public IActionResult Login()
{
var requestBinding = new Saml2RedirectBinding();
var relyingParty = ValidateRelyingParty(ReadRelyingPartyFromLoginRequest(requestBinding));
var saml2AuthnRequest = new Saml2AuthnRequest(config);
try
{
requestBinding.Unbind(Request.ToGenericHttpRequest(), saml2AuthnRequest);
// **** Handle user login e.g. in GUI ****
// Test user with session index and claims
var sessionIndex = Guid.NewGuid().ToString();
var claims = CreateTestUserClaims(saml2AuthnRequest.Subject?.NameID?.ID);
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Success, requestBinding.RelayState, relyingParty, sessionIndex, claims));
}
catch (Exception exc)
{
#if DEBUG
Debug.WriteLine($"Saml 2.0 Authn Request error: {exc.ToString()}\nSaml Auth Request: '{saml2AuthnRequest.XmlDocument?.OuterXml}'\nQuery String: {Request.QueryString}");
#endif
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Responder, requestBinding.RelayState, relyingParty));
}
}
public ActionResult SingleLogout()
{
Saml2StatusCodes status;
var requestBinding = new Saml2RedirectBinding();
var logoutRequest = new Saml2LogoutRequest();
try
{
requestBinding.Unbind(Request, logoutRequest, CertificateUtil.Load("~/App_Data/signing-adfs.test_Certificate.crt"));
status = Saml2StatusCodes.Success;
}
catch (Exception exc)
{
// log exception
Debug.WriteLine("SingleLogout error: " + exc.ToString());
status = Saml2StatusCodes.RequestDenied;
}
var responsebinding = new Saml2RedirectBinding();
responsebinding.RelayState = requestBinding.RelayState;
var saml2LogoutResponse = new Saml2LogoutResponse
{
InResponseTo = logoutRequest.Id,
Status = status,
Issuer = new EndpointReference("http://udv.itfoxtec.com/webapptest"),
Destination = new EndpointAddress("https://udv.itfoxtec.com/adfs/ls/")
};
saml2LogoutResponse.DeleteSession();
return responsebinding.Bind(saml2LogoutResponse, CertificateUtil.Load("~/App_Data/webapptest_certificate.pfx")).ToActionResult();
}
public ActionResult Login()
{
var requestBinding = new Saml2RedirectBinding();
var relyingParty = ValidateRelyingParty(ReadRelyingPartyFromLoginRequest(requestBinding));
var saml2AuthnRequest = new Saml2AuthnRequest(config);
try
{
requestBinding.Unbind(Request.ToGenericHttpRequest(), saml2AuthnRequest);
// **** Handle user login e.g. in GUI ****
// Test user with session index and claims
var sessionIndex = Guid.NewGuid().ToString();
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, User.Identity.Name),
new Claim(ClaimTypes.Name, User.Identity.Name),
new Claim(ClaimTypes.Email, User.Identity.Name),
new Claim("tenancyName", "docketManager"),
new Claim("userRole", "admin"),
new Claim("userId", User.Identity.GetUserId()),
};
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Success, requestBinding.RelayState, relyingParty, sessionIndex, claims));
}
catch (Exception exc)
{
#if DEBUG
Console.WriteLine($"Saml 2.0 Authn Request error: {exc.ToString()}\nSaml Auth Request: '{saml2AuthnRequest.XmlDocument?.OuterXml}'\nQuery String: {Request.QueryString}");
#endif
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Responder, requestBinding.RelayState, relyingParty));
}
}
public ActionResult LoggedOut()
{
var binding = new Saml2RedirectBinding();
binding.Unbind(Request, new Saml2LogoutResponse(), CertificateUtil.Load("~/App_Data/signing-adfs.test_Certificate.crt")).DeleteSession();
return Redirect(Url.Content("~/"));
}
private IActionResult ComputeRequest(App app)
{
var saml2AuthnRequest = new Saml2AuthnRequest(_samlConfig);
var requestBinding = new Saml2RedirectBinding();
if (AccessControl(app))
{
try
{
requestBinding.Unbind(Request.ToGenericHttpRequest(), saml2AuthnRequest);
var sessionIndex = Guid.NewGuid().ToString();
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Success, requestBinding.RelayState, app, sessionIndex, User.Claims));
}
catch (Exception ex)
{
#if DEBUG
Debug.WriteLine($"Saml 2.0 Authn Request error: {ex.ToString()}\nSaml Auth Request: '{saml2AuthnRequest.XmlDocument?.OuterXml}'\nQuery String: {Request.QueryString}");
Debug.WriteLine(ex.StackTrace);
#endif
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Responder, requestBinding.RelayState, app));
}
}
else
{
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.RequestDenied, requestBinding.RelayState, app));
}
}
public ActionResult SingleLogout()
{
Saml2StatusCodes status;
var requestBinding = new Saml2RedirectBinding();
var logoutRequest = new Saml2LogoutRequest();
try
{
requestBinding.Unbind(Request, logoutRequest, CertificateUtil.Load("~/App_Data/signing-adfs.test_Certificate.crt"));
status = Saml2StatusCodes.Success;
}
catch (Exception exc)
{
// log exception
Debug.WriteLine("SingleLogout error: " + exc.ToString());
status = Saml2StatusCodes.RequestDenied;
}
var responsebinding = new Saml2RedirectBinding();
responsebinding.RelayState = requestBinding.RelayState;
var saml2LogoutResponse = new Saml2LogoutResponse
{
InResponseTo = logoutRequest.Id,
Status = status,
Issuer = new EndpointReference("http://udv.itfoxtec.com/webapptest"),
Destination = new EndpointAddress("https://udv.itfoxtec.com/adfs/ls/")
};
saml2LogoutResponse.DeleteSession();
return(responsebinding.Bind(saml2LogoutResponse, CertificateUtil.Load("~/App_Data/webapptest_certificate.pfx")).ToActionResult());
}
public ActionResult LoggedOut()
{
var binding = new Saml2RedirectBinding();
binding.Unbind(Request, new Saml2LogoutResponse(), CertificateUtil.Load("~/App_Data/signing-adfs.test_Certificate.crt")).DeleteSession();
return(Redirect(Url.Content("~/")));
}
public async Task <IActionResult> Login()
{
var requestBinding = new Saml2RedirectBinding();
var relyingParty = ValidateRelyingParty(ReadRelyingPartyFromLoginRequest(requestBinding));
var saml2AuthnRequest = new Saml2AuthnRequest(saml2Config);
try
{
requestBinding.Unbind(Request.ToGenericHttpRequest(), saml2AuthnRequest);
// **** Handle user login e.g. in GUI ****
// Test user with session index and claims
var session = await idPSessionCookieRepository.GetAsync();
if (session == null)
{
session = new IdPSession
{
RelyingPartyIssuer = relyingParty.Issuer,
NameIdentifier = "12345",
Upn = "*****@*****.**",
Email = "*****@*****.**",
SessionIndex = Guid.NewGuid().ToString()
};
await idPSessionCookieRepository.SaveAsync(session);
}
var claims = CreateClaims(session);
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Success, requestBinding.RelayState, relyingParty, session.SessionIndex, claims));
}
catch (Exception ex)
{
logger.LogWarning(ex, $"SAML 2.0 Authn Request error. Authn Request '{saml2AuthnRequest.XmlDocument?.OuterXml}', Query String '{Request.QueryString}'.");
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Responder, requestBinding.RelayState, relyingParty));
}
}
public ActionResult Redirect()
{
var requestBinding = new Saml2RedirectBinding();
var relyingParty = ValidateRelyingParty(ReadRelyingPartyFromLoginRequest(requestBinding));
var saml2AuthnRequest = new Saml2AuthnRequest(config.IDP);
try
{
requestBinding.Unbind(Request.ToGenericHttpRequest(), saml2AuthnRequest);
// **** Handle user login e.g. in GUI ****
// Test user with session index and claims
var sessionIndex = Guid.NewGuid().ToString();
var claims = GetClaimsFromCertificate(this.Request.ClientCertificate);
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Success, requestBinding.RelayState, relyingParty, sessionIndex, claims));
}
catch (Exception exc)
{
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Responder, requestBinding.RelayState, relyingParty));
}
}