private static void InitializeUserClaims( AuthenticationType authenticationType, string email, IDictionary <string, string> additionalClaims, ClaimsIdentity identity) { SamlPocTraceListener.Log("SAML", $"AuthenticationService.InitializeUserClaims: Initialize claims of user {identity.Name}"); identity.AddClaim(new Claim(nameof(AuthenticationType), authenticationType.ToString())); if (additionalClaims != null) { identity.AddClaims(additionalClaims.Select(attr => new Claim(attr.Key, attr.Value))); } // Check if user email is present in claims or attributes under a standard claim type if (!identity.HasClaim(c => c.Type == ClaimTypes.Email)) { // Add email claim under a standard claim type identity.AddClaim(new Claim(ClaimTypes.Email, email)); } SamlPocTraceListener.Log("SAML", $"AuthenticationService.InitializeUserClaims: Initialized claims of user {identity.Name}:\r\n" + Utils.SerializeToJson(identity.Claims.Select(c => new { c.Type, c.Value }))); }
public bool Authenticate( AuthenticationType authenticationType, string email, string password, IDictionary <string, string> additionalClaims = null) { SamlPocTraceListener.Log("SAML", $"AuthenticationService.Authenticate: Authenticate user {email}"); var user = FindUser(_userManager, email, password); if (user != null) { var identity = _userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie); // Save received attributes as claims InitializeUserClaims(authenticationType, email, additionalClaims, identity); // Sign in user _authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = true }, identity); return(true); } return(false); }
private static void ConfigureIdentityProvidersUsingRepository( SAMLConfiguration samlConfiguration, SamlIdentityProvidersRepository repository) { SamlPocTraceListener.Log("SAML", "SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: Loading Identity Providers"); var providers = repository.GetRegisteredIdentityProviders(); SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: {providers.Count()} Identity Providers loaded:"); var providersConfig = Utils.SerializeToJson(providers); SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: Identity Providers configuration:\r\n{providersConfig}"); foreach (var provider in providers) { samlConfiguration.AddPartnerIdentityProvider( new PartnerIdentityProviderConfiguration() { Name = provider.Name, Description = provider.Description, SignAuthnRequest = provider.SignAuthnRequest, SingleSignOnServiceUrl = provider.SingleSignOnUrl, SingleLogoutServiceUrl = provider.SingleLogoutUrl, PartnerCertificateFile = provider.CertificateFile, UseEmbeddedCertificate = provider.UseEmbeddedCertificate, DisableInboundLogout = !provider.SingleLogoutSupported, DisableOutboundLogout = !provider.SingleLogoutSupported }); } }
public static void Configure(SamlIdentityProvidersRepository repository) { SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.Configure: Starting configuration of SAML environment."); SAMLConfiguration samlConfiguration = new SAMLConfiguration(); ConfigureServiceProvider(samlConfiguration); ConfigureIdentityProvidersUsingRepository(samlConfiguration, repository); // ConfigureIdentityProvidersUsingHardCodedConfiguration(samlConfiguration); SAMLController.Configuration = samlConfiguration; SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.Configure: Ended configuration of SAML environment."); }
private static void ConfigureServiceProvider(SAMLConfiguration samlConfiguration) { samlConfiguration.LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration() { Name = ConfigurationManager.AppSettings[ServiceProviderName], Description = ConfigurationManager.AppSettings[ServiceProviderDescription], AssertionConsumerServiceUrl = ConfigurationManager.AppSettings[ServiceProviderAssertionConsumerServiceUrl], LocalCertificateFile = ConfigurationManager.AppSettings[ServiceProviderLocalCertificateFile], LocalCertificatePassword = ConfigurationManager.AppSettings[ServiceProviderLocalCertificatePassword] }; var spConfig = Utils.SerializeToJson(samlConfiguration.LocalServiceProviderConfiguration); SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureServiceProvider: Service Provider configuration:\r\n{spConfig}"); }