Claim auth from ADFS

jwillmer picture jwillmer · Jul 2, 2012 · Viewed 14.9k times · Source

I try to connect to a SharePoint Online instance via a WPF application. I have found this article that discribes a possible solution but the problem is that the specific instance has a Active Directory Federation Services (ADFS) in front and I don't know how to get the auth-token. (I can't create a certificate for my application to authentificate against the adfs.)

Anyone who have already done this and can support me with some code snippets?

Answer

woloski picture woloski · Jul 25, 2012

I've played with Fiddler. Basically the flow goes like this:

  • Get a SAML token from ADFS
  • Post it to https://login.microsoftonline.com/login.srf (body should be wa=wsignin1.0, wresult=<requestsecuritytokenresponse>…token…</rstr> and wctx=MEST=0&LoginOptions=2&wa=wsignin1%2E0&rpsnv=2&ct=1343219880&rver=6%2E1%2E6206%2E0&wp=MBI&wreply=https%3A%2F%2Fspirit365%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&id=500046&cbcxt=mai&wlidp=1&guest=1&vv=910&mkt=EN-US&lc=1033&bk=1343219930
  • Capture the input hidden named "t" from the Form
  • POST that "t" to /_layouts/Authenticate.aspx. That should give you the FedAuth and rtFa cookie.

From that point this is the same as the code here: http://www.wictorwilen.se/Post/How-to-do-active-authentication-to-Office-365-and-SharePoint-Online.aspx