Hi,
I have a scenario in which the Symplified.Auth component would be a great fit. The app we're building has to authenticate against an ADFS 2.0 SAML endpoint, so I downloaded the Symplified.Auth component to give it a try.
The first problem I'm running into is that the FederationMetadata from the ADFS server fails to load:
XmlDocument xDoc = new XmlDocument();
xDoc.PreserveWhitespace = true;
xDoc.Load(Assets.Open("FederationMetadata.xml"));
Saml20MetadataDocument idpMetadata = new Saml20MetadataDocument(xDoc); // EXCEPTION!
The exception is:
dk.nita.saml20.Saml20Exception: "Metadata signature could not be verified."
The metadata file I got comes directly from ADFS and should be valid, so I don't understand why the signature would be invalid. Do I need additional info in the app in order to verify the signature? The sample xml from Symplified is not signed so that runs fine, but not with a real world case :)
Next, the component handles all authentication in the app on the device. Now I want to use this token to authenticate and authorize the user against my backend API (ASP.NET WebApi 2). Any best practices for that? Do I just use WIF for that?