I use the OnlineIdAuthenticator class to get the authentication token to log in to Azure App Services, but I cannot get the ticket server in the name NameIdentifier. I need an identifier to uniquely identify the user and store him in the database.
I want to use OnlineIdAuthenticator to enable single sign-on, so the user is not prompted to log in every time I launch my application (in the application for the Windows Store).
I use this method in my application to get the token and login:
protected override async Task<bool> LoginAsync()
{
var authenticator = new OnlineIdAuthenticator();
var mobileServicesTicket = new OnlineIdServiceTicketRequest("myapp.azurewebsites.net", "JWT");
var ticketRequests = new List<OnlineIdServiceTicketRequest>() { mobileServicesTicket };
var authResult = await authenticator.AuthenticateUserAsync(ticketRequests, CredentialPromptType.PromptIfNeeded);
if ((authResult.Tickets.Count == 1) && (authResult.Tickets[0].ErrorCode == 0))
{
var accessToken = authResult.Tickets[0];
var token = new JObject();
token.Add("authenticationToken", accessToken.Value);
var _mobileServiceClient = ServiceLocator.Current.GetInstance<IMobileServiceClient>();
var user = await _mobileServiceClient.LoginAsync(MobileServiceAuthenticationProvider.MicrosoftAccount, token);
return true;
}
else
{
return false;
}
}
Server side I use this method to get a unique identifier:
public static async Task<string> GetUserId(IPrincipal pricipal, HttpRequestMessage request)
{
ProviderCredentials credentials = await pricipal.GetAppServiceIdentityAsync<MicrosoftAccountCredentials>(request);
return credentials.Provider + ":" + credentials.Claims[ClaimTypes.NameIdentifier];
}
The above claims collection contains the following keys:
ver, iss, exp, uid, aud, urn: microsoft: appuri, urn: microsoft: appid
. MicrosoftAccount, , , .
NameIdentifier Claims?