Introduction to the SharePoint Client Object Model API and how it works

Comparison of COM and serverapi

SharePoint introduced the client Object Model API from 2010 (which is replaced by COM later), and from a name we can simply see that the API is for client-facing applications. Having this set of APIs makes it possible for all SharePoint end users to develop their own applications to access and modify SharePoint. The following list outlines the differences between the COM and server APIs:

	Com	Server
Run-side	can run on any machine that has access to SharePoint can be on the browser again. NET application, Silver Light,javascript,jscript runs	Running on the server side of SharePoint
Permission requirements	You must specify a user to manipulate SharePoint	Running the server code itself has certain permission requirements that can be used by administrators to manipulate SharePoint data
Support Features	Less, intelligent implementation of common functions of the client	More powerful for most SharePoint management operations

How COM Works

COM is implemented via WCF, hosted on the server side of SharePoint .../_vti_bin/client.svc, which implements the requested batch with Web binding. The whole process of processing is:

1. Serializes the request command into XML

1. Send to server via HttpRequest
2. Server for each command, call the server method for the
3. The server side returns the result to the client by serializing the results into JSON format
4. COM converts JSON to an object for the caller

Because HTTP itself is stateless, COM does not need to maintain a connection with the server. COM also has a series of features that WebRequest has.

COM instance Introduction

This paragraph simply describes the basic way to use COM, if you get an ID for a SiteCollection object:

 private static void Main (string[] args) {Servicepointman Ager.            Servercertificatevalidationcallback = delegate {return true;            }; using (clientcontext clientcontext = new ClientContext ("https://cnblogtest.sharepoint.com")) {V                Ar pasword = new SecureString (); "[email protected]#". ToCharArray (). ToList (). ForEach (pasword.                Appendchar); Clientcontext.credentials = new Sharepointonlinecredentials ("[email protected]", pasword);//set permissions var t                Estsite = Clientcontext.site; Clientcontext.load (testsite);//Set query information//here will be an exception because no query is executed//console.writeline ("SiteCollection I NFO: "+ testsite.                ID); Clientcontext.executequery ()///Execute Query//Here you can return SiteID Console.WriteLine ("SiteCollection Info: "+ Testsite.            ID); }        }

　　

Let's take a quick look at the request for this code:

header information for HTTP :

POST Https://cnblogtest.sharepoint.com/_vti_bin/client.svc/ProcessQuery http/1.1

X-requestdigest: 0x5ebacc6a87e51042b53355dcd0ac99a30f055126fc18752e5f2c9dffad327a37eb8818ee48677bf9434002dda05e0f420106e17313dff9f7a951d89 1a3021fe3,27 Sep 2014 10:41:29-0000

Content-type:text/xml

X-requestforceauthentication:true

x-forms_based_auth_accepted:f

cookie:spoidcrl=77u/ pd94bwwgdmvyc2lvbj0ims4wiiblbmnvzgluzz0idxrmltgipz48u1a+ Vhj1zswwac5mfg1lbwjlcnnoaxb8mtawmzdmzmu4yjq5y2m3m0bsaxzllmnvbswwiy5mfg1lbwjlcnnoaxb8dgvzddawmubjbmjsb2d0zxn0lm9ubwljcm9zb 2z0lmnvbswxmza1njcymda4ody4mtm0ntesrmfsc2usvdbjwuflwvrimec0bhnuzvbimtb4r3lvyvqyd3fis3jmatu0bxe0bxznoglkuxl0mlffrjntt29qwm I2nk1iovzjoujjkzhpnkx3rg42uwtacgxzvgthoud5ohficzhfunyyk2nzqkjgeflxwknxsgxiv2wruedwc3fkewjyoxzsywftq3flskrrejveynzoynfhtdc Vry9lwuf1rjv3lznik1rqbxfyaxj2muo4ewfeyzh3kzfytmxrtg9objvma3ndwudunvvhcmdwnfnod1urtnrnq2xunetqse1yohfsr0vnblj0clp6mnu2vevp Mkzsrnfmsutty2hrsgdru01odzdtmzuzczdqmuy3mmhqvverq3pzqku4vgvdtfovmy90vmzwdwdnowkxs1dtennel0mwz2ziqnjrsexus2rdve9vyvo1vvlgy tzmczrvofzmbmv3pt0sahr0chm6ly9jbmjsb2d0zxn0lnnoyxjlcg9pbnquy29tl192dglfymlul2lky3jslnn2yy88l1nqpg==

Host:cnblogtest.sharepoint.com

content-length:548

Expect:100-continue

Accept-encoding:gzip, deflate

Here are some key points we can see:

1. Request Method HttpPost
2. X-requestforceauthentication, requires server-side mandatory validation

HTTP request Content :

Here's a simple explanation:

1. The Objectpathid=1 object is content. Current Object
2. The Objectpathid=3 object is content. Current.site Object
3. We request all properties for Objectpathid 3 object, so Selectallproperties=true

In fact, every time we create an object on the client side, we assign a corresponding Objectpathid, which is self-increment. This ID is stored in Microsoft.SharePoint.Client.ObjectPath, and all Client API objects inherit the Objectpathid attribute from this class.

Reponse Information:

The JSON content of the response returned by this request is as follows:

As you can see, the JSON object contains all the property information of the site object we want to request, and COM is assembled into a COM object with a JSON object when it receives the response, and we can call it. So Console.WriteLine will show the ID of the site.

Introduction to the SharePoint Client Object Model API and how it works