protected virtual SecurityTokenResponse CreateUserTokenResponse(CrmConnection connection, IServiceConfiguration <IDiscoveryService> config) { var homeRealmUri = connection.HomeRealmUri; var clientCredentials = connection.ClientCredentials; var deviceCredentials = connection.DeviceCredentials; if (clientCredentials == null) { throw new ConfigurationErrorsException("The connection's user credentials must be specified."); } SecurityTokenResponse userTokenResponse; if (config.AuthenticationType == AuthenticationProviderType.LiveId) { if (deviceCredentials == null || deviceCredentials.UserName == null) { throw new ConfigurationErrorsException("The connection's device credentials must be specified."); } var deviceUserName = deviceCredentials.UserName.UserName; var devicePassword = deviceCredentials.UserName.Password; if (string.IsNullOrWhiteSpace(deviceUserName)) { throw new ConfigurationErrorsException("The connection's device Id must be specified."); } if (string.IsNullOrWhiteSpace(devicePassword)) { throw new ConfigurationErrorsException("The connection's device password must be specified."); } if (devicePassword.Length < 6) { throw new ConfigurationErrorsException("The connection's device password must be at least 6 characters."); } // prepend the DevicePrefix to the device Id var extendedDeviceCredentials = new ClientCredentials(); extendedDeviceCredentials.UserName.UserName = DeviceIdManager.DevicePrefix + deviceCredentials.UserName.UserName; extendedDeviceCredentials.UserName.Password = deviceCredentials.UserName.Password; SecurityTokenResponse deviceTokenResponse; try { deviceTokenResponse = config.AuthenticateDevice(extendedDeviceCredentials); } catch (MessageSecurityException) { // try register the device credentials deviceTokenResponse = RegisterDeviceCredentials(deviceCredentials) // try re-authenticate ? config.AuthenticateDevice(extendedDeviceCredentials) : null; } Assert(deviceTokenResponse != null && deviceTokenResponse.Token != null, "The device authentication failed!"); userTokenResponse = config.Authenticate(clientCredentials, deviceTokenResponse); } else { if (homeRealmUri != null) { var appliesTo = config.PolicyConfiguration.SecureTokenServiceIdentifier; var homeRealmSecurityTokenResponse = config.AuthenticateCrossRealm(clientCredentials, appliesTo, homeRealmUri); Assert(homeRealmSecurityTokenResponse != null && homeRealmSecurityTokenResponse.Token != null, "The user authentication failed!"); userTokenResponse = config.Authenticate(homeRealmSecurityTokenResponse.Token); } else { userTokenResponse = config.Authenticate(clientCredentials); } } return(userTokenResponse); }