我们使用SharePoint客户端对象模型在线构建SharePoint客户端应用程序。我们希望使用OAuth对此Windows客户端应用程序进行身份验证,但我们没有找到方法来执行此操作; MSDN上的文档含糊不清。
这个article给出了一个示例,但是,当我使用链接https://<TENANT>.sharepoint.com/_layouts/appregnew.aspx创建新应用程序时,禁用了“在客户端计算机上运行的应用程序”选项,是否有设置SharePoint在线网站启用此功能?
答案 0 :(得分:7)
经过大量尝试后,我得到了这个工作
我猜它不是最精彩的代码,但现在是:
/// <summary>
/// Sets needed values
/// </summary>
/// <param name="clientId">The ClientId from the application</param>
/// <param name="redirectUri">The RedirectUri where the browser has to be send.</param>
/// <param name="resource">The source you want to access</param>
public OneDriveConnection(string clientId, string clientSecret, string redirectUri, string resource)
{
this._clientId = clientId;
this._redirectUri = Uri.EscapeDataString(redirectUri);
this._resource = Uri.EscapeDataString(resource);
this._clientSecret = clientSecret;
}
接下来,我创建一个浏览器,提示用户登录:
/// <summary>
/// Authorizes the application
/// </summary>
public void Authorize()
{
/* EXAMPLE: GET https://login.windows.net/common/oauth2/authorize
* ?response_type=code
* &client_id=acb81092-056e-41d6-a553-36c5bd1d4a72
* &redirect_uri=https://mycoolwebapp.azurewebsites.net
* &resource=https:%2f%2foutlook.office365.com%2f
* &state=5fdfd60b-8457-4536-b20f-fcb658d19458 */
string baseUri = "https://login.windows.net/common/oauth2/authorize";
string authorizationUri = string.Format(baseUri
+ "?response_type=code"
+ "&client_id={0}"
+ "&redirect_uri={1}"
+ "&resource={2}"
+ "&state={3}", this._clientId, this._redirectUri, this._resource, "5fdfd60b-8457-4536-b20f-fcb658d19458");
// Create the form
Form webBrowserForm = new Form();
webBrowserForm.MaximizeBox = false;
webBrowserForm.MinimizeBox = false;
webBrowserForm.Size = new System.Drawing.Size(580, 890);
webBrowserForm.Text = "Webbrowser";
webBrowserForm.FormBorderStyle = FormBorderStyle.FixedDialog;
webBrowserForm.StartPosition = FormStartPosition.CenterScreen;
// Create the WebBrowser
WebBrowser webBrowser = new WebBrowser();
webBrowser.Width = 580;
webBrowser.Height = 890;
webBrowser.Location = new System.Drawing.Point(0, 0);
webBrowser.ShowPageSetupDialog();
// Hook event to the webBrowser
webBrowser.Navigated += webBrowser_Navigated;
// Show the webBrowser and form to the user
webBrowserForm.Controls.Add(webBrowser);
webBrowserForm.Show();
// Navigate to the authorizationUri
webBrowser.Navigate(authorizationUri);
}
在这里,我检查是否有代码来执行GetTokenInformation方法:
/// <summary>
/// When the url has code in it and contains a session_state get the code and do the GetTokenInformation
/// </summary>
private void webBrowser_Navigated(object sender, WebBrowserNavigatedEventArgs e)
{
if (e.Url.AbsoluteUri.Contains("code=") && e.Url.AbsoluteUri.Contains("session_state"))
{
string[] splited = e.Url.AbsoluteUri.Split(new char[] { '=', '&' });
_code = splited[1];
if (!string.IsNullOrWhiteSpace(_code)
&& !string.IsNullOrWhiteSpace(_redirectUri)
&& !string.IsNullOrWhiteSpace(_clientId))
{
GetTokenInformation(_code, _redirectUri, _clientId, _clientSecret);
}
else
{
_connected = false;
}
}
}
在GetTokenInformation方法中,我得到了使用Newtonsoft.Json dll放入TokenInformation类的TokenInformation
/// <summary>
/// This method gets tokeninformation: access_token, token_type, expires_in, resource, refresh_token, scope, id_token
/// </summary>
/// <param name="code">Code from the authorize request</param>
/// <param name="redirectUri">Reply url for your application</param>
/// <param name="clientId">Your applications client id in Windows Azure Directory</param>
/// <param name="clientSecret">Your applications client secret</param>
private void GetTokenInformation(string code, string redirectUri, string clientId, string clientSecret)
{
// Get the token information that is set above in the constructor with the help of the clientId, clientSecret and code and as well as the redirectUri without it you can't connect to it otherwise it will crash if you don't do it like that
string baseUri = "https://login.windows.net/common/oauth2/token";
string parameters = string.Format("grant_type=authorization_code"
+ "&code={0}"
+ "&redirect_uri={1}"
+ "&client_id={2}"
+ "&client_secret={3}", code, redirectUri, clientId, clientSecret);
string response = HttpPost(baseUri, parameters);
if (!string.IsNullOrWhiteSpace(response))
{
_tokenInformation = JsonConvert.DeserializeObject<TokenInformation>(response);
_connected = true;
}
else
{
_connected = false;
}
}
这是使用Newtonsoft.Json dll的我的TokenInformation类:
[JsonObject(MemberSerialization.OptIn)]
class TokenInformation
{
[JsonProperty(PropertyName = "access_token")]
public string AccessToken { get; set; }
[JsonProperty(PropertyName = "token_type")]
public string TokenType { get; set; }
[JsonProperty(PropertyName = "expires_in")]
public int ExpiresIn { get; set; }
[JsonProperty(PropertyName = "expires_on")]
public int ExpiresOn { get; set; }
[JsonProperty(PropertyName = "resource")]
public string Resource { get; set; }
[JsonProperty(PropertyName = "refresh_token")]
public string RefreshToken { get; set; }
[JsonProperty(PropertyName = "scope")]
public string Scope { get; set; }
[JsonProperty(PropertyName = "id_token")]
public string IdToken { get; set; }
}
我在这里找到了连接到SharePoint / Office365所需的请求:link
答案 1 :(得分:0)
您应该尝试SharePoint 2013中的动态权限请求。本文介绍如何使用该流程:http://msdn.microsoft.com/en-us/library/office/jj687470.aspx
答案 2 :(得分:0)
您可以尝试使用应用作为“代理”来执行oAuth作为解决方法。 “隐式”oAuth流程是本机应用程序用于直接连接到服务的内容尚未提供AFAIK