{"id":2763,"date":"2014-04-16T00:34:02","date_gmt":"2014-04-16T07:34:02","guid":{"rendered":"http:\/\/www.cloudidentity.com\/blog\/?p=2763"},"modified":"2014-04-22T07:53:20","modified_gmt":"2014-04-22T14:53:20","slug":"calling-office365-api-from-a-windows-phone-8-1-app","status":"publish","type":"post","link":"https:\/\/www.cloudidentity.com\/blog\/2014\/04\/16\/calling-office365-api-from-a-windows-phone-8-1-app\/","title":{"rendered":"Calling Office365 API from a Windows Phone 8.1 App"},"content":{"rendered":"

Did you install the preview of Windows Phone 8.1? I sure did, and it\u2019s awesome!<\/p>\n

Windows Phone 8.1 introduces a great new feature, which was until recently only available on Windows 8.x: the WebAuthenticationBroker<\/strong> (WAB for short from now on). ADAL for Windows Store<\/a> leverages the WAB for all of its authentication UI rendering needs, and that saved us a tremendous amount of work in respect to other platforms (such as classic .NET<\/a>) on which we had to handle the UX (dialog, HTML rendering, navigation, etc) on our own.<\/p>\n

To give you a practical example of that, and to amuse myself during this 9.5 hours Seattle-Paris flight I am sitting on, I am going to show you how to use the WAB on Windows Phone 8.1 to obtain a token from Azure Active Directory: you\u2019ll see that the savings in respect to the older Windows Phone sample<\/a> (where I did have to handle the UX myself) are significant. If you prefer to watch a video, rather than putting up with my logorrhea, check out the recording of the session on native clients I delivered at \/\/BUILD<\/a> just 10 days ago: the very first demo I show is precisely the same app, though I cleaned up the code a bit since then.<\/p>\n

The WebAuthenticationBroker and the Continuation Pattern<\/h2>\n

The WAB on Windows Phone 8.1 differs from its older Windows 8.x sibling in more than the size of its rendering surface. The one difference you can\u2019t ignore (and the reason for which you can\u2019t just reuse ADAL for Windows Store on the phone) lies in the programming model it exposes. Note: the WAB coverage on MSDN is excellent<\/a>, and I recommend you refer to it rather than relying on what I write here (usual disclaimers apply). Here I\u2019ll just give a barebone explanation covering the essential for getting the WAB to work with AAD.<\/p>\n

\"image\"<\/a><\/p>\n

Referring to the diagram above. The idea is that (1) whenever you call the phone WAB from your code, your app gets suspended and the WAB \u201capp\u201d takes over the foreground spot. The user goes through (2) whatever experience the identity provider serves; once the authentication flow comes to an end, (3) the WAB returns control to your app and disappears.
\nHere that\u2019s where things get interesting. For your app, this is just another activation: you need to add some logic to detect that this activation was caused by the WAB returning from an authentication, and ensure that the values returned by the WAB are routed to the code that needs to resume the authentication logic and process them.
\nThe idea is that you need in your app an object which implements a well-known interface (IWebAuthenticationContinuable), which includes a method (ContinueWebAuthentication) meant to be used as the re-entry point at reactivation time. In the diagram above it is the page itself that implements IWebAuthenticationContinuable; the OnActivated handler (4) calls the method directly, passing the activation event arguments which will be materialized in ContinueWebAuthentication as WebAuthenticationBrokenContinuationArgs. Those arguments will contain the values you typically expect from the WAB, such as the authorization code produced by an OAuth code grant flow.<\/p>\n

This is a common pattern in Windows Phone 8.1: it goes under the name \u201cAndContinue\u201d, from the structure of the primitives used. It is applied whenever a \u201csystem\u201d operation (such as the WAB, but also file picking) might end up requiring a lot of resources, making it hard for an app on a low power device to keep active in memory both the app and the process handling the requested task. Once again, MSDN provides great coverage for this<\/a>.<\/p>\n

The Sample<\/h2>\n

Too abstract for your taste? Presto, let\u2019s look at some code. Here I will skip all of the client app provisioning in AAD, as we\u2019ve covered that task many times. If you want a refresher, just head to one of the samples on GitHub and refer to the instructions there. <LINK><\/p>\n

As mentioned in the title, we want an app that will invoke an Office365 API. We won\u2019t do anything fancy with the results, as I just want to show you how to obtain and use a suitable token. If you want to get a trial of Office 365, check out this link <LINK>. Also, if you don\u2019t want to set up a subscription you can easily repurpose this sample to call any other API (such as the Graph or your own).<\/p>\n

Ready? Go! Create a new blank Windows Phone 8.1 app. Make sure to pick up the store flavor. Add a button for triggering the API call.<\/p>\n

In your main page, add the declaration for your IWebAuthenticationContinuable. Note that you can decide to return a value, if you so choose.<\/p>\n

 interface<\/span> IWebAuthenticationContinuable\r\n{\r\n   void<\/span> ContinueWebAuthentication(WebAuthenticationBrokerContinuationEventArgs args);\r\n}<\/pre>\n