5

I am trying to implement SSO feature in my app (Xamarin.Forms App - both of ios and android). Login flow is: when user opens login page, she/he will see a button as login with sso. And if user chooses this button, app will open a webview for sso and when sso authentication is completed (it works mdm solution such as airwatch etc.), returns a SAML token.

My problem is how can I implement this, how can I capture saml token from webview? Actually there is a way for this in xamarin because of I see a video in xamarin evolve conferance: https://www.youtube.com/watch?v=AAAQJgBDK0w&t=1163s

When AuthTpye was set as "SAML" (in video 15:51 second) and when open the app login with airwatch sso on webview (in video 16:45-17:14 seconds), user can login with sso. But I only could find this video. I couldn't find any other source for this implementation.

Furthermore I saw some Stack Overflow questions for this, and their answers say use Xamarin.Auth nuget package. But Xamarin.Auth uses oauth2.0 protocol. I need use saml protocol for sso.

How can I do this?

halfer
  • 19,824
  • 17
  • 99
  • 186
Pelin Konaray
  • 272
  • 1
  • 3
  • 15
  • I am afraid there is quite some work coming for your. We were in the same situation a while ago and ended in implementing the most by ourself. We used an OpenId library, but still had a lot of things to do. Lib: https://github.com/IdentityModel/IdentityModel.OidcClient. Implemented ChromeCustomTabsBrowser by ourself and retrieved the SAML Token with an HttpClient. – this.myself Sep 10 '21 at 14:05
  • Thanks for reply @this.myself Yes, it is a little hard task but I find a source from vmware: https://github.com/vmware/idm/wiki/Single-sign-on-for-Mobile Firstly I tought I have to use it only saml protocol for mobile implementation. But there is a way for implement with oauth2 protocol. It is only a post request with some configurations. So I decide to use it, but I didn't implement it yet. I will try this. – Pelin Konaray Sep 13 '21 at 06:10

1 Answers1

0

Xamarin.Essentials has a class called "WebAuthenticator" that will help you a lot.

Documentation can be found here: https://learn.microsoft.com/en-us/xamarin/essentials/web-authenticator?tabs=android

It makes the process very simple. You just send the login request:

var authResult = await WebAuthenticator.AuthenticateAsync(loginUrl, responseUrl);

The "authResult" variable would hold your token and claims.

You will also need to implement an activity or method (depending on platform) to handle the custom URL you passed in as "responseUrl" in the code above and relay the response back to the Xamarin.Essentials library. I strongly encourage you to read the docs linked above. They are very helpful.

Jason Williams
  • 1,283
  • 2
  • 11
  • 31
  • Thank you for reply. Is it compatible with saml protocol? As far as I can see, an example is made with the oauth protocol. But I need to solve it with saml protocol. If it is compatible with saml it is very nice. – Pelin Konaray Nov 30 '21 at 08:58
  • Good question. I guess I've only tried it with oauth. The saml protocol uses XML instead of JSON, is that right? If the library doesn't support it, you may be able to intercept the return message in your custom activity and format it in a way the library understands? Otherwise, maybe MSAL (Microsoft Authentication Library) could work? – Jason Williams Nov 30 '21 at 21:28
  • I couldn't test yet, but maybe msal works for this. Thanks. – Pelin Konaray Dec 02 '21 at 08:33