/// <summary>
/// Sends a JSON OData request appending the SharePoint canary to the request header.
/// Appending the canary to the request is necessary to perform write operations (e.g. create, update, delete list items)
/// The canary is a security measure to prevent cross site scripting attacks
/// </summary>
/// <param name="uri">The request uri</param>
/// <param name="method">The http method</param>
/// <param name="requestContent">A stream containing the request content</param>
/// <param name="clientHandler">The request client handler</param>
/// <param name="authUtility">An instance of the auth helper to perform authenticated calls to SPO</param>
/// <returns></returns>
public static async Task<byte[]> SendODataJsonRequestWithCanary(Uri uri, HttpMethod method, Stream requestContent, HttpClientHandler clientHandler, SharePointAuthentication authUtility)
{
// Make a post request to {siteUri}/_api/contextinfo to get the canary
var response = await HttpUtility.SendODataJsonRequest(
new Uri(String.Format("{0}/_api/contextinfo", SharePointAuthentication.Current.SiteUrl)),
HttpMethod.Post,
null,
clientHandler,
SharePointAuthentication.Current);
Dictionary<String, IJsonValue> dict = new Dictionary<string, IJsonValue>();
HttpUtility.ParseJson(JsonObject.Parse(Encoding.UTF8.GetString(response, 0, response.Length)), dict); // parse the JSON response containing the canary
string canary = dict["FormDigestValue"].GetString(); // the canary is contained in the FormDigestValue of the response body
// Make the OData request passing the canary in the request headers
return await HttpUtility.SendODataJsonRequest(
uri,
method,
requestContent,
clientHandler,
SharePointAuthentication.Current,
new Dictionary<string, string> {
{ "X-RequestDigest", canary }
});
}
public static async Task <bool> Create(Uri spSiteUrl, string username, string password, bool useIntegratedWindowsAuth)
{
var utility = new SharePointAuthentication(spSiteUrl, username, password, useIntegratedWindowsAuth);
CookieContainer cookieContainer = await utility.GetCookieContainer();
if (cookieContainer != null && cookieContainer.Count > 0)
{
var cookies = from Cookie cookie in cookieContainer.GetCookies(spSiteUrl)
where cookie.Name == "FedAuth"
select cookie;
if (cookies.Any())
{
current = utility;
return(true);
}
//throw new Exception("Could not retrieve Auth cookies");
}
return(false);
}
/// <summary>
/// Sends a JSON OData request appending SPO auth cookies to the request header.
/// </summary>
/// <param name="uri">The request uri</param>
/// <param name="method">The http method</param>
/// <param name="requestContent">A stream containing the request content</param>
/// <param name="clientHandler">The request client handler</param>
/// <param name="authUtility">An instance of the auth helper to perform authenticated calls to SPO</param>
/// <param name="headers">The http headers to append to the request</param>
public static async Task<byte[]> SendODataJsonRequest(Uri uri, HttpMethod method, Stream requestContent, HttpClientHandler clientHandler, SharePointAuthentication authUtility, Dictionary<string, string> headers = null)
{
if (clientHandler.CookieContainer == null)
clientHandler.CookieContainer = new CookieContainer();
CookieContainer cookieContainer = await authUtility.GetCookieContainer(); // get the auth cookies from SPO after authenticating with Microsoft Online Services STS
foreach (Cookie c in cookieContainer.GetCookies(uri))
{
clientHandler.CookieContainer.Add(uri, c); // apppend SPO auth cookies to the request
}
return await SendHttpRequest(
uri,
method,
requestContent,
"application/json;odata=verbose;charset=utf-8", // the http content type for the JSON flavor of SP REST services
clientHandler,
headers);
}
public static async Task<bool> Create(Uri spSiteUrl, string username, string password, bool useIntegratedWindowsAuth)
{
var utility = new SharePointAuthentication(spSiteUrl, username, password, useIntegratedWindowsAuth);
CookieContainer cookieContainer = await utility.GetCookieContainer();
if (cookieContainer != null && cookieContainer.Count > 0)
{
var cookies = from Cookie cookie in cookieContainer.GetCookies(spSiteUrl)
where cookie.Name == "FedAuth"
select cookie;
if (cookies.Any())
{
current = utility;
return true;
}
//throw new Exception("Could not retrieve Auth cookies");
}
return false;
}
