/// <summary> /// Creates a SharePointContext instance with the specified HTTP request. /// </summary> /// <param name="httpRequest">The HTTP request.</param> /// <returns>The SharePointContext instance. Returns <c>null</c> if errors occur.</returns> private SharePointContext CreateSharePointContext(HttpRequestBase httpRequest, string targetUrl = null) { if (httpRequest == null) { throw new ArgumentNullException("httpRequest"); } // SPHostUrl Uri spHostUrl = (string.IsNullOrWhiteSpace(targetUrl)) ? TokenHelper.GetSPHostUrl(httpRequest) : new Uri(targetUrl); if (spHostUrl == null) { return(null); } // SPAppWebUrl string spAppWebUrlString = ProcessTokenStrings.EnsureTrailingSlash(httpRequest.QueryString[SharePointKeys.SPAppWebUrl.ToString()]); Uri spAppWebUrl; if (!Uri.TryCreate(spAppWebUrlString, UriKind.Absolute, out spAppWebUrl) || !(spAppWebUrl.Scheme == Uri.UriSchemeHttp || spAppWebUrl.Scheme == Uri.UriSchemeHttps)) { spAppWebUrl = null; } // SPLanguage string spLanguage = httpRequest.QueryString[SharePointKeys.SPLanguage.ToString()]; if (string.IsNullOrEmpty(spLanguage)) { return(null); } // SPClientTag string spClientTag = httpRequest.QueryString[SharePointKeys.SPClientTag.ToString()]; if (string.IsNullOrEmpty(spClientTag)) { return(null); } // SPProductNumber string spProductNumber = httpRequest.QueryString[SharePointKeys.SPProductNumber.ToString()]; if (string.IsNullOrEmpty(spProductNumber)) { return(null); } return(this.CreateSharePointContext(spHostUrl, spAppWebUrl, spLanguage, spClientTag, spProductNumber, httpRequest)); }
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContextBase httpContext) { SharePointAcsContext spAcsContext = spContext as SharePointAcsContext; if (spAcsContext != null) { Uri spHostUrl = TokenHelper.GetSPHostUrl(httpContext.Request); string contextToken = ProcessTokenStrings.GetContextTokenFromRequest(httpContext.Request); HttpCookie spCacheKeyCookie = httpContext.Request.Cookies[SharePointKeys.SPCacheKey.ToString()]; string spCacheKey = spCacheKeyCookie != null ? spCacheKeyCookie.Value : null; return(spHostUrl == spAcsContext.SPHostUrl && !string.IsNullOrEmpty(spAcsContext.CacheKey) && spCacheKey == spAcsContext.CacheKey && !string.IsNullOrEmpty(spAcsContext.ContextToken) && (string.IsNullOrEmpty(contextToken) || contextToken == spAcsContext.ContextToken)); } return(false); }
/// <summary> /// Checks if it is necessary to redirect to SharePoint for user to authenticate. /// </summary> /// <param name="httpContext">The HTTP context.</param> /// <param name="redirectUrl">The redirect url to SharePoint if the status is ShouldRedirect. <c>Null</c> if the status is Ok or CanNotRedirect.</param> /// <returns>Redirection status.</returns> private RedirectionStatus CheckRedirectionStatus(HttpContextBase httpContext, out Uri redirectUrl) { if (httpContext == null) { throw new ArgumentNullException("httpContext"); } redirectUrl = null; bool contextTokenExpired = false; try { if (this.GetSharePointContext(httpContext) != null) { return(RedirectionStatus.Ok); } } catch (SecurityTokenExpiredException) { contextTokenExpired = true; } if (!string.IsNullOrEmpty(httpContext.Request.QueryString[SharePointKeys.SPHasRedirectedToSharePoint.ToString()]) && !contextTokenExpired) { return(RedirectionStatus.CanNotRedirect); } Uri spHostUrl = TokenHelper.GetSPHostUrl(httpContext.Request); if (spHostUrl == null) { return(RedirectionStatus.CanNotRedirect); } if (StringComparer.OrdinalIgnoreCase.Equals(httpContext.Request.HttpMethod, "POST")) { return(RedirectionStatus.CanNotRedirect); } Uri requestUrl = httpContext.Request.Url; var queryNameValueCollection = HttpUtility.ParseQueryString(requestUrl.Query); // Removes the values that are included in {StandardTokens}, as {StandardTokens} will be inserted at the beginning of the query string. queryNameValueCollection.Remove(SharePointKeys.SPHostUrl.ToString()); queryNameValueCollection.Remove(SharePointKeys.SPAppWebUrl.ToString()); queryNameValueCollection.Remove(SharePointKeys.SPLanguage.ToString()); queryNameValueCollection.Remove(SharePointKeys.SPClientTag.ToString()); queryNameValueCollection.Remove(SharePointKeys.SPProductNumber.ToString()); // Adds SPHasRedirectedToSharePoint=1. queryNameValueCollection.Add(SharePointKeys.SPHasRedirectedToSharePoint.ToString(), "1"); UriBuilder returnUrlBuilder = new UriBuilder(requestUrl); returnUrlBuilder.Query = queryNameValueCollection.ToString(); // Inserts StandardTokens. const string StandardTokens = "{StandardTokens}"; string returnUrlString = returnUrlBuilder.Uri.AbsoluteUri; returnUrlString = returnUrlString.Insert(returnUrlString.IndexOf("?") + 1, StandardTokens + "&"); // Constructs redirect url. string redirectUrlString = ProcessTokenStrings.GetAppContextTokenRequestUrl(spHostUrl.AbsoluteUri, Uri.EscapeDataString(returnUrlString)); redirectUrl = new Uri(redirectUrlString, UriKind.Absolute); return(RedirectionStatus.ShouldRedirect); }
/// <summary> /// Retrieves an access token from ACS using the specified authorization code, and uses that access token to /// create a client context /// </summary> /// <param name="targetUrl">Url of the target SharePoint site</param> /// <param name="authorizationCode">Authorization code to use when retrieving the access token from ACS</param> /// <param name="redirectUri">Redirect URI registered for this add-in</param> /// <returns>A ClientContext ready to call targetUrl with a valid access token</returns> internal ClientContext GetClientContextWithAuthorizationCode(string targetUrl, string authorizationCode, Uri redirectUri) { return(this.GetClientContextWithAuthorizationCode(targetUrl, ProcessTokenStrings.SharePointPrincipal, authorizationCode, ProcessTokenStrings.GetRealmFromTargetUrl(new Uri(targetUrl)), redirectUri)); }