HttpsUrlConnection ADFS authentication with cookie not working

Question

I'm trying to connect to a web API secured with ADFS from an Android app. I successfully implemented ADAL. After logging in to ADFS I receive a token and a cookie. Using that cookie I should be able to query the webapi, but I always get redirected to the login page. Using the same cookie string in Postman I can successfully query the web API. Can someone help me understand what's going wrong? Here's my code:

try {
        CookieManager cookieManager = CookieManager.getInstance();
        String cookie = cookieManager.getCookie(AUTHORITY);

        URL url = new URL(urlString);
        HttpsURLConnection connection = (HttpsURLConnection) 
        url.openConnection();
        connection.addRequestProperty("Cookie", cookie);
        connection.setConnectTimeout(60000);
        connection.setDoOutput(true);
        connection.setDoInput(true);
        connection.setRequestMethod("POST");
        connection.setUseCaches(false);
        connection.setInstanceFollowRedirects(false);

        OutputStreamWriter w = new OutputStreamWriter(connection.getOutputStream());
        w.write(contents);
        w.flush();

        InputStream istream = connection.getInputStream();
        String result = convertStreamToUTF8String(istream);

        return result;
} catch (Exception e) {
        e.printStackTrace();
        return null;
}

score 0 · Answer 1 · answered Sep 28 '18 at 08:08

0

Apparently the cookie from the authority url wasn't enough. I needed to add another cookie (EdgeAccessCookie). Found this after carefully examining the cookie string in Postman console.

answered Sep 28 '18 at 08:08

marc

1

HttpsUrlConnection ADFS authentication with cookie not working

1 Answers1