developing apps for sharepoint 2013

26
SHAREPOINT AND PROJECT CONFERENCE ADRIATICS 2013 ZAGREB, NOVEMBER 27-28 2013 Developing Apps for SharePoint 2013 PAOLO PIALORSI, PIASYS [email protected]

Upload: sharepoint-and-project-conference-adriatics

Post on 11-May-2015

407 views

Category:

Technology


0 download

DESCRIPTION

One of the biggest news of SharePoint 2013 is the app model, which allows creating apps for selling them through a public marketplace, the Microsoft Office Store, as well as for publishing them in a corporate App Catalog. In this session you will learn what an app is, what are the available hosting models, how you can leverage the Client Side Object Model and the REST API to enrich your solutions. Moreover, you will learn how to publish your apps to the Office Store, or on the corporate App Catalog. The overall goal of the session is to make you aware of the real potentials of this new capability. To attend this session you should have a good understanding of developing with .NET and general knowledge of SharePoint 2013.

TRANSCRIPT

Page 1: Developing Apps for SharePoint 2013

SHAREPOINT AND PROJECT CONFERENCE ADRIATICS 2013

ZAGREB, NOVEMBER 27-28 2013

Developing Apps for SharePoint 2013

PAOLO PIALORSI, [email protected]

Page 2: Developing Apps for SharePoint 2013

sponsors

Page 3: Developing Apps for SharePoint 2013

Something about me• Consultant, project manager and trainer• More than 40 Microsoft certification exams passed

• Microsoft Certified Solution Master – Charter SharePoint

• Focused on SharePoint since the beginning• Author of 10 books about XML, SOAP, .NET, LINQ

and SharePoint• Microsoft SharePoint 2010 Developer Reference, Microsoft Press• Microsoft SharePoint 2013 Developer Reference, Microsoft Press• Build Windows 8 Apps with Microsoft Visual C# and

Visual Basic Step by Step, Microsoft Press

• Speaker at main IT conferences

Page 4: Developing Apps for SharePoint 2013

Agenda• Apps Model Overview• Architecture• Hosting Model• UI Options• App Manifest• Publishing apps

• App Security Model• What’s new in Visual Studio 2013 RTM

Page 5: Developing Apps for SharePoint 2013

APPS MODEL OVERVIEW

Page 6: Developing Apps for SharePoint 2013

Once upon a time …

Farm solutions

Full trust solutions File system access GAC deploy 14 hive access .NET managed code Inherited from

SP2007

Sandbox solutions

Partially trusted code Limited API .NET managed code No access to file

system No calls to services

Apps

New model app-oriented

Deployed from corporate catalog or Office Store

Based on web standards

No code with server object mode! solutions model apps model

SP2010

SP2013

Page 7: Developing Apps for SharePoint 2013

A LAP AROUND THE APP MODEL

Page 8: Developing Apps for SharePoint 2013

Three types of Apps

App Web

Parent Web

(host web)

SharePoint-Hosted AppProvision an isolated sub web on a parent web• Reuse web elements

(lists, files, out-of-box web parts)

• No server code allowed; use client JavaScript for logic, HTML/CSS for UX

Autohosted AppWindows Azure + Windows Azure SQL Database provisioned invisibly as apps are installed

AzureSharePoint Web

Get remote events from SharePoint Use CSOM/REST + OAuth to work with SP

Cloud-based Apps

Provider-Hosted App“Bring your own server hosting infrastructure”Developers will need to isolate tenants

SharePoint

Web

Your Hosted

Site

App Web

(optional)The infrastructure for autohosted apps will remain in preview status

for a period of time after SharePoint 2013 releases.

Autohosted apps (which includes all apps that depend on Access)

will not be accepted by the Office Store during this preview phase.

Windows Azure SQL Database

Page 9: Developing Apps for SharePoint 2013

Apps programming model• Client-side pattern (ALL)• HTML5, CSS, JavaScript• Leverage Javascript libraries

like JQuery, KnockoutJs, Angular, etc.

• Server-side pattern (CLOUD-ONLY)• Use your own infrastructure• Use your preferred language

(ASP.NET, PHP, JSP, ecc..)• Use client-side object model

or REST to get info from SharePoint

• Hybrid pattern (CLOUD-ONLY)• Mix-and-match client-side pattern with server-side pattern

Page 10: Developing Apps for SharePoint 2013

Apps UI options• Immersive full page - are like application pages, with

HTML, CSS, JavaScript • Including SharePoint OOB controls in SharePoint-hosted apps

• Part - are simple IFRAMEs • UI Custom Actions - are SharePoint custom actions like

Ribbons or ECB item actions

Page 11: Developing Apps for SharePoint 2013

A FIRST SAMPLE APP

Page 12: Developing Apps for SharePoint 2013

App Manifest• General• Title, version, startup page, ecc.

• Permissions• Permission required to run the app• The end user installing the app will have to trust it

• Prerequisites• Software prerequisites to correctly run the app

• Supported Locales• EN-US is required to publish apps on the Office Store

• Remote Endpoints• For declaring endpoints of remote services supporting the app

Page 13: Developing Apps for SharePoint 2013

Options for publishing apps• Office Store – You can build your app, submit to

Microsoft for approval and make the app publically available, with your license policies, in order to be aquired by users with any SharePoint environments• Corporate App Catalog – You can put your app into a

company internal catalog, hosted on your SharePoint environment, in order to make it available to your final users

Page 14: Developing Apps for SharePoint 2013

What can we do in apps?• Pages• App Parts• UI Extensions• Content (lists, libraries, items)• Workflows• Remote Event Receivers• Business Connectivity Services (OData)• Etc.

Page 15: Developing Apps for SharePoint 2013

A SAMPLE WORKFLOW-BASED APP

Page 16: Developing Apps for SharePoint 2013

APPS SECURITY MODEL => OAUTH

Page 17: Developing Apps for SharePoint 2013

OAuth• OAuth is an open protocol for authenticating apps and

allowing secure API authorization from desktop and web applications through a web based standard and simple technique. • For example: authorize the printing app to read pictures

from my Facebook profile, or from my SkyDrive

Page 18: Developing Apps for SharePoint 2013

OAuth FlowSTS (ACS)

SharePoint Server

Client

Intranet.contoso.com

7- Access token

10. IFrame contents

5. Request IFrame contents

4. Page - IFrame 9. SharePoint data

8. Request – Access token1.

Request

2. Request context token

3. Signed context token 6.

Refreshtoken

Page 19: Developing Apps for SharePoint 2013

Is the endpoint outside

of an app web?

Does the token

include user info?

Is endpoint CSOM?

OAuth token

present?

Use anonymous

context

Set app and user context

Set user context

End

Start

User credentia

ls provided

?

Set App-Only context

Yes

Yes

Yes

Yes

Yes

No

No No No

No

SharePoint 2013 Apps’ Authentication

Page 20: Developing Apps for SharePoint 2013

App Permissions• App are granted permissions• App permissions are different from user permissions• App permissions are granted as all or nothing• App permissions have no permissions hierarchy

• this is different than user permissions which have a hierarchy inside a site collection

• An app has default permissions• App has full control over app web but no other default

permissions• App can include permission request in application manifest• Installing user grants/denies permissions during installation• If permission request denied, SharePoint does not install app

Page 21: Developing Apps for SharePoint 2013

S2S High Trust Scenario• High Trust != Full Trust• Alternative to OAuth• Leveraged by apps and infrastructural services

• Workflow Manager, Exchange, etc.

• Direct trust relationship between SP2013 and the external service• Based on X.509 certificates• One certificate for each app (avoid sharing certs across apps)

• Available for Provider-hosted apps• Supported by wizard of VS2012/VS2013• A little bit «complicated» to configure, using PowerShell

Page 22: Developing Apps for SharePoint 2013

WHAT’S NEW WITH VISUAL STUDIO 2013

Page 23: Developing Apps for SharePoint 2013

Apps for SharePoint in VS2013 RTM• New MVC5 template for App for SharePoint• SharePointContext helper classes• Independent from ACS or S2S• Access token caching• Object model wrapper

• App for SharePoint Web Toolkit via NuGet• Available for VS2012, as well

• Workflow remote debugging via Azure Service Bus

Page 24: Developing Apps for SharePoint 2013

Cloud Business Apps• New project (solution) template• Highly productive development experience• Based on LightSwitch HTML client• Can consume external data sources (SharePoint, SQL Server,

OData, ecc.)

• Multi-browser/multi-device• Integrated with social features of SharePoint• Support social feeds• Does not yet support Yammer …

• Easy deployment/publishing of business apps

Page 25: Developing Apps for SharePoint 2013

questions?

HTTP://WWW.SHAREPOINT-REFERENCE.COM/BLOG/

@PAOLOPIA

Page 26: Developing Apps for SharePoint 2013

thank you.

SHAREPOINT AND PROJECT CONFERENCE ADRIATICS 2013

ZAGREB, NOVEMBER 27-28 2013