So I have been doing preliminary work for my iOS talk for a while, but did not get into the meat of the project until recently. One day I envision my talk uploading pictures from a camera on an iPhone or iPad into SharePoint and telling people how I did it. As you know with my Silverlight talk and any new technology, building new talks with new technologies always ends up with some pain points that you must jump over just to grab data. So step 1 always starts out with how do we even access a webservice using the new technology.
I started out watching every single SPC video available on oAuth and Rest Webservices in SharePoint 2013. I also sent an email to Eric Shupps about some REST and 2013 examples. The videos further confused me, because all the videos were on SharePoint hosted apps (provider and autohosted). I did not want to create a SharePoint hosted app, but instead a mobile app outside of the SharePoint context altogether. Nick Swan sent me his code and it was great for a starting point on how the JSON calls would look like on iOS, but I was still missing a piece. Nick does a great job on showing how to use the REST/JSON calls in a non-MS tech, however his presentation uses the SharePoint context and can grab the SPAppToken.
At this point I had to ask the question how do you grab the SAML token outside of SharePoint 2013 in iOS using Objective-C? After reading all the MSDN documentation, some documentation on Restkit and Objective-C/oAuth calls, and some SharePoint 2013 blog post my head was swimming. I was dreaming about REST and iOS in SharePoint 2013. SAML tokens were taunting me. I was nowhere near understanding 2013.
I started talking to my friend, Pedro Jimenez, who is also playing with Objective-C and went to SPC. He found me a couple good MSDN posts with REST/JSON calls that basically showed the accessToken was all I needed (at this point I was still thinking iOS needed to be a provider hosted app which is wrong). So then again I had to ask the SAML token question…How do you get a SAML token outside of SharePoint without the TokenHelper class?
So then I started talking to people and thinking why do I need to completely avoid TokenHelper…The solution in concept is basically create a webservice in Azure wrapped into a Provider Hosted App in SharePoint. Wictor Wilen created a helper webservice in the following blog post: http://www.wictorwilen.se/Post/How-to-do-active-authentication-to-Office-365-and-SharePoint-Online.aspx.
So now I have to basically stand up the webservice, the SharePoint app wrapper, and then use Restkit to call the first webservice to grab the token and then the second webservice to pass in the token and grab some SharePoint data. What this means is that you can no longer just pass credentials into SharePoint webservices and get data back. You have to pass in a SAML token with every single webservice call to SharePoint. The theory is that this token is associated with the permissions the app can handle (read, write, whatever). It seems like a ton of pain and a lot of work, but this is step 1 in my crusade to pull some piece of data into iOS from SharePoint and show people how to do it themselves. In the upcoming months hopefully I can get halfway to my end goal.