Windows Phone 7 and WS-Trust

Posted on February 25, 2011 by Dominick Baier

A question that I often hear these days is: “Can I connect a Windows Phone 7 device to my existing enterprise services?”.

Well – since most of my services are typically issued token based, this requires support for WS-Trust and WS-Security on the client. Let’s see what’s necessary to write a WP7 client for this scenario.

 

First I converted the Silverlight library that comes with the Identity Training Kit to WP7. Some things are not supported in WP7 WCF (like message inspectors and some client runtime hooks) – but besides that this was a simple copy+paste job. Very nice!

Next I used the WSTrustClient to request tokens from my STS:

private WSTrustClient GetWSTrustClient()
{
var client = new WSTrustClient(
new WSTrustBindingUsernameMixed(),
new EndpointAddress(https://identity.thinktecture.com/…/issue.svc/mixed/username”),
new UsernameCredentials(_txtUserName.Text, _txtPassword.Password));
return client;
}

private void _btnLogin_Click(object sender, RoutedEventArgs e)
{
_client = GetWSTrustClient();

var rst = new RequestSecurityToken(WSTrust13Constants.KeyTypes.Bearer)
{
AppliesTo = new EndpointAddress(https://identity.thinktecture.com/rp/”)
};

_client.IssueCompleted += client_IssueCompleted;
_client.IssueAsync(rst);
}

I then used the returned RSTR to talk to the WCF service.

Due to a bug in the combination of the Silverlight library and the WP7 runtime – symmetric key tokens seem to have issues currently. Bearer tokens work fine. So I created the following binding for the WCF endpoint specifically for WP7.

<customBinding>


  <binding name=mixedNoSessionBearerBinary>    <security authenticationMode=IssuedTokenOverTransport              messageSecurityVersion=WSSecurity11 WSTrust13 WSSecureConversation13 WSSecurityPolicy12 BasicSecurityProfile10>      <issuedTokenParameters keyType=BearerKey />    </security>    <binaryMessageEncoding />    <httpsTransport/>  </binding></customBinding>

The binary encoding is not necessary, but will speed things up a little for mobile devices.

I then call the service with the following code:

private void _btnCallService_Click(object sender, RoutedEventArgs e)

{

    var binding = new CustomBinding(        new BinaryMessageEncodingBindingElement(),        new HttpsTransportBindingElement());





    _proxy = new StarterServiceContractClient(


        binding,


        new EndpointAddress(“…”));




    using (var scope = new OperationContextScope(_proxy.InnerChannel))


    {


        OperationContext.Current.OutgoingMessageHeaders.Add(new IssuedTokenHeader(Globals.RSTR));        _proxy.GetClaimsAsync();


    }


}


works.


download

											


		
						

							This entry was posted in IdentityModel. Bookmark the permalink.													

					


				

				
			



			

			2 Responses to Windows Phone 7 and WS-Trust			



			
    
						
  1. 
		
    
			
    
								Mohammed Aamir K says:			
    

				
				
			
    
				July 24, 2012 at 14:02			
    

			
    The sample download link is not working. Can you please mail me the application at my ID – mdaamir1989@gmail.com. Thank you.
    

    

			
    
				Reply			
    
		
    

				

    2. 
			



	

	

		
Leave a Reply 





	
	






	

		
Fill in your details below or click an icon to log in:

		
	


	

		

			

				Gravatar
			


				

				
				

					
					

				

				

					
					

				

			

			
		

	


	

		

			

				WordPress.com Logo
			


				

				
				
				
						

			
			You are commenting using your WordPress.com account.			Log Out / 
				Change )
			
			
		

					

	
		

	


	

		

			

				Twitter picture
			


				

				
				
				
						

			
			You are commenting using your Twitter account.			Log Out / 
				Change )
			
			
		

					

	
		

	


	

		

			

				Facebook photo
			


				

				
				
				
						

			
			You are commenting using your Facebook account.			Log Out / 
				Change )
			
			
		

					

	
		

	



	

		
Cancel

		
Connecting to %s