SharePoint, Office 365, Azure, and Front end JS geek. – Chicago IL
SharePoint, Office 365, Azure, and Front end JS geek. – Chicago IL

REST

VIDEO – HTTP Header Client Secret protected Web API

Watch the video below to see a demo of protecting WebAPI with HTTP header and a Client Secret.    By default, new Web API projects lack any security mechanism and are open to any anonymous user.    Protecting Dot Net methods with an IF() statement condition provides a simple security mechanism to ensure only users who know the Client Secret are able to run the API and execute the method.

NOTE – Check out http://www.spjeff.com/2017/10/05/video-azure-ad-protected-web-api-in-an-angularjs-spa/ for more complete WebAPI security with Azure AD.

Cheers!

shades_smile

Video

Screenshots

image

Code

References

Custom Web Part – Save settings to SPList (without jQuery)

Ever wanted to code a JavaScript content editor (script editor) web part that saves settings to a list?   Without jQuery?

The library below “wp-settings.js” does exactly that with native XHR (XML HTTP Request) and nested callback to invoke REST API.   The free standing POJO (Plan Old JavaScript Object) design enables us to package into a web part gallery and use freely across any site without preparation work to ensure jQuery, Angular, or other dependent frameworks are loaded.

Look at the “webpart.html” to see example usage pattern:

  • wpsRead()  Get settings (if any)
  • wpInit()  Local web part initialize
  • wpsWrite()  Save settings (UPDATE/INSERT)

 

Cheers! 

shades_smile

 

 

Source Code

 

Video

 

Screenshots

image
image
image

 

References

SPAuditAPI – Read SharePoint audit logs from JavaScript over REST

Recently I wanted to query Audit data from the web browser client and learned no native REST api was available.   So I created one.   Below is a demonstration video and link to the full source code.

This web API enables us to execute the server object model SPAuditQuery() method from HTTP POST and provide optional filter parameters.   More filters give a narrow match and faster server response.   We want to be specific, even if only a default time range (example – past 30 days) to improve user experience and reduce system load.

Cheers! 

shades_smile

 

 

Source Code

 

Video

 

Context Diagram

image

 

Screen Shots

image
image
image

image

VIDEO – Online WebAPI Generator

I created an online service at https://spjeff.azurewebsites.net/ which generates a MVC WebAPI 2.2 project with the name you enter.   A custom ZIP file is generated server side with your custom name for the Project, Namespaces, Assembly, and sent to the browser for download.   Best practices are already enabled such as:

  • [CORS] decorator
  • [Authorize] decorator
  • Minimal packages and dependency
  • Zero MVC boilerplate
  • Lean mean API ready for dev & prod

From there double click SLN and begin coding.  Enjoy! 

shades_smile

 

Video

Online WebAPI Generator from Jeff Jones on Vimeo.

 

Screenshots

 

image

 

image

 

image

© Copyright 2016
@ SPJeff

Return to Top ▲Return to Top ▲