POC on implementing app only call from SharePoint app and nodejs
- Configure an environment for apps for SharePoint - https://technet.microsoft.com/en-us/library/fp161236.aspx
- Create certificate to sign tokens - https://msdn.microsoft.com/en-us/library/office/fp179901.aspx. Create self-signed with IIS (valid for 1 year) or use
makecertto create with more validity period:Certifcate above will be valid for 10 years.makecert.exe -r -pe -n "CN=<common name, for example sp2013dev>" -m 120 -len 4096 -a sha256 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
- Export private
.pfxand public.cerparts of the certificate. Certificate generated withmakecertavaliable under IIS server certificates. - Create new trusted root authority and trusted token issuer in SharePoint. Use
CreateTrust.ps1, update parameters$publicCertPath,$authorityName,$issuerId,$tokenIssuerName. - Register new app inside SharePoint -
<site url>/_layouts/15/appregnew.aspxand save ClientId value. - Apply permissions to the app -
<site url>/_layouts/15/appinv.aspx. Lookup the app by id, and paste the following xml:Click on "Trust".<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" /> </AppPermissionRequests>
- Download and install openssl - https://slproweb.com/products/Win32OpenSSL.html
- Create private key and sha thumbprint for node js using
CerateKeys.ps1. Update params$openSSLPath,$pfxPath,$pfxPassword - File
spaddin.keywill be created, in console sha thumbprint will be displayed. Save thumbprint. - Update
index.jswith appropriate values:
siteUrl- SharePoint site urlclientid- Client Id generated on step 5realm- SharePoint farm id (Get-SPFarm | Select Id)issuerid- issuer id from step 4x5t- sha thumbprint from step 9keyFilePath- path to.keyfile created on step 9
- Run
node index.jsand see all list from the site.