Attaching a Token to the Exchanged Managed API SOAP call


Lets try sending our (encrypteddata) token from the Federation Gateway to the API:


                channel = (WSTrustChannel)trustChannelFactory2.CreateChannel();
                RequestSecurityTokenResponse rstr = null;
                token = channel.Issue(rst, out rstr) as GenericXmlSecurityToken;

                {
                    var mexURLindex = u.Uri.AbsoluteUri.IndexOf(".svc/", StringComparison.InvariantCultureIgnoreCase);
                    var mexUrl = "";
                    if (mexURLindex > 0)
                    {
                        mexUrl = u.Uri.AbsoluteUri.Remove(mexURLindex + 5) + "mex";
                    }
                    GenericXmlSecurityToken token2 = do_test_exchangeoffice(token, new EndpointAddress(u.Uri.AbsoluteUri), new EndpointAddress(mexUrl));

                    ExchangeService service1 = new ExchangeService(ExchangeVersion.Exchange2013);
                    service1.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx");

                    service1.TraceEnabled = false;
                    service1.TraceFlags = TraceFlags.All;
                    service1.TraceListener = new TraceListener();
                    service1.PreAuthenticate = true;

                    var t = token2.TokenXml.OuterXml;
                    service1.Credentials = new TokenCredentials(t);

                    FindItemsResults<Item> findResults1 = service1.FindItems(
                        WellKnownFolderName.Inbox,
                        new ItemView(2));
           }
<?xml version="1.0" encoding="utf-8"?>
<Trace Tag="EwsRequestHttpHeaders" Tid="6" Time="2013-07-21 00:51:13Z">
  POST /EWS/Exchange.asmx/wssecurity HTTP/1.1
  Content-Type: text/xml; charset=utf-8
  Accept: text/xml
  User-Agent: ExchangeServicesClient/15.00.0516.014
  Accept-Encoding: gzip,deflate


</Trace>

<Trace Tag="EwsRequest" Tid="6" Time="2013-07-21 00:51:13Z" Version="15.00.0516.014">
  <?xml version="1.0" encoding="utf-8"?>
  <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Header xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsa="http://www.w3.org/2005/08/addressing">
      <t:RequestServerVersion Version="Exchange2013" />
      <wsa:Action soap:mustUnderstand="1">http://schemas.microsoft.com/exchange/services/2006/messages/FindItem</wsa:Action>
      <wsa:ReplyTo>
        <wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>
      </wsa:ReplyTo>
      <wsa:To soap:mustUnderstand="1">https://outlook.office365.com/EWS/Exchange.asmx/wssecurity</wsa:To>
      <wsse:Security soap:mustUnderstand="1">
        <EncryptedData Id="Assertion0" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#">
          <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc">
          </EncryptionMethod>
          <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <EncryptedKey>
              <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
              </EncryptionMethod>
              <ds:KeyInfo>
                <ds:X509Data>
                  <ds:X509SKI>Jd5bsV6UjLPeNTrmnIrqm6Jn2Ps=</ds:X509SKI>
                </ds:X509Data>
                <ds:KeyName>outlook.office365.com</ds:KeyName>
              </ds:KeyInfo>
              <CipherData>
                <CipherValue>hIVZUqdgrX62htZ1ANE0.../XcJhlQ==</CipherValue>
              </CipherData>
            </EncryptedKey>
          </ds:KeyInfo>
          <CipherData>
            <CipherValue>RDxch...Pd7H0IFQS</CipherValue>
          </CipherData>
        </EncryptedData>
      </wsse:Security>
    </soap:Header>
    <soap:Body>
      <m:FindItem Traversal="Shallow">
        <m:ItemShape>
          <t:BaseShape>AllProperties</t:BaseShape>
        </m:ItemShape>
        <m:IndexedPageItemView MaxEntriesReturned="2" Offset="0" BasePoint="Beginning" />
        <m:ParentFolderIds>
          <t:DistinguishedFolderId Id="inbox" />
        </m:ParentFolderIds>
      </m:FindItem>
    </soap:Body>
  </soap:Envelope>
</Trace>

<Trace Tag="EwsResponseHttpHeaders" Tid="6" Time="2013-07-21 00:51:14Z">
HTTP/1.1 401 Unauthorized
request-id: 119459f7-ffb5-4e53-ab63-ff5b1fdfc28f
X-CasErrorCode: BadSamlToken
X-FEServer: SN2PR07CA006
Content-Length: 0
Cache-Control: private
Date: Sun, 21 Jul 2013 00:51:49 GMT
Server: Microsoft-IIS/7.5
WWW-Authenticate: Basic Realm=""
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Well it didn’t work.. but I feel like we got somewhere. We can have another go, tomorrow.

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in coding theory. Bookmark the permalink.