The document outlines the SharePoint 2013 app model, describing it as a custom solution that enhances SharePoint functionality both on-premises and in Office 365. It covers design goals like stability and security, app manifest schema, and the hosting and authentication of apps. Additionally, it details the app publishing process, licensing options, and when to utilize this model for development.

1. APP MODEL FOR
SHAREPOINT 2013
Introduction

2. WHAT IS A SHAREPOINT 2013 APP?
 A SharePoint app is a custom solution that can access and
modify resources such as lists, documents, libraries, individual
items and other content.
 The SharePoint 2013 app model provides a more flexible way to
build custom functionality that runs in SharePoint organization
both on-premises and in Office 365.
 From MSDN: Apps for SharePoint are self-contained pieces of
functionality that extend the capabilities of a SharePoint
website.

3. APP MODEL DESIGN GOALS
 SharePoint App has been designed to allow application running
both on-premises installation and in the cloud.
 Te App model has been designed to address these goals
 Stability
App never runs within SharePoint host environment
 Independence
App can consume data though Web Services
 Security
Apps code is authenticated and runs under a distinct identity
 Cloud
App are published in app catalogs and in Office 365

4. APP MODEL SCHEMA
App Manifest
Web Page
HTML/CSS/JS
App
Is an XML file that specifies configurations like:
 App title, description and icon
 Supported locales, resource files for App localization
 App prerequisites (search, bcs, user profile, ecc...)
 Allowed external URLs (remote endpoints)
 App permissions

5. SOLUNTION MODELS LANDSCAPE

6. AVAILABLE SHAREPOINT ARTIFACTS IN APPS
 Features (Web-scoped only)
 Custom actions (including shortcut menu
items and ribbon customizations)
 Remote event receivers
 App Parts, that are included in SharePoint
(but not custom Web Parts)
 CSS files for use by SharePoint pages
Custom JavaScript files for use by SharePoint
pages
Modules (sets of files)
 Pages
 List templates
 List and library instances
 Custom list forms
 Custom list views
 Custom content types
 Fields (of field types that are built into
SharePoint)
 Microsoft Business Connectivity Services
(BCS) models (Web-scoped only), external
content types based on the model, and
external lists that use the content types
 Workflows
 Property bags
 Web templates (but not site definitions)

7. HOSTING APPS FOR SHAREPOINT I
SharePoint
App Web
SharePoint
Host Web
Client-side code
Your hosted site
SharePoint
Host Web
Client-side & Server-side code

8. HOSTING APPS FOR SHAREPOINT II

9. AUTHENTICATION
Internal Authentication
 SharePoint collects credentials from
users, verify them and create a
signed token (SAML format).
 SharePoint sites
 SharePoint Hosted App
 Remote-Hosted App through cross-
domain library (JS library)
External Authentication
 Usually the web server that hosts the
remote web collects and verify
credentials from the user.
 Oauth and Azure ACS
 Server-to-Server (S2S)

10. SHAREPOINT HOSTED APP
Every App follow this URL pattern:
http://[APPPREFIX]-[APPHASH].[APPDOMAIN]/[APPNAME]?{StandardTokens}
 APPPREFIX: our farm-related tenant
 APPHASH: unique id, generated on every app installation
 APPDOMAIN: our domain for Apps
 APPNAME: the name of the App
 {StandardTokens}: default querystrings for Apps:
 SPHostUrl={HostUrl}
 SPAppWebUrl={AppWebUrl}
 SPLanguage={Language}
 SPClientTag={ClientTag}
 SPProductNumber={ProductNumber}

11. SHAREPOINT HOSTED APP

12. SHAREPOINT HOSTED APP MODEL SCENARIOS

13. SHAREPOINT HOSTED APP: PROVISIONING
In the APP WEB
 With declarative provisioning using Feature (like we’re doing now with SP2010)
In the HOST WEB
 Programmatically, with REST or CSOM (this is not a best practice, but we can...)

14. SHAREPOINT HOSTED APP: UI COMPOSITION
Get syling for FREE
 SharePoint provides CSS to style content
 Master page for chrome
Resusable UI components
 List view web part
 Reusable UI controls like dialogs and callouts
 Custom actions let you extend menus, ribbon and script
App web template

15. SHAREPOINT HOSTED APP: LOCALIZATION
In a SharePoint Hosted App we can localize:
 Provisioning artifacts (as we know from SP2010)
 App manifest
 Javascript files
 ASPX pages

16. PROVIDER HOSTED APP

17. PROVIDER-HOSTED APPS
 You, or your provider for you, are the responsible for the
hosting of your App and its data
 So, you’re the responsible for hosting the App, for multi-tenancy
support, availability and all the plumbing that you may know from
hosting web services.
 Every Provider-Hosted App need a "clientId" and a "client certificate" in
order to complete trust
 IISExpress is used to host the web project
 Local DB is used for the SQL Database

18. PROVIDER-HOSTED APP: AUTHENTICATION
Apps use OAuth for secure communications
 SharePoint & web application trust third party (ACS)
Trust developed using ClientId & ClientSecret
 SharePoint & ACS know the ClientId
 Web application & ACS know the ClientSecret

19. PROVIDER HOSTED APP: CHROME CONTROL
 Artifact: in Cloud-Hosted Apps you can’t inherit from
SharePoint master page, because pages are hosted outside
SharePoint.
 The Chrome control is a Javascript control, that allows you to
give end users a familiar look based on your intranet theme.
 Provides consistent look and feel for you App
 Includes navigation link back to host site
 Customizable settings for menu commands

20. APP ENTRY POINTS
 Start Page
Full immersion experience
 App Part
 Simple IFRAMES!
 Custom pages, that users can insert into a web part page
in the Host Web, as we do with classic web parts
 Available in EVERY type of Apps
 If we are in a SharePoint-Hosted App, we have to insert:
<WebPartPages:AllowFraming ID="AllowFraming1" runat="server" />
 Ui Custom Action
 On the ribbon
 On the Edit Control Block (ECB)

21. START PAGE

22. APP PART/CLIENT WEB PART

23. APP PART IN DETAIL
Every App-Part has:
 A manifest
(used to specify page URL and
app part configurations)
 App properties
(used to customize app-part
behaviour)
 The App-Part is activated with
App installation

24. UI COMMAND – RIBBON/MENU ACTION

25. TOOLS AND TECHNOLOGIES AVAILABLE
Client Side
 JQuery
 Angular
 Bootstrap Twitter
 Enyo
 JS Client Side Object Model (CSOM)
 REST APIs
Server Side
 ASP.NET MVC
 ASP.NET MVC Web Forms
 PHP
 Ruby on Rails
 OOB ASP.NET and SharePoint controls
 Silverlight Client Side Object Model
(CSOM)
 JS Client Side Object Model (CSOM)
 .NET Client Side Object Model
 REST calls

26. HOSTING APPS FOR SHAREPOINT III

27. APP PUBLISHING
SharePoint-Hosted
 No app registration required
 Everything included in the .app
package
Provider-hosted
 Developer must acquire ClientId &
ClientSecret
 SharePoint artifacts in .app
package
 Web assets in Web Deploy
package - developer must deploy
 Developer must publish & deploy
SQL assets if not in Web Deploy
package

28. LICENSING YOUR APPS
The Office Store provides APIs for licensing SharePoint and Office Apps.
Here the validation service URL:
 https://verificationservice.officeapps.live.com/ova/verificationagent.svc
You can choose from:
 Free apps (perpetual and for all users)
 Trial apps (limited time, all users or multi-user)
 Paid apps (perpetual, all users and multi-user)

29. SHAREPOINT APP CONFIGURATION
Service Application for App Management
Two service application to configure
 App Management Service
 Site Subscription Setting Service
For Provider-Hosted App
 Register App principals
 It is necessary to set up the authentication if it not used Oauth:
S2S through certificate

30. SHAREPOINT APP: WHY?
Peppe (Giuseppe Marchi)
 Basically, when you have a specific application with a specific purpose.
 When you don’t have to communicate with other SharePoint sites or applications.
 When you want to exalt your actual WEB skills.
 When you want that your code runs into an isolated domain.
 If you want to develop for the cloud (O365).
 If you want to make money with the Office Market

31. SHAREPOINT APP: WHEN?
 Microsoft presented this model for SharePoint 2013 because the technolgies
used in real scearios are using more and more client technologies.
 The App model enrichs all the actors in the process solution development
with new capabilites and a new development and deployment apprach.
 As usual, there are no exact rules to apply this model because it depends on
requirements, environment, project constraints, etc..
 But other approaches similar to the apps can bel used:
a Single Page Application that consumes external data through REST services
 IMA SpareParts
 Macron

32. BIBLIOGRAPHY
 Giuseppe Marchi, SharePoint & Office Conference 2013, L'APP-
MODEL DI SHAREPOINT 2013 DALLA A...
 Giuseppe Marchi, SharePoint & Office Conference 2013, L'APP-
MODEL DI SHAREPOINT 2013 ... ALLA Z
 Sean Laberee, SharePoint Conference 2014, Developing and
Debugging Apps for SharePoint with Visual Studio 2013
 Microsoft Learning Product, Developing Microsoft® SharePoint®
Server 2013 Core Solutions