OAuth bridge for WIF

OAuth Clients from .NET:

So how to access an OAuth protected resource (REST service) from a .NET webapplication in a generic manner?

Using WIF would be nice, since you would then just work just as if the OAuth protected REST service was an RP (and STS). In this case I think your app would be an active subject. But WIF does not implement OAuth.

But there are extensions for WIF. One can access OAuth through Azure Access Control Service (ACS) which then works as a bridge/gateway.
As far as I am aware ACS only provides access to OAuth 2.0 and not the older 1.0 protocol on which I believe Twitter is still using.
Here is a HowTo configure ACS to use Facebook as STS (FB uses OAuth 2.0).

But Azure is surely not free – I just don’t know what it costs.

Here is another sample - also bridging a WIF web app to OAuth/OpenID: http://southworks.github.com/protocol-bridge-claims-provider/.
It seems like that project is still only a sample.

If you just want to code towards OAuth without WIF, you can find samples like:

Twitter:

• http://blogs.msdn.com/b/lukeh/archive/2010/09/05/twitter-oauth-in-f.aspx

Yammer:

• https://github.com/kdavie/Yammer.NET-2.0
• http://eng.yammer.com/blog/2010/7/29/introduction-to-yammernet-20.html

OAuth Services in .NET:

Create your own OAuth/OData service via ACS, WIF and EF: http://blogs.msdn.com/b/astoriateam/archive/2011/01/20/oauth-2-0-and-odata-protecting-an-odata-service-using-oauth-2-0.aspx

Links:

• http://blogs.msdn.com/b/card/ (Claims Team – WIF/ADFS)
• http://blogs.msdn.com/b/astoriateam/ (WCF Data Services Team)

Links back from:

• http://blogs.msdn.com/b/card/archive/2010/11/29/protecting-and-consuming-rest-based-resources-with-acs-wif-and-the-oauth-2-0-protocol.aspx
• http://lists.foaf-project.org/pipermail/foaf-protocols/2011-February/004592.html