up vote 0 down vote favorite

Hello dear contributors!

I am stalling again, I have researched for a tutorial or some directions as to how to adapt this wonderful tutorial:

http://msdn.microsoft.com/en-us/WAZPlatformTrainingCourse_ACSAndWindowsPhone7

To a in browser silverlight application instead of the windows phone ? I'd like to keep the current model, with public and private databases and ideally plug the silverlight application into the azure social games pack :

https://github.com/WindowsAzure-Toolkits/wa-toolkit-games

Which uses a similar ACS pattern, the directions I need are regarding the client handling of Oauth2.

Thanks in advance for any help in this matter.

share|improve this question
feedback

1 Answer

up vote 1 down vote

If it's an in-browser silverlight application, why don't you treat it as a regular website? The flow will be something like

  1. The user browse your app
  2. Before you send the XAP, your website shows the list of identity providers. The user pick one and gets redirected to log in.
  3. User logs in and you will get a token posted to your app (which is the Social Gaming Toolkit). The good news is that the Social Gaming Toolkit already provides integration with ACS on the website so there is not much work to do. The user will get a cookie generated by Windows Identity Foundation with the claims inside (no silverlight involved for now).
  4. Now you send the XAP and the Silverlight app gets loaded
  5. From now on every request done from the XAP to your app (which will have the Social Games Toolkit) will have the Principal populated because the WIF cookie is sent in every request.

If you want to change the user experience a bit and instead of showing the identity provider list in a regular HTML/asp.net page, you want to do it from the Silverlight app (like the Windows Phone lab shows). Then you only need to consume the ACS JSON endpoint which lists your identity providers from your Silverlight app.

The toolkit is already doing that and you can extract the basic ideas from:

https://github.com/WindowsAzure-Toolkits/wa-toolkit-games/blob/master/code/SocialGames.Web/Services/AuthService.cs#L29

The request to get the list of identity providers in JSON looks like this:

https://your_servicenamespace.accesscontrol.windows.net/v2/metadata/IdentityProviders.js?protocol=wsfederation&realm=your_application_realm&version=1.0&context=some_contextual_data_youwanttokeepacrossredirects"

Finally, this lab should help you as well

http://msdn.microsoft.com/en-us/IdentityTrainingCourse_SilverligthAndIdentity2010

FWIW, the way the Windows Phone will works is by using the JavaScript notify endpoint in ACS, which is different from what I described above.

The flow is something like

  1. Phone shows the login options (Facebook, LiveID, etc.)
  2. User click on one of them
  3. User is redirected to ACS and then redirected to the chosen identity provider
  4. User logs in and some kind of token is sent back to ACS (depending on the identity provider)
  5. At this point ACS will render an HTML page with a bit of JavaScript. This will instruct the browser (which is hosted in your Windows Phone) to send an external signal with a payload (the token in this case). window.external.Notify('THE_TOKEN');
  6. The phone app will detect the notification and grabs the token

I'm not sure how the JavaScript notify mechanism will work on a Silverlight in-browser application because you are already in the browser. But if you try that, keep us posted.

Matias

share|improve this answer
Thank you very much for your patience ! – Samuel B. Jun 6 at 23:02
I guess I don't really mind if the ACS is external like in the social gamespack or internal to silverlight. The only thing I need to know is how to get CRUD functionality from silverlight using a similar model than the windows phone tutorial use. I think I understand pretty much the logic you explain but can you please elaborate on extract the basic ideas from the authservice ? All I want is making a social game which will have private and public databases, which is secured by ACS. What type of silverlight project do I need to start ? what references should I use ? – Samuel B. Jun 6 at 23:35
feedback

Your Answer

 
or
required, but never shown
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.