private static void InitializeUserClaims(
            AuthenticationType authenticationType,
            string email,
            IDictionary <string, string> additionalClaims,
            ClaimsIdentity identity)
        {
            SamlPocTraceListener.Log("SAML", $"AuthenticationService.InitializeUserClaims: Initialize claims of user {identity.Name}");

            identity.AddClaim(new Claim(nameof(AuthenticationType), authenticationType.ToString()));

            if (additionalClaims != null)
            {
                identity.AddClaims(additionalClaims.Select(attr => new Claim(attr.Key, attr.Value)));
            }

            // Check if user email is present in claims or attributes under a standard claim type
            if (!identity.HasClaim(c => c.Type == ClaimTypes.Email))
            {
                // Add email claim under a standard claim type
                identity.AddClaim(new Claim(ClaimTypes.Email, email));
            }

            SamlPocTraceListener.Log("SAML", $"AuthenticationService.InitializeUserClaims: Initialized claims of user {identity.Name}:\r\n" +
                                     Utils.SerializeToJson(identity.Claims.Select(c => new { c.Type, c.Value })));
        }
        public bool Authenticate(
            AuthenticationType authenticationType,
            string email,
            string password,
            IDictionary <string, string> additionalClaims = null)
        {
            SamlPocTraceListener.Log("SAML", $"AuthenticationService.Authenticate: Authenticate user {email}");

            var user = FindUser(_userManager, email, password);

            if (user != null)
            {
                var identity = _userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);

                // Save received attributes as claims
                InitializeUserClaims(authenticationType, email, additionalClaims, identity);

                // Sign in user
                _authenticationManager.SignIn(new AuthenticationProperties()
                {
                    IsPersistent = true
                }, identity);

                return(true);
            }

            return(false);
        }
Ejemplo n.º 3
0
        private static void ConfigureIdentityProvidersUsingRepository(
            SAMLConfiguration samlConfiguration,
            SamlIdentityProvidersRepository repository)
        {
            SamlPocTraceListener.Log("SAML", "SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: Loading Identity Providers");

            var providers = repository.GetRegisteredIdentityProviders();

            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: {providers.Count()} Identity Providers loaded:");

            var providersConfig = Utils.SerializeToJson(providers);

            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: Identity Providers configuration:\r\n{providersConfig}");

            foreach (var provider in providers)
            {
                samlConfiguration.AddPartnerIdentityProvider(
                    new PartnerIdentityProviderConfiguration()
                {
                    Name                   = provider.Name,
                    Description            = provider.Description,
                    SignAuthnRequest       = provider.SignAuthnRequest,
                    SingleSignOnServiceUrl = provider.SingleSignOnUrl,
                    SingleLogoutServiceUrl = provider.SingleLogoutUrl,
                    PartnerCertificateFile = provider.CertificateFile,
                    UseEmbeddedCertificate = provider.UseEmbeddedCertificate,
                    DisableInboundLogout   = !provider.SingleLogoutSupported,
                    DisableOutboundLogout  = !provider.SingleLogoutSupported
                });
            }
        }
Ejemplo n.º 4
0
        public static void Configure(SamlIdentityProvidersRepository repository)
        {
            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.Configure: Starting configuration of SAML environment.");

            SAMLConfiguration samlConfiguration = new SAMLConfiguration();

            ConfigureServiceProvider(samlConfiguration);

            ConfigureIdentityProvidersUsingRepository(samlConfiguration, repository);
            // ConfigureIdentityProvidersUsingHardCodedConfiguration(samlConfiguration);

            SAMLController.Configuration = samlConfiguration;

            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.Configure: Ended configuration of SAML environment.");
        }
Ejemplo n.º 5
0
        private static void ConfigureServiceProvider(SAMLConfiguration samlConfiguration)
        {
            samlConfiguration.LocalServiceProviderConfiguration = new
                                                                  LocalServiceProviderConfiguration()
            {
                Name        = ConfigurationManager.AppSettings[ServiceProviderName],
                Description = ConfigurationManager.AppSettings[ServiceProviderDescription],
                AssertionConsumerServiceUrl = ConfigurationManager.AppSettings[ServiceProviderAssertionConsumerServiceUrl],
                LocalCertificateFile        = ConfigurationManager.AppSettings[ServiceProviderLocalCertificateFile],
                LocalCertificatePassword    = ConfigurationManager.AppSettings[ServiceProviderLocalCertificatePassword]
            };

            var spConfig = Utils.SerializeToJson(samlConfiguration.LocalServiceProviderConfiguration);

            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureServiceProvider: Service Provider configuration:\r\n{spConfig}");
        }