59
Get Started with Apps for SharePoint 2013! Danny Jessee @RestonSPUG January 7, 2013

Get Started with Apps for SharePoint 2013!

Embed Size (px)

DESCRIPTION

Presentation given at Reston SPUG January 7, 2013

Citation preview

Page 1: Get Started with Apps for SharePoint 2013!

Get Started with Apps for SharePoint 2013!Danny Jessee@RestonSPUGJanuary 7, 2013

Page 2: Get Started with Apps for SharePoint 2013!

MCPD, MCTSSharePoint Developer 2010SharePoint 2010, Configuring

9 yearsSharePoint experience

[email protected]

Sr. SharePointDeveloperWashington, DC metro area

Who Am I?

Photo courtesy Marie Sly | mariesly.com

@dannyjessee

Page 3: Get Started with Apps for SharePoint 2013!

Agenda SharePoint development options (pre-2013) Shortcomings of legacy approaches SharePoint 2013 development improvements

Apps for SharePoint Geolocation data in SharePoint 2013 Demo time!

Page 4: Get Started with Apps for SharePoint 2013!

What we won’t be discussing… Administrative configuration required to support apps for SharePoint Setting up the app domain in DNS (new Forward Lookup Zone, new

CNAME alias), configuring the App Management and Subscription Settings service applications, configuring app URLs and setting up an app catalog

Cloud-hosted apps (beyond an introduction) Office 365 + Windows Azure Services + SQL Azure Office 365 “Napa” development tools

Advanced app permissions scenarios/OAuth in detail

SharePoint Store or app licensing

Page 5: Get Started with Apps for SharePoint 2013!

Before we begin… How many of you are:

Developers? System administrators? IT pros? Others?

Who has already seen or worked with SharePoint 2013?

Is anyone already building apps for SharePoint?

Page 6: Get Started with Apps for SharePoint 2013!

Development optionsSharePoint 2007

Page 7: Get Started with Apps for SharePoint 2013!

SharePoint 2007 dev options Farm solutions (*.wsp) Full server-side object model, no limitations in functionality or scope (unless bin/CAS policy in use)

All deployments require physical access to the server

Potentially harmful solutions, privileged identities Have you met my best friend RunWithElevatedPrivileges? I’m supposed to Dispose() these objects? Oh, just do another IISRESET…

Made environments difficult and costly to upgrade

Page 8: Get Started with Apps for SharePoint 2013!

Development optionsSharePoint 2010

Page 9: Get Started with Apps for SharePoint 2013!

SharePoint 2010 dev options Enter sandbox!

“We’re off to never never-land” (or is it the cloud?)

With sandboxed solutions: Code has access to a limited, “safe” subset of the SharePoint object

model Assemblies are loaded by an isolated process that uses a low-

privilege identity Solution framework terminates code if it does not respond to

requests within a specified duration

Deployed by site collection administrators IT involvement no longer needed (they still set/manage resource

quotas)

Farm solutions still a viable option on-premises

Page 10: Get Started with Apps for SharePoint 2013!

What’s wrong with this picture?

Page 11: Get Started with Apps for SharePoint 2013!

Shortcomings of legacy approaches Code is executing on the SharePoint frontend servers

Difficult to run code anywhere but within SharePoint Ever try coding against the .asmx web services? CSOM wasn’t fully “there” yet

SharePoint developers required for everything Need to know Visual Studio, .NET, SharePoint server-side object model

Solutions are notoriously bad at cleaning up after themselves on uninstall

Farm solutions are a non-starter in the cloud

Page 12: Get Started with Apps for SharePoint 2013!

Steps in the right direction SharePoint 2010 introduced CSOM (client.svc)

WCF entry point – direct access from clients NOT supported, proxy required Client class library for managed .NET/Silverlight Browser-based JavaScript class library (limited)

RESTful interface to access lists/libraries (listdata.svc)

Allow for interaction with SharePoint capabilities without executing code on the SharePoint server

Still fairly limited/restricted compared to server-side object model

Page 13: Get Started with Apps for SharePoint 2013!

Development optionsSharePoint 2013

Page 14: Get Started with Apps for SharePoint 2013!

SharePoint 2013 dev options Farm solutions still supported

Recommended only for administrative extensions (timer jobs, custom cmdlets)

Full-trust only (CAS policies are now ignored)

Sandboxed solutions still allowed, but deprecated .asmx web services and owssvr.dll (RPC) deprecated

Objectives are to maximize flexibility and capability while minimizing footprint on the SharePoint server This has been the goal since at least SharePoint 2010, but Microsoft has

made VERY significant investments to make this a reality in SharePoint 2013

Page 15: Get Started with Apps for SharePoint 2013!

SharePoint 2013 improvements CSOM WCF entry point can now be accessed directly via REST-based calls (no proxy required!) /_vti_bin/client.svc /_api Much easier for JavaScript (and other non-.NET clients) to leverage

Now possible to fully interact with SharePoint from external platforms

Many new APIs added to CSOM Additional SharePoint Server functionality: user profiles, search,

taxonomy, feeds, publishing, sharing, workflow, e-discovery, information rights management, analytics, business data

Page 16: Get Started with Apps for SharePoint 2013!

Which API is right for the job?

Image from http://msdn.microsoft.com/en-us/library/sharepoint/jj164060.aspx

Page 17: Get Started with Apps for SharePoint 2013!

Apps for SharePoint

Page 18: Get Started with Apps for SharePoint 2013!

Apps for SharePoint (*.app) New mechanism to deploy code-based customizations to the SharePoint platform Contains an XML app manifest, installed to a specific target site (host

web)

Self-contained, isolated pieces of functionality Can add basic files (e.g., CSS, JavaScript), create pages and lists in

isolated storage (app web)

No server-side code runs inside SharePoint

Page 19: Get Started with Apps for SharePoint 2013!

Everything is an app!

Page 20: Get Started with Apps for SharePoint 2013!

App development options “Napa” Office 365 development tools

Browser-based development environment (no other tools required) App projects can be downloaded and opened in Visual Studio

Visual Studio 2012 with Office developer tools

Page 21: Get Started with Apps for SharePoint 2013!

Types of apps Provider-hosted

Deployed outside the SharePoint server Can run in the cloud or on a different on-premises web server

Autohosted Automatically provisions resources to Windows Azure and SQL Azure Ultimate scalability

SharePoint-hosted (on-premises) Deployed to an SPWeb known as the host web Provisions its resources on an SPWeb known as the app web Good for simple solutions, 100% client-side code

Page 22: Get Started with Apps for SharePoint 2013!

Types of apps

Image from http://msdn.microsoft.com/en-us/library/fp179930.aspx

Page 23: Get Started with Apps for SharePoint 2013!

What can I do with an app? Features (Web-scoped) Custom actions Remote event receivers App parts (client web

part) Custom CSS files Custom JavaScript files Modules (sets of files) Pages List templates

• List and library instances• Custom list forms• Custom list views• Custom content types• Fields (of built-in types)• BCS models (Web-

scoped)• Workflows• Property bags• Web templates

Page 24: Get Started with Apps for SharePoint 2013!

App shapes Apps can come in any of three shapes:

Immersive full page app: good for scenario-based apps, can still use SharePoint chroming

Part app: like a web part; hosted in an IFRAME Extension app: adding custom actions

Image from http://msdn.microsoft.com/en-us/library/fp179930.aspx

Page 25: Get Started with Apps for SharePoint 2013!

App web Each app installation has its own unique URL

App web provisioned at the time of app installation https://[app prefix][app hash].[app domain]/[relative site URL]/[app

name]

App domain should be different from host domain Built-in browser support for blocking XSS prevents code from calling

back directly to the host web SP.RequestExecutor library should be used for cross-domain calls

Page 26: Get Started with Apps for SharePoint 2013!

Host web and app web

Image from http://msdn.microsoft.com/en-us/library/fp179925.aspx

Page 27: Get Started with Apps for SharePoint 2013!

App permissions Apps for SharePoint have distinct identities

Associated with an app principal

App principal has permissions and rights Always has Full Control to the app web

Apps must request permissions to the host web or any other location outside of the app web

OAuth tokens are used to pass app identity

Page 28: Get Started with Apps for SharePoint 2013!

App permissions App permission requests must include the rights needed by the app and the scope at which those rights are needed

Rights: Scopes:

Page 29: Get Started with Apps for SharePoint 2013!

App permissions Trust must be explicitly granted by the user installing the app (all or nothing)

Page 30: Get Started with Apps for SharePoint 2013!

Geolocation data in SharePoint 2013

Page 31: Get Started with Apps for SharePoint 2013!

Geolocation data in SharePoint 2013 Geolocation is a new field type in SharePoint 2013 Allows Latitude and Longitude (decimal coordinates) to be stored in

lists Allows retrieval of current user’s location from the browser (if it

implements the W3C Geolocation API) Displays values on a Bing map Must be added declaratively/programmatically (not available from

the UI)

SQLSysClrTypes.msi must be installed on all frontends (from SQL Server Feature Pack) 2008 R2: http://

www.microsoft.com/en-us/download/details.aspx?id=26728 2012: http://

www.microsoft.com/en-us/download/details.aspx?id=29065

Page 32: Get Started with Apps for SharePoint 2013!

Geolocation data in SharePoint 2013 To use Bing Maps, you must obtain a Bing Maps API key and set its value at the web or farm level https://www.bingmapsportal.com Set-SPBingMapsKey –BingKey "<Enter a valid Bing Maps key>"

Field XML for a Geolocation column <Field ID="{b42dc311-3dad-4940-bcb7-412b57e5d017}" Name="Geolocation" DisplayName="Geolocation" Type="Geolocation" Required="FALSE" Group="Geolocation Site Columns">

Page 33: Get Started with Apps for SharePoint 2013!

Geolocation data in SharePoint 2013 Add list item

Page 34: Get Started with Apps for SharePoint 2013!

Geolocation data in SharePoint 2013 Add list item

Page 35: Get Started with Apps for SharePoint 2013!

Geolocation data in SharePoint 2013 View list item

Page 36: Get Started with Apps for SharePoint 2013!

Geolocation data in SharePoint 2013 Create a “Map View” for multiple list items

Page 37: Get Started with Apps for SharePoint 2013!

Geolocation data in SharePoint 2013 Map View

Page 38: Get Started with Apps for SharePoint 2013!

Demo time!

Page 39: Get Started with Apps for SharePoint 2013!

Get started with app development Sign up for your free Office 365 developer site

http://dev.office.com – use the “Napa” development tools

Sign up for your free 14-day trial of CloudShare ProPlus (“on-premises experience” in the cloud) http://cloudshare.com SharePoint 2013 environments have Visual Studio 2012 preinstalled! App tips and sample code: http://blog.cloudshare.com/author/danny

Give your developer VMs 10-16+ GB RAM! Download my demo project: http://sdrv.ms/XbohjT

Page 40: Get Started with Apps for SharePoint 2013!

Conclusion Microsoft has made significant improvements to the developer experience in SharePoint 2013 Anything you can do in the server-side object model can be done

through CSOM, JSOM, REST/OData

Apps are the recommended approach in 2013

Apps are not a silver bullet Whether you use apps or not, you should strive to run as little code on the SharePoint server as possible

Page 41: Get Started with Apps for SharePoint 2013!

Questions?

Page 42: Get Started with Apps for SharePoint 2013!

Thank you for your time!@[email protected]/blog

Page 43: Get Started with Apps for SharePoint 2013!

Backup slides

Page 44: Get Started with Apps for SharePoint 2013!

Farm vs. sandboxed solutions Farm solutions

Code impacts the entire farm Hosted in the IIS worker process (W3WP.exe) Application pool recycles before solution is retracted/deployed Can be used for every type of SharePoint component

Sandboxed solutions Code impacts the site collection of the solution Hosted in the user code solution worker process

(SPUCWorkerProcess.exe) No app pool recycles required to load latest version

Page 45: Get Started with Apps for SharePoint 2013!

SharePoint 2013 improvements All APIs have dual support (CSOM and REST)

Data can be returned as JSON (good for AJAX clients) or ATOM (good for any client) Can be selected with ACCEPT header (application/json,

application/atom+xml)

REST and OData are a winning combination

Page 46: Get Started with Apps for SharePoint 2013!

What about OData? New data access API for HTTP-based clients Based on open specifications (Microsoft Open Specification Promise)

Standardizes CRUD operations by mapping them to HTTP verbs (GET, POST, PUT/MERGE, DELETE)

Read the specification at http://odata.org

Page 47: Get Started with Apps for SharePoint 2013!

Tips and tricks Easy to test REST calls (GET requests) through the browser

RESTClient for Firefox https://addons.mozilla.org/en-US/firefox/addon/restclient/

JavaScript: _spPageContextInfo.webAbsoluteUrl

jQuery: $.getJSON(requestUri, null, onDataReturned)

jsRender.js makes a great templating engine to generate output from a JSON collection

Page 48: Get Started with Apps for SharePoint 2013!

Configuring an on-prem farm New instance of App Management Service App

Can be done using the farm wizard

Configure root domain name for all app webs Set-SPAppDomain cmdlet

Create instance of Subscription Settings Service App Can only be done through PowerShell

Configure a name for the default tenant Set-SPAppSiteSubscriptionName cmdlet (only one tenant on-prem)

DNS setup (Visual Studio updates lmhosts file in dev)

Page 49: Get Started with Apps for SharePoint 2013!

{StandardTokens} in the query string SPHostUrl=http%3A%2F%2Fc4968397007&SPLanguage=en%2DUS&SPClientTag=0&SPProductNumber=15%2E0%2E4420%2E1017&SPAppWebUrl=http%3A%2F%2Fapps%2D68b0b5ab173c7f%2Esp2013apps%2Ecom%2FSharePointApp1

Page 50: Get Started with Apps for SharePoint 2013!

App domain security Having a separate app domain allows SharePoint to determine exactly which app generated a JavaScript callback

This allows SharePoint to authenticate an app and examine its permissions any time a call originates from the app web

Page 51: Get Started with Apps for SharePoint 2013!

App authorization policy types User-only – only takes the user identity into account

User + app – both the user identity and the app identity are considered

App-only – only the app identity is considered Requires special logic to obtain client context with app-only token http://

code.msdn.microsoft.com/officeapps/SharePoint-2013-Make-app-6e3d1ee9

Closest thing to “running elevated” or impersonating a privileged account

Page 52: Get Started with Apps for SharePoint 2013!

References

Page 53: Get Started with Apps for SharePoint 2013!

References SharePoint 2013 development overview

http://msdn.microsoft.com/en-us/library/sharepoint/jj164084.aspx

Build apps for SharePoint http://msdn.microsoft.com/en-us/library/office/apps/jj163230.aspx

Farm solutions http://msdn.microsoft.com/en-us/library/ff798425.aspx

Sandboxed solution considerations http://msdn.microsoft.com/en-us/library/ee231562.aspx

Page 54: Get Started with Apps for SharePoint 2013!

References (cont.) Deciding which SharePoint 2010 API to use

http://msdn.microsoft.com/en-us/library/hh313619%28v=office.14%29.aspx

SharePoint development in Visual Studio http://msdn.microsoft.com/en-us/library/ee330921.aspx

Choose the right API set in SharePoint 2013 http://msdn.microsoft.com/en-us/library/sharepoint/jj164060.aspx

Get started with the SharePoint 2013 REST service http://msdn.microsoft.com/en-us/library/fp142380.aspx

Page 55: Get Started with Apps for SharePoint 2013!

References (cont.) Apps for SharePoint overview

http://msdn.microsoft.com/en-us/library/fp179930.aspx

Important aspects of the app for SharePoint architecture and development landscape http://msdn.microsoft.com/en-us/library/fp179922.aspx

App permissions in SharePoint 2013 http://msdn.microsoft.com/en-us/library/fp142383.aspx

UX design for apps in SharePoint 2013 http://msdn.microsoft.com/en-us/library/fp179934.aspx

Page 56: Get Started with Apps for SharePoint 2013!

References (cont.) What’s new for developers in SharePoint 2013 http://msdn.microsoft.com/en-us/library/jj163091.aspx

Introducing SharePoint apps http://blog.tedpattison.net/Lists/Posts/Post.aspx?ID=14

Introducing the SharePoint 2013 application model http://

www.binarywave.com/blogs/eshupps/Lists/Posts/Post.aspx?ID=266

Setting up your App domain for SharePoint 2013 http://

sharepointchick.com/archive/2012/07/29/setting-up-your-app-domain-for-sharepoint-2013.aspx

Page 57: Get Started with Apps for SharePoint 2013!

References (cont.) Remove app for SharePoint instances from a SharePoint 2013 site http://technet.microsoft.com/en-us/library/fp161233.aspx

How to: Create app parts to deploy with apps for SharePoint http://msdn.microsoft.com/en-us/library/fp179921.aspx

How to: Create custom actions to deploy with apps for SharePoint http://msdn.microsoft.com/en-us/library/jj163954.aspx

Page 58: Get Started with Apps for SharePoint 2013!

References (cont.) How to: Set up an on-premises development environment for apps for SharePoint http://msdn.microsoft.com/en-us/library/fp179923.aspx

App permissions in SharePoint 2013 http://msdn.microsoft.com/en-us/library/fp142383.aspx

App authorization policy types in SharePoint 2013 http://msdn.microsoft.com/en-us/library/fp179892.aspx

Page 59: Get Started with Apps for SharePoint 2013!

References (cont.) Using the SharePoint 2013 object model in an app for SharePoint http://msdn.microsoft.com/en-us/library/jj191507.aspx

Install and Manage Apps for SharePoint 2013 http://technet.microsoft.com/en-us/library/fp161232.aspx