programmatically authenticating users for office 365 using JavaScript

Question

<!DOCTYPE html>

 <html xmlns="www.w3.org/.../xhtml"&gt;

 <head runat="server">

     <title></title>

     <script src="ajax.googleapis.com/.../script&gt;

     <script type="text/javascript">

         $(document).ready(function () {

                debugger;

             login(<office 365>, '<pwd>', <office 365 sit>/_forms/default.aspx?wa=wsignin1.0', function () {

                 $.ajax({

                     url: <office site>/sites/Sitename/_api/web/title',

                     dataType: 'text',

                     type: 'GET',

                     success: function (result, textStatus, jqXHR) {

                         $('#results').text(result);

                     }

                 });

             }, function () {

                 //$('#results').text('Result: failed');

                 alert('fail :(')

             });

         });

         function login(userID, password, url, successBlock, failBlock) {

              $.support.cors = true;

             $.ajax({

                 url: 'login.microsoftonline.com/extSTS.srf',

                 dataType: 'text',

                 type: 'POST',

                 crossDomain: true,

                 data: getSAMLRequest(userID, password, url),

                 headers: {

                     Accept: "application/soap+xml; charset=utf-8"

                 },

                 success: function (result, textStatus, jqXHR) {

                     var xmlDoc = $.parseXML(result);

                     var xml = $(xmlDoc)

                     var securityToken = xml.find("BinarySecurityToken").text();

                     $('#results').text(result);

                     alert(result);

                     alert(textStatus);

                     alert(jqXHR);

                     if (securityToken.length == 0) {

                         alert('came here');

                         failBlock();

                     }

                     else {

                         $.ajax({

                             url: url,

                             dataType: 'text',

                             type: 'POST',

                             data: xml.find("BinarySecurityToken").text(),

                             headers: {

                                 Accept: "application/x-www-form-urlencoded"

                             },

                             success: function (result, textStatus, jqXHR) {

                                 successBlock();

                             },

                             error: function (jqXHR, textStatus, errorThrown) {

                                 failBlock();

                             }

                         });

                     }

                 },

                 error: function (jqXHR, textStatus, errorThrown) {

                     alert('jqXHR:' + jqXHR + '***textStatus:' + textStatus + '***errorThrown:' + errorThrown);

                     failBlock();

                 }

             });

         }

         function getSAMLRequest(userID, password, url) {

             return '<s:Envelope'

             + 'xmlns:s="www.w3.org/.../soap-envelope"'

             + 'xmlns:a="www.w3.org/.../addressing" '

             + 'xmlns:u="docs.oasis-open.org/.../oasis-200401-wss-wssecurity-utility-1.0.xsd"&gt; '

             + '<s:Header> '

             + '<a:Action s:mustUnderstand="1">schemas.xmlsoap.org/.../a:Action&gt; '

             + '<a:ReplyTo> '

             + '<a:Address>www.w3.org/.../a:Address&gt; '

             + '</a:ReplyTo> '

             + '<a:To s:mustUnderstand="1">login.microsoftonline.com/.../a:To> '

             + '<o:Security '

             + 's:mustUnderstand="1" '

             + 'xmlns:o="docs.oasis-open.org/.../oasis-200401-wss-wssecurity-secext-1.0.xsd"&gt; '

             + '<o:UsernameToken> '

             + '<o:Username>' + userID + '</o:Username> '

             + '<o:Password>' + password + '</o:Password> '

             + '</o:UsernameToken> '

             + '</o:Security> '

             + '</s:Header> '

             + '<s:Body> '

             + '<t:RequestSecurityToken xmlns:t="schemas.xmlsoap.org/.../trust"&gt; '

             + '<wsp:AppliesTo xmlns:wsp="schemas.xmlsoap.org/.../policy"&gt; '

             + '<a:EndpointReference> '

             + '<a:Address>' + url + '</a:Address> '

             + '</a:EndpointReference> '

             + '</wsp:AppliesTo> '

             + '<t:KeyType>schemas.xmlsoap.org/.../t:KeyType&gt; '

             + '<t:RequestType>schemas.xmlsoap.org/.../t:RequestType&gt; '

             + '<t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>'

             + '</t:RequestSecurityToken>'

             + '</s:Body> '

             + '</s:Envelope>';

         }

     </script>

 </head>

 <body>

     <form id="form1" runat="server">

     <div id="results">

     </div>

     </form>

 </body>

 </html>

but irrespective of passing user id and password

it returns invalid STS token ,  any  clues?

<S:Detail><psf:error><psf:value>0x80048820</psf:value><psf:internalerror><psf:code>0x80045c01</psf:code><psf:text>Invalid STS request. </psf:text></psf:internalerror></psf:error></S:Detail></S:Fault></S:Body></S:Envelope>

Answer 1

Hi Alan,

could you pls suggest on what api to use for authenticating office 365 through JavaScript .Above error is thrown on invoking office 365 login .

Regards,

Swai

Answer 2

Hi Rakesh,

For JavaScript related issues, we can provide limited resources. Given the situation, we suggest you contact the dedicatedMSDN forumfor the assistance. This forum mainly focuses on Office 365 for Business online services.

Kindly your understanding is highly valued.

Regards,

Alan