/// <summary> /// This method is used to Initiate SSO (considering as Audience URL) /// </summary> /// <param name="companyID">Current CompanyID to whom to initiate SSO.</param> /// <returns>returns True for Sucessfull and false for Failure</returns> internal bool InitiateSSO(CompanyIDList companyID) { bool IsSSOInitiated = true; try { _companyID = companyID.ToString(); WriteToFileLog.Instance(_companyID).Write(WriteToFileLog.Instance(_companyID).Start); GetAuthnRequest(); IDPUrl = DS_AuthnRequest.Tables[_companyID].Rows[0]["IDPUrl"].ToString(); SAMLRequest = CreateAuthnRequest(); } catch (Exception exception) { IsSSOInitiated = false; WriteToFileLog.Instance(_companyID).Write("Error Occurred:-" + exception.Message.ToString() + "\n" + "Stack Trace:-" + exception.StackTrace.ToString()); } finally { WriteToFileLog.Instance(_companyID).Write(WriteToFileLog.Instance(_companyID).End); WriteToFileLog.Instance(_companyID).Write(""); } return(IsSSOInitiated); }
/// <summary> /// This method is used to create Authentication Request for SAML Authentication request /// </summary> /// <returns>Returns SAML request with URLEncode</returns> private string CreateAuthnRequest() { WriteToFileLog.Instance(_companyID).Write("CreateAuthnRequest Initiated"); using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; string id; string issue_instant; id = "_" + System.Guid.NewGuid().ToString(); issue_instant = DateTime.Now.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ"); using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("xmlns", "saml", null, "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("Destination", DS_AuthnRequest.Tables[_companyID].Rows[0]["Destination"].ToString()); xw.WriteAttributeString("AssertionConsumerServiceURL", DS_AuthnRequest.Tables[_companyID].Rows[0]["AssertionConsumerServiceURL"].ToString()); xw.WriteStartElement("saml", "Issuer", null); xw.WriteString(DS_AuthnRequest.Tables[_companyID].Rows[0]["Issuer"].ToString()); xw.WriteEndElement(); //xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); //xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); //xw.WriteAttributeString("AllowCreate", "true"); //xw.WriteEndElement(); xw.WriteEndElement(); } using (MemoryStream memoryStream = new MemoryStream()) { using (StreamWriter writer = new StreamWriter(new DeflateStream(memoryStream, CompressionMode.Compress, true), new UTF8Encoding(false))) { writer.Write(sw.ToString()); writer.Close(); string result = Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length, Base64FormattingOptions.None); result = HttpUtility.UrlEncode(result) + "&RelayState=" + HttpUtility.UrlEncode(DS_AuthnRequest.Tables[_companyID].Rows[0]["RelayState"].ToString()); WriteToFileLog.Instance(_companyID).Write("SAMLRequest=" + result); return(result); } } } }
internal string CreateNewAuthnRequest(ESOP.SSO.Library.SSO sSOFields) { WriteToFileLog.Instance(sSOFields.CompanyName).Write("CreateAuthnRequest Initiated"); using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; string id; string issue_instant; id = "_" + System.Guid.NewGuid().ToString(); issue_instant = DateTime.Now.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ"); using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("xmlns", "saml", null, "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("Destination", sSOFields.DestinationURL.Trim()); xw.WriteAttributeString("AssertionConsumerServiceURL", sSOFields.AssertionConsumerServiceURL.Trim()); xw.WriteStartElement("saml", "Issuer", null); xw.WriteString(sSOFields.IssuerURL.Trim()); xw.WriteEndElement(); } using (MemoryStream memoryStream = new MemoryStream()) { using (StreamWriter writer = new StreamWriter(new DeflateStream(memoryStream, CompressionMode.Compress, true), new UTF8Encoding(false))) { writer.Write(sw.ToString()); writer.Close(); string result = Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length, Base64FormattingOptions.None); result = HttpUtility.UrlEncode(result) + "&RelayState=" + HttpUtility.UrlEncode(sSOFields.RelayState.Trim()); WriteToFileLog.Instance(sSOFields.CompanyName).Write("SAMLRequest=" + result); return(result); } } } }
/// <summary> /// This method is used to get All the Authention request parameters from the XML /// </summary> private void GetAuthnRequest() { WriteToFileLog.Instance(_companyID).Write("GetAuthnRequest Initiated"); DS_AuthnRequest.ReadXml(Convert.ToString(ConfigurationManager.AppSettings["ClientPublicCertificate"]) + @"\AuthnRequest.xml"); }
/// <summary> /// This process is used to process SSO for SAML response /// </summary> /// <param name="SAMLResponse">SAML reponse in enctrypted format</param> /// <returns>returns True for Sucessfull and false for Failure</returns> internal bool ProcessSSO(string SAMLResponse) { bool IsSSOProcessed = true; StringBuilder sb_WebParameters = new StringBuilder(); try { Hashtable ht_SAMLParameters; sb_WebParameters.AppendLine("SAMLResponse=" + SAMLResponse); using (SAMLResponse samlResponse = new SAMLResponse()) { samlResponse.LoadXmlFromBase64(SAMLResponse); _companyID = samlResponse.CompanyID; if (!IsSSOActivated((CompanyIDList)System.Enum.Parse(typeof(CompanyIDList), samlResponse.CompanyID, true))) { sb_WebParameters.AppendLine(CommonConstant.s_SSONotActivated); throw new Exception(CommonConstant.sRequestStatusSSO_DEACTIVATED); } WriteToFileLog.Instance(_companyID).Write(WriteToFileLog.Instance(_companyID).Start); if (samlResponse.IsValid(out ht_SAMLParameters, ref sb_WebParameters)) { if (SetupLoginDetails(ht_SAMLParameters)) { sb_WebParameters.AppendLine(CommonConstant.s_RedirectToVigilante); } else { IsSSOProcessed = false; sb_WebParameters.AppendLine(CommonConstant.s_LoginSetupFailed); } } else { IsSSOProcessed = false; sb_WebParameters.AppendLine(CommonConstant.s_InvalidResponse); } } } catch (Exception exception) { IsSSOProcessed = false; if (exception.Message.ToString().Equals(CommonConstant.sRequestStatusSSO_DEACTIVATED)) { throw exception; } else { sb_WebParameters.AppendLine("Error Occurred:-" + exception.Message.ToString() + "\n" + "Stack Trace:-" + exception.StackTrace.ToString()); } } finally { WriteToFileLog.Instance(_companyID).Write(sb_WebParameters.ToString()); WriteToFileLog.Instance(_companyID).Write(WriteToFileLog.Instance(_companyID).End); WriteToFileLog.Instance(_companyID).Write(""); } return(IsSSOProcessed); }