mobile-services-get-started-with-users-dotnet.md

Azure Chunk Displayer
No macro content available for WYSIWYG editing

Get started with authentication in Mobile Services for Windows Store

Windows Store C# / Windows Store JavaScript / iOS

This topic shows you how to authenticate users in Windows Azure Mobile Services from your app. In this tutorial, you add authentication to the quickstart project using an identity provider that is supported by Mobile Services. After being successfully authenticated and authorized by Mobile Services, the user ID value is displayed.

This tutorial walks you through these basic steps to enable authentication in your app:

1. Register your app for authentication and configure Mobile Services
2. Restrict table permissions to authenticated users
3. Add authentication to the app

This tutorial is based on the Mobile Services quickstart. You must also first complete the tutorial Get started with Mobile Services.

Note

This tutorial demonstrates the basic method provided by Mobile Services to authenticate users by using a variety of identity providers. This method is easy to configure and supports multiple providers. However, this method also requires users to log-in every time your app starts. To instead use Live Connect to provide a single sign-on experience in your Windows Store app, see the topic Single sign-on for Windows Store apps by using Live Connect.

Register your appRegister your app for authentication and configure Mobile Services

To be able to authenticate users, you must register your app with an identity provider. You must then register the provider-generated client secret with Mobile Services.

1. Log on to the Windows Azure Management Portal, click Mobile Services, and then click your mobile service.

   

2. Click the Dashboard tab and make a note of the Site URL value.

   

   You may need to provide this value to the identity provider when you register your app.

3. Choose a supported identity provider from the list below and follow the steps to register your app with that provider:

• Microsoft Account
• Facebook login
• Twitter login
• Google login

4. Back in the Management Portal, click the Identity tab, enter the app identifier and shared secret values obtained from your identity provider, and click Save.

   

Both your mobile service and your app are now configured to work with your chosed authenication provider.

Restrict permissionsRestrict permissions to authenticated users

1. In the Management Portal, click the Data tab, and then click the TodoItem table.

   

2. Click the Permissions tab, set all permissions to Only authenticated users, and then click Save. This will ensure that all operations against the TodoItem table require an authenticated user. This also simplifies the scripts in the next tutorial because they will not have to allow for the possibility of anonymous users.

   

3. In Visual Studio 2012 Express for Windows 8, open the project that you created when you completed the tutorial Get started with Mobile Services.

4. Press the F5 key to run this quickstart-based app; verify that an unhandled exception with a status code of 401 (Unauthorized) is raised after the app starts.

   This happens because the app attempts to access Mobile Services as an unauthenticated user, but the TodoItem table now requires authentication.

Next, you will update the app to authenticate users before requesting resources from the mobile service.

Add authenticationAdd authentication to the app

5. Open the project file mainpage.xaml.cs and add the following using statement:

    using Windows.UI.Popups;
   

6. Add the following code snippet to the MainPage class:

    private MobileServiceUser user;
    private async System.Threading.Tasks.Task Authenticate()
    {
        while (user == null)
        {
   
            user = await App.MobileService
                .Login(
                MobileServiceAuthenticationProvider.Facebook);
            if (user.UserId == null)
            {
   
                var message = 
                    string.Format("You are now logged in - {0}", user.UserId);
                var dialog = new MessageDialog(message);
                dialog.Commands.Add(new UICommand("OK"));
                await dialog.ShowAsync();
            }
            else
            {
                user = null;
                var dialog = 
                    new MessageDialog("You must log in.", "Login Required");
                dialog.Commands.Add(new UICommand("OK"));
                await dialog.ShowAsync();
            }
        }       
    }
   

   This creates a member variable for storing the current user and a method to handle the authentication process. The user is authenticated by using a Facebook login.

   Note

   If you are using an identity provider other than Facebook, change the value of MobileServiceAuthenticationProvider above to the value for your provider.

7. Replace the existing OnNavigatedTo event handler with the handler that calls the new Authenticate method:

    protected override async void OnNavigatedTo(NavigationEventArgs e)
    {
        await Authenticate();
        RefreshTodoItems();
    }
   

8. Press the F5 key to run the app and sign into the app with your chosen identity provider.

   When you are successfully logged-in, the app should run without errors, and you should be able to query Mobile Services and make updates to data.

Next steps

In the next tutorial, Authorize users with scripts, you will take the user ID value provided by Mobile Services based on an authenticated user and use it to filter the data returned by Mobile Services.