Claims Authentication to SharePoint on iPhone

Question

I have made a simple SharePoint client App for iPhone, which require access to some SharePoint web services (mainly /_vti_bin/Lists.asmx). I am having a trouble figuring out how to do this on newer SharePoint environment such as Office365.

With old BPOS environment having forms-based authentication, I was able to authenticate to those services by simply implementing didReceiveAuthenticationChallenge method;

-(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
NSURLCredential *newCredential = [NSURLCredential credentialWithUser:username
                                               password:password
                                            persistence:NSURLCredentialPersistenceForSession];
[[challenge sender] useCredential:newCredential
       forAuthenticationChallenge:challenge];
}

This obviously didn't work any more with SharePoint sites having claims authentication, so I did some research and found out that I need FedAuth cookies to be attached to the request.

http://msdn.microsoft.com/en-us/library/hh147177.aspx

According to this article, with .NET Apps, it seems possible to retrieve those HTTPOnly FedAuth cookies using WININET.dll, but I guess that's not available on iPhone?

Then, I saw SharePlus App presenting UIWebView and getting user to login to their Office365 account first on the browser screen (which is the same concept as explained in "Enabling User Login for Remote Authentication" section of the article above).

So, I tried to see if I can somehow get access to those FedAuth cookies by logging into Office365 account via UIWebView, but [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookies] did not let me access HTTPOnly cookies.

Is there a way to achieve claims authentication on iPhone apps without needing designated intermediate .NET service for handling authentications, or requiring user to turn off HTTPOnly property on those cookies?

Sorry, I am very new to SharePoint so I may not even be looking at the right direction, but I would appreciate any advise on getting claims authentication to work on iPhone apps. Thanks in advance!

Answer 1

I've figured this out myself. Had to laugh at my own stupidity and impatience.

First of all, [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookies] DO let you access HTTPOnly cookies. Though, when user logs into Office 365 on the UIWebView, (void)webViewDidFinishLoad:(UIWebView *)webView delegate method get called several times so you just need to wait until FedAuth appears in the cookies jar.

Here is my (void)webViewDidFinishLoad:(UIWebView *)webView implementation;

- (void)webViewDidFinishLoad:(UIWebView *)webView {

    NSHTTPCookieStorage *storage = [NSHTTPCookieStorage sharedHTTPCookieStorage];
    NSArray *cookiesArray = [storage cookies];
    for (NSHTTPCookie *cookie in cookiesArray) {
        if ([[cookie name] isEqualToString:@"FedAuth"]) {
            /*** DO WHATEVER YOU WANT WITH THE COOKIE ***/
            break;
        }
    }
}

Once you have obtained the cookie, you just need to append that to the NSURLRequest using (void)setAllHTTPHeaderFields:(NSDictionary *)headerFields method when you call SharePoint web services.

Hope this helps someone.