/// <summary>
/// Check the validity of IdP logout response
/// </summary>
/// <param name="response"></param>
/// <param name="request"></param>
/// <returns>True if valid, false otherwise</returns>
public static bool ValidateLogoutResponse(LogoutResponseType response, LogoutRequestType request)
{
var xmlDoc = response.SerializeToXmlDoc();
BusinessValidation.ValidationCondition(() => XmlHelpers.VerifySignature(xmlDoc), ErrorLocalization.InvalidSignature);
return(response.InResponseTo == request.ID);
}
/// <summary>
/// Build a signed SAML logout request.
/// </summary>
/// <param name="requestId"></param>
/// <param name="destination"></param>
/// <param name="consumerServiceURL"></param>
/// <param name="certificate"></param>
/// <param name="identityProvider"></param>
/// <param name="subjectNameId"></param>
/// <param name="authnStatementSessionIndex"></param>
/// <returns></returns>
public static LogoutRequestType GetLogoutRequest(string requestId, string consumerServiceURL, X509Certificate2 certificate,
IdentityProvider identityProvider, string subjectNameId, string authnStatementSessionIndex)
{
BusinessValidation.Argument(requestId, string.Format(ErrorLocalization.ParameterCantNullOrEmpty, nameof(requestId)));
BusinessValidation.Argument(subjectNameId, string.Format(ErrorLocalization.ParameterCantNullOrEmpty, nameof(subjectNameId)));
BusinessValidation.Argument(consumerServiceURL, string.Format(ErrorLocalization.ParameterCantNullOrEmpty, nameof(consumerServiceURL)));
BusinessValidation.Argument(certificate, string.Format(ErrorLocalization.ParameterCantNull, nameof(certificate)));
BusinessValidation.Argument(identityProvider, string.Format(ErrorLocalization.ParameterCantNull, nameof(identityProvider)));
if (string.IsNullOrWhiteSpace(identityProvider.DateTimeFormat))
{
identityProvider.DateTimeFormat = SamlDefaultSettings.DateTimeFormat;
}
if (identityProvider.NowDelta == null)
{
identityProvider.NowDelta = SamlDefaultSettings.NowDelta;
}
if (string.IsNullOrWhiteSpace(identityProvider.SingleSignOutServiceUrl))
{
throw new ArgumentNullException("The LogoutServiceUrl of the identity provider is null or empty.");
}
string dateTimeFormat = identityProvider.DateTimeFormat;
string subjectNameIdRemoveText = identityProvider.SubjectNameIdRemoveText;
string singleLogoutServiceUrl = identityProvider.SingleSignOutServiceUrl;
DateTime now = DateTime.UtcNow;
return(new LogoutRequestType
{
ID = "_" + requestId,
Version = "2.0",
IssueInstant = now.ToString(dateTimeFormat),
Destination = singleLogoutServiceUrl,
Issuer = new NameIDType
{
Value = consumerServiceURL.Trim(),
Format = SamlConst.IssuerFormat,
NameQualifier = consumerServiceURL
},
Item = new NameIDType
{
NameQualifier = consumerServiceURL,
Format = SamlConst.NameIDPolicyFormat,
Value = subjectNameIdRemoveText == null ? subjectNameId : subjectNameId.Replace(subjectNameIdRemoveText, String.Empty)
},
NotOnOrAfterSpecified = true,
NotOnOrAfter = now.AddMinutes(10),
Reason = SamlConst.LogoutUserProtocol,
SessionIndex = new string[] { authnStatementSessionIndex }
});
}
public ActivityStateMachine(Activity activity)
{
_activity = activity;
_machine = new StateMachine <ActivityState, Trigger>(() => _activity._state, s => _activity._state = s);
_machine.OnTransitioned(
(StateMachine <ActivityState, Trigger> .Transition transition)
=> Print($" New Status: {_activity._state}"));
Created.SetupState(this);
Todo.SetupState(this);
WorkInProgress.SetupState(this);
CodeReview.SetupState(this);
Revision.SetupState(this);
DeployStaging.SetupState(this);
BusinessValidation.SetupState(this);
DeployProduction.SetupState(this);
}
/// <summary>
/// Get the IdP Authn Response and extract metadata to the returned DTO class
/// </summary>
/// <param name="base64Response"></param>
/// <returns>IdpSaml2Response</returns>
public static ResponseType GetAuthnResponse(string base64Response)
{
string idpResponse = null;
BusinessValidation.Argument(base64Response, string.Format(ErrorLocalization.ParameterCantNullOrEmpty, nameof(base64Response)));
BusinessValidation.ValidationTry(() => idpResponse = Encoding.UTF8.GetString(Convert.FromBase64String(base64Response)), ErrorLocalization.SingleSignOnUrlRequired);
ResponseType response = null;
try
{
response = DeserializeMessage <ResponseType>(idpResponse);
BusinessValidation.ValidationCondition(() => response == null, ErrorLocalization.ResponseNotValid);
return(response);
}
catch (Exception ex)
{
throw new Exception(ErrorLocalization.ResponseNotValid, ex);
}
}
//returns positive error code or 0 if valid request
//-1: insufficient qty
//-2: nonexistant product
//@param id: store id
//@param input:product name string or string of product id
//@param qty: requested quantity of product
public int ValidateProd(int store_id, string input, int qty, out Decimal price)
{
input = input.Trim();
int id = -1;
try
{
id = int.Parse(input);
}
catch (Exception)
{
input = input.ToLower();
}
//Find requested product
var listInventory = DAL.GetInventory(store_id);
var prod = listInventory.Find(inv => inv.Id == id);
if (prod == null)
{
prod = listInventory.Find(inv => inv.P.Name.ToLower() == input);
}
price = -1;
if (prod == null)
{
Console.WriteLine("Item not found");
return(-2);
}
else if (!BusinessValidation.ValidateQuantity(qty, prod.Qty))
{
Console.WriteLine("Insufficient stock/Excessive quantity");
return(-1);
}
else
{
price = prod.P.Price;
return(prod.Id);
}
}
/// <summary>
/// Build a signed SAML authentication request.
/// </summary>
/// <param name="requestId"></param>
/// <param name="destination"></param>
/// <param name="consumerServiceURL"></param>
/// <param name="securityLevel"></param>
/// <param name="certificate"></param>
/// <param name="identityProvider"></param>
/// <returns>Returns a Base64 Encoded String of the SAML request</returns>
public static AuthnRequestType GetAuthnRequest(string requestId,
string entityId,
ushort?assertionConsumerServiceIndex,
ushort?attributeConsumingServiceIndex,
X509Certificate2 certificate,
IdentityProvider identityProvider)
{
BusinessValidation.Argument(requestId, string.Format(ErrorLocalization.ParameterCantNullOrEmpty, nameof(requestId)));
BusinessValidation.Argument(certificate, string.Format(ErrorLocalization.ParameterCantNull, nameof(certificate)));
BusinessValidation.Argument(identityProvider, string.Format(ErrorLocalization.ParameterCantNull, nameof(identityProvider)));
BusinessValidation.ValidationCondition(() => string.IsNullOrWhiteSpace(identityProvider.SingleSignOnServiceUrl), ErrorLocalization.SingleSignOnUrlRequired);
if (string.IsNullOrWhiteSpace(identityProvider.DateTimeFormat))
{
identityProvider.DateTimeFormat = SamlDefaultSettings.DateTimeFormat;
}
if (identityProvider.NowDelta == null)
{
identityProvider.NowDelta = SamlDefaultSettings.NowDelta;
}
string dateTimeFormat = identityProvider.DateTimeFormat;
double nowDelta = identityProvider.NowDelta.Value;
DateTimeOffset now = DateTimeOffset.UtcNow;
return(new AuthnRequestType
{
ID = "_" + requestId,
Version = SamlConst.Version,
IssueInstant = now.AddMinutes(nowDelta).ToString(dateTimeFormat),
Destination = identityProvider.SingleSignOnServiceUrl,
ForceAuthn = identityProvider.SecurityLevel > 1,
ForceAuthnSpecified = identityProvider.SecurityLevel > 1,
Issuer = new NameIDType
{
Value = entityId.Trim(),
Format = SamlConst.IssuerFormat,
NameQualifier = entityId
},
AssertionConsumerServiceIndex = assertionConsumerServiceIndex ?? SamlDefaultSettings.AssertionConsumerServiceIndex,
AssertionConsumerServiceIndexSpecified = true,
AttributeConsumingServiceIndex = attributeConsumingServiceIndex ?? SamlDefaultSettings.AttributeConsumingServiceIndex,
AttributeConsumingServiceIndexSpecified = true,
NameIDPolicy = new NameIDPolicyType
{
Format = SamlConst.NameIDPolicyFormat,
AllowCreate = false,
AllowCreateSpecified = false
},
Conditions = new ConditionsType
{
NotBefore = now.ToString(dateTimeFormat),
NotBeforeSpecified = true,
NotOnOrAfter = now.AddMinutes(10).ToString(dateTimeFormat),
NotOnOrAfterSpecified = true
},
RequestedAuthnContext = new RequestedAuthnContextType
{
Comparison = AuthnContextComparisonType.exact,
ComparisonSpecified = true,
Items = new string[1]
{
listAuthRefValid[identityProvider.SecurityLevel - 1]
},
ItemsElementName = new ItemsChoiceType7[1]
{
ItemsChoiceType7.AuthnContextClassRef
}
}
});
}
/// <summary>
/// Validates the authn response.
/// </summary>
/// <param name="response">The response.</param>
/// <param name="request">The request.</param>
/// <param name="metadataIdp">The metadata idp.</param>
/// <exception cref="Exception">
/// </exception>
public static void ValidateAuthnResponse(this ResponseType response, AuthnRequestType request, EntityDescriptor metadataIdp)
{
// Verify signature
var xmlDoc = response.SerializeToXmlDoc();
BusinessValidation.ValidationCondition(() => response.Status == null, ErrorLocalization.StatusNotValid);
BusinessValidation.ValidationCondition(() => response.Status.StatusCode == null, ErrorLocalization.StatusCodeNotValid);
if (!response.Status.StatusCode.Value.Equals(SamlConst.Success, StringComparison.InvariantCultureIgnoreCase))
{
if (int.TryParse(response.Status.StatusMessage?.Replace("ErrorCode nr", ""), out var errorCode))
{
switch (errorCode)
{
case 19:
throw new Exception(ErrorLocalization._19);
case 20:
throw new Exception(ErrorLocalization._20);
case 21:
throw new Exception(ErrorLocalization._21);
case 22:
throw new Exception(ErrorLocalization._22);
case 23:
throw new Exception(ErrorLocalization._23);
case 25:
throw new Exception(ErrorLocalization._25);
default:
break;
}
}
throw new Exception(ErrorLocalization.StatusCodeNotValid);
}
BusinessValidation.ValidationCondition(() => response.Signature == null, ErrorLocalization.ResponseSignatureNotFound);
BusinessValidation.ValidationCondition(() => response?.GetAssertion() == null, ErrorLocalization.ResponseAssertionNotFound);
BusinessValidation.ValidationCondition(() => response.GetAssertion()?.Signature == null, ErrorLocalization.AssertionSignatureNotFound);
BusinessValidation.ValidationCondition(() => response.GetAssertion().Signature.KeyInfo.GetX509Data().GetX509Certificate() != response.Signature.KeyInfo.GetX509Data().GetX509Certificate(), ErrorLocalization.AssertionSignatureDifferent);
var metadataXmlDoc = metadataIdp.SerializeToXmlDoc();
BusinessValidation.ValidationCondition(() => XmlHelpers.VerifySignature(xmlDoc, metadataXmlDoc), ErrorLocalization.InvalidSignature);
var respSigningCert = X509Helpers.AddCertificateHeaders(response.Signature.KeyInfo.GetX509Data().GetX509Certificate());
using var responseCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(respSigningCert));
var assertSigningCert = X509Helpers.AddCertificateHeaders(response.GetAssertion()?.Signature.KeyInfo.GetX509Data().GetX509Certificate());
using var assertionCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(assertSigningCert));
var idpSigningCert = X509Helpers.AddCertificateHeaders(metadataIdp.IDPSSODescriptor.KeyDescriptor.KeyInfo.X509Data.X509Certificate);
using var idpCertificate = new X509Certificate2(Encoding.UTF8.GetBytes(idpSigningCert));
BusinessValidation.ValidationCondition(() => responseCertificate.Thumbprint != idpCertificate.Thumbprint, ErrorLocalization.ResponseSignatureNotValid);
BusinessValidation.ValidationCondition(() => assertionCertificate.Thumbprint != idpCertificate.Thumbprint, ErrorLocalization.AssertionSignatureNotValid);
BusinessValidation.ValidationCondition(() => response.Version != SamlConst.Version, ErrorLocalization.VersionNotValid);
BusinessValidation.ValidationNotNullNotWhitespace(response.ID, nameof(response.ID));
BusinessValidation.ValidationNotNull(response.GetAssertion()?.GetAttributeStatement(), ErrorFields.Assertion);
BusinessValidation.ValidationCondition(() => response.GetAssertion().GetAttributeStatement()?.GetAttributes()?.Count() == 0, ErrorLocalization.AttributeNotFound);
BusinessValidation.ValidationCondition(() => response.GetAssertion().GetAttributeStatement()?.GetAttributes()?.Any(a => a.AttributeValue == null) ?? false, ErrorLocalization.AttributeNotFound);
var listAttribute = new List <string>
{
SamlConst.fiscalNumber,
SamlConst.digitalAddress,
SamlConst.name,
SamlConst.familyName,
SamlConst.email,
SamlConst.address,
SamlConst.companyName,
SamlConst.countyOfBirth,
SamlConst.dateOfBirth,
SamlConst.expirationDate,
SamlConst.fiscalNumber,
SamlConst.gender,
SamlConst.idCard,
SamlConst.ivaCode,
SamlConst.mobilePhone,
SamlConst.placeOfBirth,
SamlConst.registeredOffice,
SamlConst.spidCode,
};
var attribute = response.GetAssertion().GetAttributeStatement().GetAttributes();
List <string> attributeNames = new List <string>();
attributeNames.AddRange(attribute.Where(x => !string.IsNullOrWhiteSpace(x.Name) && !x.Name.StartsWith("urn")).Select(x => x.Name).ToList());
BusinessValidation.ValidationCondition(() => attributeNames.Count() == 0, ErrorLocalization.AttributeRequiredNotFound);
if (attributeNames.Count() > 0)
{
BusinessValidation.ValidationCondition(() => attributeNames.Any(x => !listAttribute.Contains(x)), ErrorLocalization.AttributeRequiredNotFound);
}
else
{
listAttribute.Add(SamlConst.firstname);
listAttribute.Add(SamlConst.surname);
listAttribute.Add(SamlConst.mail);
attributeNames.AddRange(attribute.Where(x => !string.IsNullOrWhiteSpace(x.FriendlyName)).Select(x => x.FriendlyName).ToList());
BusinessValidation.ValidationCondition(() => attributeNames.Count() == 0, ErrorLocalization.AttributeRequiredNotFound);
if (attributeNames.Count() > 0)
{
BusinessValidation.ValidationCondition(() => listAttribute.All(x => !attributeNames.Contains(x)), ErrorLocalization.AttributeRequiredNotFound);
}
}
BusinessValidation.ValidationCondition(() => response.IssueInstant == default, ErrorLocalization.IssueInstantMissing);
DateTimeOffset issueIstant = new DateTimeOffset(response.IssueInstant);
var issueIstantRequest = DateTimeOffset.Parse(request.IssueInstant);
BusinessValidation.ValidationCondition(() => (issueIstant - issueIstantRequest).Duration() > TimeSpan.FromMinutes(10), ErrorLocalization.IssueIstantDifferentFromRequest);
BusinessValidation.ValidationNotNullNotWhitespace(response.InResponseTo, nameof(response.InResponseTo));
BusinessValidation.ValidationNotNullNotWhitespace(response.Destination, nameof(response.Destination));
if (!string.IsNullOrWhiteSpace(request.AssertionConsumerServiceURL))
{
BusinessValidation.ValidationCondition(() => !response.Destination.Equals(request.AssertionConsumerServiceURL), string.Format(ErrorLocalization.DifferentFrom, nameof(response.Destination), nameof(request.AssertionConsumerServiceURL)));
}
BusinessValidation.ValidationNotNullNotEmpty(response.Status, nameof(response.Status));
BusinessValidation.ValidationCondition(() => response.Issuer == null, ErrorLocalization.IssuerNotSpecified);
BusinessValidation.ValidationCondition(() => string.IsNullOrWhiteSpace(response.Issuer?.Value), ErrorLocalization.IssuerMissing);
BusinessValidation.ValidationCondition(() => !response.Issuer.Value.Equals(metadataIdp.EntityID, StringComparison.InvariantCultureIgnoreCase), ErrorLocalization.IssuerDifferentFromEntityId);
BusinessValidation.ValidationCondition(() => !string.IsNullOrWhiteSpace(response.Issuer.Format) && !response.Issuer.Format.Equals(SamlConst.IssuerFormat), ErrorLocalization.IssuerFormatDifferent);
BusinessValidation.ValidationNotNullNotEmpty(response?.GetAssertion(), ErrorFields.Assertion);
BusinessValidation.ValidationCondition(() => response.GetAssertion().ID == null, string.Format(ErrorLocalization.Missing, ErrorFields.ID));
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().ID, ErrorFields.ID);
BusinessValidation.ValidationCondition(() => response.GetAssertion().Version != SamlConst.Version, string.Format(ErrorLocalization.DifferentFrom, ErrorFields.Version, SamlConst.Version));
BusinessValidation.ValidationCondition(() => response.GetAssertion().IssueInstant == null, string.Format(ErrorLocalization.NotSpecified, ErrorFields.IssueInstant));
DateTimeOffset assertionIssueIstant = response.GetAssertion().IssueInstant;
BusinessValidation.ValidationCondition(() => assertionIssueIstant > issueIstantRequest.AddMinutes(10), ErrorLocalization.IssueIstantAssertionGreaterThanRequest);
BusinessValidation.ValidationCondition(() => assertionIssueIstant < issueIstantRequest, ErrorLocalization.IssueIstantAssertionLessThanRequest);
BusinessValidation.ValidationCondition(() => (assertionIssueIstant - issueIstantRequest).Duration() > TimeSpan.FromMinutes(10), assertionIssueIstant > issueIstantRequest ? ErrorLocalization.IssueIstantAssertionGreaterThanRequest : ErrorLocalization.IssueIstantAssertionLessThanRequest);
BusinessValidation.ValidationNotNull(response.GetAssertion().Subject, ErrorFields.Subject);
BusinessValidation.ValidationNotNull(response.GetAssertion().Subject?.Items, ErrorFields.Subject);
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().Subject?.GetNameID()?.Value, ErrorFields.NameID);
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().Subject?.GetNameID()?.Format, ErrorFields.Format);
BusinessValidation.ValidationCondition(() => !response.GetAssertion().Subject.GetNameID().Format.Equals(request.NameIDPolicy.Format), string.Format(ErrorLocalization.ParameterNotValid, ErrorFields.Format));
BusinessValidation.ValidationCondition(() => response.GetAssertion().Subject.GetNameID().NameQualifier == null, string.Format(ErrorLocalization.NotSpecified, "Assertion.NameID.NameQualifier"));
BusinessValidation.ValidationCondition(() => String.IsNullOrWhiteSpace(response.GetAssertion().Subject.GetNameID().NameQualifier), string.Format(ErrorLocalization.Missing, "Assertion.NameID.NameQualifier"));
BusinessValidation.ValidationNotNullNotEmpty(response.GetAssertion().Subject.GetSubjectConfirmation(), ErrorFields.SubjectConfirmation);
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().Subject.GetSubjectConfirmation().Method, ErrorFields.Method);
BusinessValidation.ValidationCondition(() => !response.GetAssertion().Subject.GetSubjectConfirmation().Method.Equals(SamlConst.Method), string.Format(ErrorLocalization.ParameterNotValid, ErrorFields.Method));
BusinessValidation.ValidationNotNullNotEmpty(response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData, ErrorFields.SubjectConfirmationData);
BusinessValidation.ValidationCondition(() => response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.Recipient == null, string.Format(ErrorLocalization.NotSpecified, "Assertion.SubjectConfirmationData.Recipient"));
BusinessValidation.ValidationCondition(() => string.IsNullOrWhiteSpace(response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.Recipient), string.Format(ErrorLocalization.Missing, "Assertion.SubjectConfirmationData.Recipient"));
BusinessValidation.ValidationCondition(() => !response.Destination.Equals(response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.Recipient, StringComparison.OrdinalIgnoreCase), ErrorLocalization.InvalidDestination);
if (!string.IsNullOrWhiteSpace(request.AssertionConsumerServiceURL))
{
BusinessValidation.ValidationCondition(() => !response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.Recipient.Equals(request.AssertionConsumerServiceURL), string.Format(ErrorLocalization.DifferentFrom, "Assertion.SubjectConfirmationData.Recipient", "Request"));
}
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.InResponseTo, ErrorFields.InResponseTo);
BusinessValidation.ValidationCondition(() => !response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.InResponseTo.Equals(request.ID), string.Format(ErrorLocalization.ParameterNotValid, ErrorFields.InResponseTo));
BusinessValidation.ValidationCondition(() => response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.NotOnOrAfter == null, string.Format(ErrorLocalization.NotSpecified, "Assertion.SubjectConfirmationData.NotOnOrAfter"));
BusinessValidation.ValidationCondition(() => response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.NotOnOrAfter == DateTime.MinValue, string.Format(ErrorLocalization.Missing, "Assertion.SubjectConfirmationData.NotOnOrAfter"));
DateTimeOffset notOnOrAfter = new DateTimeOffset(response.GetAssertion().Subject.GetSubjectConfirmation().SubjectConfirmationData.NotOnOrAfter);
BusinessValidation.ValidationCondition(() => notOnOrAfter < DateTimeOffset.UtcNow, ErrorLocalization.NotOnOrAfterLessThenRequest);
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().Issuer?.Value, ErrorFields.Issuer);
BusinessValidation.ValidationCondition(() => !response.GetAssertion().Issuer.Value.Equals(metadataIdp.EntityID), string.Format(ErrorLocalization.ParameterNotValid, ErrorFields.Issuer));
BusinessValidation.ValidationCondition(() => response.GetAssertion().Issuer.Format == null, string.Format(ErrorLocalization.NotSpecified, "Assertion.Issuer.Format"));
BusinessValidation.ValidationCondition(() => string.IsNullOrWhiteSpace(response.GetAssertion().Issuer.Format), string.Format(ErrorLocalization.Missing, "Assertion.Issuer.Format"));
BusinessValidation.ValidationCondition(() => !response.GetAssertion().Issuer.Format.Equals(request.Issuer.Format), string.Format(ErrorLocalization.ParameterNotValid, ErrorFields.Format));
BusinessValidation.ValidationCondition(() => response.GetAssertion().Conditions == null, string.Format(ErrorLocalization.NotSpecified, "Assertion.Conditions"));
BusinessValidation.ValidationCondition(() => response.GetAssertion().Conditions.GetAudienceRestriction() == null && string.IsNullOrWhiteSpace(response.GetAssertion().Conditions.NotBefore) && string.IsNullOrWhiteSpace(response.GetAssertion().Conditions.NotOnOrAfter), string.Format(ErrorLocalization.Missing, "Assertion.Conditions"));
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().Conditions.NotOnOrAfter, ErrorFields.NotOnOrAfter);
DateTimeOffset notOnOrAfterCondition = SamlDefaultSettings.ParseExact(response.GetAssertion().Conditions.NotOnOrAfter, "Assertion.Conditions.NotOnOrAfter");
BusinessValidation.ValidationCondition(() => notOnOrAfterCondition < DateTimeOffset.UtcNow, ErrorLocalization.NotOnOrAfterLessThenRequest);
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().Conditions.NotBefore, ErrorFields.NotBefore);
DateTimeOffset notBefore = SamlDefaultSettings.ParseExact(response.GetAssertion().Conditions.NotBefore, "Assertion.Conditions.NotBefore");
BusinessValidation.ValidationCondition(() => notBefore > DateTimeOffset.UtcNow, ErrorLocalization.NotBeforeGreaterThenRequest);
BusinessValidation.ValidationCondition(() => response.GetAssertion().Conditions.GetAudienceRestriction() == null, string.Format(ErrorLocalization.Missing, "Assertion.Conditions.AudienceRestriction"));
BusinessValidation.ValidationNotNullNotWhitespace(response.GetAssertion().Conditions.GetAudienceRestriction().Audience?.First(), ErrorFields.Audience);
BusinessValidation.ValidationCondition(() => !(response.GetAssertion().Conditions.GetAudienceRestriction().Audience.First()?.Equals(request.Issuer.Value) ?? false), string.Format(ErrorLocalization.ParameterNotValid, ErrorFields.Audience));
BusinessValidation.ValidationCondition(() => response.GetAssertion().GetAuthnStatement() == null, string.Format(ErrorLocalization.NotSpecified, ErrorFields.AuthnStatement));
BusinessValidation.ValidationCondition(() => response.GetAssertion().GetAuthnStatement().AuthnInstant == DateTime.MinValue && string.IsNullOrWhiteSpace(response.GetAssertion().GetAuthnStatement().SessionIndex) && response.GetAssertion().GetAuthnStatement().AuthnContext == null, string.Format(ErrorLocalization.Missing, ErrorFields.AuthnStatement));
BusinessValidation.ValidationNotNull(response.GetAssertion().GetAuthnStatement().AuthnContext, ErrorFields.AuthnContext);
BusinessValidation.ValidationNotNull(response.GetAssertion().GetAuthnStatement().AuthnContext.Items, ErrorFields.AuthnContext);
BusinessValidation.ValidationNotNull(response.GetAssertion().GetAuthnStatement().AuthnContext.ItemsElementName, ErrorFields.AuthnContext);
BusinessValidation.ValidationCondition(() => response.GetAssertion().GetAuthnStatement().AuthnContext.GetAuthnContextClassRef() == null, string.Format(ErrorLocalization.NotSpecified, "AuthnStatement.AuthnContext.AuthnContextClassRef"));
BusinessValidation.ValidationCondition(() => string.IsNullOrWhiteSpace(response.GetAssertion().GetAuthnStatement().AuthnContext.GetAuthnContextClassRef()), string.Format(ErrorLocalization.Missing, "AuthnStatement.AuthnContext.AuthnContextClassRef"));
BusinessValidation.ValidationCondition(() => !response.GetAssertion().GetAuthnStatement().AuthnContext.GetAuthnContextClassRef().Equals(request.RequestedAuthnContext.Items[0]), string.Format(ErrorLocalization.ParameterNotValid, ErrorFields.AuthnContextClassRef));
BusinessValidation.ValidationCondition(() => !listAuthRefValid.Contains(response.GetAssertion().GetAuthnStatement().AuthnContext.GetAuthnContextClassRef()), string.Format(ErrorLocalization.ParameterNotValid, ErrorFields.AuthnContextClassRef));
}
public void TestUnreasonableQuantity(int value, int val2)
{
Assert.False(BusinessValidation.ValidateQuantity(value, val2));
}
public bool IsValid()
{
ValidationResult = new BusinessValidation().Validate(this);
return(ValidationResult.IsValid);
}
