0

I am writing a Xamarin.Forms app that uses ADAL to authenticate with. I am currently following the flow here.

https://forums.xamarin.com/discussion/comment/367489#Comment_367489

I am using ADFS for authentication and am only worried about the Android client right now. My problem is, whenever I invoke the AcquireTokenAsync, I get the login screen but with no content.

enter image description here

I have already proved out getting a token from ADFS using postman and had no issues.

My code (I am just trying to prove this out right now, I don't really care about the implementation):

         string authority = "https://myserver/adfs";
         string resourceURI = "myidentity";
         string clientID = "123-123-123";
         string clientReturnURI = "http://localhost/";


         var authContext = new AuthenticationContext(authority,false);

            Task.Run(async () =>
            {
                var authResultAsync = await authContext.AcquireTokenAsync(resourceURI, clientID, new Uri(clientReturnURI), PlatformParameters);
            });

My platform parameters are being set in the pagerenderer

        protected override void OnElementChanged(ElementChangedEventArgs<Page> e)
    {
        base.OnElementChanged(e);

        this.page = e.NewElement as MainPage;
        this.page.PlatformParameters = new PlatformParameters(this.Context as Activity);
    }

The only lead I have is I get this in my console output

Failed to validate the certificate chain, error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

And I also get this, but it seems to be a red herring (some blog post said with just shows up on Android N devices which is the sdk level I am using)

Rejecting re-init on previously-failed class java.lang.Class<uO>: java.lang.NoClassDefFoundError: Failed resolution of: Landroid/webkit/TracingController;

Any help on this would be great appreciated, I have really been banging my head against it for a couple of days.

Connor Williams
  • 319
  • 2
  • 13

1 Answers1

0

Based on your error, java.security.cert.CertPathValidatorException: Trust anchor for certification path not found. This issue is related to your certificate, your device not trusted your certificate, you can check trusted credentials in android device, Is it contains your root certificate and intermediate certificate? You basically have four potential solutions to fix a "Not Trusted" exception on Android using httpclient:

  1. Trust all certificates. Don't do this, unless you really know what you're doing.
  2. Create a custom SSLSocketFactory that trusts only your certificate. This works as long as you know exactly which servers you're going to connect to, but as soon as you need to connect to a new server with a different SSL certificate, you'll need to update your app.
  3. Create a keystore file that contains Android's "master list" of certificates, then add your own. If any of those certs expire down the road, you are responsible for updating them in your app. I can't think of a reason to do this.
  4. Create a custom SSLSocketFactory that uses the built-in certificate KeyStore, but falls back on an alternate KeyStore for anything that fails to verify with the default.

You can refer to this similar thread. Trusting all certificates using HttpClient over HTTPS

Leon
  • 8,404
  • 2
  • 9
  • 52
  • @Connor Williams Are there any updates for this issue? If the reply is helpful, please try to mark it as an answer, it will help others who have similar issue. – Leon Mar 27 '19 at 09:48