protected override SharePointContext CreateSharePointContext(Uri spHostUrl, Uri spAppWebUrl, string spLanguage, string spClientTag, string spProductNumber, HttpRequest httpRequest)
{
string contextTokenString = TokenHandler.GetContextTokenFromRequest(httpRequest);
if (string.IsNullOrEmpty(contextTokenString))
{
return(null);
}
SharePointContextToken contextToken = null;
try
{
contextToken = TokenHandler.ReadAndValidateContextToken(contextTokenString, httpRequest.Host.Value);
}
//catch (WebException)
//{
// return null;
//}
catch (AudienceUriValidationFailedException)
{
return(null);
}
return(new SharePointAcsContext(spHostUrl, spAppWebUrl, spLanguage, spClientTag, spProductNumber, contextTokenString, contextToken, Configuration));
}
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext)
{
SharePointAcsContext spAcsContext = spContext as SharePointAcsContext;
//Checks for the SPCacheKey cookie and gets the value
if (spAcsContext != null)
{
//Uri spHostUrl = SharePointContext.GetUriFromQueryStringParameter
// (httpContext.Request, SharePointContext.SPHostUrlKey);
string contextToken = TokenHandler.GetContextTokenFromRequest(httpContext.Request);
//read the cookie value
var cookieCollection = httpContext.Request.Cookies;
if (!cookieCollection.ContainsKey(SPCacheKeyKey))
{
return(false);
}
var spCacheKeyCookieValue = httpContext.Request.Cookies[SPCacheKeyKey];
string spCacheKey = spCacheKeyCookieValue != null ? spCacheKeyCookieValue : null;
//return spHostUrl == spAcsContext.SPHostUrl && (taken out)
return
(!string.IsNullOrEmpty(spAcsContext.CacheKey) &&
spCacheKey == spAcsContext.CacheKey &&
!string.IsNullOrEmpty(spAcsContext.ContextToken) &&
(string.IsNullOrEmpty(contextToken) || contextToken == spAcsContext.ContextToken));
}
return(false);
}
/// <summary>
/// Creates a ClientContext with the specified SharePoint site url and the access token.
/// </summary>
/// <param name="spSiteUrl">The site url.</param>
/// <param name="accessToken">The access token.</param>
/// <returns>A ClientContext instance.</returns>
private ClientContext CreateClientContext(Uri spSiteUrl, string accessToken)
{
if (spSiteUrl != null && !string.IsNullOrEmpty(accessToken))
{
return(TokenHandler.GetClientContextWithAccessToken(spSiteUrl.AbsoluteUri, accessToken));
}
return(null);
}
/// <summary>
/// Initializes the default SharePointContextProvider instance.
/// </summary>
public static SharePointContextProvider GetInstance(SharePointConfiguration configuration)
{
_tokenHandler = new TokenHandler(configuration);
_configuration = configuration;
if (!_tokenHandler.IsHighTrustApp())
{
_current = new SharePointAcsContextProvider();
}
else
{
throw new NotImplementedException("Hight Trust is still not supported by this library.");
//current = new SharePointHighTrustContextProvider();
}
return(_current);
}
protected override SharePointContext LoadSharePointContext(HttpContext httpContext)
{
byte[] value;
httpContext.Session.TryGetValue(SPContextKey, out value);
if (value == null)
{
return(null);
}
char[] chars = new char[value.Length / sizeof(char)];
System.Buffer.BlockCopy(value, 0, chars, 0, value.Length);
string acsSessionContext = new string(chars);
var dto = JsonConvert.DeserializeObject <SharePointSessionData>(acsSessionContext);
var contextTokenObj = TokenHandler.ReadAndValidateContextToken(dto.ContextToken, httpContext.Request.Host.Value);
return(new SharePointAcsContext(dto.SpHostUrl, dto.SpAppWebUrl, dto.SpLanguage, dto.SpClientTag, dto.SpProductNumber, dto.ContextToken, contextTokenObj, Configuration));
}
/// <summary>
/// Gets the SharePoint host url from QueryString of the specified HTTP request.
/// </summary>
/// <param name="httpRequest">The specified HTTP request.</param>
/// <returns>The SharePoint host url. Returns <c>null</c> if the HTTP request doesn't contain the SharePoint host url.</returns>
public static Uri GetUriFromQueryStringParameter(HttpRequest httpRequest, string queryStringParameter)
{
if (httpRequest == null)
{
throw new ArgumentNullException(nameof(httpRequest));
}
string parameterValue = TokenHandler.EnsureTrailingSlash(httpRequest.Query[queryStringParameter]);
Uri uriValue;
if (Uri.TryCreate(parameterValue, UriKind.Absolute, out uriValue) &&
(uriValue.Scheme == Uri.UriSchemeHttp || uriValue.Scheme == Uri.UriSchemeHttps))
{
return(uriValue);
}
return(null);
}
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext)
{
SharePointAcsContext spAcsContext = spContext as SharePointAcsContext;
//Checks for the SPCacheKey cookie and gets the value
if (spAcsContext != null)
{
Uri spHostUrl = SharePointContext.GetUriFromQueryStringParameter
(httpContext.Request, SharePointContext.SPHostUrlKey);
string contextToken = TokenHandler.GetContextTokenFromRequest(httpContext.Request);
//read the cookie value
HttpCookie spCacheKeyCookie = new HttpCookie(SPCacheKeyKey, httpContext.Request.Cookies[SPCacheKeyKey]);
string spCacheKey = spCacheKeyCookie != null ? spCacheKeyCookie.Value : null;
return(spHostUrl == spAcsContext.SPHostUrl &&
!string.IsNullOrEmpty(spAcsContext.CacheKey) &&
spCacheKey == spAcsContext.CacheKey &&
!string.IsNullOrEmpty(spAcsContext.ContextToken) &&
(string.IsNullOrEmpty(contextToken) || contextToken == spAcsContext.ContextToken));
}
return(false);
}
/// <summary>
/// Initializes the default SharePointContextProvider instance.
/// </summary>
public static SharePointContextProvider GetInstance(SharePointConfiguration configuration)
{
_tokenHandler = new TokenHandler(configuration);
_configuration = configuration;
if (!_tokenHandler.IsHighTrustApp())
{
_current = new SharePointAcsContextProvider();
}
else
{
throw new NotImplementedException("Hight Trust is still not supported by this library.");
//current = new SharePointHighTrustContextProvider();
}
return _current;
}
/// <summary>
/// Checks if it is necessary to redirect to SharePoint for user to authenticate.
/// </summary>
/// <param name="httpContext">The HTTP context.</param>
/// <param name="redirectUrl">The redirect url to SharePoint if the status is ShouldRedirect. <c>Null</c> if the status is Ok or CanNotRedirect.</param>
/// <returns>Redirection status.</returns>
public static RedirectionStatus CheckRedirectionStatus(HttpContext httpContext, out Uri redirectUrl)
{
if (httpContext == null)
{
throw new ArgumentNullException(nameof(httpContext));
}
redirectUrl = null;
bool contextTokenExpired = false;
try
{
if (Current.GetSharePointContext(httpContext) != null)
{
return(RedirectionStatus.Ok);
}
}
catch (SecurityTokenExpiredException)
{
contextTokenExpired = true;
}
const string SPHasRedirectedToSharePointKey = "SPHasRedirectedToSharePoint";
if (!string.IsNullOrEmpty(httpContext.Request.Query[SPHasRedirectedToSharePointKey]) && !contextTokenExpired)
{
return(RedirectionStatus.CanNotRedirect);
}
Uri spHostUrl = SharePointContext.GetUriFromQueryStringParameter
(httpContext.Request, SharePointContext.SPHostUrlKey);
if (spHostUrl == null)
{
return(RedirectionStatus.CanNotRedirect);
}
if (StringComparer.OrdinalIgnoreCase.Equals(httpContext.Request.Method, "POST"))
{
return(RedirectionStatus.CanNotRedirect);
}
var uri = GetCurrentUrl(httpContext);
var queryNameValueCollection = Microsoft.AspNetCore.WebUtilities.QueryHelpers.ParseQuery(uri);
// Removes the values that are included in {StandardTokens}, as {StandardTokens} will be inserted at the beginning of the query string.
queryNameValueCollection.Remove(SharePointContext.SPHostUrlKey);
queryNameValueCollection.Remove(SharePointContext.SPAppWebUrlKey);
queryNameValueCollection.Remove(SharePointContext.SPLanguageKey);
queryNameValueCollection.Remove(SharePointContext.SPClientTagKey);
queryNameValueCollection.Remove(SharePointContext.SPProductNumberKey);
// Adds SPHasRedirectedToSharePoint=1.
queryNameValueCollection.Add(SPHasRedirectedToSharePointKey, "1");
UriBuilder returnUrlBuilder = new UriBuilder(uri);
returnUrlBuilder.Query = queryNameValueCollection.ToString();
// Inserts StandardTokens.
const string StandardTokens = "{StandardTokens}";
string returnUrlString = returnUrlBuilder.Uri.AbsoluteUri;
returnUrlString = returnUrlString.Insert(returnUrlString.IndexOf("?") + 1, StandardTokens + "&");
// Constructs redirect url.
string redirectUrlString = TokenHandler.GetAppContextTokenRequestUrl(spHostUrl.AbsoluteUri, Uri.EscapeDataString(returnUrlString));
redirectUrl = new Uri(redirectUrlString, UriKind.Absolute);
return(RedirectionStatus.ShouldRedirect);
}