public string ToXML()
{
return(String.Format(GetAssertionXML(), new string[] {
AssertionConsumerServiceURL, AttributeConsumingServiceIndex.ToString(),
Destination, ForceAuthn.ToString().ToLower(), ID, IssueInstant.ToString("yyyy-MM-ddTHH:mm:ss.fffK"), ProviderName, Issuer
}));
}
public XElement Serialize()
{
var result = new XElement(Constants.XMLNamespaces.SAML + "Assertion",
// new XAttribute("xmlns", Constants.XMLNamespaces.SAML),
new XAttribute("AssertionID", AssertionId),
new XAttribute("IssueInstant", IssueInstant.ToUTCString()),
new XAttribute("Issuer", Issuer),
new XAttribute("MajorVersion", MajorVersion),
new XAttribute("MinorVersion", MinorVersion));
if (Conditions != null)
{
result.Add(Conditions.Serialize());
}
if (AuthenticationStatement != null)
{
result.Add(AuthenticationStatement.Serialize());
}
if (AttributeStatement != null)
{
result.Add(AttributeStatement.Serialize());
}
if (Signature != null)
{
result.Add(Signature.Serialize());
}
return(result);
}
protected virtual IEnumerable <XObject> GetXContent()
{
yield return(new XAttribute(Saml2Constants.ProtocolNamespaceNameX, Saml2Constants.ProtocolNamespace.OriginalString));
yield return(new XAttribute(Saml2Constants.AssertionNamespaceNameX, Saml2Constants.AssertionNamespace.OriginalString));
yield return(new XAttribute(Saml2Constants.Message.Id, Id));
yield return(new XAttribute(Saml2Constants.Message.Version, Version));
yield return(new XAttribute(Saml2Constants.Message.IssueInstant, IssueInstant.ToString("o", CultureInfo.InvariantCulture)));
if (!string.IsNullOrWhiteSpace(Consent))
{
yield return(new XAttribute(Saml2Constants.Message.Consent, Consent));
}
if (Destination != null)
{
yield return(new XAttribute(Saml2Constants.Message.Destination, Destination));
}
if (Issuer != null)
{
yield return(new XElement(Saml2Constants.AssertionNamespaceX + Saml2Constants.Message.Issuer, Issuer.OriginalString));
}
if (Extensions != null)
{
yield return(Extensions.ToXElement());
}
}
public override XElement ToXml()
{
XElement SignatureXml = null;
if (Signature != null)
{
var sigid = Signature.Id;
Signature.Id = null;
using (var nr = new XmlNodeReader(Signature.GetXml()))
{
SignatureXml = XElement.Load(nr);
if (sigid != null)
{
SignatureXml.Add(new XAttribute("Id", sigid)); //specielt for DGWS
}
}
}
return(new XElement(
NA.saml + "Assertion",
new XAttribute("Id", ID), //specielt for DGWS
IssueInstant.MakeXAttribute("IssueInstant"),
new XAttribute("Version", Version),
Issuer.ToXml(),
Subject == null ? null : Subject.ToXml(),
Conditions == null ? null : Conditions.ToXml(),
//Advice == null ? null : Advice.ToXml(),
from x in Statements where x != null select x.ToXml(),
SignatureXml
));
}
public static string CreateSamlResponse(SamlResponseFactoryArgs args)
{
if (!args.Certificate.HasPrivateKey)
{
throw new Exception("Certificate does not not contains a private key");
}
var section = Saml2SectionFactory.Create(args.Audience);
var config = Saml2ConfigFactory.Create(section);
Saml2Config.Init(config);
var assertionDocument = CreateAssertionDocument(args).DocumentElement;
var cert = args.Certificate;
var assertion20 = new Saml20Assertion(assertionDocument, null, false);
assertion20.Sign(cert);
assertion20.CheckValid(new[] { cert.PublicKey.Key });
var assertionString = assertion20.GetXml().OuterXml;
var deserializedAssertionDoc = new XmlDocument {
PreserveWhitespace = true
};
deserializedAssertionDoc.Load(new StringReader(assertionString));
var deserializedAssertion = new Saml20Assertion(deserializedAssertionDoc.DocumentElement, null, false);
deserializedAssertion.CheckValid(new[] { cert.PublicKey.Key });
var issueInstant = new IssueInstant(deserializedAssertion.Assertion.IssueInstant.Value);
var result = CompoundResponse(issueInstant, args.Recipient, args.Issuer, assertionString, args.RequestId);
return(result);
}
public override XmlDocument ToXml()
{
XmlDocument = new XmlDocument();
XmlDocument.XmlResolver = null;
XmlDocument.PreserveWhitespace = true;
using (XmlWriter xmlWriter = XmlDocument.CreateNavigator().AppendChild())
{
xmlWriter.WriteStartElement(elementName, Saml2Constants.ProtocolNamespace.OriginalString);
xmlWriter.WriteAttributeString(Saml2Constants.Message.IssueInstant, IssueInstant.ToString("o", CultureInfo.InvariantCulture));
xmlWriter.WriteAttributeString(Saml2Constants.Message.Id, Id.Value);
xmlWriter.WriteAttributeString(Saml2Constants.Message.Version, Version);
xmlWriter.WriteStartElement(Saml2Constants.Message.Status);
xmlWriter.WriteStartElement(Saml2Constants.Message.StatusCode);
xmlWriter.WriteAttributeString(Saml2Constants.Message.Value, Saml2StatusCodeUtil.ToString(Status));
xmlWriter.WriteEndElement();
xmlWriter.WriteEndElement();
Saml2SecurityTokenHandler.WriteToken(xmlWriter, Saml2SecurityToken);
xmlWriter.WriteEndElement();
}
return(XmlDocument);
}
public virtual void WriteXml(XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoTokenSerializer)
{
if (writer == null)
{
throw new ArgumentNullException("writer");
}
if (Issuer == null || Issuer.Length == 0)
{
throw new SecurityTokenException("Issuer must not be null or empty.");
}
if (Statements.Count == 0)
{
throw new SecurityTokenException("At least one assertion statement is required.");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
CultureInfo invariant = CultureInfo.InvariantCulture;
writer.WriteStartElement("saml", "Assertion", SamlConstants.Namespace);
writer.WriteAttributeString("MajorVersion", MajorVersion.ToString(invariant));
writer.WriteAttributeString("MinorVersion", MinorVersion.ToString(invariant));
writer.WriteAttributeString("AssertionID", AssertionId);
writer.WriteAttributeString("Issuer", Issuer);
writer.WriteAttributeString("IssueInstant", IssueInstant.ToString(SamlConstants.DateFormat, invariant));
try
{
if (Conditions != null)
{
Conditions.WriteXml(writer, samlSerializer, keyInfoTokenSerializer);
}
if (Advice != null)
{
Advice.WriteXml(writer, samlSerializer, keyInfoTokenSerializer);
}
foreach (SamlStatement statement in Statements)
{
statement.WriteXml(writer, samlSerializer, keyInfoTokenSerializer);
}
}
catch (NotImplementedException)
{
throw;
}
catch (Exception ex) // bad catch, eh?
{
throw new InvalidOperationException("There is an error on writing assertion statements.", ex);
}
writer.WriteEndElement();
}
/// <summary>
/// Appends xml for the Saml2LogoutResponse to the given parent node.
/// </summary>
/// <param name="parentNode">Xml for the Saml2LogoutResponse is appended
/// to the children of this node.</param>
public void AppendTo(XmlNode parentNode)
{
parentNode.StartElement("LogoutResponse", Saml2Namespaces.Saml2PUri)
.AddAttribute("ID", Id.Value)
.AddAttribute("Version", "2.0")
.AddAttribute("IssueInstant", IssueInstant.ToSaml2DateTimeString())
.AddAttributeIfNotNull("InResponseTo", InResponseTo?.Value)
.AddAttributeIfNotNull("Destination", DestinationUrl?.OriginalString)
.If(Issuer != null, x => x.AddElement("Issuer", Saml2Namespaces.Saml2Uri, Issuer.Id))
.StartElement("Status", Saml2Namespaces.Saml2PUri)
.StartElement("StatusCode", Saml2Namespaces.Saml2PUri)
.AddAttribute("Value", StatusCodeHelper.FromCode(Status));
}
public static string CompoundResponse(IssueInstant issueInstant, Recipient recipient, Issuer issuer,
string assertion, RequestId requestId)
{
var responseId = ResponseIdFactory();
var response =
$"<samlp:Response xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"{responseId}\" Version=\"2.0\" IssueInstant=\"{issueInstant.String}\" Destination=\"{recipient.Value}\" InResponseTo=\"{requestId.Value}\">{Environment.NewLine}" +
$"<saml:Issuer>{issuer.Value}</saml:Issuer>" +
$"<samlp:Status>" +
$"<samlp:StatusCode Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"/>" +
$"</samlp:Status>" +
assertion +
$"</samlp:Response>";
return(response);
}
public override XElement ToXElement()
{
var xe = new XElement(Saml2Namespaces.Saml2P + "LogoutResponse",
new XAttribute("ID", Id.Value),
new XAttribute("Version", "2.0"),
new XAttribute("IssueInstant", IssueInstant.ToSaml2DateTimeString()),
new XElement(Saml2Namespaces.Saml2P + "Status",
new XElement(Saml2Namespaces.Saml2P + "StatusCode",
new XAttribute("Value", StatusCodeHelper.FromCode(Status)))));
if (Issuer != null)
{
xe.AddFirst(new XElement(Saml2Namespaces.Saml2 + "Issuer", Issuer.Id));
}
xe.AddAttributeIfNotNullOrEmpty("InResponseTo", InResponseTo?.Value);
xe.AddAttributeIfNotNullOrEmpty("Destination", DestinationUrl?.OriginalString);
return(xe);
}
public XElement Serialize()
{
var result = new XElement(Constants.XMLNamespaces.SAMLP + "Request",
new XAttribute(XNamespace.Xmlns + "samlp", Constants.XMLNamespaces.SAMLP),
new XAttribute(XNamespace.Xmlns + "ds", Constants.XMLNamespaces.DS),
new XAttribute(XNamespace.Xmlns + "saml", Constants.XMLNamespaces.SAML),
new XAttribute("IssueInstant", IssueInstant.ToUTCString()),
new XAttribute("MajorVersion", MajorVersion),
new XAttribute("MinorVersion", MinorVersion),
new XAttribute("RequestID", RequestId));
if (Signature != null)
{
result.Add(Signature.Serialize());
}
if (AttributeQuery != null)
{
result.Add(AttributeQuery.Serialize());
}
return(result);
}
