public static async ValueTask InvokeAsync(Saml2pOptions options, ISaml2pIdentityProvider idp, Func <Saml2pServiceProviderEvents, ValueTask> method)
        {
            await method(options.ServiceProviderEvents);

            if (idp?.Events != null)
            {
                await method(idp.Events);
            }
        }
Ejemplo n.º 2
0
        public TokenValidationParameters Create(ISaml2pIdentityProvider partner)
        {
            var parameters = new TokenValidationParameters
            {
                ValidIssuer   = partner.Id,
                ValidAudience = partner.ExpectedIssuer ?? _options.DefaultIssuer
            };

            parameters.ValidateIssuerSigningKey = parameters.RequireSignedTokens = partner.AssertionSigningKeys.Any();

            if (parameters.ValidateIssuerSigningKey)
            {
                parameters.IssuerSigningKeys = partner.AssertionSigningKeys;
            }

            parameters.TokenDecryptionKeys = partner.AssertionDecryptionKeys;

            return(parameters);
        }
        /// <summary>
        /// Creates an instance of <see cref="AuthnRequest"/>.
        /// </summary>
        /// <param name="context">The current <see cref="HttpContext"/>.</param>
        /// <param name="idp">The <see cref="ISaml2pIdentityProvider"/> to create the <see cref="AuthnRequest"/> for.</param>
        /// <returns>An awaitable <see cref="Task{TResult}"/> of type <see cref="AuthnRequest"/>.</returns>
        public async Task <AuthnRequest> CreateAuthnRequestAsync(HttpContext context, ISaml2pIdentityProvider idp)
        {
            var request = new AuthnRequest
            {
                Id = $"_{Guid.NewGuid()}",
                // TODO: have some sort of providername default
                ProviderName = idp.ExpectedIssuer ?? _options.DefaultIssuer,
                AssertionConsumerServiceUrl = GetAcsUrl(context.Request),
                IssueInstant = _systemClock.UtcNow.UtcDateTime,
                Issuer       = idp.ExpectedIssuer ?? _options.DefaultIssuer,
                Destination  = new Uri(idp.BaseUrl, idp.AcceptSsoEndpoint),
                NameIdPolicy = new NameIdPolicy
                {
                    Format = idp.NameIdPolicyFormat
                },
                RequestedAuthnContext = new RequestedAuthnContext
                {
                    AuthnContextClassRef = idp.RequestedAuthnContextClassRef,
                    Comparison           = idp.RequestedAuthnContextClassRefComparison
                }
            };
            var generateContext = new GenerateRelayStateContext
            {
                Partner   = idp,
                PartnerId = idp.Id,
                Request   = request
            };

            await Events.InvokeAsync(_options, idp, e => e.OnGeneratingRelayState(context.RequestServices, generateContext));

            if (request.RelayState == null)
            {
                request.RelayState = Guid.NewGuid().ToString();
            }

            return(request);
        }