When looking at the output of the MOSDAL support toolkit and the report on office 365 SSO in particular we noted that our own STS’s response was minted intending http://…/extSTS.srf as the audience. Evidently, from the users record in Office 365 the kit figures out the address o our STS and talks to it, intending that the resulting token be consumed by the extSTS (and be exchanged for an access token) fit for sharepoint online webservices etc. So can we do the same, and do our own ws-trust handshake with office online initiated by our own thick client application and indeed then get what we need to consume sharepoint and exchanges services directly ?
We first see the helper class setup an event handler to be called on each webservice call – to get access tokens (if not cached).
And next we see the ws-trust client call that goes and gets an access token, intended for consumption by sharepoint online:
if we compare this client with a factory-based client, its instructive to note the differences:
Our first trial fails, but this is worth pursuing:
some more context (and code) at https://github.com/jwillmer/SharePointAuthentication