public SAMLResponse HandleResponse(XmlDocument xmlResponse)
{
_logger.Trace("Start;");
try
{
int errorCode;
SAMLResponse response;
if ((errorCode = Verify(xmlResponse, null)) < 0)
{
response = new SAMLResponse(errorCode);
_logger.Warn("Verify failure: {0}", errorCode);
}
else
{
response = ExtractResponseValues(xmlResponse);
}
return(response);
}
catch (Exception ex)
{
throw new SAMLException("EXCEPTION HandleResponse", ex);
}
}
private SAMLResponse ExtractResponseValues(XmlDocument doc)
{
_logger.Trace("Start;");
SAMLResponse context = new SAMLResponse(SAMLConstants.ErrorCodes.VALID);
XmlReader reader = new XmlTextReader(new StringReader(doc.OuterXml));
ResponseType response = Deserialize <ResponseType>(reader);
context.InResponseTo = response.InResponseTo;
context.Idp = response.Issuer.Value;
int statusCode = SAMLConstants.StatusCode.GetStatusCodeFromDesc(response.Status.StatusCode.Value);
if (statusCode < 0 && response.Status.StatusCode.StatusCode != null)
{
context.StatusCode = SAMLConstants.StatusCode.GetStatusCodeFromDesc(response.Status.StatusCode.StatusCode.Value);
}
else
{
context.StatusCode = statusCode;
}
if (Math.Abs(response.IssueInstant.Subtract(DateTime.UtcNow).TotalMinutes) > validTimeframe)
{
context.ErrorCode = SAMLConstants.ErrorCodes.EXPIRED;
return(context);
}
if (statusCode != SAMLConstants.StatusCode.SUCCESS)
{
int subStatusCode = SAMLConstants.StatusCode.GetStatusCodeFromDesc(response.Status.StatusCode.StatusCode.Value);
if (subStatusCode != -1)
{
context.SubStatusCode = subStatusCode;
context.StatusMessage = response.Status.StatusMessage;
}
return(context);
}
int i;
for (i = 0; i < response.Items.Length; i++)
{
if (response.Items[i].GetType() == typeof(AssertionType))
{
break;
}
}
AssertionType assertion = (AssertionType)response.Items[i];
DateTime now = DateTime.UtcNow;
TimeSpan tSpan = new TimeSpan(0, 0, skewClock);
if (now < assertion.Conditions.NotBefore.Subtract(tSpan) || now >= assertion.Conditions.NotOnOrAfter.Add(tSpan))
{
context.ErrorCode = SAMLConstants.ErrorCodes.EXPIRED_ASSERTION;
return(context);
}
for (i = 0; i < assertion.Items.Length; i++)
{
if (assertion.Items[i].GetType() == typeof(AttributeStatementType))
{
break;
}
}
AttributeStatementType attrStatement = (AttributeStatementType)assertion.Items[i];
foreach (object o in attrStatement.Items)
{
AttributeType attr = (AttributeType)o;
if (!citizenAttributes.Exists(attr.Name))
{
context.ErrorCode = SAMLConstants.ErrorCodes.INVALID_ATTRIBUTES;
return(context);
}
int attrStatus = SAMLConstants.AttributeStatus.AVAILABLE;
if (attr.AnyAttr != null)
{
for (i = 0; i < attr.AnyAttr.Length; i++)
{
if (attr.AnyAttr[i].LocalName == SAMLConstants.ATTRIBUTE_STATUS_STR)
{
attrStatus = SAMLConstants.AttributeStatus.GetAttrStatusFromDesc(attr.AnyAttr[i].Value);
break;
}
}
}
string attrValue = null;
if (attr.AttributeValue != null && attr.AttributeValue.Length > 0)
{
if (attr.AttributeValue[0] is System.Xml.XmlNode[])
{
System.Xml.XmlNode[] nodeValues = ((System.Xml.XmlNode[])attr.AttributeValue[0]);
int size = nodeValues.Length;
Dictionary <string, string> values = new Dictionary <string, string>(size);
for (int j = 0; j < size; j++)
{
if (nodeValues[j].NodeType.Equals(System.Xml.XmlNodeType.Text))
{
values.Add((string)nodeValues[j].LocalName, (string)nodeValues[j].InnerText);
}
}
context.AddAttribute(attr.Name, values, attrStatus);
}
else
{
attrValue = (string)attr.AttributeValue[0];
context.AddAttribute(attr.Name, attrValue, attrStatus);
}
}
else
{
context.AddAttribute(attr.Name, attrValue, attrStatus);
}
}
if (context.GetAttributeNames().Count == 0)
{
context.ErrorCode = SAMLConstants.ErrorCodes.INVALID_ATTRIBUTES;
}
_logger.Trace("SAMLResponse {0}, {1}, {2}", context.StatusCode, context.StatusMessage, context.ErrorCode);
_logger.Trace("SAMLResponse {0}, {1}", context.GetAttributeNames().Count, context.StatusMessage);
return(context);
}
public SAMLResponse ProcessSamlLoginResponse(string b64response)
{
try
{
byte[] reqDataB64 = Convert.FromBase64String(b64response);
string reqData = Encoding.UTF8.GetString(reqDataB64);
XmlDocument xml = new XmlDocument();
xml.PreserveWhitespace = true;
xml.LoadXml(reqData);
_logger.Trace("Respuesta de cl@ve: {0}", xml.InnerXml);
SAMLEngine.Instance.Init();
SAMLResponse sr = SAMLEngine.Instance.HandleResponse(xml);
return sr;
}
catch (Exception e)
{
_logger.Error(e);
SAMLResponse sr = new SAMLResponse();
sr.ErrorCode = -11;
sr.StatusCode = SAMLConstants.StatusCode.AUTHN_FAILED;
sr.StatusMessage = e.Message;
return sr;
}
}
