Create a high-trust provider hosted app for SharePoint 2013

In my current assignment, I had to create a provider hosted app. I spend about a day reading different guides online but none provided me with a working solution. I finally got it up and running and I thought I should share it.

Im running both SharePoint and the provider hosted web application on the same server.

Create certificate 

First of you need a X.509 certificate with a public and private key pair. The public key is used to register a trusted security token issuer in SharePoint and the private key is used to secure the remote web application.

I wrote a PowerShell script (Make-Cert.ps1) to help creating the certificate and install it on IIS. It accepts the following parameters:

• Domain: The url to the provider hosted web application. E.g. www.contoso.com.
• OutputDir: The folder where the certificates are created.
• Password: The password for the private certificate.

Create IIS app web

Create a new web site in IIS and bind it to SSL with the newly created certificate. This is where you will deploy your provider hosted app.

Click on the newly created web site and double click the IIS Authentication icon.
Disable Anonymous Authentication and enable Windows Authentication.

Configure an S2S trust

You need to create a trust between SharePoint and the certificate used by the app. I wrote another PowerShell script (Configure-S2S.ps1) for this. The script accepts the following parameters:

•  publicCertPath: The full path to the *.cer file
•  spUrl: The url to the SharePoint site where the app will be installed
•  trustName: A name for the trust
•  issuerId (not mandatory): You can use a pre-defined issuer id or you can have the script generate an id for you by leaving it blank.

Copy the issuer id from the script output.

Register your provider hosted app

Go to http://<your sharepoint site>/_layouts/15/appregnew.aspx

•  Generate App Id and Secret
•  Title: Enter the name of your app
•  App Domain: The app domain registered in your app service. Get the url from http://<central admin>/_admin/ConfigureAppSettings.aspx
•  Redirect url: The url to the first page of your app (https://www.myiissite.com/pages/default.aspx)

Copy the output from the page.

Create a new provider hosted app

Open Visual Studio 2012 and create a new App for SharePoint 2013 project.

The name of the app should be the same as the one you entered in appregnew.aspx

Password: The password provided in Make-Cert.ps1
Issuer ID: From the Configure-S2S.ps1 output

Open web.config in the TestAppWeb project and updat the following app setting keys:

•  ClientId: The guid generated in appregnew.aspx
•  ClientSecret: The secret generated in appregnew.aspx

Right click the SharePoint project and select Publish:
Give the profile a name and click Next


Copy the Client Id and Secret from the output from appregnew.aspx
Click Next and Finish

Deploy your provider hosted app

Go to the generated package
Open *.Web.SetParameters.xml in Notepad.
Update the IIS Web Application Name to the name of your web site (as shown in IIS Manager)
Open a command prompt and run the *.Web.deploy.cmd script with the switch /Y
This will deploy all the resources to your web site.
Upload the *.app file to your app catalog.
Add the app to your site.

Fields missing from content type

Yesterday I ran into a strange problem. I was adding some fields to a content type. Shouldnt be any problem. I created the new fields and added the appropriate <FieldRef>-tags to my content type definition. However, after deploying and recreating the content type, the new fields was not added to the content type. The fields were created as they should and the content type definition was correct in the solution.

I just found the issue. Its a silly one which i've seen before: You can't have comments inside the <FieldRefs> section in a content type definition! Everything after the comment will be ignored.

Style SharePoint 2010 lightboxes

The lightboxes in SharePoint 2010 is kind of nice. They allow you to open your pages in a modal (resizable) window. By default, the top navigation and quick launch will be hidden in the lightbox. This is done by adding the class s4-notdlg to the containing html element.

If you want some special style on an object when it is opened in a lightbox you use the class ms-dialog

Examples:
<span class="s4-notdlg">This will not show in lightboxes</span>

<style>
/* Makes the body background pink in a lightbox */
.ms-dialog body
{
background-color: pink;
}
</style>

PS.
Open a lightbox with the following JavaScript:
var options = {url: http://myspsite/default.aspx};
SP.UI.ModalDialog.showModalDialog(options);DS.

Add SafeControl entries with Visual Studio

Sometimes it is necessary to add SafeControl entries to your manifest.xml file manually. In Visual Studio 2010 you can either edit the manifest directly (by open the Package node of your project, view the Manifest and click on Edit Options) OR you can do it the safe and easy way:

• Mark your element / module node
• Find the "Safe Control Entries" in the properties and click the [...] button
• Click the Add button on the dialog
• Change the properties if necessary, and click ok.

Your SafeControl entries will now be added to the web.config.

JavaScript error in Ribbon dropdown

Today I ran in to a very strange issue with SharePoint 2010. All of a sudden, the dropdown menus in the ribbon started to throw javascript error - "null is undefined".

My first guess was that some of our javascript files caused the error (we have quite a lot of code running on the page and in the ribbon). But the error still occured after I disabling all our custom js code.

It later turned out that the error was caused by a empty CSS file! What the h*ll! Ok, fine. You shouldnt load an empty file, but doing so shouldnt break the functionality of the ribbon!

FYI: We loaded the file with CssRegistration.Register("<filename>");

Run C# code in PowerShell

Do you have any utility you written in C# that you dont want to rewrite for PowerShell? If you use PowerShell V2 you dont need to. Theres a nifty little cmdlet named Add-Type that generates a new .Net assembly using a C# code file. The new assembly is placed in memory and is available from your PowerShell script. Read more about it at Stefan Gossners blog: http://blogs.technet.com/b/stefan_gossner/archive/2010/05/07/using-csharp-c-code-in-powershell-scripts.aspx

Testing with different users

I'm always frustraded when I need to test my code with different users. Login / logout takes forever... ;-)

But if you use the InPrivate browsing feature in IE you can be logged in with multiple users at the same time! Happy times!