Token based Authentication for WCF HTTP/REST Services: The Client

Posted by Your DisplayName here! on Least Privilege See other posts from Least Privilege or by Your DisplayName here!
Published on Tue, 15 Nov 2011 16:58:37 GMT Indexed on 2011/11/15 18:06 UTC
Read the original article Hit count: 510

Filed under:

IdentityModel

|

IdentityServer

If you wondered how a client would have to look like to work with the authentication framework, it is pretty straightfoward:

Request a token
Put that token on the authorization header (along with a registered scheme) and make the service call

e.g.:

var oauth2
= new OAuth2Client(_oauth2Address);

var swt
= oauth2.RequestAccessToken(

 "username", "password",
_baseAddress.AbsoluteUri);

var client
= new HttpClient {
BaseAddress = _baseAddress };

client.DefaultRequestHeaders.Authorization = 


new AuthenticationHeaderValue("Bearer",
swt); 


var response
= client.Get("identity");

response.EnsureSuccessStatusCode();

HTH

© Least Privilege or respective owner

Related posts about IdentityModel

Identity Claims Encoding for SharePoint

as seen on Geeks with Blogs - Search for 'Geeks with Blogs'
Just to remind myself, the list of claim types and their encodings are listed here at the bottom. http://msdn.microsoft.com/en-us/library/gg481769.aspx Where for example: i:0#.w|contoso\scicoria ‘i’ = identity, could be ‘c’ for others # == SPClaimTypes.UserLogonName . == Microsoft.IdentityModel… >>> More
Thinktecture.IdentityModel: WIF Support for WCF REST Services and OData

as seen on Least Privilege - Search for 'Least Privilege'
The latest drop of Thinktecture.IdentityModel includes plumbing and support for WIF, claims and tokens for WCF REST services and Data Services (aka OData). Cibrax has an alternative implementation that uses the WCF Rest Starter Kit. His recent post reminded me that I should finally “document” that… >>> More
Thinktecture.IdentityModel: Comparing Strings without leaking Timinig Information

as seen on Least Privilege - Search for 'Least Privilege'
Paul Hill commented on a recent post where I was comparing HMACSHA256 signatures. In a nutshell his complaint was that I am leaking timing information while doing so – or in other words, my code returned faster with wrong (or partially wrong) signatures than with the correct signature. This can… >>> More
Thinktecture.IdentityModel: WRAP and SWT Support

as seen on Least Privilege - Search for 'Least Privilege'
The latest drop of Thinktecture.IdentityModel contains some helpers for the Web Resource Authorization Protocol (WRAP) and Simple Web Tokens (SWT). WRAP The WrapClient class is a helper to request SWT tokens via WRAP. It supports issuer/key, SWT and SAML input credentials, e.g.: var… >>> More
Azure - Microsoft.IdentityModel not found

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi There, I'm working with a WCF service in Azure, which uses Windows Live ID authentication with the recent deviceid requirements. When I host my WCF service locally in the compute emulator, it works properly, but when I deploy the cloud service to Azure and call it the same way (from another project… >>> More

Related posts about IdentityServer

IdentityServer Beta 1 Refresh & Windows Azure Support

as seen on Least Privilege - Search for 'Least Privilege'
I just uploaded two new releases to Codeplex. IdentityServer B1 refresh A number of bug fixes and streamlined extensibility interfaces. Mostly a result of adding the Windows Azure support. Nothing has changed with regards to setup. Make sure you watch the intro video on the Codeplex… >>> More
Updated IdentityServer Sample Relying Party

as seen on Least Privilege - Search for 'Least Privilege'
I just uploaded a new version of the sample relying party. The three changes are: Added a session token diagnostics page. This allows to look at cookie sizes, details and the raw contents Sample code to switch to session mode Sample code to implement sliding expiration This was… >>> More
Thinktecture.IdentityServer RC

as seen on Least Privilege - Search for 'Least Privilege'
I just uploaded the RC of IdentityServer to Codeplex. This release is feature complete and if I don’t get any bug reports this is also pretty much the final V1. Changes from B1 The configuration data access is now based on EF 4.1 code first. This makes it much easier to use different… >>> More
Thinktecture.IdentityServer Beta 1

as seen on Least Privilege - Search for 'Least Privilege'
I just upload beta 1 to codeplex. Please test this version and give me feedback. Some quick notes on setup Watch the intro screencast on the codeplex site. Use the setup tool to set the signing and SSL certificate. You can now also set the ACLs on the private key for your worker pool… >>> More
Roadmap for Thinktecture IdentityServer

as seen on Least Privilege - Search for 'Least Privilege'
I got asked today if I could publish a roadmap for thinktecture IdentityServer (idrsv in short). Well – I got a lot of feedback after B1 and one of the biggest points here was the data access layer. So I made two changes: I moved to configuration database access code to EF 4.1 code first… >>> More