I’ve been struggling to make office365 test/diagnostic tools recognize the mex WSDL output by my STS (active variant). When Looking at ADFS, I noted its mex endpoint, and pulled that WSDL document using a GET instruction.
The document contains various declarations including the following binding:
The point is, ADFS odes NOT offer the sync interface. A conformance tester looking for ADFS would be perfectly entitled to pull mex WSDL and search for the appropriate binding (which would be missing the typically implemented custom STS, built using WIF). So our missing was to implement the async interface.
First, declare the appropriate interface declaration for the service host (contrasting with the sync interface that we left in place for the v1.3 generation of wstrust):
First, the GetScope methods are implemented (wrapping the traditional sync implementation in a Func delegate)
and then the getOutputClaimsIdentity (that similarly wraps the traditional sync implementation).
The guts of “my knowhow” came from 2 sources. First 20 years ago, I saw the same kind of coding used in a communication stack (used at NSA, for its high-throughput directory); and have not seen the like since. Until today. Second the article from http://travisspencer.com/blog/2009/06/geneva-server-beta-2-included.html showed the .NET equivalent practice.
This gives something that LOOKS a bit but more like the output of ADFS, now!