Live ID Authentication for Rich Clients

Disclaimer: Please note following approach works but is totally unsupported.

Active version of Live ID STS is available at: https://dev.login.live.com/wstlogin.srf and we can get a SAML token by using standard WS-Security username token as input.

 

            var issuer = "https://dev.login.live.com/wstlogin.srf";

            var binding = new WSHttpBinding();

            binding.Security.Mode = SecurityMode.TransportWithMessageCredential;

            binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;

            binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;

            binding.Security.Message.EstablishSecurityContext = false;

            binding.Security.Message.NegotiateServiceCredential = false;

 

 

            WSTrustClient client = new WSTrustClient(binding, new EndpointAddress(issuer),

                TrustVersion.WSTrustFeb2005, new ClientCredentials());

            client.ClientCredentials.UserName.UserName = "zamd@liveid.com";

            client.ClientCredentials.UserName.Password = "password ";

 

            var rst = new RequestSecurityToken(RequestTypeConstants.Issue);

            rst.AppliesTo = new EndpointAddress("http://zamd.net");

 

            RequestSecurityTokenResponse rstr;

            var token = client.Issue(rst, out rstr) as GenericXmlSecurityToken;