Office 365 api vs share point app model

  • View
    397

  • Download
    5

Embed Size (px)

Text of Office 365 api vs share point app model

Office 365 API vs SharePoint app model#SPSBE02Lieven Iliano, U2UApril 18th, 2015

Template may not be modified Twitter hashtag: #spsbe for all sessions1Thanks to our sponsors!PlatinumGoldSilverAgendaIntroducing Office 365 APIDeveloping apps consuming Office 365 APIRegistering Office apps in Azure ADAzure AD Authentication & Authorization.Net Client LibraryOffice 365 apps vs SharePoint appsU2U Site Provisioning

Introducing Office 365 APISet of REST services:Microsoft Exchange Online: Mail, Contacts & CalendarsMicrosoft OneDrive for Business: My FilesMicrosoft SharePoint Online: SitesMicrosoft Azure Active Directory: Authentication, Directory GraphOffice 365 API

Office 365 API

Directly via REST.NET Client Library: Windows apps, ASP.NET, WPF, XamarinJavaScript Client LibraryOpen Source SDK for iOS and Android

Choice of client and development

How does it work?

Applications using Office 365 API need to be registered in Azure Active DirectoryDone manually or from within Visual Studio2 Types of applications can be registered:Web Application (Web API, MVC, Web Forms)Native Client (Mobile, Windows apps, Desktop App)

Azure Active DirectoryDemoDiscovering the Office 365 REST APIhttps://msdn.microsoft.com/en-us/office/office365/api/api-cataloghttps://outlook.office365.com/api/v1.0/me/messageshttps://u2u365-my.sharepoint.com/_api/v1.0/me/files10Microsoft SharePoint Server 2013 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Developing apps consuming Office 365 APIExtensions and Updates:Microsoft Office 365 API Tools (Part ofOffice Developer Tools)

Nuget packages:Office 365 apps in Visual Studio

O365 ServiceDesktop App/ Store App/ ASP.NET AppXamarinCordovaUsers and GraphsMicrosoft.Azure.ActiveDirectory.GraphClientMicrosoft.Azure.ActiveDirectory.GraphClient.JSOutlook ServicesMicrosoft.Office365.OutlookServicesSharePoint ServicesMicrosoft.Office365.SharePointDiscovery ClientMicrosoft.Office365.DiscoveryAny ServiceMicrosoft.Office365.OAuth.XamarinMicrosoft.Office365.ClientLib.JSAdd Office 365 API to your projectOffice 365 apps in Visual Studio

Configure permissions:

Will automatically configure application in AADAdds nuget packages and configuration settings

Adds references to project and stores configurationOffice 365 apps in Visual Studio

DEMORegistering Office 365 app in Visual StudioMicrosoft.IdentityModel.Clients.ActiveDirectory15Microsoft SharePoint Server 2013 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Registering applications in Azure ADYour apps are registered in Azure AD

Azure Active Directory

Specify the service and permissions

Office 365 Exchange Online serviceAccess to Mail, Calendar, ContactsOffice 365 SharePoint Online serviceAccess to Files in SharePoint Online or OneDrive for BusinessAzure Active Directory

DEMORegistering Office 365 app in Azure PortalAzure AD Authentication & AuthorizationOAuth 2.0 Authorization Code Grant flowApp uses access token on your behalfOauth 2.0 Client Credentials Grant FlowApp runs with own permissionsOnly supported by contacts, calendar & mailAuthentication and AuthorizationApp redirects user to an AAD authentication endpointAuthentication for Office 365 Apps

Your app gets the user's email address. It contacts Discovery Service with email address and the set of scopes the app wants to access.22User authenticates and grants consent

Azure AD issues an authorization codeAuthentication for Office 365 Apps

The app goes to the Azure AD authorization endpoint and the user authenticates and grants consent (if consent has not been granted before). Azure AD issues an authorization code.23User authenticates and grants consent

Authentication for Office 365 Apps

App passes authorization code to AAD

Azure AD returns access and refresh tokensAuthentication for Office 365 Apps

Your app redeems the authorization code. Azure returns an access token and a refresh token.25App uses access/refresh tokens to access Office 365 API

Authentication for Office 365 Apps

Your app can now call Office 365 APIs using the URI from Discovery Service and the access token. Office 365 returns Http Response.26Authenticate by using Active Directory Authentication Library (ADAL)Discover available App capabilities. Returns only services App has access to.Connect through Outlook/SharePoint Services ClientProgramming with Office 365 APIGet resource endpoints from discovery service

Programming with Office 365 APIEnd Point (i.e)Discoveryhttps://api.office.com/discovery/v1.0/meMailContactsCalendarhttps://{server_name}/api/{version}/{user_context}https://outlook.office365.com/api/v1.0/meOneDrive for Businesshttps://{tenant}-my.sharepoint.com/_api/v1.0/meSiteshttps://{tenant}.sharepoint.com/{site-path}/_api/v1.0Discovery client from WebApp// Get user and object ID from claimsvar signInUserId = ClaimsPrincipal.Current.FindFirst(ClaimTypes.NameIdentifier).Value;var userObjectId = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;

// Authority: "https://login.windows.net/"AuthenticationContext authContext = new AuthenticationContext(SettingsHelper.Authority, new ADALTokenCache(signInUserId));

// Create Discovery Client// DiscoveryServiceEndpointUri: "https://api.office.com/discovery/v1.0/me/"// DiscoveryServiceResourceId: "https://api.office.com/discovery/"DiscoveryClient discClient = new DiscoveryClient(SettingsHelper.DiscoveryServiceEndpointUri, async () => { var authResult = await authContext.AcquireTokenSilentAsync( SettingsHelper.DiscoveryServiceResourceId, new ClientCredential(SettingsHelper.ClientId, SettingsHelper.AppKey), new UserIdentifier(userObjectId, UserIdentifierType.UniqueId));

return authResult.AccessToken; });

Discovery client from Native AppauthenticationContext = new AuthenticationContext("https://login.windows.net/Common/");AuthenticationResult authenticationResult = authenticationContext.AcquireToken("https://graph.windows.net", ClientId, new Uri(RedirectUri));DiscoveryClient discoveryClient = new DiscoveryClient(new Uri("https://api.office.com/discovery/v1.0/me/"), async () => { return await GetAccessTokenForServiceAsync("https://api.office.com/discovery/"); });

private async Task GetAccessTokenForServiceAsync(string serviceResourceId){ AuthenticationResult authResult = await this.authenticationContext.AcquireTokenSilentAsync(serviceResourceId, ClientId); return authResult.AccessToken;}Outlook Services Client// Discover if resource is availableCapabilityDiscoveryResult dcr = await discClient.DiscoverCapabilityAsync(Mail);

// Get the OutlookServicesClient: this gives access to mail, contacts, calendarreturn new OutlookServicesClient(dcr.ServiceEndpointUri, async () => { var authResult = await authContext.AcquireTokenSilentAsync( dcr.ServiceResourceId, new ClientCredential(SettingsHelper.ClientId, SettingsHelper.AppKey), new UserIdentifier(userObjectId, UserIdentifierType.UniqueId));

return authResult.AccessToken; });Gives access to Mail, Calendar and ContactsOutlook Services Client

Send email// Initialize variablesstring subject = "Mail sent by using Office 365 APIs";string recipients = "lieven@u2u365.onmicrosoft.com;els@u2u365.onmicrosoft.com";string bodyContent = "This email was created from code and was sent using the Office 365 APIs";

// Prepare list of recipientsList toRecipients = recipients .Split(new char[]{';'}, StringSplitOptions.RemoveEmptyEntries) .Select( recipient => new Recipient { EmailAddress = new EmailAddress { Address = recipient, Name = recipient } }) .ToList();

// Create draft messageMessage draft = new Message() { Subject = subject, Body = new ItemBody { ContentType = BodyType.Text, Content = bodyContent}, ToRecipients = toRecipients };Send email// Add the message to the draft folder. This results in a call to the service. // Returns full item but unfortunately you dont have access to it.await outlookServicesClient.Me.Folders.GetById("Drafts").Messages.AddMessageAsync(draft);

// Gets the full draft message, including the identifier needed to issue a send mail request.// This results in a call to th