This post shows an example on how to invoke the Azure Service Management API from inside a webrole.
Before going through this example, you must download first the sample application on working with identities in Windows Azure [Windows Identity Foundation and Windows Azure passive federation].
The sample application mentioned above contains the necessary dll. You may also need to download the Geneva Framework SDK (BETA 2 as of this writing).
After you have downloaded the codes above,
Compile the "Microsoft.IdentityModelPlus" solution to generate the "Microsoft.IdentityModelPlus.dll".
Compile the "Encode" solution which is inside the "\assets\utils\Encoder" folder.
Next, open a command prompt and encode your certificate,
ex. "Encoder.exe C:\MyCertificate.pfx". Make sure that you have exported your certificate together with its private key. Password must have been specified as well.
Now, find the "encoder.out" file inside the assets\utils folder. It contains the xml configuration with your certificate name, bogus password and certificate encoded value.
Now, create a new Cloud Service. A webrole is enough for our example.
Reference the "Microsoft.IdentityModelPlus.dll". You can find that inside "\assets\" folder.
Inside the <configSections>, add the following:
<section name="microsoft.identityModelPlus" type="Microsoft.IdentityModelPlus.Configuration.MicrosoftIdentityModelPlusSection, Microsoft.IdentityModelPlus"
requirePermission="false" />
Make sure it is not under of any sectionGroup.
Just right after the <configSections>, add the following:
<microsoft.identityModelPlus>
<serviceCertificate>
<certificate name="YourCertificateName" password="YourCertificatePassword" encodedType="pfx" encodedValue="YourVeryLongEncodedCertificateValue" />
</serviceCertificate>
</microsoft.identityModelPlus>
Now, in the Default.aspx.cs add these codes that will read your certificate.
using System.Security.Cryptography.X509Certificates;
using Microsoft.IdentityModelPlus.Configuration;
using System.Net;
using System.Xml;
using System.IO;
private X509Certificate2 GetCertificate()
{
X509Certificate2 serviceCertificate = null;
MicrosoftIdentityModelPlusSection plusConfiguration = MicrosoftIdentityModelPlusSection.Current;
if (plusConfiguration != null && plusConfiguration.ServiceCertificate.ElementInformation.IsPresent)
{
serviceCertificate = plusConfiguration.ServiceCertificate.GetCertificate();
}
return serviceCertificate;
}
Inside the Load event, add the following:
string HostedServiceUri = "https://management.core.windows.net/{0}/services/hostedservices";
string VersionHeader = "x-ms-version";
string VersionTarget = "2009-10-01"; // as of this writing :)
//change with your ID
string SubscriptionId = "YourSubscriptionId";
Uri uri = new Uri(string.Format(HostedServiceUri, SubscriptionId));
// create a request
HttpWebRequest request = HttpWebRequest.Create(uri) as HttpWebRequest;
request.Method = "GET";
request.ClientCertificates.Add(GetCertificate());
request.Headers.Add(VersionHeader, VersionTarget);
HttpWebResponse response = request.GetResponse() as HttpWebResponse;
if (response.StatusCode == HttpStatusCode.OK)
{
XmlDocument doc = new XmlDocument();
using (StreamReader r = new StreamReader(response.GetResponseStream()))
{
doc.LoadXml(r.ReadToEnd());
}
XmlNodeList hostedServices = doc.GetElementsByTagName("HostedService");
for (int i = 0; i < hostedServices.Count; i++)
{
Response.Write("URL: <b>" + hostedServices[i].ChildNodes[0].InnerText + "</b>");
Response.Write("<br />");
Response.Write("Service Name: <b>" + hostedServices[i].ChildNodes[1].InnerText + "</b>");
}
}
The code above will just retrieve your hosted services. Compile and run your application. You must get an output like below. (the highlighted part is your subscription id)
URL: https://management.core.windows.net/<Your Subcription ID>/services/hostedservices/<Your Service Name>
Service Name: <Your Service Name>
This was tested in August CTP.