Using REST APIs of TFS and Visual Studio Online. Microsoft has been providing APIs for Team Foundation Services (TFS) from the earliest version of TFS (since Visual Studio 2. Using these APIs, we can create TFS clients and also write event handlers for the events raised by TFS. In the early days of TFS, we were expected to write only Microsoft . NET clients. We could give reference to the components that contained these APIs, and use the referred classes in the code to access various TFS services. Over the years, to facilitate collaboration between different platforms, we are now also expected to create clients in technologies other than Microsoft. NET; like Java, Java. Script and many others. For these technologies, the components that are written in . NET are not useful. To assist such programming, Microsoft has recently published the APIs in the form of RESTful services that encapsulate the services of TFS and Visual Studio Online. This article is published from the DNC Magazine for . NET Developers and Architects. Download this magazine from here . It also meant that these assemblies should be present on the computer, the compatible . NET Framework should be installed, and the assemblies should be stored in the Global Assembly Cache. In a nutshell, Team Explorer had to be installed on that computer. These prerequisites were quite restrictive. Since we are now dealing with RESTful services, we do not have to worry about these conditions. As long as we can create a HTTP request and send it over the transport to TFS, and are able to read the response; we can write a TFS client. It can be using any technology on any operating system, and on any device. What sounds particularly interesting is a case where a TFS client is able to run on a mobile device. Accessing Visual Studio Online (VSO) using such a client that uses RESTful services of TFS, has one issue that we have to overcome. That issue is related to security set up by VSO. While accessing through the browser, the Team Web Access application which is an ASP. NET application, uses credentials of the logged- in user. These credentials are usually the users Microsoft account credentials like those derived from Hotmail or Live account. RESTful services of TFS do not support authentication using such credentials. It either supports Basic authentication or OAuth. For each account of VSO, we can enable Basic authentication. Let us walk through a scenario of creating a VSO account to enable Basic Authentication. Later, we will also see the limitations of Basic Authentication and how to use OAuth. This article has been co- authored by Subodh Sohoni and Manish Sharma. Create VSO account to enable Basic Authentication. You can create a VSO account by going to http: //www. Visual Studio Online – Get Started for Free”. This free account works for up to 5 users. App development made easy with Visual Studio: Developer tools and services for any platform and any language. IDE, Devops, code editor and more. Intro: How to Write a Simple C++ Program. In this tutorial, you will learn how to write a program in the C++ programming language. This will go over 10 steps that. Visual Studio does not support any programming language, solution or tool intrinsically; instead, it allows the plugging of functionality coded as a. Microsoft has announced some new keywords and some new behavior of C# 6.0 in Visual Studio 2015. In this article we will learn the following topics. A programming site with a large section on DirectX. Includes articles, and links. User Reviewed How to Learn to Program in C. Six Parts: Getting Ready Using Variables Using Conditional Statements Learning Loops Using Functions Continuing to Learn. How to detect if Visual C++ Redistributable for Visual Studio 2012 is installed? I tried Google it and nobody has asked this question, surprise! You will need to login with your Microsoft credentials like Hotmail, Live etc. After that, you should provide a name that should be unique to your account. Now you can create your first team project on VSO. You can provide a name to that Team Project and select process template between SCRUM, Agile and CMMI. For our example, we selected the SCRUM process template. That defines the work item types that will be present in the team project. You can also choose the version control mechanism – TFVC or Git. Now that the team project is created, we will go ahead and add the support for Basic authentication in our account. To do so, open the Settings section of the account by clicking the name and then My Profile on the right top corner. Then in the profile, select the Credentials tab. Now enable Alternate credentials by clicking a link that says . This is the one which will be used for Basic Authentication to your account. RESTful services to access VSOLet us now locate the RESTFul services which we can call to access VSO services. For each account the APIs are available from the base URL https: //. From here we can access various services of VSO like Projects, Work Item Tracking, Version Control, Test Management, Team Room, Shared Services and Build services. To get URL of each service API, you can visit the page https: //www. These services mainly use GET and PATCH methods. We will focus on one of the most frequently used service and the one that requires most custom client creations, i. From our custom applications, we often require to create a new work item, view the data stored for that work item and update that work item back in the VSO. Functionality related to Work Item Tracking is available from the services under the URL https: //. Obviously it is a GET method with ID as a querystring parameter. So the UTI will be https: //. That is because work item ids are unique for Team Project Collection. This GET method returns a JSON object with the structure as follows. Then we specify user credentials to authenticate with VSO. The user credentials are sent in the form of Authorization header with Basic Authentication. The URL will be as mentioned earlier. The instance of this class can now send a request and it does that asynchronously. That means, we can call Get() method on the URL as Get. Async() which returns a result of call as Http. Response. Message object. This response string will have to be typecast into a Work Item object from where we will be able to get the field values. For that, we will write a class that has all the fields or properties that match the JSON object. We created a class called Work. Item. Details for that. We will use Newton. Soft’s JSON. Net package for that. It has a Json. Convert class which can deserialize the JSON object and also typecast it as desired. But the fields are returned as a dictionary object. We can get individual fields by using a loop for key- value pair. PATCH method of this service accepts a parameter that indicates work item of which work item type is to be created. The URL of the method that creates a Task looks like this: https: //. It has to be sent as collection of fields. The code for creation of work item will look like this. Create. Work. Item(string username, string password). One is to create a class that represents the data to be sent to PATCH the method. For that, we have to create an extension method ref https: //msdn. IN/library/bb. 38. This extension method is called Patch. Async() and has the following code. Task< Http. Response. Message> Patch. Async(this Http. Client client, string request. Uri, Http. Content content). We have to now send the work item id as the parameter. The URL for the same is: https: //. The code will look quite similar to the method for creating work item but with few differences. Update. Work. Item(string username, string password). Variable “op” has value “replace” as we are replacing the title of work item. URL now changes so that team project name is removed and instead of work item type we are sending the ID of work item to be updated. So far we have been using BASIC authentication which is useful for applications like Console Application, Windows Desktop (Win. Forms) application, Windows Store Applications, other technology applications and can also be used for ASP. NET web applications. One issue in Basic authentication is that password is sent over the network in plain text. Although we are using a secure protocol like https, it still is less secure compared to any other authentication mechanism that does not require us to send any password over the internet. One such mechanism is OAuth. OAuth is a service for authentication and authorization (delegation based authorization) which follows open standards. Open Standard is something which is freely adopted, can be freely used and implemented, and can be extended. OAuth allows an application to act on user’s behalf to access server resources without providing their credentials. OAuth Protocol is designed to work with HTTP, also OAuth allows web users to log into third party sites using their available accounts. Let’s understand Oauth through a simple example. Suppose you are an end user for a website which provides contacts service, so that you can store contacts and later use them to send mails. Hypothetically, say I wrote an application which can send greetings to email addresses. You want to use this application. Now my Application will use your mailing list to send greetings every morning as per scheduled. To do so, my application needs access to the website or the server which has your contacts stored. The application I have developed can access the email address available on the server with your credentials. If you are willing to share those credentials, I am more than happy to accept them. But I am sure, you will never share your credentials with me or in fact with any third party application you are using. So what’s the solution? This is the scenario where OAuth can help us. It uses one more party, the known and trusted authorization engine. Let us now step through the entire scenario. You register with my application and then give me authority to send a request to your authentication provider, so that it will authenticate you and allow me to use some token as evidence of that. This is a one time task that you need to do. Step 1: When you access my application, you are redirected to that authorization engine. You can get authorization using that trusted authorization engine, where I have no access to your credentials data. Step 2: That engine vouches for your authenticity. It gives me some token as evidence of your authenticity. Step 3: I will take that token as evidence of your authentication and send it with my request to the contacts server. Step 4: That token will be acceptable to your contacts server as evidence of your authenticity and also your trust in my application. It will then provide your contact list to my application. Hope this helps you with some OAuth concepts. OAuth with Visual Studio Online. Let’s talk about the main components in an OAuth communication. So in accordance with the example used above: End User – You.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2016
Categories |