Windows Phone 7 Sample App Readme
This sample illustrates how a Windows Phone 7 Silverlight application can make use of ACS to call a REST service.
In the sample a directory service is locally hosted that returns a list of contact information. The phone app is then used to access this service. Users are able to authenticate to the service by signing into one of the identity providers Contoso has configured
at their ACS Service Namespace. The code for this sample is in the Acs2WindowsPhoneSample
folder of the ACS 2.0 Samples package.
To run this sample you will need:
- Visual Studio 2010 (any version)
- Windows Phone Developer Tools RTW
- Windows Identity Foundation Runtime
- Silverlight 4 Tools for Visual Studio
- Internet Information Services (IIS) with ASP.NET and IIS 6 compatibility enabled
Prerequisites for more details. Note that it may be beneficial
to walkthrough the Getting Started sample before running
Configuring the Sample
The ACS configuration required for this sample can be performing using either the ACS management portal, or the ACS management service. Select one
of the two options below to go to the relevant section.
Option 1: Configuring via the ACS Management Portal
1. Open a browser and navigate to
http://windows.azure.com and sign in. From there, navigate to the
Service Bus, Access Control, and Caching section to configure your ACS service namespace. Once you have created a namespace, select it and click
Manage > Access Control Service at the top of the page. This should launch the following page in a new window:
2. The first step in configuring ACS is to establish relationships with the identity providers you would like the users of your website
to use when logging in. To do this, click on the Identity providers link and add
Yahoo! and Google. When both are added, click
Home to return to the main page.
Next, register your application with ACS by creating a Relying Party in ACS. Click the
Relying party applications link on the main page, then select
Add and enter the following information in the subsequent form. Be sure to select
SWT as the token type, and click Generate to create a token signing key. When complete, click the
With your relying party application registered, it is now time to create the rules that determine the claims that ACS will issue to your application. In this sample, we will simply pass through all the claims issued
by the identity provider (Yahoo!, Google, or Windows Live ID). To do this, click
Rule Groups from the main page, and click the Default Rule Group for ContosoContacts. At the bottom of the subsequent page, click the
Generate link. Ensure that the three identity providers (Yahoo!, Google, and Windows Live ID) are selected and click
Generate. Finally, click Save and navigate back to the main page.
Option 2: Configuring via the ACS Management Service
The Visual Studio sample solution has a console application called
ConfigureSample which uses the ACS Management Service and the common helpers defined in the
Common class library. This application can be used to configure your ACS service namespace for use with this sample.
Update the Common class library with information about your Service Namespace. Open
SamplesConfiguration.cs and enter your:
- This is the namespace used with ACS.
- This is a management service account’s Name
- This is the password associated with the management service account.
- This is the host name of the ACS
2. Run the
ConfigureSample application in Visual Studio, which will configure ACS to run this sample.
When the ConfigureSample application completes, it will output the generated relying party signing key to the console. Copy this key to the clipboard.
Running the Phone App Sample
1. After the ACS Service Namespace and service endpoint have been set up successfully as described by the previous section, open the sample in Visual Studio (ContosoContactsApp.sln ) in administrator
2. In the CustomerInformationService project, open Web.config and make the following modifications:
- Set the value for IssuerIdentifier by replacing “Service Namespace” with the service namespace you have configured with ACS (e.g. “contoso”).
- Set the ServiceKey to be the token signing key which was generated as part of your relying party application configuration.
3. In the ContosoContactsApp project, open SignIn.xaml and make the following modifications:
- Set the service namespace under AccessControlServiceSignIn by replacing “[Service Namespace]” with the service namespace you have configured with ACS (e.g. “contoso”).
- Set the Realm to the value specified in your relying party application configuration.
F5 to start the application. When the Windows Phone emulator has started the “Contoso Contacts” app will load, you should see the following:
Click on the Sign In hyperlink. This will navigate to the Sign In page, hosted in the Silverlight application. Shown below:
This page in the app uses the AccessControlServiceSignIn control, from the sample; it is part of the SL.Phone.Federation project
Next, click an identity provider from the list. Once the link has been clicked the identity providers login page will be shown.
Sign into the identity provider. After signing into the identity provider a token will be issued by ACS, which is used to authenticate to the contact service. The Image below shows the list of contacts, from the service.
As an additional feature, the sample will store the token in persistent storage. This allows the service to be called multiple times across invocations of the app. The token can be cleared by clicking the
Sign Out link on the application bar at the bottom of the app, which is shown below: