Using PingFederate-style OAUTH2 in Azure Mobile Services apps


The job code article series nicely lays out how to think about nodeJS scripts in Azure Mobile Services and their interaction with the OAUTH2 protocol. IN one case ,show below, we see that perhaps our own JWT could be used, as already being minted by our Ping-Federate OAUTH AS emulator site (itself hosted as an Azure cloud service supported by the Azure ACS OAUTH2 and management service endpoints).

image

http://www.thejoyofcode.com/Setting_the_auth_token_in_the_Mobile_Services_client_and_caching_the_user_rsquo_s_identity_Day_10_.aspx

So the steps to get here would seem to be:-

  • Take our working smarteragent IoS Application and build our own equivalent working on an iphone – using the Azure Mobile Services starter project for IOS apps. Of course, this means we need a web site delivering json services to the app, too – a role that can be played by mobile service site.
  • We need to change the app’s client-side code so that the embedded browser goes to our ping federate-AS-emulator /authorization/as.oauth2 endpoint looking for redirect bearing the authorization_code. Perhaps this redirect should target a page on our authorization server – that induces a suitable (javascript) push notification to the various apps built with the microsoft mobile client library. We can study how ACS’s HRD support and then Azure mobile scripts do this, for example. The net result is that the app’s native code gets control back from the embedded browser.
  • Do we really want the app to then to use the PingFederate-AS-emulator site to convert the code into a JWT …
  • …which is then used as give in the article above?
Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in oauth, pingfederate. Bookmark the permalink.