Now at first it seemed simple but as I drilled deeper I came across some challenges and while overcoming them I learned a lot more about how O365 Authentication works.
Before I go further I would like to point out 2 resources which helped me a lot in solving this challenge:
- Wictor Wilén’s blog on ‘How to do active authentication to Office 365 and SharePoint Online’
- Codeplex project on using SharePoint with WinRT Client
(So the key here is to understand that SharePoint Online uses the binary token returned from the STS service located at login.microsoftonline.com to validate all requests.)
At first I tried using the “MsOnlineClaimsHelper” but I couldn’t get it to work as it kept on throwing errors while fetching the response using ‘WSTrustFeb2005ContractClient’. Then I looked at the WinRT code and it was doing the exact same thing but with much less dependencies. Just plain HttPWebRequests + XML.
But the WinRT code was specifically for REST API’s and not Client Object Model. So I modified the code a little bit to make it work with CSOM.
Here is the link to Helper class code that I created and used for one of the code samples on MSDN.