7

我们使用 SharePoint 客户端对象模型为 SharePoint 在线构建 Windows 客户端应用程序。我们想使用 OAuth 对这个 Windows 客户端应用程序进行身份验证,但我们没有找到方法;并且 MSDN 上的文档是模棱两可的。

本文提供了一个示例,但是,当我使用链接创建新应用程序时, https://<TENANT>.sharepoint.com/_layouts/appregnew.aspx在客户端计算机上运行的应用程序”选项被禁用,SharePoint 在线站点中是否有设置启用此功能?

4

2 回答 2

7

经过大量尝试后我得到了这个工作

我想这不是最美妙的代码,但它是:

/// <summary>
/// Sets needed values
/// </summary>
/// <param name="clientId">The ClientId from the application</param>
/// <param name="redirectUri">The RedirectUri where the browser has to be send.</param>
/// <param name="resource">The source you want to access</param>
public OneDriveConnection(string clientId, string clientSecret, string redirectUri, string resource)
{
    this._clientId = clientId;
    this._redirectUri = Uri.EscapeDataString(redirectUri);
    this._resource = Uri.EscapeDataString(resource);
    this._clientSecret = clientSecret;
}

接下来我创建一个浏览器,提示用户登录:

/// <summary>
/// Authorizes the application
/// </summary>
public void Authorize()
{
    /* EXAMPLE: GET https://login.windows.net/common/oauth2/authorize
        * ?response_type=code
        * &client_id=acb81092-056e-41d6-a553-36c5bd1d4a72
        * &redirect_uri=https://mycoolwebapp.azurewebsites.net
        * &resource=https:%2f%2foutlook.office365.com%2f
        * &state=5fdfd60b-8457-4536-b20f-fcb658d19458 */

    string baseUri = "https://login.windows.net/common/oauth2/authorize";
    string authorizationUri = string.Format(baseUri
        + "?response_type=code"
        + "&client_id={0}"
        + "&redirect_uri={1}"
        + "&resource={2}"
        + "&state={3}", this._clientId, this._redirectUri, this._resource, "5fdfd60b-8457-4536-b20f-fcb658d19458");

    // Create the form
    Form webBrowserForm = new Form();
    webBrowserForm.MaximizeBox = false;
    webBrowserForm.MinimizeBox = false;
    webBrowserForm.Size = new System.Drawing.Size(580, 890);
    webBrowserForm.Text = "Webbrowser";
    webBrowserForm.FormBorderStyle = FormBorderStyle.FixedDialog;
    webBrowserForm.StartPosition = FormStartPosition.CenterScreen;

    // Create the WebBrowser
    WebBrowser webBrowser = new WebBrowser();
    webBrowser.Width = 580;
    webBrowser.Height = 890;
    webBrowser.Location = new System.Drawing.Point(0, 0);
    webBrowser.ShowPageSetupDialog();

    // Hook event to the webBrowser
    webBrowser.Navigated += webBrowser_Navigated;

    // Show the webBrowser and form to the user
    webBrowserForm.Controls.Add(webBrowser);
    webBrowserForm.Show();

    // Navigate to the authorizationUri
    webBrowser.Navigate(authorizationUri);
}

这里我检查是否有代码来执行 GetTokenInformation 方法:

/// <summary>
/// When the url has code in it and contains a session_state get the code and do the GetTokenInformation
/// </summary>
private void webBrowser_Navigated(object sender, WebBrowserNavigatedEventArgs e)
{
    if (e.Url.AbsoluteUri.Contains("code=") && e.Url.AbsoluteUri.Contains("session_state"))
    {
        string[] splited = e.Url.AbsoluteUri.Split(new char[] { '=', '&' });
        _code = splited[1];

        if (!string.IsNullOrWhiteSpace(_code)
            && !string.IsNullOrWhiteSpace(_redirectUri)
            && !string.IsNullOrWhiteSpace(_clientId))
        {
            GetTokenInformation(_code, _redirectUri, _clientId, _clientSecret);
        }
        else
        {
            _connected = false;
        }
    }
}

在 GetTokenInformation 方法中,我得到了使用 Newtonsoft.Json dll 放入 TokenInformation 类的 TokenInformation

/// <summary>
/// This method gets tokeninformation: access_token, token_type, expires_in, resource, refresh_token, scope, id_token
/// </summary>
/// <param name="code">Code from the authorize request</param>
/// <param name="redirectUri">Reply url for your application</param>
/// <param name="clientId">Your applications client id in Windows Azure Directory</param>
/// <param name="clientSecret">Your applications client secret</param>
private void GetTokenInformation(string code, string redirectUri, string clientId, string clientSecret)
{
    // Get the token information that is set above in the constructor with the help of the clientId, clientSecret and code and as well as the redirectUri without it you can't connect to it otherwise it will crash if you don't do it like that
    string baseUri = "https://login.windows.net/common/oauth2/token";
    string parameters = string.Format("grant_type=authorization_code"
        + "&code={0}"
        + "&redirect_uri={1}"
        + "&client_id={2}"
        + "&client_secret={3}", code, redirectUri, clientId, clientSecret);
    string response = HttpPost(baseUri, parameters);

    if (!string.IsNullOrWhiteSpace(response))
    {
        _tokenInformation = JsonConvert.DeserializeObject<TokenInformation>(response);
        _connected = true;
    }
    else
    {
        _connected = false;
    }
}

这是我使用 Newtonsoft.Json dll 的 TokenInformation 类:

[JsonObject(MemberSerialization.OptIn)]
class TokenInformation
{
    [JsonProperty(PropertyName = "access_token")]
    public string AccessToken { get; set; }

    [JsonProperty(PropertyName = "token_type")]
    public string TokenType { get; set; }

    [JsonProperty(PropertyName = "expires_in")]
    public int ExpiresIn { get; set; }

    [JsonProperty(PropertyName = "expires_on")]
    public int ExpiresOn { get; set; }

    [JsonProperty(PropertyName = "resource")]
    public string Resource { get; set; }

    [JsonProperty(PropertyName = "refresh_token")]
    public string RefreshToken { get; set; }

    [JsonProperty(PropertyName = "scope")]
    public string Scope { get; set; }

    [JsonProperty(PropertyName = "id_token")]
    public string IdToken { get; set; }
}

这是我找到连接到 SharePoint/Office365 所需的请求的地方:链接

于 2014-07-22T07:16:04.823 回答
0

您可以尝试使用应用程序作为“代理”来执行 oAuth 作为解决方法。本机应用程序用来直接连接到服务的“隐式”oAuth 流尚不可用 AFAIK

于 2013-11-22T18:32:22.970 回答