020

👍1

Greetings!

Thank you for the provided details!

2.1.7.post1 is a bit outdated at the moment, could you please give it another shot but with the _latest_ version (2.1.10.1 at the moment), it could be downloaded via GitHub:

pip install git+https://github.com/vgrem/Office365-REST-Python-Client.git

or from an alternative index

A few bug fixes have been resolved since then in terms of authentication.