Is it possible to style the Windows Identity Foundation postback page?

Question

Is it possible to style the Windows Identity Foundation postback page?

This is the page that comes across as blank after you successfully login and the url is similar to https://sts.address.com/?wa=wsignin1.0&wtrealm=https....

Answer 1

I read the following article, http://www.paraesthesia.com/archive/2011/01/31.aspx , which led me to using dotPeek on the Microsoft.IdentityModel assembly. Which shows me that all the ProcessSignInResponse message does, is the following:

 public static void ProcessSignInResponse(SignInResponseMessage signInResponseMessage, HttpResponse httpResponse)
    {
      if (signInResponseMessage == null)
        throw DiagnosticUtil.ExceptionUtil.ThrowHelperArgumentNull("signInResponseMessage");
      else if (httpResponse == null)
      {
        throw DiagnosticUtil.ExceptionUtil.ThrowHelperArgumentNull("httpResponse");
      }
      else
      {
        signInResponseMessage.Write(httpResponse.Output);
        httpResponse.Flush();
        httpResponse.End();
      }
    }

The signInResponseMessage.Write method does the following:

public override void Write(TextWriter writer)
    {
      if (writer == null)
      {
        throw DiagnosticUtil.ExceptionUtil.ThrowHelperArgumentNull("writer");
      }
      else
      {
        this.Validate();
        writer.Write(this.WriteFormPost());
      }
    }

As you can see, in essence, all that is performed, is to write the content of WriteFormPost to the response stream.

So I am, as we speak, changing my " ProcessSignIn " method to return the HTML to be output, instead of calling FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse .

So, I have changed my method essentially from this:

public static void ProcessSignIn(SignInRequestMessage signInRequest, HttpResponse httpResponse) 
    {
    FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(signInResponseMessage, httpResponse);
    }

To:

public static string ProcessSignIn(SignInRequestMessage signInRequest) 
    {
    return signInResponseMessage.WriteFormPost();
    }

Of course, the SignInResponseMessage should have provided a cleaner method of returning just the "main" content of what you want to write to your form post, but getting the HTML form as a string at least makes it easier to modify the result before returning it to the client with Response.Write(result) .

Answer 2

I don't know if this is a documented feature, but I will suggest the following as a jumping-off point:

If your code looks anything at all like mine, you have a line of code that looks like:

FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(responseMessage, HttpContext.Current.Response)

The second parameter to ProcesssignInResponse is an HttpResponse object. I tried, unsuccessfully, to find an answer to your question, by trying to pass in a custom HttpResponse message in order to capture the output so we can manipulate it however you like:

Dim myStringbuilder As New StringBuilder
Dim myStringWriter As New IO.StringWriter(myStringbuilder)
Dim myResponse As New Web.HttpResponse(myStringWriter)

If you pass in myResponse to ProcessSignInResponse , the following exception is thrown:

System.NullReferenceException: Object reference not set to an instance of an object. at System.Web.HttpResponse.End() at Microsoft.IdentityModel.Web.FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(SignInResponseMessage signInResponseMessage, HttpResponse httpResponse) at Logon_App.LCLoginBase.issueTokenAndRedirect(logonParamsStruct& logonParams) in C:\\Logon App\\Logon App\\Code\\LCLogin\\LCLoginBase.vb:line xxx