/// <summary> /// Authenticates with WCF services using user name/password /// and receives a token for further communication with the services. /// </summary> /// <param name="user">User name</param> /// <param name="password">Password</param> public static ClaimsPrincipal Authenticate(string user, string password) { try { var factory = new WSTrustChannelFactory("sts message"); factory.Credentials.UserName.UserName = user; factory.Credentials.UserName.Password = password; // TODO: re-enable certificate validation after using a trusted certificate factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None; var channel = factory.CreateChannel(); IssuedToken = channel.Issue(new RequestSecurityToken(RequestTypes.Issue, KeyTypes.Bearer) { AppliesTo = new EndpointReference(AudienceUri) }); var identities = GetIdentitiesFromSamlToken(IssuedToken, AudienceUri, true); return(new ClaimsPrincipal(identities)); } catch (MessageSecurityException) { ErrorList currentErrors = new ErrorList(App.Services.GetService <ResourceManager>()); currentErrors.AddError(ErrorType.Security, Messages.InvalidCredentials); currentErrors.Abort(currentErrors.ErrorsText); } return(null); }