There are a lot of examples on how to authenticate a mobile App user with Azure Active Directory, which is great. Once originally authenticated via Azure AD, if the user then tries to use the App offline I'd like to be able to re-authenticate, obviously without connecting to Azure (as the user will be offline). Once authenticated they can continue to use the App offline.
Is this possible to do with a stored auth token that has come back from Azure or is there another means of doing this? We're planning to use SQLCipher on the device but I don't believe you can get hold of the user's username and password (which we could possibly then be stored into SQLCipher, which I'd rather not do if I can help it). There's also that problem of what happens when the user's AD password has been changed
Basically, what I want to do is to create a mobile App (iOS/Android) that will access on-premise resources (WCF or possibly Web Api). To do this the mobile App will throw up a login box, the user is authenticated via Azure AD and then the user can access an on-premise resources via Azure. When the App hasn't been used for sometime the user will need to re-authenticate. The user will be able to view content offline.
All this seems like standard stuff for an Enterprise App but I've not seen anything that seems to cover all these areas. Has anyone gone down this route or something similar? We're trying to do away from using Enterprise third party solutions, such as Good Dynamics (which we're currently using).
Thanks in advance.