In the context of a ASP.Net Web API service I am trying to connect to a SharePoint STS to read the security claims for a sharepoint user.
The user is authenticated to SharePoint 2013 using Forms based authentication.
I am on the same domain as the sharepoint site so I have access to the FedAuth cookie that sharepoint uses.
I am trying to use System.ServiceModel.Security.WSTrustChannelFactory to craft a Request for a Security Token but I am not sure what I should be using as the parameters for the WSTrustChannelFactory constructor.
I am looking for some validation that the approach I am attempting is reasonable one as well as just how I should be using the WSTrustChannelFactory.
Note:
The STS's address is available at http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc
Reading further on this I decided that I was trying to use the SharePoint STS in a way that it was not designed for (it is a relying party STS). Instead I implemented authentication using the Thinktecture Identity Server as an identity provider and authenticated both SharePoint and my Web API service using that.