developer’s independence day:introducing the sharepoint app model
Post on 05-Dec-2014
144 Views
Preview:
DESCRIPTION
TRANSCRIPT
Developer’s Independence Day:
Introducing the SharePoint App Model
2nd
Bob GermanPrincipal ArchitectBlueMetal Architects
Agenda
•Modernizing SharePoint Development•App Model Concepts•SharePoint Hosted App•Provider Hosted App
Modernizing SharePoint Development
MS DOS Application Model Modern Application Model
No Isolation Process Isolation App Isolation
ExamplesMS DOS, Windows 3.1, Windows 95,
Mac OS 9
Windows NT, Windows 7,
Mac OS XWindows Phone 8,
Android, iOS
Validated API protects OS Yes Yes
Process memory protection Yes Yes
App storage isolation Yes
Permission Scheme None User-based App-based
SharePoint farm Solution
SharePoint App
Modernizing SharePoint Development
MS DOS Application Model Modern Application ModelWebForms MVC
Modernizing SharePoint Development
MS DOS Application Model Modern Application ModelWebForms MVC
ASP Pages WebForms MVCControl over HTMLControl over URLsDrag and Drop Dev’tEase of Code ReuseEase of TestingReplaceable Components
Strong Offering
Weak / No Offering
Modernizing SharePoint Development
MS DOS Application Model Modern Application ModelWebForms MVCXSLT Javascript
Modernizing SharePoint Development
MS DOS Application Model Modern Application ModelWebForms MVCXSLT JavascriptSOAP REST
Modernizing SharePoint Development
MS DOS Application Model Modern Application ModelWebForms MVCXSLT JavascriptSOAP RESTOn-Premises On-Premises or Cloud
Modernizing SharePoint Development
MS DOS Application Model Modern Application ModelWebForms MVCXSLT JavascriptSOAP RESTOn-Premises On-Premises or CloudCAML LINQ
* You can’t get rid of it …
(and CAML*)
Choosing an Approach
• Backward compatibility with existing solutions• Leverages SharePoint development
skills• Full access to server OM – you can
do nearly anything• Elevate privileges and be
omnipotent!• Hosting Challenges
• Farm solutions – often not welcome• Sandboxed solutions – limited, now
depricated
• App code is reusable in SharePoint and Office• Leverages general web
development skills• Better isolation – no more leftover
web parts and lists• Run under App identity – safer way
to elevate• Hosting Challenges
• SharePoint Hosted Apps are limited• Where to host provider hosted apps?
SharePoint Solutions SharePoint Apps
TypeType
HostWeb
App Web
SharePointHosted App
Browser
Provider or Cloud Hosted App
AppIIS, Azure,
or any web server
HostWeb
App is installed
here
App runs here
In reality, SharePoint Hosted and Provider Hosted are techniques that
are often combined
AppIIS, Azure,
or any web server
HostWeb
AppWeb
Browser Based Isolation
AppAzure
or other provider
HostWeb
App Web(optional)
http://myserver/sites/myweb/
http://app12345/sites/myweb/
http://whatevs.com/somepath/
Different domain names leverage browsers’ same-origin policy
for isolation
demo
Image RotatorSharePoint Hosted AppConcepts Shown:
- Use of RESTful services
- Accessing the host web from with the Cross-Domain Library
- App part settings
App Access to SharePoint
Representational Entity State Transfer (REST)
• Operations map to HTTP verbs• Retrieve items/lists GET• Create new item POST• Update an item PUT or MERGE• Delete an item DELETE• These apply to links (lookups) as well
• SharePoint rules apply during updates• Validation, access control, etc.
URL Conventions
Addressing lists and itemsList of lists /_api/web/lists
List /_api/web/lists(‘guid’)
List /_api/web/lists/getbytitle(‘Title’)
Items /_api/web/lists/getbytitle('listname')/items
Item /_api/web/lists/getbytitle('listname')/items(1)
Single column /_api/web/lists/getbytitle('listname')/items(1)/fields/getByTitle('Description')
Sorting ?$orderby=Fullname
Filtering $filter=JobTitle eq 'SDE'
Projection ?$select=Fullname,JobTitle
Paging ?$top=10&$skip=30
Inline expansion ?$expand=Project
Presentation options
Representational State Transfer (REST)
SharePoint Data
SharePoint API
Client Application
ServerApplication
Client Application
ADO.NET Data Svcs Client
JSON ATOM
WPF/WinForm/OfficeSilverlightJavaScript
JSON ATOM
/_api/
What’s New in CSOM
• Sharing•Workflow• E-Discovery• IRM• Analytics• Exchange 2013
• User Profiles• Search• Taxonomy• Feeds• Publishing• Business Connectivity
Services
Much more than simple site and list access!
Accessing Data with Client OM
SharePoint Data
SharePoint API
Client.svc
Client Application
Client OM Proxies• .NET CLR• Silverlight• Javascript
OData(REST)
App Authentication
•User accesses SharePoint JSOM or REST API’s using inherent SharePoint security already in place•Used by Javascript on web pages in App web or using Cross-domain library•Only runs as User – no App identity
Internal
•Standard Authorization protocol used in many public web sites (FaceBook, Twitter, Live, Google, etc.) – “Valet Key” to access information•Requires external authentication server (e.g. Azure ACS)•Office 365 Auto-Hosted Apps automatically set up for OAuth
External(OAuth)
•SharePoint server is configured to trust an external server to authenticate users (Server Server)•No external authentication server – great for on-premises scenarios•Uses SSL Certs for simplicity – App code needs access to SSL Private Key
External(S2S)
OAuth – Open Authorization• Standard in use by dozens of public sites• Similar to a valet key• App gives to a partly
trusted 3rd party• Grants limited access
• SharePoint grants the app access on the user’s behalf• No need to pass the
user’s credentials• SharePoint can limit the
scope of access
demo
PictureStoryProvider Hosted AppConcepts Shown:
• Provider hosted App
• MVC Application
• Entity Framework
• Dependency Injection and Unit Tests
Resources
SharePoint 2013 Development• Host webs, Web apps, and SharePoint Components: http://bit.ly/R3tUiO• Data Access Options for Apps in SharePoint 2013: http://bit.ly/Peeof9 • OAuth and SharePoint 2013: http://bit.ly/Ny1jNd • SharePoint 2013 Workflows: http://bit.ly/PEJCze • Programming using the SharePoint 2013 REST service: http://bit.ly/LR66Ju• Programming using the SP 2013 CSOM (JavaScript): http://bit.ly/OJUARG
Contact• Bob German - @Bob1German
http://msdn.microsoft.com/BobGermanBobg@bluemetal.com
top related