B2B Integration

 View Only
Expand all | Collapse all

Sterling B2B Integrator authentication for SharePoint Online

  • 1.  Sterling B2B Integrator authentication for SharePoint Online

    Posted Thu July 23, 2020 12:01 PM
    Edited by System Wed March 22, 2023 11:47 AM

    Hi all,

     

    Wondering if anyone has any experience with connecting from Sterling B2B Integrator to Office 365 SharePoint / SharePoint Online to download documents.

     

    I believe this requires "Modern Authentication", which seems to be an implementation of OAuth2.

     

    Can this be done with the Sterling Integrator HTTP Client Adapter ?

     

    Regards,

    Andrew.


    #SupplyChain
    #B2BIntegration


  • 2.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Fri July 24, 2020 05:00 AM
    Hi Andrew,

    I believe OAuth is not yet supported by Sterling B2Bi.

    Did you try downloading files with regular authentication either with HTTP or REST API?

    ------------------------------
    Rajasekhar Muthamsetty
    ------------------------------



  • 3.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Sun July 26, 2020 09:20 PM

    Thanks ​Rajasekhar,

    Basic Authentication is not supported on the particular server I seed to connect to, so I am not able to use this.

    Regards,
    Andrew.



    ------------------------------
    Andrew Plumb
    ------------------------------



  • 4.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Mon October 05, 2020 03:15 PM
    Hi Andrew,
    Have you found any solution for your issue?  I have similar use case to down load files from Citrix Share File ( https://api.sharefile.com/rest/) and load them in B2B user's mail box.

    Any one tried to call REST APIs with OAuth2 authentication with SI?

    Thanks
    Srini 


    ------------------------------
    Srini Parise
    ------------------------------



  • 5.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Thu October 08, 2020 10:42 PM
    Hi Srini,

    Unfortunately, I have not found any solution for this so far.

    Regards,
    Andrew.

    ------------------------------
    Andrew Plumb
    ------------------------------



  • 6.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Tue February 01, 2022 05:23 PM
    Hello,

    just found this.
    We are currently implementing the Graph API to exchange files with SPO.
    Yes, it's possible to use the standard HTTP Client adapter.

    Best regards
    Manuel

    ------------------------------
    Manuel Frank
    ------------------------------



  • 7.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Tue February 01, 2022 06:08 PM
    Hi Manuel,

    Thanks for the reply. Would you by any chance care to share any details about how you were able to achieve this ? (Are you using basic authentication ? ) 

    Any help would be greatly appreciated.



    ------------------------------
    Regards,
    Andrew Plumb
    ------------------------------



  • 8.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Wed February 02, 2022 01:45 AM
    Hi Andrew,

    unfortunately basic auth is not possible, as with most "modern" APIs.
    A good start is to look at MS documentation here.

    First your O365 admin has to register an app and provide the client id and client secret with the permission to use the API.

    In your BP call login.microsoftonline.com to get an auth bearer and use this to call graph.microsoft.com with the correct parameters to your SPO site.
    Based on what you want you have to call it several times e.g. until you can download a file (get site id, get drives, get files in that drive, doownload file from drive).

    As Graph works with JSON structure you have to convert the responses/requests always and also set some HTTP header with the MIME service.
    Just a hint, the JSON2XML service in the BP is in our version 6.0.2 still buggy, we had to write a little java code to use inside the BP.

    Let me know if you want something in more detail.

    Best regards
    Manuel


    ------------------------------
    Manuel Frank
    Integration Architect
    Andreas STIHL AG & Co. KG
    Waiblingen
    ------------------------------



  • 9.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Wed February 02, 2022 06:34 AM
    Hi Manuel,

    Any chance you could share your BP and java code (anything secret removed of course) please? :-)

    Lots of demand for this.

    Have you tried with the REST Client service? https://www.ibm.com/docs/en/b2b-integrator/6.1.1?topic=SS3JSW_6.1.1/integrating/integrating/integrator/REST_Client_Adapter.html

    Thanks,
    Richard.

    ------------------------------
    RICHARD CROSS
    ------------------------------



  • 10.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Wed February 02, 2022 08:07 AM
      |   view attached
    Hi Richard,

    as soon as I have a clean BP I can share the details.
    Attached the json2xml java code which we use.

    Yes, but as we are on 6.0.2 it does not support a auth bearer.

    Best regards
    Manuel

    ------------------------------
    Manuel Frank
    Integration Architect
    Andreas STIHL AG & Co. KG
    Waiblingen
    ------------------------------

    Attachment(s)

    txt
    java_json2xml.txt   1 KB 1 version


  • 11.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Thu February 03, 2022 07:18 AM
    Thank you Manuel! Very much appreciated.

    Best regards,
    Richard.

    ------------------------------
    RICHARD CROSS
    ------------------------------



  • 12.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Wed March 09, 2022 01:14 AM
    Edited by System Wed March 22, 2023 11:46 AM
    Hello,

    as promised some final BP code which we use to authenticate and put a file to a SPO site as the put was the hardest to implement :-)

    In the put you will see a choice segment where we use either CLA with curl or HTTP adapter. This is a workaround because sometimes the MS SharePoint server sends a TCP RST immediately after the TLS Client Hello of the HTTP adapter and we have no indication why it works sometimes and sometimes not.

    Feel free to ask any question.

    Best regards
    Manuel

    Edit: Some typos...
    ------------------------------
    Manuel Frank
    Integration Architect
    Andreas STIHL AG & Co. KG
    Waiblingen
    ------------------------------

    Attachment(s)

    xml
    STIHL_GRAPH_AUTH.xml   6 KB 1 version
    xml
    STIHL_GRAPH_PUT.xml   24 KB 1 version


  • 13.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Thu March 10, 2022 04:50 AM
    Thanks Manuel. You are a hero! :-)

    Best regards,
    Richard.

    ------------------------------
    RICHARD CROSS
    ------------------------------



  • 14.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Thu March 10, 2022 06:04 AM
    Yes, thanks a lot Manuel, that's a great example.

    ------------------------------
    Regards,
    Andrew Plumb
    ------------------------------



  • 15.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Thu March 17, 2022 05:13 AM
    Hi,

    one addition if you use the http client adapter  to upload.
    Be sure to replace blanks with "%20" in folder and filename string.
    Otherwise there will be a "Bad request" response from SharePoint.

    Best regards
    Manuel

    ------------------------------
    Manuel Frank
    Integration Architect
    Andreas STIHL AG & Co. KG
    Waiblingen
    ------------------------------



  • 16.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Sun March 20, 2022 10:39 PM

    Hi Manuel,

    I am trying to list the contents of a SharePoint Online (SPO) document library and then download the files from the list. When I call the API to download the file, the return is a HTTP 302  / redirect which points to our SPO site dns name ( not the graph api host ) hence requires a secondary connection. (as per your example for the PUT).

    I also got the TCP reset from the SPO host for the secondary connection...  and noticed the below in the Wireshark analysis of the TCP dump.

    Primary Connection - protocol for the beginning of the HTTPS session shows as "TLSv1.2":

    TLSv1.2 session negotiation

    Secondary Connection - protocol for the beginning of the HTTPS session shows as "SSL":
    SSL session negotiation

    Just wondering if you happened to check this in your investigation and found similar ?

    Regards,

    Andrew.


    ------------------------------
    Regards,
    Andrew Plumb
    ------------------------------



  • 17.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Mon March 21, 2022 04:21 AM
    Hi Andrew,

    in our case we see a TLS Client hello to the SPO site:

    But what I now suspect is that there is a cipher mismatch as the SPO only supports 4 (screen from ssllabs.com):

    The only one I found in the security.properties was TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.
    Once added to the CipherSuiteDefault property it seems to work always. But I am still in testing phase.

    Best regards
    Manuel

    ------------------------------
    Manuel Frank
    Integration Architect
    Andreas STIHL AG & Co. KG
    Waiblingen
    ------------------------------



  • 18.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Mon March 21, 2022 09:47 AM
    Thanks again for the very helpful info there Manuel.

    I have also added the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher into our StrongCipherSuite property and it is now a successful result for my initial testing of downloading files from SPO.

    I really appreciate your help on this.



    ------------------------------
    Regards,
    Andrew Plumb
    ------------------------------



  • 19.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Tue August 16, 2022 02:44 AM
    Hi,

    wanted to add one more thing.
    We faced sometimes a SSL handshake failure in the HTTP Client Method adapter to the SPO site.
    As Microsoft uses several services behind the same LBs it can occur that the server provides a different SSL certificate then the one for *.sharepoint.com.
    So to not run into this issue SNI should be used on SI side, which is available on 6.1.0.3.

    Best regards
    Manuel

    ------------------------------
    Manuel Frank
    Integration Architect
    Andreas STIHL AG & Co. KG
    Waiblingen
    ------------------------------



  • 20.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Tue August 16, 2022 03:08 AM
    Hi Manuel,

    Thanks - yes, I faced the same SSL handshake failure experience. I resolved it though (in v5.2.6.1) by adding the multiple CA certificates for the different MS sites into a CA certificate group, and then just adding the group to the trading partner profile transport record rather than an individual CA certificate.

    Regards,

    ------------------------------
    Andrew
    ------------------------------



  • 21.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Tue August 16, 2022 03:30 AM
    Hi Andrew,

    that's a great hint. Usually we do not use trading partner profiles in a lot of integration scenarios but I will try this.
    But we already plan to go to SI version 6.1.

    Best regards
    Manuel

    ------------------------------
    Manuel Frank
    Integration Architect
    Andreas STIHL AG & Co. KG
    Waiblingen
    ------------------------------



  • 22.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Wed May 24, 2023 02:39 PM
    Edited by Kristen Park Fri May 26, 2023 09:19 AM

    Hi Andrew,


    I have requirement to download a file from SharePoint through sterling integrator. if you have done this already Could you Please help share the BP if possible.

    Thanks

    Jagan S



    ------------------------------
    Jagan Sampath
    ------------------------------



  • 23.  RE: Sterling B2B Integrator authentication for SharePoint Online

    Posted Sun May 28, 2023 06:57 PM

    Hi Jagan,

    If you check the earlier posts in this thread, there are sample BPs and Java code posted by Manuel Frank, which is the code I have used to create a working integration between Sterling B2B Integrator and SharePoint Online. Also outlined above are some potential issues to look out for with the connection to the MS servers, related to certificates and ciphers.

    Regards,
    Andrew.



    ------------------------------
    Andrew
    ------------------------------