Sharepoint 2013 MVC提供商托管的应用程序。无法在HttpPost上传递[SharePointContextFilter] [英] Sharepoint 2013 MVC provider-hosted app. Fails to pass [SharePointContextFilter] on HttpPost
问题描述
过去一周我一直在敲打我无法解决一些针对sharepoint提供商托管应用程序的正确身份验证的问题。
I have been banging my head for the past week unable to resolve some issues with proper authentication for sharepoint provider-hosted app.
我目前正在为公司的Sharepoint在线开发一个sharepoint应用程序。我正在使用Visual Studio 2013.我将该应用程序部署为公司的Windows Azure门户上的云服务。一切顺利到我需要制作HttpPost时,然后
应用程序无法进行身份验证。 Conroller的设计如下:
I am currently developing a sharepoint app for a company's Sharepoint online. I am using Visual Studio 2013. I deploy the app as a Cloud-service on the company's Windows Azure portal. Everything goes smooth up to the point when i need to make a HttpPost, then the app fails to authenticate. The design of the Conroller is as it follows:
[SharePointContextFilter]
public ActionResult Index()
{
UserSingleton user_temp = UserSingleton.GetInstance();
User spUser = null;
SharePointContext spContext = SharePointContextProvider.Current.GetSharePointContext(HttpContext);
using (var clientContext = spContext.CreateUserClientContextForSPHost())
{
if (clientContext != null)
{
spUser = clientContext.Web.CurrentUser;
clientContext.Load(spUser, user => user.Title, user => user.Email);
clientContext.ExecuteQuery();
....code....
}
}
....code....
return View();
}
加载索引页面很好,操作创建用户上下文,这一切都很好。问题来自于我尝试提交
HttpPost,如下所示:
[HttpPost]
[ValidateAntiForgeryToken]
[SharePointContextFilter]
public ActionResult GetService(System.Web.Mvc.FormCollection fc)
{
PlannedHours ph = this.PopulateModel(fc);
if (ph == null)
return View("NoInfoFound");
ViewData["PlannedHours"] = ph;
return View("Index");
}
当我通过帖子按钮调用时,我得到一个"无法确定你的身份。请通过启动您网站上安装的应用再试一次。" Shared / Error.cshtml视图。问题是当我删除 [SharePointContextFilter] 然后
它有效,但这意味着请求不会通过 [SharePointContextFilter] 因此未经过适当的身份验证?或者是吗?因为
它无法验证用户的合法性。
When I call this via the post button, i get a "Unable to determine your identity. Please try again by launching the app installed on your site." The Shared/Error.cshtml view. The thing is that when i remove the [SharePointContextFilter] then it works, but that means that the request doesn't pass through[SharePointContextFilter] thus it is not properly authenticated? Or is it? Because it fails to validate the user's legitimacy.
当我不删除时我注意到的一件事 [SharePointContextFilter] 并调用帖子,然后网址最终没有 {StandardTokens} query。
假设它是这样的 - 我的意思是它像hostname.com/Home/GetService一样,但是当我使用actionlink时,
spcontext.js 总是附加 {StandardTokens} 查询基本网址 - smth like hostname.com/Home / ActionNAme /?SPHostUrl = https%3A%2F%2FSHAREPOINTPAGEURL ....
One thing that i noticed when i don't remove [SharePointContextFilter] and invoke the post, then the url ends up without the {StandardTokens} query. Is it suppose to be like that - i mean it is smth like hostname.com/Home/GetService, however when i use actionlink the spcontext.js always appends the {StandardTokens} query to the base url - smth like hostname.com/Home/ActionNAme/?SPHostUrl=https%3A%2F%2FSHAREPOINTPAGEURL....
我注意到的是我没有呼叫hostname.com/Home/ActionNAme/附加查询无法通过 [SharePointContextFilter] 。
我是sharepoint 2013和MVC 5(Razor)的新手,所以如果你知道为什么我的HttpPost无法通过 [SharePointContextFilter] 尝试
来解释我或提出任何建议。我尝试过使用 HttpGet 然而,当我调用具有 [SharePointContextFilter] 和
追加 SPHostUrl = 令牌有效。但是我无法使用 [ValidateAntiForgeryToken]。
是  ; [ValidateAntiForgeryToken] 甚至在这样的应用程序中也需要,因为 [SharePointContextFilter]
总是检查用户的合法性?我现在很困惑。网上有大量的资料可供阅读,没有什么可以解释何时附加这些材料标准代币,何时使用 [SharePointContextFilter]
等。事实上,我正在开发一个我生命中第一次的sharepoint应用程序,而且我一直在研究和编码过去3所以我的知识还很有限,在回答时请记住这一点。在此先感谢,
我希望我能对所发生的事情做一些澄清!
I am fairly new to sharepoint 2013 and MVC 5 ( Razor ) so please if you know why my HttpPost fails to pass the [SharePointContextFilter] try to explain me or give any suggestion. I have tried using HttpGet However, when I Invoke the HttpGet having the [SharePointContextFilter] and appending the SPHostUrl= token it works. But then i cannot use the [ValidateAntiForgeryToken]. Is [ValidateAntiForgeryToken] even needed in such an app since the [SharePointContextFilter] always checks the legitimacy of the user? I am quire confused now. There is tons of material to read on the net and nothing is close to explain when to append these Standard tokens, when to use the [SharePointContextFilter] etc. The matter of fact is that I am developing a sharepoint app for the first time in my life and i've been researching and coding only for the past 3 weeks. So my knowledge is yet pretty limited, have that in mind when answering. Thanks in advance, I hope that i get some clarification about what is happening!
推荐答案
好的,快速更新。我发现了一些相当奇怪的东西。 SharePointContextFilterAttribute.cs
public class SharePointContextFilterAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext == null)
{
throw new ArgumentNullException("filterContext");
}
Uri redirectUrl;
switch (SharePointContextProvider.CheckRedirectionStatus(filterContext.HttpContext, out redirectUrl))
{
case RedirectionStatus.Ok:
return;
case RedirectionStatus.ShouldRedirect:
filterContext.Result = new RedirectResult(redirectUrl.AbsoluteUri);
break;
case RedirectionStatus.CanNotRedirect:
filterContext.Result = new ViewResult { ViewName = "Error" };
break;
}
}
}
始终返回最后一个案例( RedirectionStatus.CanNotRedirect)因为方法 SharePointContextProvider.CheckRedirectionStatus(filterContext.HttpContext,out redirectUrl)
包含一些我无法解决的问题。
Always returns the last case ( RedirectionStatus.CanNotRedirect ) because the method SharePointContextProvider.CheckRedirectionStatus(filterContext.HttpContext, out redirectUrl) contains something that I cannot wrap my head around.
首先:
Uri spHostUrl = SharePointContext.GetSPHostUrl(httpContext.Request);
if (spHostUrl == null)
{
return RedirectionStatus.CanNotRedirect;
}
好的,我理解 - 如果httpContext.Request不包含spHostUrl,它将无法重定向。由于某种原因必须存在。
Ok i understand that - if the httpContext.Request does no contain the spHostUrl it will fail to redirect. That for some reason has to be there.
但是以下内容:
if (StringComparer.OrdinalIgnoreCase.Equals(httpContext.Request.HttpMethod, "POST"))
{
return RedirectionStatus.CanNotRedirect;
}
等待WHAAAT?!?不允许POST?!!?这里发生了什么?我真的不知道我做错了什么或什么?我甚至可以使用
SharePointContext.cs 来玩游戏?我真的需要有人澄清到底发生了什么......我很感激!
Wait WHAAAT?!? No POST allowed?!!? What is going on here? I really don't know if I am doing something totally wrong or what? Am I even allowed to play around with the SharePointContext.cs ? I really need someone to clarify what exactly is going on... I'd appreciate!
这篇关于Sharepoint 2013 MVC提供商托管的应用程序。无法在HttpPost上传递[SharePointContextFilter]的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!