Upload
mmlightning
View
240
Download
2
Tags:
Embed Size (px)
DESCRIPTION
SharePoint 2013 Apps - deep dive. We'll look at they work, what they look like, what they do and how to us apps. Its all about the apps. Apps are good, very good.
Citation preview
PHILADELPHIA CODE CAMP 2013.2
SHAREPOINT 2013 APPS
Use Power Query To Draft A Fantasy Football Team
http://blogs.msdn.com/b/powerbi/archive/2013/10/24/use-power-query-to-draft-a-fantasy-football-team.aspx
BUSINESS HEARTS MICROSOFT
AGENDAClouds
Apps and Clouds
Security – for apps, clouds
Apps are People too (with wallets)
Apps Old > New
Lots O Demos
WHAT IS SHAREPOINT IN RELATION TO THE CLOUD
Page 5
IAAS VS PAAS VS SAAS
Page 6
5-3-2 CLOUD
Page 7
WHAT DOES THIS HAVE TO DO WITH APPS?
Page 8
WHAT DOES THIS HAVE TO DO WITH APPS?
Apps in the cloud
Making apps more robust by using their own resourcesMaking systems more robust by hosting apps outside of the system
Tying to the cloud, but you don’t have to
Services working together
How and why do you have to make this work?
Page 9
APPS HAVE TO LIVE SOMEWHERE
Why Not the Cloud?
TYPES OF HOSTING OPTIONS
Page 11
TYPES OF HOSTING
Page 12
DEVELOPING / HOSTING SECURITY AND AUTH Auto-hosted
Auto hosted apps run as a web role in Windows Azure and use the Windows Azure Access Control Service (ACS) to obtain the access token.
Provider-hosted Provider-hosted apps run on their own servers on the Internet or your intranet, are registered with Windows Azure, and use ACS to obtain the access token*.
SharePoint-hosted SharePoint hosted apps run in an appweb, can have client side code but not server side code. Developer must use certificates or create their own trust
Page 13
HIGH TRUST VS LOW TRUST
High-trust apps High-trust apps run on stand-alone servers on your intranet and use a signing certificate to digitally sign the access tokens that the app generates. Typically server to server.
Low-Trust apps Low trust apps can run anywhere and run on an Oauth code flow to delegate limited rights to apps to act as users. SharePoint and client application must trust and communicate with an authentication provider such as azure active directory.
Page 14
SP 2013 AUTHClaims, Claims, Claims• Classic is no more, or on its way out• Distributed Cache
Server to Server• Exchange, Lync• BYOI
App Authentication (App Model / App Catalog / CSOM)• Create apps that use Oauth or other identity provider• App Permission Policies (User/App, App Only, User Only)
Page 15
LOW TRUST APPS IN SHAREPOINT 2013
Page 16
BCS HYBRID AND OAUTH – THE DANCE (EXAMPLE)
Page 17
PSYCHOLOGY AND THE SHAREPOINT 2013 APP MODEL
APPS ARE PEOPLE TOO
Apps have permission like users
App principle is like a user identify – a security principle
Apps are granted perms Differ than users All or nothing / No hierarchy
Apps have default perms App can run app web App can include permissions Install grants / denies permission
Page 19
IDENTITY
Page 20
ACCESS TOKENS
• What’s a token?
Access tokens are issued by the OAuth security token service (STS). An example of OAuth STS is Windows Azure Access Control Service (ACS) OAuth endpoints.
Other tokens WS-Federation STS and the Security Assertion Markup Language (SAML) passive sign-in STS are
primarily intended to issue sign-in tokens Other
Page 21
OAUTH
OAuth is an open standard for authorization
OAuth is not OpenID (authentication/digital ID)
Valet Key
Access Token
Scopes
Page 22
TOKENS
•How to manage the lifetime of the parameters passed from SharePoint, such as SPHostUrl or refresh token? •How to write an app that can run under different authentication modes without a code change? •How to handle app URL bookmarking? •When to renew [an] access token?
The new SharePointContext helper is designed to solve these problems. It is built on TokenHelper, attempting to provide a simplified and unified context model for apps to communicate with SharePoint.
PLAN FOR APP AUTHENTICATION
App authentication is the validation of an external app for SharePoint's identity and the authorization of both the app and an associated user when the app requests access to a secured SharePoint resource
Verify that the requesting app is trusted.
Verify that the type of access that the app is requesting is authorized.
Necessary :
To authorize requests by an app for SharePoint to access SharePoint resources on behalf of a user.
To authenticate apps in the Office Store, an app catalog, or a developer tenant.
Page 24
SHAREPOINT 2013 APPS
Sharepoint
APPS
JS/5/CSOM
Oauth
REST
SANDBOX SOLUTIONS
“SharePoint sandboxed solutions are deprecated in SharePoint 2013 in favor of developing apps for SharePoint: link”.
SANDBOX SOLUTIONS
SANDBOX SOLUTIONS ARE NOT DEAD
EXTENSIONS AND APIS
IF YOU WANT TO DO THIS ...... USE THESE APIS
ASP.NET web application (CRUD) BCS with Firewall JavaScript client object model
ASP.NET web application (CRUD) BCS without Firewall.NET Framework client object model, Silverlight client object model, or REST/OData endpoints
LAMP CRUD BCS REST/OData endpoints
Windows Phone CRUD Mobile client object model
Windows Phone PushMobile client object model and the server object model
iOS or Android CRUD REST/OData endpoints
.NET app CRUD .NET Framework client object model
Silverlight CRUD Silverlight client object model
HTML/JavaScript CRUD JavaScript client object model
Office spp JavaScript client object model
custom Windows PowerShell Server object modelCreate a timer job REST with Azure/ Server object model
COMPARING REST/ODATA PROGRAMMING WITH CLIENT OBJECT MODEL PROGRAMMING
Feature.NET Framework or Silverlight object models
JavaScript object modelREST/OData endpoints called from a Windows platform or JavaScript
Object-oriented programming Yes Yes No
Batch processing Yes Yes NoAPIs for conditional processing and exception handling
Yes No No
Availability of LINQ syntax Yes No No
Combining list data from different SharePoint web applications
Yes No Yes
Familiarity to experienced REST/OData developers
No No Yes
Similarity to non-Windows programming or JavaScript programming
No Yes Yes
Strong typing for list item fields
No (except with LINQ) NoYes, from Windows platformNo, from JavaScript
Leveraging jQuery, Knockout, and other JavaScript libraries
No YesNo, from Windows platformYes, from JavaScript
CLIENT APPLICATIONS AND APIS IN SHAREPOINT
SPA
SP-AZ = SPAZZIES
ULTIMATE DEVELOPER FANTASY FOOTBALL APP Durandal.js - SPA
Knockout.js
Breesze.js
ESPN API
JSON
Twitter Bootsrap
MVVM
DEMO: HOW TO CREATE A SPAZ IN 10 MINUTES Autohosted
Azure
Oauth
Steve Fox, MSDN
http://blogs.msdn.com/b/steve_fox/archive/2013/02/18/building-your-first-provider-hosted-app-for-sharepoint-using-windows-azure-part-1.aspx
http://msdn.microsoft.com/en-us/library/fp179887.aspx
AZURE HOSTED
Azure
Oauth
Autohosted
CRUD REST
Auto / Provider Hosted
REST
JSON
ATOM
ODATA
SQL AZURE AND SHAREPOINT SQL Azure
Autohosted
CSOM
APP: TWITTER IN AZURE AND SHAREPOINT SharePoint Hosted
Azure Hosted
Twitter API
Oauth
VIDEO PLAYLIST
JSOM (JS and JQuery) / CSOM
HTML Video API
SharePoint Hosted
REFERENCES David Aiken & Dan Wesley SharePoint 2013 on Windows Azure Infrastructure_v1 http://www.microsoft.com/en-us/download/details.aspx?id=38428
Robert G Carter, Duke Uniersity OIT http://people.duke.edu/~rob/kerberos/authvauth.html
Yung Chou http://blogs.technet.com/b/yungchou/
Connecting a PaaS Application to an IaaS application with a Virtual Network – Yung Chou, MS Tech Evangelist
http://blogs.technet.com/b/yungchou/archive/2011/03/03/chou-s-theories-of-cloud-computing-the-5-3-2-principle.aspx
Andrew Connell http://www.pluralsight.com/training/Authors/Details/andrew-connell
SharePoint 2013 Developer Ramp Up
Creating a SharePoint Server 2013 Environment for Development and Testing
Josh Gavant http://blogs.msdn.com/b/besidethepoint/archive/2012/12/13/10376205.aspx
Frank LaVigne http://franksworld.com/blog/
Introduction to Windows Azure Access Control Services Virtual Lab
Keith Mayer http://blogs.technet.com/b/keithmayer/
Introduction to Windows Azure Virtual Machines – Keith Mayer, MS Developer Evangelist
http://blogs.technet.com/b/keithmayer/archive/2013/01/07/step-by-step-build-a-free-sharepoint-2013-lab-in-the-cloud-with-windows-azure-31-days-of-servers-in-the-cloud-part-7-of-31.aspx
Page 42
REFERENCES
MSDN, Technet, Microsoft, Wikipedia
http://www.techjailbreak.com/microsoft-has-launched-application-store-office-store/
http://blogs.msdn.com/b/uksharepoint/archive/2013/03/25/sharepoint-2013-development-apps-versus-solutions.aspx
http://download.microsoft.com/download/6/4/4/644BA525-96CB-4739-B08F-18949A9BDADC/spc-2013-bcs-hybrid-model.pdf
http://technet.microsoft.com/en-us/library/jj219806.aspx
http://msdn.microsoft.com/en-us/library/fp179887.aspx
http://msdn.microsoft.com/en-us/library/fp142384.aspx
http://msdn.microsoft.com/en-us/library/fp142382.aspx
Page 43