New codeplex project: SPWTF

Posted on 6/21/2013 @ 2:48 PM in #SharePoint by | Feedback | 3204 views

I just documented a big limitation of provider hosted apps.

To recant,

A provider hosted app has to choose, if it will make use of JavaScript based calls to SharePoint, or Server side calls to SharePoint.
IT CANNOT DO BOTH.

Why? because in your Appmanifest.xml you have to do either,

   1:    <AppPrincipal>
   2:      <RemoteWebApplication ClientId="*" />
   3:    </AppPrincipal>

or,

   1:  <AppPrincipal>
   2:      <Internal AllowedRemoteHostUrl="~remoteAppUrl"/>
   3:  </AppPrincipal>

The problem is, you can’t do both! I hope at some point MS allows us to specify both, but as of now you can’t. The first option allows server side code, the second option allows client side code. You can’t do both.

So how do we fix that? Well, I put a project on codeplex at spwtf.codeplex.com, which  channels these calls form server side via a proxy.

This requires a very minimal change to your code.  See the comment at the very top.

   1:  // Comment the below, 
   2:  // var executor = new SP.RequestExecutor(this.appweburl);
   3:  var executor = Winsmarts.SP.RestProxy;
   4:   
   5:  // and..replace with this ..
   6:  var executor = new SP.RequestExecutor(this.appweburl);
   7:  var url = this.appweburl + "/_api/SP.AppContextSite(@target)/web?" + "@target='" + this.hostweburl + "'";
   8:   
   9:  executor.executeAsync({
  10:      url: url,
  11:      method: "GET",
  12:      headers: { "Accept": "application/json; odata=verbose" },
  13:      success: function (data) {
  14:          alert(data.body);
  15:          // var jsonObject = JSON.parse(data.body);
  16:      },
  17:      error: function (data, errorCode, errorMessage) {
  18:          alert(errorMessage);
  19:      }
  20:  });

That’s it! That’s all the change you need to make. Well, there is also a helper javascript file (called SPWTF.js) and a server side service that proxies the calls, you will find all that code in the codeplex project.

Note that all these calls still use the App’s permissions and apps’ permissions. By doing so, we are not “cheating” the app model in any manner.

As of now, I haven’t had time to enhance it for CSOM client side code, but I will soon, unless someone beats me to it.

In order to use this server side proxy, you need to include from the codeplex project,

a) Add the WCF service in the services folder in your project, and

b) Include the Winsmarts\SPWTF.js  javascript on your page.

That’s it! Enjoy, let me know how it goes.

Sound off but keep it civil:

Older comments..