Search code examples
c#uwpactive-directorywindows-authentication

Windows Integrated Authentication on Windows 10 Universal Applications

We're porting a Universal Windows 8 Application to Windows 10 as a new project, and so far I have been able to get Authentication set up and working and interacting with the Office 365 API.

In Windows 8, my coworkers were able to get Windows Integrated Authentication set up using the UseCorporateNetwork property for the authentication context. Since I am using the WebAccountProvider instead of the WebAuthenticationBroker, I haven't been able to find a way to do this.

Could anyone point me in the right direction to implement Windows Integrated Authentication on a Windows 10 Universal Application?

Here is a link to an example AuthenticationHelper from Windows 8: (UseCorporateNetwork would be uncommented in our version). https://github.com/chakkaradeep/O365UniversalApp/blob/0ff04169e57ed365c78a85c1cb480cc90fa5b6b0/O365UniversalApp/O365UniversalApp.Windows/AuthenticationHelper.cs

Here is a link to an example AuthenticationHelper from Windows 10: https://github.com/icebeam7/walker/blob/55861001816db49f59a66a93951459f12d14ad51/Walker/AuthenticationHelper.cs

Solution

  • Figured out you can change the GetTokenHelperAsync method to do just this. Here is the code: 

    // Get an access token for the given context and resourceId. An attempt is first made to 
// acquire the token silently. If that fails, then we try to acquire the token by prompting the user.
public static async Task<string> GetTokenHelperAsync(string resource)
{        
string token = "";
            aadAccountProvider = await WebAuthenticationCoreManager.FindAccountProviderAsync("https://login.microsoft.com", authority);

            // Get Microsoft Web Account Manager Provider
            var provider = await WebAuthenticationCoreManager.FindAccountProviderAsync("https://login.microsoft.com", authority);

            // Request result token to Web Account Manager
            WebTokenRequest webTokenRequest = new WebTokenRequest(provider, "", clientId);
            webTokenRequest.Properties.Add("resource", resource);
            WebTokenRequestResult webTokenResult = await WebAuthenticationCoreManager.RequestTokenAsync(webTokenRequest);

            // Show access token
            if (webTokenResult.ResponseStatus == WebTokenRequestStatus.Success)
            {
                WebTokenResponse webTokenResponse = webTokenResult.ResponseData[0];
                userAccount = webTokenResponse.WebAccount;
                token = webTokenResponse.Token;
            }

            if (userAccount != null)
            {
                // Save user ID in local storage.
                _settings.Values["userID"] = userAccount.Id;
                _settings.Values["userEmail"] = userAccount.UserName;
                _settings.Values["userName"] = userAccount.Properties["DisplayName"];
            }
            else
            {
                SignOut();
                return null;
            }

            return token;

        }`