/// <summary>
/// This method is used to Initiate SSO (considering as Audience URL)
/// </summary>
/// <param name="companyID">Current CompanyID to whom to initiate SSO.</param>
/// <returns>returns True for Sucessfull and false for Failure</returns>
internal bool InitiateSSO(CompanyIDList companyID)
{
bool IsSSOInitiated = true;
try
{
_companyID = companyID.ToString();
WriteToFileLog.Instance(_companyID).Write(WriteToFileLog.Instance(_companyID).Start);
GetAuthnRequest();
IDPUrl = DS_AuthnRequest.Tables[_companyID].Rows[0]["IDPUrl"].ToString();
SAMLRequest = CreateAuthnRequest();
}
catch (Exception exception)
{
IsSSOInitiated = false;
WriteToFileLog.Instance(_companyID).Write("Error Occurred:-" + exception.Message.ToString() + "\n" + "Stack Trace:-" + exception.StackTrace.ToString());
}
finally
{
WriteToFileLog.Instance(_companyID).Write(WriteToFileLog.Instance(_companyID).End);
WriteToFileLog.Instance(_companyID).Write("");
}
return(IsSSOInitiated);
}
/// <summary>
/// This method is used to create Authentication Request for SAML Authentication request
/// </summary>
/// <returns>Returns SAML request with URLEncode</returns>
private string CreateAuthnRequest()
{
WriteToFileLog.Instance(_companyID).Write("CreateAuthnRequest Initiated");
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
string id;
string issue_instant;
id = "_" + System.Guid.NewGuid().ToString();
issue_instant = DateTime.Now.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ");
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("xmlns", "saml", null, "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("Destination", DS_AuthnRequest.Tables[_companyID].Rows[0]["Destination"].ToString());
xw.WriteAttributeString("AssertionConsumerServiceURL", DS_AuthnRequest.Tables[_companyID].Rows[0]["AssertionConsumerServiceURL"].ToString());
xw.WriteStartElement("saml", "Issuer", null);
xw.WriteString(DS_AuthnRequest.Tables[_companyID].Rows[0]["Issuer"].ToString());
xw.WriteEndElement();
//xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
//xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
//xw.WriteAttributeString("AllowCreate", "true");
//xw.WriteEndElement();
xw.WriteEndElement();
}
using (MemoryStream memoryStream = new MemoryStream())
{
using (StreamWriter writer = new StreamWriter(new DeflateStream(memoryStream, CompressionMode.Compress, true), new UTF8Encoding(false)))
{
writer.Write(sw.ToString());
writer.Close();
string result = Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length, Base64FormattingOptions.None);
result = HttpUtility.UrlEncode(result) + "&RelayState=" + HttpUtility.UrlEncode(DS_AuthnRequest.Tables[_companyID].Rows[0]["RelayState"].ToString());
WriteToFileLog.Instance(_companyID).Write("SAMLRequest=" + result);
return(result);
}
}
}
}
internal string CreateNewAuthnRequest(ESOP.SSO.Library.SSO sSOFields)
{
WriteToFileLog.Instance(sSOFields.CompanyName).Write("CreateAuthnRequest Initiated");
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
string id;
string issue_instant;
id = "_" + System.Guid.NewGuid().ToString();
issue_instant = DateTime.Now.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ");
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("xmlns", "saml", null, "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("Destination", sSOFields.DestinationURL.Trim());
xw.WriteAttributeString("AssertionConsumerServiceURL", sSOFields.AssertionConsumerServiceURL.Trim());
xw.WriteStartElement("saml", "Issuer", null);
xw.WriteString(sSOFields.IssuerURL.Trim());
xw.WriteEndElement();
}
using (MemoryStream memoryStream = new MemoryStream())
{
using (StreamWriter writer = new StreamWriter(new DeflateStream(memoryStream, CompressionMode.Compress, true), new UTF8Encoding(false)))
{
writer.Write(sw.ToString());
writer.Close();
string result = Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length, Base64FormattingOptions.None);
result = HttpUtility.UrlEncode(result) + "&RelayState=" + HttpUtility.UrlEncode(sSOFields.RelayState.Trim());
WriteToFileLog.Instance(sSOFields.CompanyName).Write("SAMLRequest=" + result);
return(result);
}
}
}
}
/// <summary>
/// This method is used to get All the Authention request parameters from the XML
/// </summary>
private void GetAuthnRequest()
{
WriteToFileLog.Instance(_companyID).Write("GetAuthnRequest Initiated");
DS_AuthnRequest.ReadXml(Convert.ToString(ConfigurationManager.AppSettings["ClientPublicCertificate"]) + @"\AuthnRequest.xml");
}
/// <summary>
/// This process is used to process SSO for SAML response
/// </summary>
/// <param name="SAMLResponse">SAML reponse in enctrypted format</param>
/// <returns>returns True for Sucessfull and false for Failure</returns>
internal bool ProcessSSO(string SAMLResponse)
{
bool IsSSOProcessed = true;
StringBuilder sb_WebParameters = new StringBuilder();
try
{
Hashtable ht_SAMLParameters;
sb_WebParameters.AppendLine("SAMLResponse=" + SAMLResponse);
using (SAMLResponse samlResponse = new SAMLResponse())
{
samlResponse.LoadXmlFromBase64(SAMLResponse);
_companyID = samlResponse.CompanyID;
if (!IsSSOActivated((CompanyIDList)System.Enum.Parse(typeof(CompanyIDList), samlResponse.CompanyID, true)))
{
sb_WebParameters.AppendLine(CommonConstant.s_SSONotActivated);
throw new Exception(CommonConstant.sRequestStatusSSO_DEACTIVATED);
}
WriteToFileLog.Instance(_companyID).Write(WriteToFileLog.Instance(_companyID).Start);
if (samlResponse.IsValid(out ht_SAMLParameters, ref sb_WebParameters))
{
if (SetupLoginDetails(ht_SAMLParameters))
{
sb_WebParameters.AppendLine(CommonConstant.s_RedirectToVigilante);
}
else
{
IsSSOProcessed = false;
sb_WebParameters.AppendLine(CommonConstant.s_LoginSetupFailed);
}
}
else
{
IsSSOProcessed = false;
sb_WebParameters.AppendLine(CommonConstant.s_InvalidResponse);
}
}
}
catch (Exception exception)
{
IsSSOProcessed = false;
if (exception.Message.ToString().Equals(CommonConstant.sRequestStatusSSO_DEACTIVATED))
{
throw exception;
}
else
{
sb_WebParameters.AppendLine("Error Occurred:-" + exception.Message.ToString() + "\n" + "Stack Trace:-" + exception.StackTrace.ToString());
}
}
finally
{
WriteToFileLog.Instance(_companyID).Write(sb_WebParameters.ToString());
WriteToFileLog.Instance(_companyID).Write(WriteToFileLog.Instance(_companyID).End);
WriteToFileLog.Instance(_companyID).Write("");
}
return(IsSSOProcessed);
}
