public SharePointAcsContext(Uri spHostUrl, Uri spAppWebUrl, string spLanguage, string spClientTag, string spProductNumber, string contextToken, SharePointContextToken contextTokenObj)
: base(spHostUrl, spAppWebUrl, spLanguage, spClientTag, spProductNumber)
{
if (string.IsNullOrEmpty(contextToken))
{
throw new ArgumentNullException("contextToken");
}
if (contextTokenObj == null)
{
throw new ArgumentNullException("contextTokenObj");
}
this.contextToken = contextToken;
this.contextTokenObj = contextTokenObj;
}
// The Page_load method fetches the context token and the access token. The access token is used by all of the data retrieval methods.
protected void Page_Load(object sender, EventArgs e)
{
string contextTokenString = TokenHelper.GetContextTokenFromRequest(Request);
if (contextTokenString != null)
{
contextToken =
TokenHelper.ReadAndValidateContextToken(contextTokenString, Request.Url.Authority);
sharepointUrl = new Uri(Request.QueryString["SPHostUrl"]);
accessToken =
TokenHelper.GetAccessToken(contextToken, sharepointUrl.Authority).AccessToken;
// In a production add-in, you should cache the access token somewhere, such as in a database
// or ASP.NET Session Cache. (Do not put it in a cookie.) Your code should also check to see
// if it is expired before using it (and use the refresh token to get a new one when needed).
// For more information, see the MSDN topic at https://msdn.microsoft.com/library/office/dn762763.aspx
// For simplicity, this sample does not follow these practices.
AddListButton.CommandArgument = accessToken;
RefreshListButton.CommandArgument = accessToken;
RetrieveListButton.CommandArgument = accessToken;
AddItemButton.CommandArgument = accessToken;
DeleteListButton.CommandArgument = accessToken;
ChangeListTitleButton.CommandArgument = accessToken;
RetrieveLists(accessToken);
}
else if (!IsPostBack)
{
Response.Write("Could not find a context token.");
}
}
/// <summary>
/// Retrieves an access token from ACS to call the source of the specified context token at the specified
/// targetHost. The targetHost must be registered for the principal that sent the context token.
/// </summary>
/// <param name="contextToken">Context token issued by the intended access token audience</param>
/// <param name="targetHost">Url authority of the target principal</param>
/// <returns>An access token with an audience matching the context token's source</returns>
public static OAuth2AccessTokenResponse GetAccessToken(SharePointContextToken contextToken, string targetHost)
{
string targetPrincipalName = contextToken.TargetPrincipalName;
// Extract the refreshToken from the context token
string refreshToken = contextToken.RefreshToken;
if (String.IsNullOrEmpty(refreshToken))
{
return null;
}
string targetRealm = Realm ?? contextToken.Realm;
return GetAccessToken(refreshToken,
targetPrincipalName,
targetHost,
targetRealm);
}
