Beispiel #1
0
        public static string GenerateRequest(SamlIdentity identity, string id, string instant)
        {
            using (StringWriter writer = new StringWriter())
            {
                XmlWriterSettings writerSetting = new XmlWriterSettings {
                    OmitXmlDeclaration = true
                };

                using (XmlWriter xmlWriter = XmlWriter.Create(writer, writerSetting))
                {
                    xmlWriter.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
                    xmlWriter.WriteAttributeString("ID", id);
                    xmlWriter.WriteAttributeString("Version", "2.0");
                    xmlWriter.WriteAttributeString("IssueInstant", instant);
                    xmlWriter.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
                    xmlWriter.WriteAttributeString("AssertionConsumerServiceURL", ConsumerServiceUrl(identity));
                    xmlWriter.WriteAttributeString("Destination", identity.IssuerURL);
                    xmlWriter.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
                    xmlWriter.WriteString(BaseUri);
                    xmlWriter.WriteEndElement();
                    xmlWriter.WriteEndElement();
                }

                byte[] toEncodeAsBytes = Encoding.ASCII.GetBytes(writer.ToString());
                using (MemoryStream output = new MemoryStream())
                {
                    using (DeflateStream zip = new DeflateStream(output, CompressionMode.Compress))
                        zip.Write(toEncodeAsBytes, 0, toEncodeAsBytes.Length);
                    byte[] compressed = output.ToArray();
                    return(Convert.ToBase64String(compressed));
                }
            }
        }
Beispiel #2
0
        public static bool ResponseIsValid(XmlResponse response, SamlIdentity identity)
        {
            XmlNamespaceManager manager = new XmlNamespaceManager(response.Document.NameTable);

            manager.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
            XmlNodeList nodeList  = response.Document.SelectNodes("//ds:Signature", manager);
            SignedXml   signedXml = new SignedXml(response.Document);

            if (nodeList == null || nodeList.Count == 0)
            {
                return(false);
            }
            signedXml.LoadXml((XmlElement)nodeList[0]);

            CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
            return(CheckSignature(signedXml, LoadX509Certificate(identity.Certificate)));
        }
Beispiel #3
0
 private static string ConsumerServiceUrl(SamlIdentity identity)
 {
     return(new Uri(string.Concat(BaseUri, "/Consume/", identity.Issuer)).ToString());
 }