{"id":7087,"date":"2013-08-21T09:38:15","date_gmt":"2013-08-21T16:38:15","guid":{"rendered":"http:\/\/blog.xamarin.com\/?p=7087"},"modified":"2013-08-21T09:38:15","modified_gmt":"2013-08-21T16:38:15","slug":"ssosymplified","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/xamarin\/ssosymplified\/","title":{"rendered":"Deliver Mobile Single Sign-On with New Symplified Component"},"content":{"rendered":"<p>\t\t\t\t<img decoding=\"async\" class=\"wp-image-7120 alignleft\" alt=\"symplified\" src=\"\/wp-content\/uploads\/sites\/44\/2019\/04\/symplified.png\" width=\"242\" height=\"97\" \/>We\u2019re pleased to announce the first <a href=\"http:\/\/components.xamarin.com\/view\/Symplified.Auth\/\">enterprise identity management component<\/a> in the Xamarin Component Store from <a href=\"http:\/\/www.symplified.com\">Symplified<\/a>, a leader in providing Identity-as-a-Service.<\/p>\n<p>With this new component, you can quickly and easily build, test and deploy authentication and single sign-on (SSO) capabilities in your apps and securely connect them to existing identity infrastructure such as Active Directory and LDAP.<\/p>\n<p>The component works with any IdP that supports SAML 2.0 or OAuth 1.0\/2.0, such as Salesforce.com. \u00a0Alternatively, \u00a0joint Symplified and Xamarin customers can now extend existing Symplified IDaaS capabilities out to Xamarin apps.<\/p>\n<p>Read on to get a code-level view of the component, and <a href=\"http:\/\/resources.xamarin.com\/authenticating_enterprise_users_mobile_apps.html\" target=\"_blank\">register now<\/a>\u00a0for a live \u201cAuthenticating Enterprise Users into Mobile Apps\u201d webinar on August 27 at 8am Pacific.<\/p>\n<h2>Get Your Code On<\/h2>\n<p dir=\"ltr\">You\u2019ll need an XML file that provides the provisioning details. The Symplified client reads that file and configures itself by using the values it defines. You will find an example file, named `idp.symplified.net.metadata.xml`, in each of the sample applications included in the component, as well as on the component\u2019s <a href=\"https:\/\/components.xamarin.com\/gettingstarted\/Symplified.Auth\/\">Getting Started<\/a> page (which this article pulls heavily from). With this file on hand, we\u2019re ready to code.<\/p>\n<h3>Step 1: Creating and configuring the Symplified identity provider.<\/h3>\n<p dir=\"ltr\">Let&#8217;s get the website information required to use Symplified&#8217;s IdP for your application. We&#8217;ll load the XML document containing SAML 2.0 metadata, and send it off to a metadata parser:<\/p>\n<pre class=\"lang:csharp decode:true\">\nXmlDocument xDoc = new XmlDocument ();\nxDoc.PreserveWhitespace = true; \/\/ This is important do not remove\nxDoc.Load (&quot;idp.symplified.net.metadata.xml&quot;);\n\nSaml20MetadataDocument idpMetadata = new Saml20MetadataDocument (xDoc);\n<\/pre>\n<h3>Step 2: Create and configure a SAML 2.0 authentication client<\/h3>\n<p dir=\"ltr\">To verify an assertion that returns from the IdP, we&#8217;ll configure an authenticator using the IdP metadata:<\/p>\n<pre class=\"lang:csharp decode:true\">\nSaml20Authenticator authenticator = new Saml20Authenticator (\n  &quot;Symplified.Auth.iOS.Sample&quot;,\n  idpMetadata\n);\n<\/pre>\n<p>The authenticator will:<\/p>\n<ul>\n<li>\n<p dir=\"ltr\">Create a SAML assertion.<\/p>\n<\/li>\n<li>\n<p dir=\"ltr\">Send it to the IdP.<\/p>\n<\/li>\n<li>\n<p dir=\"ltr\">Get an assertion back. The assertion is issued depending on conditions such as the user&#8217;s log in state.<\/p>\n<\/li>\n<li>\n<p dir=\"ltr\">Verify the signature on the assertion.<\/p>\n<\/li>\n<li>\n<p dir=\"ltr\">Request the resource.<\/p>\n<\/li>\n<\/ul>\n<h3>Step 3: Authenticate the user<\/h3>\n<p dir=\"ltr\">Although third-party authenticators control their own UI, you decide how to show the authenticator&#8217;s UI on the screen. You can manage how the authentication UI is presented\u2013modally, in navigation controllers, in popovers, and so on.<\/p>\n<p dir=\"ltr\">Prior to displaying the UI, we must first listen for the <code>Completed<\/code> event which triggers when user successfully authenticates or cancels. Find out whether the authentication succeeded by examining the <code>IsAuthenticatedproperty<\/code> of <code>eventArgs<\/code>:<\/p>\n<pre class=\"lang:csharp decode:true\">\nauthenticator.Completed += (s, e) =&gt; {\n  loginViewController.DismissViewController (true, null);\n\n  if (!e.IsAuthenticated) {\n    samlLoginStatusStringElement.Caption = &quot;Not authorized&quot;;\n    samlLoginStatusStringElement.GetActiveCell ().BackgroundColor = UIColor.Red;\n  } else {\n    SamlAccount authenticatedAccount = (SamlAccount)e.Account;\n\n    samlLoginStatusStringElement.Caption = String.Format (&quot;Name: {0}&quot;, authenticatedAccount.Assertion.Subject.Value);\n    samlLoginStatusStringElement.GetActiveCell ().BackgroundColor = UIColor.Green;\n  }\n\n  loginViewController.ReloadData ();\n};\n<\/pre>\n<p dir=\"ltr\">All the information collected from a successful authentication is accessible in <code>eventArgs.Account<\/code>. We are now ready to display the login UI from <code>ViewDidAppear<\/code> on iOS:<\/p>\n<pre class=\"lang:csharp decode:true\">\nUIViewController vc = authenticator.GetUI ();\nloginViewController.PresentViewController (vc, true, null);\n<\/pre>\n<p dir=\"ltr\">The GetUI method returns <code>UINavigationControllers<\/code> on iOS, and <code>Intents<\/code> on Android. Here is how we would write the code to display the UI from <code>OnCreate<\/code>:<\/p>\n<pre class=\"lang:csharp decode:true\">\nvar intent = authenticator.GetUI (this);\nStartActivityForResult (intent, 42);\n\n<\/pre>\n<h3>Step 4: Storing the account details<\/h3>\n<p dir=\"ltr\">The Symplified Mobile Developer SDK securely stores <code>Account<\/code> objects so you don&#8217;t always have to re-authenticate the user. The <code>AccountStore<\/code> class is in charge of storing <code>Account<\/code> information, supported by the <a href=\"https:\/\/developer.apple.com\/library\/ios\/#documentation\/security\/Reference\/keychainservices\/Reference\/reference.html\">Keychain<\/a> on iOS and a <a href=\"http:\/\/developer.android.com\/reference\/java\/security\/KeyStore.html\">KeyStore<\/a> on Android:<\/p>\n<pre class=\"lang:csharp decode:true\">\n\/\/ On iOS:\nAccountStore.Create ().Save (eventArgs.Account, &quot;idp.symplified.net&quot;);\n\n\/\/ On Android:\nAccountStore.Create (this).Save (eventArgs.Account, &quot;idp.sympliifed.net&quot;);\n<\/pre>\n<p dir=\"ltr\">Saved <code>Account<\/code>s are uniquely identified with a key composed of the account&#8217;s <code>Username<\/code> property and a &#8220;Service ID&#8221;. The &#8220;Service ID&#8221; is any string that is used when retrieving accounts from the store.<\/p>\n<p dir=\"ltr\">If an <code>Account<\/code> was saved earlier, calling <code>Save<\/code> again will overwrite it. This is helpful for services that expire the credentials stored in the account object. If you have used <a href=\"https:\/\/github.com\/xamarin\/Xamarin.Auth\">Xamarin.Auth<\/a> before, then this will be familiar to you.<\/p>\n<p dir=\"ltr\">Voila, single sign-on in your apps in just 4 steps.<\/p>\n<p>Ready for more? Watch the webinar &#8220;Authenticating Enterprise Users into Mobile Apps&#8221;.<\/p>\n<div class=\"centered\"><a class=\"action-button featured more\" href=\"\/authenticating-users-into-mobile-apps\/\">Watch the Webinar<\/a><\/div>\n<p><a href=\"\/authenticating-users-into-mobile-apps\/\">\u00a0<\/a>\t\t<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We\u2019re pleased to announce the first enterprise identity management component in the Xamarin Component Store from Symplified, a leader in providing Identity-as-a-Service. With this new component, you can quickly and easily build, test and deploy authentication and single sign-on (SSO) capabilities in your apps and securely connect them to existing identity infrastructure such as Active [&hellip;]<\/p>\n","protected":false},"author":579,"featured_media":39167,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2,3],"tags":[14,4],"class_list":["post-7087","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-developers","category-enterprise","tag-partners","tag-xamarin-platform"],"acf":[],"blog_post_summary":"<p>We\u2019re pleased to announce the first enterprise identity management component in the Xamarin Component Store from Symplified, a leader in providing Identity-as-a-Service. With this new component, you can quickly and easily build, test and deploy authentication and single sign-on (SSO) capabilities in your apps and securely connect them to existing identity infrastructure such as Active [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/posts\/7087","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/users\/579"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/comments?post=7087"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/posts\/7087\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/media\/39167"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/media?parent=7087"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/categories?post=7087"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/xamarin\/wp-json\/wp\/v2\/tags?post=7087"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}