MS Graph API returns 500 internal server error when querying sharepoint site

Question

Short description:

I have tried to query sites from my test sharepoint: {my_name}.sharepoint.com using the REST interface natively from an http request and also by using the Graph SDK. Authentication goes fine, I am able to acquire a token using both methods. I have already made an app registration, granted permissions and provided admin consent for them on portal.azure.com.

Authentication:

http request code:

                FormUrlEncodedContent content = new FormUrlEncodedContent(new[] {                 
                    new KeyValuePair<string, string>("client_id", $"{ClientId}"),
                    new KeyValuePair<string, string>("scope", "https://graph.microsoft.com/.default"),
                    new KeyValuePair<string, string>("grant_type", "client_credentials"),
                    new KeyValuePair<string, string>("client_secret", ClientSecret)
                });
                string url = $"https://login.microsoftonline.com/{TenantId}/oauth2/v2.0/token";
                Console.WriteLine(url);
                var message = new HttpRequestMessage(HttpMethod.Post, url);
                message.Content = content;
                message.Content.Headers.ContentType = new MediaTypeHeaderValue("application/x-www-form-urlencoded");
                message.Headers.Accept.Clear();
                message.Headers.Accept.TryParseAdd("application/json");
                var response = await httpClient.SendAsync(message);

 

Graph SDK code:

            IConfidentialClientApplication app = 
                ConfidentialClientApplicationBuilder
                    .Create(clientId)
                    .WithClientSecret(clientSecret)
                    .WithAuthority(new Uri($"https://login.microsoftonline.com/{GetWWWAuthResponseHeaders(domain)["Bearer realm"]}")
                ).Build();
                var authenticationResult = await app.AcquireTokenForClient(new string[] { "https://graph.microsoft.com/.default" }).ExecuteAsync();

 

            var graphClient = new GraphServiceClient(
                new DelegateAuthenticationProvider(requestMessage => {
                    requestMessage.Headers.Authorization =
                        new AuthenticationHeaderValue("bearer", authenticationResult.AccessToken);
                    return Task.FromResult(0);
                })
            );

The request producing the error:

native http code:

                string url = $"https://graph.microsoft.com/v1.0/sites/{Domain}:/sites/{Site}";
                Console.WriteLine($"url: {url}");
                HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, url);
                request.Headers.Add("Authorization", $"Bearer {Token.Token}");
                request.Headers.Add("Accept", "application/json");
                HttpResponseMessage response = await httpClient.SendAsync(request);
                responseBody = await response.Content.ReadAsStringAsync();

Graph SDK Code:

var site = graphClient.Sites[$"{my_name}.sharepoint.com"].Request().GetAsync().Result;

The exact error I get:

ServiceException: Code: generalException
Message: An unspecified error has occurred.
Inner error:
    AdditionalData:
    date: 2021-02-05T10:02:19
    request-id: a3567eca-3d3b-4617-b877-e8f7369660b3
    client-request-id: a3567eca-3d3b-4617-b877-e8f7369660b3
ClientRequestId: a3567eca-3d3b-4617-b877-e8f7369660b3

question from:https://stackoverflow.com/questions/66063781/ms-graph-api-returns-500-internal-server-error-when-querying-sharepoint-site

Answer 1

I test with this code, it works well.

            string clientID = "cde921c5-cccc-4264-a450-6daceb46fec5"; // Put the Application ID from above here.
            string clientSecret = "clientSecret "; // Put the Client Secret from above here.

            string graphApiResource = "https://graph.microsoft.com";
            Uri microsoftLogin = new Uri("https://login.microsoftonline.com/");
            string tenantID = "2e83cc45-652e-cccc-a85a-80c981c30c09"; // Put the Azure AD Tenant ID from above here.

            // The authority to ask for a token: your azure active directory.
            string authority = new Uri(microsoftLogin, tenantID).AbsoluteUri;
            AuthenticationContext authenticationContext = new AuthenticationContext(authority);
            ClientCredential clientCredential = new ClientCredential(clientID, clientSecret);

            // Picks up the bearer token.
            AuthenticationResult authenticationResult = authenticationContext.AcquireTokenAsync(graphApiResource, clientCredential).Result;

            GraphServiceClient graphClient = new GraphServiceClient(new DelegateAuthenticationProvider(
                async (requestMessage) =>
                {
                    // This is adding a bearer token to the httpclient used in the requests.
                    requestMessage.Headers.Authorization = new AuthenticationHeaderValue("bearer", authenticationResult.AccessToken);
                }));

            var site = graphClient.Sites["contoso.sharepoint.com"].Request().GetAsync().Result;

Updated:

using System;
using Microsoft.Graph;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System.Net.Http.Headers;