onedrive-api-docs: [OneDriveSDK] calling xhr failure callback, status: 401

Expected or Desired Behavior

Using the OneDrive JS file picker v7.2 should return a share url when an accessToken and endpointHint are provided and when the action is set to share

Observed Behavior

It seems like the SDK is receiving a 401 when making its request. It is logging in the browser console, provided below:

[OneDriveSDK] calling xhr failure callback, status: 401
// redacted XMLHttpRequest object
response: {"error":{"innerError":{"code":"invalidSignature"},"code":"unauthenticated","message":"Token contains invalid signature."}}

[OneDriveSDK] Received ajax error.
{
  "errorCode": "webRequestFailure",
  "message": "HTTP error status: 401"
}

[OneDriveSDK] Failed due to unknown error:
TypeError: Cannot read property 'length' of undefined
    at Object.t.shareItems (OneDrive.js:2)
    at OneDrive.js:2
    at OneDrive.js:10
    at H (OneDrive.js:10)
    at A (OneDrive.js:10)
    at MutationObserver.f (OneDrive.js:10)

Steps to Reproduce

Note: secrets like clientId, accessToken and endpointHint, are provided by the server and are redacted in this sample.

Configure the OneDrive file picker with the following options:

  var onedrive_options = {
    clientId: REDACTED-PROVIDED-FROM-SERVER,
    action: 'share',
    multiSelect: true,
    advanced: {
      accessToken: REDACTED-PROVIDED-FROM-SERVER
      endpointHint: REDACTED-PROVIDED-FROM-SERVER
    },
    success: function(data) {
      console.log(data);
    },
    cancel: function(data) {
      console.log(data);
    },
    error: function(e) {
      console.error(e);
    }
  }
}

For convenience, here’s a repo you can clone and run yourself: https://github.com/conradmuan/onedrive-bug-report-repo

Opening the picker works fine but after clicking on a file, the SDK logs the errors listed above.
This happens with OneDrive for business accounts (have not confirmed on personal accounts)

Thank you.

(cc @kevintcoughlin)

About this issue

Original URL
State: closed
Created 6 years ago
Comments: 30 (12 by maintainers)

Most upvoted comments

Is there any update here?

I’m testing it with a MS personal account
using action: 'share'
providing a valid access token (I tested calling the graph API using Postman).
endpointHint: 'api.onedrive.com'

Everything seems to be working fine, but when I select the file, I still got the 401 error when the file picker perform the API request to get the shareable link.

cbuffevant on Oct 31, 2019

Hi @kevklam

Setting the endpointHint value to the following variants don’t work. Here are the results:

https://graph.microsoft.com/v1.0/ (and without the trailing /)

{
  "error": {
    "code": "InvalidAuthenticationToken",
    "message": "Access token is empty.",
    "innerError": {
      "request-id": "f0f49166-c465-466f-bbdb-e97c6ff51913",
      "date": "2019-01-08T22:16:48"
    }
  }
}

(Though I can confirm that in this case, I am providing an accessToken)

https://graph.microsoft.com/ (and without the trailing /)

This just redirects the picker to a page, https://developer.microsoft.com/en-us/graph.

Understood re not your domain knowledge so I appreciate the time you took in explaining how the picker interacts with the web apis

conradmuan on Jan 8, 2019

Here are my findings in the hope that this can be resolved:

This issue is not restricted to the share action alone. I am getting the same issues using the download action. The query action works and returns an object with file details as expected. Using the query action I have noted that the accessToken property is not required. If its not there you are required to authenticate via the popup. If you have a token you are passed through to the endpointHint as expected.

The issue lies when using download or share. If I remove the accessToken property using the download or share action, I receive:

[OneDriveSDK] Failed due to unknown error

So therefore accessToken is required if using the endpointHint with the download or share action. Using the same process of handing over an accessToken I tested with the query action, if we were to use the download or share action we get the dreaded 401 error back when selecting a document.

The only solution at the moment seems to be not using the endpointHint property in the options (not ideal). Therefore, by default you end up in your OneDrive for Business document store e.g. https://contoso-my.sharepoint.com/personal/foo_contoso_onmicrosoft_com/ (if you select a file here an object with file details is returned to your app as expected) and if you are able to navigate to the sharepoint site or document library required (therefore, don’t disable navigation you will get an error). In this scenario you are able to select a file and those details are returned to your app with no errors.

Obviously these findings are related to my requirements of opening the popup at a specific sites document library/store. In an ideal world I would like to disable the navigation sidebar and select the columns disabled.

matfricker on Nov 29, 2019

@etyp Yes. I know. I am encountering the same issue. My comment was a response to KevinTCoughlin’s comment.

penspinner on Jan 14, 2019

@KevinTCoughlin happy to but would like to clarify something (forgive me for my ignorance here)

Is a consumer account a OneDrive personal (non enterprise?)

No worries, and yes it is.

KevinTCoughlin on Dec 14, 2018

Hi @KevinTCoughlin, glad my repro repo helped out! I wanted to isolate this and make it as easy as possible to repo.

What other additional data points do you require? Happy to provide!

Would you be able to test the following with your consumer account?

Set endpointHint = "api.onedrive.com"
Provide a valid accessToken which you can get from query params after signing-in at https://developer.microsoft.com/en-us/graph/graph-explorer
Select a file to “share”
Does the request 401?
Unset endpointHint from the config options
Repeat file sharing
Does the request 401?