Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / Hosted-services / Azure

Modern Authentication to Retrieve Project Context Project Online

1.80/5 (3 votes)
7 Aug 2019CPOL2 min read 10.8K  
Problem Statement: Modern Authentication to retrieve Project Context Project Online

Introduction

Authentication in Office 365:

  1. Legacy Authentication - older way Authentication
  2. Modern Authentication - new way of Authentication

What is Legacy Authentication?

Legacy authentication is the original form of authentication used in Office 365. Legacy authentication is HTTP Basic Authentication in which credentials in the form of a username and password combination are sent clear text as part of the HTTP header, which was encrypted used transport layer security (HTTPS) to make it secure to use across the Internet.

What Is Modern Authentication?

Modern authentication is a claims-based form of authentication that intends to replace legacy authentication. This uses the Azure Active Directory Authentication Libraries (ADAL) and Oauth2.

For our purposes of comparison, the main thing we care about is that legacy authentication is performed against the service whereas modern authentication is performed against the identity provider.

When a client uses legacy authentication, for example, Outlook 2010 to connect to Exchange Online, the Outlook client sends the credentials to Exchange Online and Exchange Online, then performs a proxy authentication against Azure AD as the identity provider. If the authentication was successful, the response is returned to Exchange Online which then grants access to the Outlook client.

When a client uses modern authentication, the client is redirected to Azure AD to authenticate and obtain an access token. This access token is then used by the client to gain access to Exchange Online.

In our solution, we were using Legacy authentication to connect to Project online and retrieve the Project Details. After Legacy Auth is disabled, project context was not working.

Using the Code

C#
//Code snippet to retrieve project context when the Legacy Authentication is enabled
            try
            {
                using (SecureString passWord2 = new SecureString())
                {             
                    foreach (char c in ProjectPassword.ToCharArray()) passWord2.AppendChar(c);
                    ProjectCont.Credentials = new SharePointOnlineCredentials
                                (projectOnlineUserName, passWord2);//Legacy Authentication
                    ProjectCont.Load(ProjectCont.Projects);
                    ProjectCont.ExecuteQuery();                    
                }
             }                                               
      Catch(Exception)
      {
                    throw;
      }

Requirement: Should be able to use admin account to get the project context using modern auth.

Solution 1: Pnp Context+ User Context

Use OfficeDevPnP.Core.AuthenticationManager.GetWebLoginClientContext that will prompt user to login, once we have the ClientContext, use the cookiecontainer to authenticate the ProjectContext. Below is the sample code:

C#
string siteurl = "URL";
OfficeDevPnP.Core.AuthenticationManager authmgr = new OfficeDevPnP.Core.AuthenticationManager();
ClientContext clientContext = authmgr.GetWebLoginClientContext(siteurl, null, false);
CookieCollection cookies = null;
clientContext.ExecutingWebRequest += delegate (object sender, WebRequestEventArgs e)
{
    cookies = e.WebRequestExecutor.WebRequest.CookieContainer.GetCookies(new Uri(siteurl));
};

Web spweb = clientContext.Web;
clientContext.Load(spweb);
clientContext.ExecuteQuery();
Console.WriteLine("Web:" + spweb.Title);

ProjectContext projContext = new ProjectContext(siteurl);

projContext.ExecutingWebRequest += delegate (object sender, WebRequestEventArgs e)
{
    e.WebRequestExecutor.WebRequest.CookieContainer = new CookieContainer();
    foreach (Cookie cookie in cookies)
    {
        e.WebRequestExecutor.WebRequest.CookieContainer.Add(cookie);
    }
};

var allprojects = projContext.Projects;
projContext.Load(allprojects);
projContext.ExecuteQuery();
Console.WriteLine("Projects:" + allprojects.Count);
Console.ReadKey();

Solution 2: App Context (Client and Client Secret() + User Context)

Another approach is to use provider hosted app that uses app + user, wherein user logs into SharePoint using the same service account and accesses the app, which will work and be able to get the project context.

In both the scenarios, the user auth will happen and we will have to provide the username/pwd of the service account.

We tried all possible code approaches. The requirement of CSOM to get ProjectContext (with full permission on project online) in code that needs to run without user interaction can only be possible via SharePointOnlineCredentials, and so tenant admin needs to exempt this user and allow legacy auth enabled.

History

  • 7th August, 2019: Initial version

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)