public void ShouldCreateSignedMessage()
{
var privateCert = new X509Certificate2(File.ReadAllBytes("PrivateTestCert.pfx"), "test");
var options = new SamlOptions {
SignOutgoingMessages = true, ServiceProviderCertificate = privateCert
};
var authnRequestMessage = new SamlLogoutRequestMessage {
NameId = "test"
};
var xmlDocument = _logoutRequestFactory.CreateMessage(options, authnRequestMessage);
var mgr = new XmlNamespaceManager(xmlDocument.NameTable);
mgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");
mgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
var logoutResponseNode = xmlDocument.SelectSingleNode("/samlp:LogoutRequest", mgr);
var issuerNode = xmlDocument.SelectSingleNode("/samlp:LogoutRequest/saml:Issuer", mgr);
var nameIDNode = xmlDocument.SelectSingleNode("/samlp:LogoutRequest/saml:NameID", mgr);
var sessionIndexNode = xmlDocument.SelectSingleNode("/samlp:LogoutRequest/samlp:SessionIndex", mgr);
Assert.NotNull(logoutResponseNode);
Assert.NotNull(issuerNode);
Assert.NotNull(nameIDNode);
Assert.NotNull(sessionIndexNode);
Assert.Equal("", logoutResponseNode.Attributes["Destination"].Value);
Assert.Equal("2.0", logoutResponseNode.Attributes["Version"].Value);
Assert.Equal("test", nameIDNode.InnerText);
}
/// <inheritdoc />
public Task SignOutAsync(AuthenticationProperties properties)
{
//SP-initiated Signout
var logoutRequestMessage = new SamlLogoutRequestMessage
{
Issuer = Options.ServiceProviderEntityId,
Destination = Options.IdentityProviderLogOutUrl,
NameId = Context.User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value,
SessionIndex = Context.User.Claims.FirstOrDefault(c => c.Type == SamlAuthenticationDefaults.SessionIndexClaimType)?.Value
};
_spInitiatedLogoutRequestHandler.Handle(Options, Context, logoutRequestMessage,
Options.IdentityProviderLogOutUrl, Options.LogoutRequestBinding, properties?.RedirectUri ?? Request.Path);
return(Task.CompletedTask);
}
