/// <summary>
/// Creates a SharePointContext instance with the specified HTTP request.
/// </summary>
/// <param name="httpRequest">The HTTP request.</param>
/// <returns>The SharePointContext instance. Returns <c>null</c> if errors occur.</returns>
private SharePointContext CreateSharePointContext(HttpRequestBase httpRequest, string targetUrl = null)
{
if (httpRequest == null)
{
throw new ArgumentNullException("httpRequest");
}
// SPHostUrl
Uri spHostUrl = (string.IsNullOrWhiteSpace(targetUrl)) ? TokenHelper.GetSPHostUrl(httpRequest) : new Uri(targetUrl);
if (spHostUrl == null)
{
return(null);
}
// SPAppWebUrl
string spAppWebUrlString = ProcessTokenStrings.EnsureTrailingSlash(httpRequest.QueryString[SharePointKeys.SPAppWebUrl.ToString()]);
Uri spAppWebUrl;
if (!Uri.TryCreate(spAppWebUrlString, UriKind.Absolute, out spAppWebUrl) ||
!(spAppWebUrl.Scheme == Uri.UriSchemeHttp || spAppWebUrl.Scheme == Uri.UriSchemeHttps))
{
spAppWebUrl = null;
}
// SPLanguage
string spLanguage = httpRequest.QueryString[SharePointKeys.SPLanguage.ToString()];
if (string.IsNullOrEmpty(spLanguage))
{
return(null);
}
// SPClientTag
string spClientTag = httpRequest.QueryString[SharePointKeys.SPClientTag.ToString()];
if (string.IsNullOrEmpty(spClientTag))
{
return(null);
}
// SPProductNumber
string spProductNumber = httpRequest.QueryString[SharePointKeys.SPProductNumber.ToString()];
if (string.IsNullOrEmpty(spProductNumber))
{
return(null);
}
return(this.CreateSharePointContext(spHostUrl, spAppWebUrl, spLanguage, spClientTag, spProductNumber, httpRequest));
}
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContextBase httpContext)
{
SharePointAcsContext spAcsContext = spContext as SharePointAcsContext;
if (spAcsContext != null)
{
Uri spHostUrl = TokenHelper.GetSPHostUrl(httpContext.Request);
string contextToken = ProcessTokenStrings.GetContextTokenFromRequest(httpContext.Request);
HttpCookie spCacheKeyCookie = httpContext.Request.Cookies[SharePointKeys.SPCacheKey.ToString()];
string spCacheKey = spCacheKeyCookie != null ? spCacheKeyCookie.Value : null;
return(spHostUrl == spAcsContext.SPHostUrl &&
!string.IsNullOrEmpty(spAcsContext.CacheKey) &&
spCacheKey == spAcsContext.CacheKey &&
!string.IsNullOrEmpty(spAcsContext.ContextToken) &&
(string.IsNullOrEmpty(contextToken) || contextToken == spAcsContext.ContextToken));
}
return(false);
}
/// <summary>
/// Checks if it is necessary to redirect to SharePoint for user to authenticate.
/// </summary>
/// <param name="httpContext">The HTTP context.</param>
/// <param name="redirectUrl">The redirect url to SharePoint if the status is ShouldRedirect. <c>Null</c> if the status is Ok or CanNotRedirect.</param>
/// <returns>Redirection status.</returns>
private RedirectionStatus CheckRedirectionStatus(HttpContextBase httpContext, out Uri redirectUrl)
{
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
redirectUrl = null;
bool contextTokenExpired = false;
try
{
if (this.GetSharePointContext(httpContext) != null)
{
return(RedirectionStatus.Ok);
}
}
catch (SecurityTokenExpiredException)
{
contextTokenExpired = true;
}
if (!string.IsNullOrEmpty(httpContext.Request.QueryString[SharePointKeys.SPHasRedirectedToSharePoint.ToString()]) && !contextTokenExpired)
{
return(RedirectionStatus.CanNotRedirect);
}
Uri spHostUrl = TokenHelper.GetSPHostUrl(httpContext.Request);
if (spHostUrl == null)
{
return(RedirectionStatus.CanNotRedirect);
}
if (StringComparer.OrdinalIgnoreCase.Equals(httpContext.Request.HttpMethod, "POST"))
{
return(RedirectionStatus.CanNotRedirect);
}
Uri requestUrl = httpContext.Request.Url;
var queryNameValueCollection = HttpUtility.ParseQueryString(requestUrl.Query);
// Removes the values that are included in {StandardTokens}, as {StandardTokens} will be inserted at the beginning of the query string.
queryNameValueCollection.Remove(SharePointKeys.SPHostUrl.ToString());
queryNameValueCollection.Remove(SharePointKeys.SPAppWebUrl.ToString());
queryNameValueCollection.Remove(SharePointKeys.SPLanguage.ToString());
queryNameValueCollection.Remove(SharePointKeys.SPClientTag.ToString());
queryNameValueCollection.Remove(SharePointKeys.SPProductNumber.ToString());
// Adds SPHasRedirectedToSharePoint=1.
queryNameValueCollection.Add(SharePointKeys.SPHasRedirectedToSharePoint.ToString(), "1");
UriBuilder returnUrlBuilder = new UriBuilder(requestUrl);
returnUrlBuilder.Query = queryNameValueCollection.ToString();
// Inserts StandardTokens.
const string StandardTokens = "{StandardTokens}";
string returnUrlString = returnUrlBuilder.Uri.AbsoluteUri;
returnUrlString = returnUrlString.Insert(returnUrlString.IndexOf("?") + 1, StandardTokens + "&");
// Constructs redirect url.
string redirectUrlString = ProcessTokenStrings.GetAppContextTokenRequestUrl(spHostUrl.AbsoluteUri, Uri.EscapeDataString(returnUrlString));
redirectUrl = new Uri(redirectUrlString, UriKind.Absolute);
return(RedirectionStatus.ShouldRedirect);
}
/// <summary>
/// Retrieves an access token from ACS using the specified authorization code, and uses that access token to
/// create a client context
/// </summary>
/// <param name="targetUrl">Url of the target SharePoint site</param>
/// <param name="authorizationCode">Authorization code to use when retrieving the access token from ACS</param>
/// <param name="redirectUri">Redirect URI registered for this add-in</param>
/// <returns>A ClientContext ready to call targetUrl with a valid access token</returns>
internal ClientContext GetClientContextWithAuthorizationCode(string targetUrl, string authorizationCode, Uri redirectUri)
{
return(this.GetClientContextWithAuthorizationCode(targetUrl, ProcessTokenStrings.SharePointPrincipal, authorizationCode, ProcessTokenStrings.GetRealmFromTargetUrl(new Uri(targetUrl)), redirectUri));
}
