Upload
antony-sparks
View
217
Download
5
Tags:
Embed Size (px)
Citation preview
Building Business Applications with SharePoint 2013 and K2Hennie LaubscherK2
Brian FarnhillIndependent Consultant
OSP226
Meet Hennie and BrianHennie LaubscherManaging DirectorK2 ANZ
Brian FarnhillIndependent ConsultantLocated in CanberraSharePoint Server MVPLecturer for Charles Sturt University
What's covered in this session?• The business case for apps• Hosting of SharePoint apps• K2 and SharePoint• Technologies that enabled apps• OAuth• CSOM and REST• Remote Event Receivers
The business case for apps
What are apps?• A new way to extend SharePoint sites• Designed to be independent from the
platform• Simplified process for users to install and
use
What makes apps so important?• Designed from the ground up
for the cloud• Apps can be built outside of the
.NET ecosystem• Easier to get up to speed on thanks
to wider adoption of open standards
Improved delivery channels• Publicly available app store
now available• Any developer can register
to publish apps• App store directly integrates
in to SharePoint to simplifyinstallation of apps
Build for more devices• Client object models now have
support for REST based access• More devices can now use these
APIs to directly communicatewith SharePoint
• Extensions to the client object models provide more functionalitythan any previous version of SharePoint
Improved upgrade story• Testing and managing customisations
has traditionally been a large partof any SharePoint project
• Apps are now more loosely bound tothe platform, and depend only on thespecific endpoints they consume
• The result is reduced time to test upgrade and less technical risk for customisations
Easier to manage• The new app model has a
new set of configurationoptions to allow IT pros to manage app usage
• Apps can be monitored foruse within a farm
• Permissions to install apps can also be managed
How to host SharePoint apps
SharePoint app hosting types• SharePoint hosted• Auto hosted• Provider hosted
Hosting SharePoint apps
Provider hosted apps
Auto hosted apps
Flexibility and
responsibility
Simple to implement
hosting
SharePoint
App Web
Used for SharePoint hosted apps
Optional for remote apps
Remote
APIs
The App Web component• Can be considered as a regular
SPWeb object• SharePoint forces them to be
viewed through an App URL• This provides isolation and
security of app specific functions
SharePoint hosted appsPros• No need to consider remote hosting
• JavaScript calls from the app web don’t need additional authentication
Cons• No server side code• Limited to the scope of a single web scoped feature
Auto hosted appsPros• Multi-tenancy and trust between the app and SharePoint configured automatically
• Tennant owner is responsible for hosting costs from Azure
Cons• Only available in SharePoint online
• Not currently being accepted to the public app store
Provider hosted appsPros• Complete freedom in regards to all aspects of hosting the application
• Easiest to make updates and changes to post installation
Cons• Multi-tenancy must be managed for all calls to the app
• You are responsible for all configuration, maintenance and health of your app
Selecting the right hosting type• Understanding your own app
will help guide the decision forappropriate hosting
• Factor in the process of managingupdates to your app when decidingon a hosting mechanism
• Understand how the pros and cons of each option will affect your architecture and approach
Updates and provider hosted apps• App updates for the app web aren’t
forced• Updated to your provider hosted
apps can run whenever you want• This means your apps need to be
aware of multiple versions that couldbe calling them
Additional Considerations• Manage expectations around
what data can be crawled bySharePoint Search
• Carefully consider approachesto avoid creating silos offunctionality that doesn’t blockcomponent re-use
• Apps can’t use Kerberos for passing through authentication
Basic provider hosted apps in SharePoint 2013Brian Farnhill
K2 and SharePoint
Forms
Workflow
Data
Reports
K2 and SharePoint
SHAREPOINT 2007/2010/2013 & OFFICE 365
Lists Docs Content Types
BUSINESS APPS
ERP
CRM
How K2 did it in the past• For the last 10 years, K2 had a separate execution
platform that was tightly integrated into SharePoint i.e. K2 always was and will continue to be a “Provider Hosted App” style solution around SharePoint.
• Making it work on SharePoint 2010 posed several tough challenges, most of which K2 has successfully solved over time:• Impersonation and authentication• Providing rich integration through interacting with SharePoint API from
a remote client (K2 Server)• Listening remotely to events raised by SharePoint• Achieving consistency between what’s possible On-Premise vs Cloud
K2 and SharePoint 2013 – Key GoalsEasy• Light Footprint on
SharePoint Box
• Easy to install
• Rapid app development
• Easy to maintain
Powerful• Robust workflow
platform
• Powerful 3rd party data integration
• Feature rich, tightly integrated electronic forms
• Flexible reporting framework
Portable• Build both LOB and
content centric solutions, same platform
• Apps in the cloud or on-premise, surfaceable in any environment, and on any device
• Package and Deployment Tools
Enabling Technologies
Significant Enabling Technologies• SharePoint Apps• OAUTH• CSOM and REST• Remote Event Receivers
K2 App for SharePoint 2013
Hennie Laubscher
OAuth
(Hennie)
?
Tweet
Tweet
Tweet, Follow, Delete
Tweet, Follow, Delete
Tweet, Follow, Delete, Change Password
Tweet, Follow, Delete, Change Password
Tweet, Follow, Delete, Change Password
Tweet, Follow, Delete, Change Password
Tweet
What is OAuth?• OAuth is an open, simple, and secure protocol that enables users to
approve an application to act on their behalf without sharing their user name and password
• Enables users to share their specific private resources or data (contact list, documents, photos, videos and so on) that are stored on one site/application with another site/application
• Enables users to revoke access to resources
• The key is that users don’t have to provide their credentials each time
Who uses OAuth?• AllPlayers.com• Amazon• Basecamp • Bitbucket • bitly• blueKiwi software• ciValidator• cosm• deviantART• Discogs • Dropbox• Evernote • Facebook • Fitbit • Flickr • Formstack • Foursquare• GitHub
• Google• Google App Engine • Groundspeak • Huddle • Instagram• LinkedIn • Microsoft (Hotmail,
Windows Live, Messenger, Xbox)
• Mixi• MySpace• Netflix • OpenLink Data Spaces• OpenTable • PayPal• Plurk• RealPeepz• Reddit• Salesforce.com
• SensioLabs Connect• Sina Weibo• StatusNet • Stripe.com • Tumblr • Twitter • Ubuntu One• Veevop• Viadeo • Vimeo • VK • Xero • XING • Yahoo! • Yammer • Yandex • Yelp • Zendesk
OAuth vs Claims based authentication• OAuth is NOT a replacement for claims-based authentication
• Users will still login via an identity provider (STS) which will issue a SAML token containing the user’s identity claim (Authentication)
• The identity claim is still used to uniquely identify a user in SharePoint and K2
• Claims are still used to determine who can do what in SharePoint and K2 (identity and group claims mapped to security provider) (Authorization)
• An OAuth token is simply a way to provide access to a calling application for an already authenticated and authorized user
How does it work in SharePoint?• OAuth is used in SharePoint in support of the new App Model
• In SharePoint 2007 and 2010 all “Apps” ran inside of SharePoint, including impersonation
• In SharePoint 2013, Apps run outside of SharePoint
• OAuth provides a way for the external App to act on behalf of users
• The App requests the level of permission it requires and can only be granted by someone with those permissions
How does it work for K2 and SharePoint?• K2 for SharePoint is a SharePoint App
• Allows K2 to integrate with SharePoint without any installation on SharePoint
• K2 for SharePoint service brokers use OAuth to act on behalf of the user
Requesting Permissions• We embed our permission request in the K2 App manifest.
• We can also request permissions “on the fly” as required.
Consent
Available App Permissions
NOTE: SharePoint Store Apps cannot request FullControl at any scope.
App Identity• Apps have an identity which is separate from user identity
• User Only
• App + User
• App Only (similar to SYSTEM)
CSOM and REST
Client Side/Remote API History• First added in SharePoint 2010
• Made available through a WCF endpoint called client.svc
• Direct access to this was not supported, developers needed to use client side proxy objects (managed .NET API , SilverLight or JavaScript)
• Managed API was easier than JavaScript (strongly typed objects and compile time checking)
SharePoint 2010 Client Side API
Server
Client
_vti_bin/client.svc
Custom code
.NET Library
Silverlight Library
JavaScript Library
Changes from SharePoint 2010 to 2013• The client.svc service extended with REST
capabilities• client.svc now supports direct access from REST clients• client.svc accepts HTTP GET, PUT, POST requests• Implemented in accordance with OData protocol
• CSOM Extended new APIs• New APIs for SharePoint Server functionality• New API for Windows Phone Applications
JavaScript Library
Silverlight Library
.Net CLR Library
Custom Client Code
Client
Server
_api is new alias for _vti_bin/client.svc
SharePoint 2013 Remote API
RESTODataJSON
CSOM
Covered in the new CSOM/REST APIs
BCSIRM
AnalyticsWorkflow
eDiscoveryPublishing
TaxonomySocial
Sharing
Search
Remote Event Receivers
Remote Event Receivers• SharePoint calls an API service in your app to notify of events• Tokens are passed to allow your app to emulate the user who triggered
the event• Summary of SharePoint interaction with third party application:
• SharePoint Event is raised.• Request a token from ACS (Access Control Service)• Interacts with registered event receiver (custom web service implementing the
IRemoteEventService interface)• The web service can also call back into SharePoint, authenticated via OAuth, to read
and write as needed.• Developing Remote Event receivers is similar to event receivers and only
change will be the receiver will have a url instead of a class and assembly name
Build and Run a solution with K2 and SharePoint 2013Hennie Laubscher
Review of what was covered• The business case for apps• Hosting of SharePoint apps• K2 and SharePoint• Technologies that enabled apps• OAuth• CSOM and REST• Remote Event Receivers
Call to action!• Download the SharePoint and Office 2013
SDK• Explore the app hosting models• Learn about the remote APIs for SharePoint
2013
Contact detailsHennie Laubscher
www.k2.com
Brian Farnhill
@BrianFarnhillblog.brianfarnhill.com
Developer Network
Resources for Developers
http://msdn.microsoft.com/en-au/
Learning
Virtual Academy
http://www.microsoftvirtualacademy.com/
TechNet
Resources
Sessions on Demand
http://channel9.msdn.com/Events/TechEd/Australia/2013
Resources for IT Professionals
http://technet.microsoft.com/en-au/
Keep Learning1. Keep up to date with all the latest Office 365 information
at http://ignite.office.com
2. Get on top of your pilot using the FastTrack deployment process http://fastTrack.office.com
3. Trial Office 365 http://office.microsoft.com
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.