Using information mostly aligned with http://www.cloudidentity.com/blog/2014/02/20/ws-federation-in-microsoft-owin-componentsa-quick-start/, we did manage to ws-fedp enable a simple SP site – in the visual studio 2013 tradition. That is, not use the visual studio 2012 tradition (based on the identity and access tool, that is tied to ASP.NET).
we easily eliminate the FP in microsoftonline land, and its key management, substituting it with our own.
We do see our IDPs claims, in the second case (since they are not dropped by the intermediating FP, as in the first case)
WE then published to azure websites:
and made sure it works in the mobile browser modes, with IDP cookies, popups etc…