Authentication Authorization
User Authentication enables single sign-on for your mobile app, so users can effortlessly authenticate with any cloud and on-premises app.
App Service supports five identity providers out of the box, including: Azure Active Directory, Facebook, Google, Microsoft Account, and Twitter, as well as your own custom identity solution.
This tutorial shows you how to add Twitter and Facebook authentication through Azure App Service with Mobile Apps in the Shopping Demo App.
You need an Azure account to complete this tutorial. You can:
-
Open an Azure account for free. You get credits that can be used to try out paid Azure services. Even after the credits are used up, you can keep the account and use free Azure services and features, such as the Web Apps feature in Azure App Service.
-
Activate Visual Studio subscriber benefits. Your Visual Studio subscription gives you credits every month that you can use for paid Azure services.
-
Get credits every month by joining to Visual Studio Dev Essentials.
If you want to get started with Azure App Service before you sign up for an Azure account, go to Try App Service. There, you can immediately create a short-lived starter mobile app in App Service—no credit card required, and no commitments.
To start, set up your development environment by installing the latest version of the Azure SDK and Xamarin
If you do not have Visual Studio installed, use the link for Visual Studio 2015, and Visual Studio will be installed along with the SDK.
Configuring Authentication in Azure is done within the Mobile App context. Sign-up to Azure using the same subscription you used to deploy the Azure backend. Within the Mobile App, you can find Authentication/Authorization in the Settings Pane under Features.
Enable Authentication/Authorization by tapping on “On”. Since we want to authenticate users just for selling new items, we will allow requests when the user is not authenticated, i.e. taking no action, and control manually that scenario.
The following sections show you how to configure Twitter and Facebook providers.
In the case of Twitter, Azure asks for the API Key and API Secret. Both are obtained on the social network’s website, so please follow this guide on How to configure your App Service application to use Twitter login.
Facebook requires almost the same parameters, so please follow How to configure your App Service application to use Facebook login. You also can select which information can be accessed once authenticated; however, for the sake of this demo, we will not need anything else.
The client authentication happens entirely in the Shared Project. AuthenticationService class provides a singleton instance which simplifies everything to a single call: RequestLoginIfNecessary(). Authentication starts when the app asks user user to select a preferred provider: Facebook or Twitter, and executes the Azure’s Authentication broker consequently based on user selection.
Depending on the target platform the call to LoginWithProviderAsync() differs, although differences are subtle and assure the consistence with OS’ SDK.
In Android you only need to send the provider selected and the parent activity to build the web view which renders the log-in page:
private Task<MobileServiceUser> LoginWithProviderAsync(MobileServiceAuthenticationProvider provider)
{
return SaleItemDataService.Instance.MobileService.LoginAsync(Droid.ShoppingDemoApplication.Activity, provider);
}iOS needs the equivalent view controller:
private Task<MobileServiceUser> LoginWithProviderAsync(MobileServiceAuthenticationProvider provider)
{
var window = UIKit.UIApplication.SharedApplication.KeyWindow;
var vc = window.RootViewController;
// take top presented view controller
while (vc.PresentedViewController != null)
{
vc = vc.PresentedViewController;
}
return SaleItemDataService.Instance.MobileService.LoginAsync(vc, provider);
}Universal Windows Platform (UWP) simply needs the provider, handling internally the scaffolding to navigate to the web view:
private async Task<MobileServiceUser> LoginWithProviderAsync(MobileServiceAuthenticationProvider provider)
{
var serviceUser = await SaleItemDataService.Instance.MobileService.LoginAsync(provider);
await this.InitNotificationsAsync();
return serviceUser;
}For more information, please visit http://azure.com/xamarin