NullReferenceException on Bootstraptoken (ACS authentication)

1
votes

I've been following the steps to make a Windows 8 Store app get an ACS token as described here: Does the WebAuthenticationBroker work in Windows 8 Metro App post Release Candidate

Authentication method of Windows 8 client

private async void Authenticate()
    {
        WebAuthenticationResult webAuthenticationResult = await WebAuthenticationBroker.AuthenticateAsync(
            WebAuthenticationOptions.None,
            new Uri("https://myACSnamespace.accesscontrol.windows.net:443/v2/wsfederation?wa=wsignin1.0&wtrealm=http://localhost:12714/"),
            new Uri("http://mypublicIPaddress:80/WebAppMVCAPI/api/federation/end"));

My controller on the web application is programmed as follows:

public class FederationController : ApiController
{
    protected virtual string ExtractBootstrapToken()
    {
        return HttpContext.Current.User.BootstrapToken();
    }

    [HttpGet]
    public string Get()
    {
        return "Hello Get World";
    }

    [HttpPost]
    public HttpResponseMessage Post()
    {
        var response = this.Request.CreateResponse(HttpStatusCode.Redirect);
        response.Headers.Add("Location", "/WebAppMVCAPI/api/federation/end?acsToken=" + ExtractBootstrapToken());
        return response;
    }
}

}

The idea is to have the Windows 8 store app get a token from ACS with a Facebook login. When I launch the win8 client, the application shows a Facebook login page. However, the instruction return HttpContext.Current.User.Bootstraptoken() fails with the following exception:

NullReferenceException. Object reference not set to an instance of an object.

My web.config looks like this:

  <microsoft.identityModel>
<service saveBootstrapTokens="true">
  <audienceUris>
    <add value="http://localhost:80" />
  </audienceUris>
  <federatedAuthentication>
    <wsFederation passiveRedirectEnabled="true" issuer="https://bondsapp.accesscontrol.windows.net/v2/wsfederation" realm="http://localhost:80/" reply="http://localhost:80/" requireHttps="false" />
    <cookieHandler requireSsl="false" path="/" />
  </federatedAuthentication>
  <issuerNameRegistry type="Microsoft.IdentityModel.Swt.SwtIssuerNameRegistry, Wif.Swt">
    <trustedIssuers>
      <add name="https://bondsapp.accesscontrol.windows.net/" thumbprint="xxxxx" />
    </trustedIssuers>
  </issuerNameRegistry>
  <securityTokenHandlers>
    <add type="Microsoft.IdentityModel.Swt.SwtSecurityTokenHandler, Wif.Swt" />
  </securityTokenHandlers>
  <issuerTokenResolver type="Microsoft.IdentityModel.Swt.SwtIssuerTokenResolver, Wif.Swt" />
</service>

Can somebody shed some light on how to use the Bootstraptoken method to get an ACS token?

Thanks Luis

2
windows-8wifwindows-store-appsacs

2 Answers

0
votes

I don't believe that federated authentication sets HttpContext.User by default. Try 

(Thread.CurrentPrincipal as IClaimsPrincipal).Identities[0].BootstrapToken

Assuming that you've gone through the token handler pipeline (WS-FAM) at your site, this should be populated. This will be a SecurityToken object, which you can then serialize using the proper SecurityTokenHandler class.

0
votes

Did you try this :

BootstrapContext bootstrapContext = ClaimsPrincipal.Current.Identities.First().BootstrapContext as BootstrapContext;                                  
SecurityToken st = bootstrapContext.SecurityToken;

Take a look on Vittorio's post: http://blogs.msdn.com/b/vbertocci/archive/2012/11/30/using-the-bootstrapcontext-property-in-net-4-5.aspx