{"id":21655920,"url":"https://github.com/koltyakov/spvault","last_synced_at":"2025-04-11T21:32:57.629Z","repository":{"id":73405109,"uuid":"327092464","full_name":"koltyakov/spvault","owner":"koltyakov","description":"SharePoint Authentication Vault gRPC Server","archived":false,"fork":false,"pushed_at":"2021-01-16T23:31:49.000Z","size":594,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-04-14T23:12:10.875Z","etag":null,"topics":["auth","authentication","go","golang","grpc","sharepoint"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/koltyakov.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-05T19:01:16.000Z","updated_at":"2024-06-19T07:47:40.876Z","dependencies_parsed_at":"2023-07-08T08:16:28.670Z","dependency_job_id":null,"html_url":"https://github.com/koltyakov/spvault","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/koltyakov%2Fspvault","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/koltyakov%2Fspvault/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/koltyakov%2Fspvault/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/koltyakov%2Fspvault/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/koltyakov","download_url":"https://codeload.github.com/koltyakov/spvault/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248482916,"owners_count":21111400,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth","authentication","go","golang","grpc","sharepoint"],"created_at":"2024-11-25T08:37:46.832Z","updated_at":"2025-04-11T21:32:57.595Z","avatar_url":"https://github.com/koltyakov.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SPVault - SharePoint Vault\n\n\u003e SharePoint Authentication Vault gPRC server\n\n__Project status: WIP, PoC__\n\n## What the project intends solving\n\n- Provide and abstract SharePoint authentication interface via gPRC.\n- Issue SharePoint authentication headers/cookies using client tokens (when a client doesn't know actual credentials).\n- Showcase some basic gRPC scenarios together with SharePoint ecosystem.\n\n## Development\n\n### Prerequisites\n\n- Protocol Buffers v3 (`protoc` compiler)\n- Go v1.16 or greater\n- protoc-gen-go-grpc\n\n#### Installing `protoc`\n\n**On a mac:**\n\n```bash\nbrew install protobuf\n```\n\n**In Windows:**\n\n```bash\nchoco install protoc\n```\n\n#### Installing `protoc-gen-go-grpc`\n\n```bash\ngo get -u google.golang.org/grpc/cmd/protoc-gen-go-grpc\n```\n\nVerify `$GOPATH/bin` is in `PATH` environment variable (`export PATH=$PATH:$GOPATH/bin`).\n\n### Gererate Protobuf\n\n```bash\nmake generate\n```\n\n### Create sertificates\n\n```bash\n\n```\n\n### Run a server\n\n```bash\nmake server\n```\n\n### Run test client (Go)\n\nCreate `./config/private.json` corresponding to [gosip auth format](https://go.spflow.com/auth/overview). Add and extra field named \"strategy\". Use one of the possible strategies: addin, adfs, fba, saml, tmg.\n\nRun client\n\n```bash\nmake client-go\n```\n\nor with a redefined path:\n\n```bash\nmake client-go private=\"./config/private.addin.json\" scenario=register\nmake client-go scenario=auth:token token=\nmake client-dotnet token=\n```\n\nClient output contains auth bearer/cookie:\n\n```txt\nToken: eyJ0eXAiOiJ...7OqF7sX2J3JfXKZH2keuqLs_boSDEa47vw\nToken type: Bearer\nExpires on: 2021-01-07 08:24:25 -0600 CST\n```\n\n#### Scenarios\n\nScenario | Command\n---------|--------\nRegister authentication | ```make client-go scenario=register```\nAuth with creds         | ```make client-go scenario=auth:creds```\nAuth with token         | ```make client-go scenario=auth:token token=9375a36f-049a-41af-aacc-2caac9e20882```\nDe-Register auth        | ```make client-go scenario=deregister token=9375a36f-049a-41af-aacc-2caac9e20882```\n\n### Run test client (.Net Core)\n\n```bash\nmake client-dotnet token=32118847-bf0f-4822-9f2a-1bad30077f06\n```\n\nWhere token value is the one copied from `make client-go scenario=register` output.\n\n## Demo\n\n![Demo](./assets/demo.gif)\n\nWhat's happening here:\n\n1\\. Register an authentication:\n\n```bash\nmake client-go private=\"./config/private.addin.json\" scenario=register\n```\n\n`./config/private.addin.json` contains authentication parameters for an Addin:\n\n```json\n{\n  \"siteUrl\": \"https://contoso.sharepoint.com/sites/site\",\n  \"strategy\": \"addin\",\n  \"clientId\": \"924ca7f3-535e-4e12-b0c8-4fec9622107e\",\n  \"clientSecret\": \"CgnihMbRphqRKXlK0...3t0BF0M7XLlZ/0QCgw=\"\n}\n```\n\nVault server caches the authentication and returns registration ID, its internal identity per the registration.\n\n2\\. Go client authenticates with a token:\n\n```bash\nmake client-go scenario=auth:token token=bf2a33a9-16d3-451f-8dbd-edde15541cb7\n```\n\n3\\. DotNet Core client authenticates with a token:\n\n```bash\nmake client-dotnet token=bf2a33a9-16d3-451f-8dbd-edde15541cb7\n```\n\nDotNet client authentiation visually takes longer, that's mostly because `dotnet run` is used under the hood and therefore compilation penalty.\n\n4\\. Received Bearer tokens can be used in Authentication header to access SharePoint API resources.\n\nA client, which was provided with registration token should also know SharePoint site URL.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkoltyakov%2Fspvault","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkoltyakov%2Fspvault","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkoltyakov%2Fspvault/lists"}