Friday, December 28, 2012

Authentication with Office 365 from an On-Premise Application

Recently I had a problem wherein I needed to connect to an Office 365 SharePoint site from an on Premise Windows App.
Now at first it seemed simple but as I drilled deeper I came across some challenges and while overcoming them I learned a lot more about how O365 Authentication works.

Before I go further I would like to point out 2 resources which helped me a lot in solving this challenge:

Here is that diagram which explains the AuthN basics for SharePoint Online in Office 365:

Passive claims AuthN 
(So the key here is to understand that SharePoint Online uses the binary token returned from the STS service located at login.microsoftonline.com to validate all requests.)

At first I tried using the “MsOnlineClaimsHelper” but I couldn’t get it to work as it kept on throwing errors while fetching the response using ‘WSTrustFeb2005ContractClient’. Then I looked at the WinRT code and it was doing the exact same thing but with much less dependencies. Just plain HttPWebRequests + XML.


But the WinRT code was specifically for REST API’s and not Client Object Model. So I modified the code a little bit to make it work with CSOM.

Here is my updated code:
image

.

.

 

1 comment:

Lee Richardson said...

That was a big help and so much less code, thank you Jomit. The only thing was it needed SAML.xml. I successfully used the copy in Wictor Wilén's sample code at http://www.wictorwilen.se/Post/How-to-do-active-authentication-to-Office-365-and-SharePoint-Online.aspx

AddIn