Introduction
If you want to add your Office Add-In to Microsoft´s store, you need to make sure to handle the license tokens correctly. For this purpose, this trick shows you how to write a small attribute to handle verification requests.
Background
There are 2 articles from Microsoft you should read about token handling:
Using the Code
Using the Attribute is quite easy. Just mark a controller or action with it and you're done:
[OfficeAuthorizeAttribute(AllowTrialUsers = true)]
public ActionResult Index(string id)
{
return View();
}
Each call to that action is then checked against the Microsoft Verification Service.
If you want to, you can allow testing that app by setting "AllowTrialUsers
".
The Code
public class OfficeAuthorizeAttribute : AuthorizeAttribute
{
public bool AllowTrialUsers { get; set; }
protected override bool AuthorizeCore(HttpContextBase httpContext) {
var isValid = false;
if (httpContext.Request["et"] == null) return false;
string token = httpContext.Request.Params["et"];
byte[] decodedBytes = Convert.FromBase64String(token);
string decodedToken = Encoding.Unicode.GetString(decodedBytes);
var service = new VerificationServiceClient();
var result = service.VerifyEntitlementTokenAsync(new VerifyEntitlementTokenRequest()
{EntitlementToken = decodedToken}).Result;
if (result.IsValid) {
if (result.EntitlementType == "Trial" && AllowTrialUsers) isValid = true;
if (result.IsExpired) isValid = false;
if (result.IsEntitlementExpired) isValid= false; }
if (!isValid) { httpContext.Response.Redirect("/home/NotLicensed", true); }
else { return true; } return isValid;
} }
History