Damian Hickey

Mostly software and .NET related. Mostly.

Securing ServiceStack using Azure Authentication Library and WPF Client

I've pushed to github a port of the AAL - Native Application to REST service - Authentication via Browser Dialog sample code that, instead of using WebAPI, uses Service Stack.

My implementation uses ServiceStack's request filters to verify that all requests have a valid security token in a similar way the sample WebAPI uses a delegating http handler. My understanding of ServiceStack's Authentication and authorization feature, as is currently designed, is that it doesn't support the situation where you authenticate externally first; ServiceStack wants to authenticate on your behalf through one of it's auth services.

As this is my first time playing with both ServiceStacks authentication and Azure Authentication Library, I'm sure there are things that can be improved. If so, let me know here, github or twitter :)

Up next - securing a Nancy app and any OWIN app with AAL.

Note: the original sample did not have any tests, unit or otherwise, so I just F5'd my way through this against my better judgement.

blog comments powered by Disqus