I referred this question and this MSDN post, but couldn't get the problem fixed.
Below code demonstrates how to perform the WAAD authentication using web browser:
AuthenticationContext auth = new AuthenticationContext("https://login.windows.net/" + myDomain);
AuthenticationResult result = auth.AcquireToken(resource, clientID, resourceAppIDURI);
This opens a browser and user is asked to enter the details which works fine.
However, I have a GUI client, which can take username/password/domain on its own. So the intention is to collect the details from GUI client and directly provide to the WAAD server and get the user authenticated.
How to do that?
Just looking at the overloads of AcquireToken()
, I did get some clue (this can be wrong as well):
AuthenticationResult AcquireToken (string resource, Credential credential);
and
AuthenticationResult AcquireToken (string authorizationCode, string redirectUri, ClientCredential credential);
But I fail to understand, how to create the class ClientCredential
(subclass of Credential
). Important to note that this class belongs to the namespace Microsoft.WindowsAzure.ActiveDirectory.Authentication
.
Below are its constructors:
ClientCredential(string clientId, SecureString secureClientSecret);
ClientCredential(string clientId, string clientSecret);
Searching online, I couldn't get much answers, I did get this link. But again the part of SecureString
is a mystery to me. How the username/password/domain can be communicated using SecureString
?
The older version of AAL supported this. However, it was removed about 2-3 months ago (as well as the sample showing it). Authentication of users now can only be achieved through a browser authentication window.
I'm not 100% sure, but I think the motivation is to create a standard/consistent login experience (for the end-users). If you're on a Windows 8 application, then the WebAuthenticationBroker handles this and users will recognize this for all Windows 8 applications. If you're a web application, then the AzureAD login page is presented and is recognizable.