Windows Azure, Microsoft .NET Services – Acquiring an Authentication Token

[This post is based on the Windows Azure Tools for Microsoft Visual Studio July 2009 CTP]

Before we jump into looking at authentication tokens, why you need them and how to acquire them, let’s take a quick refresher on how to get up and running with the Windows Azure, Microsoft .NET Services. To begin with you have to request an account; once you receive your welcome email you need to sign in to the Windows Azure portal where you can then view all your .NET Services solutions and subscriptions.

image

To start working with .NET Services you need to create a solution by selecting the Add Solution button. You will be prompted to enter a name for your solution. It’s important to think about the name of your solution as you can’t (currently at least) change it. The solution name becomes the first segment in the url that you will use to access elements of the .NET Services – https://blogsample.servicebus.windows.net/. After entering a solution name you should use the Validate Name link to see whether the name you have entered is in use.

image

Once you have successfully created your solution you will be returned to the main portal screen.  Initially your new solution will appear in the list of solutions with “Activating…” alongside it. If you hit the refresh button after a few seconds (perhaps a couple of minutes depending on how busy the server is) you will see that your solution is available for use.

image

You can use the three links alongside your newly created solution to manage permissions to your solution (Access Control Service), access the Service Bus Registry or manage the Credentials for your solution.  Before we go on you will need to go into Credentials and specify a Solution Password – this is required for you to programmatically access your .NET Services solution.

image

Now that your solution is setup, lets get into working with your .NET Services solution. Nearly anything you do with your solution requires you to supply an Authentication Token. An Authentication Token can be requested from the Microsoft .NET Access Control Service by supplying a set of credentials in a number of different forms.  For the purpose of this post I’ll be using the username/password option which will mean that you can authenticate using whatever technology stack you feel most comfortable with. Using the .NET library this can be done in just a few lines of code. However, sometimes it’s useful to see what’s going on under the covers, so let’s look at how you can acquire a token using just Http messages.

Essentially acquiring a Authentication Token can be done by sending a Http Get to http://accesscontrol.windows.net/issuetoken.aspx, supplying the solution name and password as query parameters. For example I could enter https://accesscontrol.windows.net/issuetoken.aspx?u=BlogSample&p=<password> into a web browser and would get back a page containing a token “ELp6ymQPzEiKbwgyTg+cQKvvhGVm0oOnGqO1kA==”. To do this in code you just need to create a webrequest to this url.

public static string HttpGetAuthenticationToken(string username, string password)
{
    string requestUri = string.Format("
https://accesscontrol.windows.net/issuetoken.aspx?u={0}&p={1}",
                                    username, Uri.EscapeDataString(password));

    var request = WebRequest.Create(requestUri);
    using (var response = request.GetResponse())
    using (var responseStream = response.GetResponseStream())
    using (var reader = new StreamReader(responseStream))
    {
        return reader.ReadToEnd();
    }
}

You can make a similar request from javascript (note that due to cross-domain scripting this will only work from Windows Gadgets or Windows Mobile Widgets where the normal restrictions don’t apply).

function httpGetAuthenticationToken(username, password) {
    http = new XMLHttpRequest();
    http.open("GET", "
https://accesscontrol.windows.net/IssueToken.aspx?u=" + username + "&p=" + password, false);
    http.onreadystatechange = function() {
        if (http.readyState == 4 && http.status == 200) {
            var token = http.responseText;
            // Do something with the token….
        }
    }
    http.send();
}

Leave a comment