Apps 101 Moving to the SharePoint 2013 App Model Derek Cash-Peterson – SharePoint Practice Director Bob German – SharePoint Principal Architect
May 11, 2015
Apps 101Moving to the SharePoint 2013 App Model
Derek Cash-Peterson – SharePoint Practice DirectorBob German – SharePoint Principal Architect
SharePoint Principal Architect
@Bob1Germanhttp://blogs.msdn.com/BobGerman/
Developer andAuthor
SharePoint Practice Director
@spdcpwww.spdcp.com
<Insert info>
Meet Bob and Derek
Key Topics
Apps ModelOverview
More• App Store• Event
Receivers• Workflow
App Access to SharePoint• REST• Client Side
Object Model
App Security• Cross-domain
Access• OAuth
2003
2007
2010
2013
Apps 101
HostWeb
AppWeb
• Link or IFrame
• REST or Client OM• App Security
App Hosting Options
HostWeb
App Web
SharePointHosted App
Provider or Auto-Hosted App
App Azureor other provider
HostWeb
App Web(optional)
App Isolation
App Azureor other provider
HostWeb
App Web(optional)
http://myserver/sites/myweb/
http://app12345/sites/myweb/
http://whatevs.com/somepath/
Different domain names leverage browsers’ same-origin policy
App
HostWeb
AppWeb
Mix and match App Web and Cloud
Provisioned by SharePoint on app installation
Code in Javascript on browserNo Server Code – period!(though you can leverage installed ASP.NET controls)
May contain declarative, web-scoped features (lists, site pages, client script, images, css)
Access host web via cross-domain library
Auto-hosted apps are provisioned by Office 365 on app installation(Office 365 only; not yet released)
Any hosted web site can work; pretty much anything goes
Access host and app webs via OAuth – run under: End user’s permissions App permissions
App Web Provider or Autohosted
DEMONSTRATION
Concepts Shown:- Declarative features in App Site- Client Side Object Model- Simple Client Web Part (“App Part”)
Chord Calculator
Choosing an Approach
Backward compatibility with existing solutions
Leverages SharePoint development skills
Full access to server OM – you can do nearly anything
Elevate privileges and be omnipotent!
Sandboxed solutions Scalability / reliability issues “Deprecated”
App code is reusable in SharePoint and Office
Leverages general web development skills
Better isolation – no more leftover web parts and lists
Run under App identity – safer way to elevate
Auto-hosted apps Office 365 Only Not really released even there
SharePoint Solutions SharePoint Apps
Choosing a Hosting Model
No server side code, period
Access to OOB SharePoint web controls on the page
Hosted on customer’s SP infrastructure
Server-side codeServer is not subject to
cross-domain policyMore flexible data
storage (SQL Azure, etc.)
SharePoint Hosted Provider / Azure Hosted
Remember you can combine both hosting models in your app
App Access to SharePoint
Choosing an Access Method
Synchronous or asynchronous in Javascript
Returns entities (e.g. Contact, Task)
Easier access from jQuery– no dependency on SP.JS
Asynchronous only in Javascript
Returns SharePoint objects (e.g. List, ListItem)
Easier access from .NET server side
Batched requests
REST CSOM
Accessing Data with Client OM
SharePoint Data
SharePoint API
Client.svc
Client Application
Client OM Proxies• .NET CLR• Silverlight• Javascript
OData(REST)
What’s New in CSOM
User ProfilesSearchTaxonomyFeedsPublishingBusiness Connectivity
Services
SharingWorkflowE-Discovery IRMAnalytics
So much more than simple site and list access!
Representational State Transfer (REST)
SharePoint Data
SharePoint API
Client Application
ServerApplication
Client Application
ADO.NET Data Svcs Client
JSON ATOM
WPF/WinForm/OfficeSilverlightJavaScript
JSON ATOM
/_api/
Representational State Transfer (REST)
Operations map to HTTP verbs Retrieve items/lists GET Create new item POST Update an item PUT or MERGE Delete an item DELETE These apply to links (lookups) as well
SharePoint rules apply during updates Validation, access control, etc.
URL Conventions
Addressing lists and itemsList of lists /_api/web/lists
List /_api/web/lists(‘guid’)
List /_api/web/lists/getbytitle(‘Title’)
Items /_api/web/lists/getbytitle('listname')/items
Item /_api/web/lists/getbytitle('listname')/items(1)
Single column /_api/web/lists/getbytitle('listname')/items(1)/fields/getByTitle('Description')
Sorting ?$orderby=Fullname
Filtering $filter=JobTitle eq 'SDE'
Projection ?$select=Fullname,JobTitle
Paging ?$top=10&$skip=30
Inline expansion ?$expand=Project
Presentation options
DEMONSTRATION
Concepts Shown: - Use of RESTful services - Accessing the host web from with the Cross-Domain Library - App part settings
Image Rotator
App Isolation
App Azureor other provider
HostWeb
App Web(optional)
SharePoint Authentication
SharePoint Authentication
OAuth
Open Authentication
Standard in use by dozens of public sites
Similar to a valet key App gives to a partly
trusted 3rd party Grants limited access
SharePoint grants theapp access on theuser’s behalf No need to pass the
user’s credentials SharePoint can limit the
scope of access
Remote Event Receivers
Require a provider or Azure-hosted app Uses Access Control Services (ACS) token
Passed from SharePoint to remote web service Web service can request a token to send back to SharePoint
SharePoint calls a web service with the following methods: ProcessEvent() – Synchronous ProcessOneWayEvent() – Asynchronous
List, ListItem, Web, and App level scopes App Events – call AppEventReceiver.svc
App Installed App Uninstalling App Upgraded
Caveats: Before and after properties are still quirky No guaranteed delivery Watch latency and performance on synchronous events
DEMONSTRATION
Concepts Shown:- Provider hosted App- Remote Event Receiver- SP 2013 Geolocation Features
Locations Map
Work
flow
New workflow engine hosted outside of SharePoint Author workflows in SharePoint Designer or Visual Studio 2012 Access SharePoint via built-in actions and web services Access SharePoint under App identity
(instead of Impersonation Step)
Resources
SharePoint 2013 Development Host webs, Web apps, and SharePoint Components: http://bit.ly/R3tUiO Data Access Options for Apps in SharePoint 2013: http://bit.ly/Peeof9 OAuth and SharePoint 2013: http://bit.ly/Ny1jNd SharePoint 2013 Workflows: http://bit.ly/PEJCze Programming using the SharePoint 2013 REST service: http
://bit.ly/LR66Ju Programming using the SP 2013 CSOM (JavaScript): http
://bit.ly/OJUARG
Contact Us Bob German - @Bob1German
http://msdn.microsoft.com/[email protected]
Derek Cash Peterson - @SPDCPhttp://spdcp.com [email protected]
Housekeeping
• Please remember to turn in your filled out bingo cards and event evaluations for prizes.• SharePint is sponsored by Slalom at Whiskey Trader
(Between 55th and 56th on 6th Avenue).• Follow SharePoint Saturday New York City on Twitter
@spsnyc and hashtag #spsnyc
Thanks to Our Sponsors!
Thank You!
BOSTON | NEW YORK | CHICAGO
44 Pleasant Street, Watertown, MA 02472
www.bluemetal.comBlog.bluemetal.com
@bluemetalinc