Calling /_vti_bin/homeapi.ashx/sites/recent using SharePointOnlineCredentials

Pablo Glomby 186 Reputation points
2021-01-11T15:04:36.89+00:00

Hi!
I am trying to call /_vti_bin/homeapi.ashx/sites/recent to get the recent sites for a given user.
The way I login is by using SharePointOnlineCredentials (username + pwd)
The code I use is:
using (var client = new WebClient())
{
client.Credentials = creds;
client.Headers.Add("X-RequestDigest", dig.DigestValue);
client.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED", "f");
client.Headers.Add(HttpRequestHeader.ContentType, "application/json;odata=verbose");
client.Headers.Add(HttpRequestHeader.Accept, "application/json;odata=verbose");
client.Headers.Add(HttpRequestHeader.UserAgent, "Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0");
client.Headers.Add("SPHome-ClientType", "SharePointIOS");
var endpointUri = new Uri(szRequestURL);
byte [] answer= client.DownloadData(szRequestURL);
}

But I get an error 401. If I login using MSAL or ADAL (so I register an app) then it works (here I don't use SharePointOnlineCredentials)... but in some customers I cannot register an app.

Is it possible to call that REST API using SharePointOnlineCredentials?

Thanks

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,716 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,742 questions
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,576 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,665 questions
Accepted answer
  1. Baker Kong-MSFT 3,791 Reputation points
    2021-01-12T05:58:29.793+00:00

    Hi @Pablo Glomby ,

    Please take a reference of below code, it works fine in my SPO environment. 

    using Microsoft.SharePoint.Client;  
using System;  
using System.Collections.Generic;  
using System.Linq;  
using System.Net;  
using System.Net.Http;  
using System.Security;  
using System.Text;  
using System.Threading.Tasks;  
using System.Xml;  
  
namespace TeamifySharePointClassicSite.CsRest  
{  
    class PabloGlomby  
    {  
  
        private static readonly string siteurl = "https://{tenant}.sharepoint.com";  
        private static readonly string username = "admin@{tenant}.onmicrosoft.com";  
        private static readonly string password = "{password}";  
  
        static void Main(string[] args)  
        {                            
            var httpclient = getCookieHttpClient();  
            httpclient.DefaultRequestHeaders.Add("SPHome-ClientType", "SharePointIOS");  
            string step3url = $"{siteurl}/_vti_bin/homeapi.ashx/sites/recent";  
            var res = httpclient.GetAsync(step3url).Result;  
  
            Console.WriteLine(res.Content.ReadAsStringAsync().Result);  
            Console.ReadKey();  
  
            httpclient.Dispose();  
        }  
  
        //  Get Cookie  
        private static HttpClient getCookieHttpClient()  
        {  
            var cookiecontainer = new CookieContainer();  
            var handler = new HttpClientHandler()  
            {  
                CookieContainer = cookiecontainer  
            };  
            HttpClient hclient = new HttpClient(handler);  
  
            var contentxml = new XmlDocument();  
            contentxml.LoadXml(Properties.Resources.bk);  
  
            XmlNode usernamenode = contentxml.GetElementsByTagName("Username", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")[0];  
            usernamenode.InnerText = username;  
  
            XmlNode passwdnode = contentxml.GetElementsByTagName("Password", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")[0];  
            passwdnode.InnerText = password;  
  
            XmlNode endpoint = contentxml.GetElementsByTagName("EndpointReference", "http://www.w3.org/2005/08/addressing")[0].FirstChild;  
            endpoint.InnerText = new Uri(siteurl).GetLeftPart(UriPartial.Authority);  
  
            var content = contentxml.OuterXml;  
  
            var httpcontent = new StringContent(content, Encoding.UTF8, "application/xml");  
            var step1url = "https://login.microsoftonline.com/extSTS.srf";  
            HttpResponseMessage res1 = hclient.PostAsync(step1url, httpcontent).Result;  
  
            var res1con = res1.Content.ReadAsStringAsync().Result;  
            Console.WriteLine(res1con);  
  
            XmlDocument resxml = new XmlDocument();  
            resxml.LoadXml(res1con);  
            XmlNode securitytoken = resxml.GetElementsByTagName("BinarySecurityToken", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")[0];  
            string token = securitytoken.InnerText;  
  
            Console.WriteLine("the security token is {0}", token);      
  
            //step2  
  
            string step2url = $"{new Uri(siteurl).GetLeftPart(UriPartial.Authority)}/_forms/default.aspx?wa=wsignin1.0";  
            HttpContent hcontent2 = new StringContent(token, Encoding.UTF8, "text/plain");  
            HttpResponseMessage res2 = hclient.PostAsync(step2url, hcontent2).Result;  
  
            Console.WriteLine($"step2 result is {res2}{Environment.NewLine}------{Environment.NewLine}");  
  
            //step3          
            return hclient;  
        }      
    }  
}

    Test result:

    55540-image.png

    Note: the resource file (Properties.Resources.bk) has attached. bk.xml

    Best Regards,
    Baker Kong

    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest