public string GetRequest(AuthRequestFormat format)
{
string samlReq = "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\""
+ " ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\""
+ " Version=\"2.0\""
+ " IssueInstant=\"" + issueInstant + "\""
+ " ID=\"" + id + "\""
+ " AssertionConsumerServiceURL=\"" + LoadPropertities.assertionConsumerServiceUrl + "\">\n";
samlReq += "<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" + LoadPropertities.issuer
+ "</saml:Issuer>\n";
samlReq += "<samlp:NameIDPolicy Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\" />\n";
samlReq += "</samlp:AuthnRequest>";
if (format == AuthRequestFormat.Base64)
{
byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(samlReq);
using (MemoryStream output = new MemoryStream())
{
using (DeflateStream zip = new DeflateStream(output, CompressionMode.Compress, true))
{
zip.Write(toEncodeAsBytes, 0, toEncodeAsBytes.Length);
}
string base64 = Convert.ToBase64String(output.ToArray());
return(HttpUtility.UrlEncode(base64));
}
}
return(null);
}
public string GetRequest(AuthRequestFormat format)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
//xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteStartElement("saml2p", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("Destination", accountSettings.idp_sso_target_url);
//xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl);
//xw.WriteAttributeString("xmlns:saml2", "urn:oasis:names:tc:SAML:2.0:assertion");
//xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteStartElement("saml2", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(appSettings.issuer);
xw.WriteEndElement();
//xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
//xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
//xw.WriteAttributeString("AllowCreate", "true");
//xw.WriteEndElement();
//xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
//xw.WriteAttributeString("Comparison", "exact");
//xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
//xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
//xw.WriteEndElement();
xw.WriteEndElement(); // RequestedAuthnContext
//xw.WriteEndElement();
}
if (format == AuthRequestFormat.Base64)
{
//byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(sb);
//return System.Convert.ToBase64String(toEncodeAsBytes);
using (var compressed = new MemoryStream())
{
using (var writer = new StreamWriter(new DeflateStream(compressed, CompressionLevel.Optimal, true)))
{
writer.Write(sw.ToString());
}
return(Convert.ToBase64String(compressed.GetBuffer()));
}
}
return(null);
}
}
public string GetRequest(AuthRequestFormat format)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", _id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", _issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", _assertionConsumerServiceUrl);
if (ForceAuthn.HasValue)
{
xw.WriteAttributeString("forceAuthn", ForceAuthn.ToString());
}
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(_issuer);
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
/*xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
* xw.WriteAttributeString("Comparison", "exact");
* xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
* xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
* xw.WriteEndElement();
* xw.WriteEndElement();*/
xw.WriteEndElement();
}
if (format == AuthRequestFormat.Base64)
{
//byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(sw.ToString());
//return System.Convert.ToBase64String(toEncodeAsBytes);
//https://stackoverflow.com/questions/25120025/acs75005-the-request-is-not-a-valid-saml2-protocol-message-is-showing-always%3C/a%3E
var memoryStream = new MemoryStream();
var writer = new StreamWriter(new DeflateStream(memoryStream, CompressionMode.Compress, true), new UTF8Encoding(false));
writer.Write(sw.ToString());
writer.Close();
string result = Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length, Base64FormattingOptions.None);
return(result);
}
return(null);
}
}
public string GetRequest(AuthRequestFormat format)
{
var xml = new XmlDocument();
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl);
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(appSettings.issuer);
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Comparison", "exact");
xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
xw.WriteEndElement();
xw.WriteEndElement(); // RequestedAuthnContext
xw.WriteEndElement();
//xml.LoadXml(xw.ToString());
}
//xml.LoadXml(xws.ToString());
//var certificate = new Certificate();
////certificate.LoadCertificate(accountSettings.certificate);
//certificate.LoadCertificate("server.p12", "pass", X509KeyStorageFlags.Exportable);
//EncryptXmlWithCert(xml, "", certificate.cert);
if (format == AuthRequestFormat.Base64)
{
byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(xws.ToString());
return(System.Convert.ToBase64String(toEncodeAsBytes));
}
return(null);
}
}
public string GetRequest(AuthRequestFormat format)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
//xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
//xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl);
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(appSettings.issuer);
xw.WriteEndElement();
//xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
//xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
//xw.WriteAttributeString("AllowCreate", "true");
//xw.WriteEndElement();
//xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
//xw.WriteAttributeString("Comparison", "exact");
//xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
//xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
//xw.WriteEndElement();
//xw.WriteEndElement(); // RequestedAuthnContext
xw.WriteEndElement();
}
if (format == AuthRequestFormat.Base64)
{
var bytes = Encoding.UTF8.GetBytes(sw.ToString());
using (var output = new MemoryStream())
{
using (var zip = new DeflateStream(output, CompressionMode.Compress))
{
zip.Write(bytes, 0, bytes.Length);
}
var base64 = Convert.ToBase64String(output.ToArray());
return(HttpUtility.UrlEncode(base64));
}
}
return(null);
}
}
public string GetRequest(AuthRequestFormat format)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl);
xw.WriteAttributeString("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(appSettings.issuer);
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Comparison", "exact");
xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
xw.WriteEndElement();
xw.WriteEndElement(); // RequestedAuthnContext
xw.WriteEndElement();
}
if (format == AuthRequestFormat.DeflatedBase64)
{
return(System.Convert.ToBase64String(Deflate(System.Text.ASCIIEncoding.ASCII.GetBytes(sw.ToString()))));
}
if (format == AuthRequestFormat.Base64)
{
return(ConvertStringToBase64(sw.ToString()));
}
return(null);
}
}
public string GetRequest(AuthRequestFormat format)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl);
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(appSettings.issuer);
xw.WriteEndElement();
//xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
//xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
//xw.WriteAttributeString("AllowCreate", "true");
//xw.WriteEndElement();
xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Comparison", "exact");
xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
xw.WriteEndElement();
xw.WriteEndElement(); // RequestedAuthnContext
xw.WriteEndElement();
}
if (format == AuthRequestFormat.Base64)
{
var memoryStream = new MemoryStream();
var writer = new StreamWriter(new DeflateStream(memoryStream, CompressionMode.Compress, true), new UTF8Encoding(false));
writer.Write(sw.ToString());
writer.Close();
return(Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length, Base64FormattingOptions.None));
}
return(null);
}
}
public string GetRequest(AuthRequestFormat format)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", "http://localhost/SAML2/POST"); // service provider url to consume token . it should be post method
xw.WriteAttributeString("Destination", "http://myshibboleth.idp.com/idp/profile/SAML2/Redirect/SSO");
//xw.WriteAttributeString("AssertionConsumerServiceURL", ConfigurationManager.AppSettings["AssertionConsumerServiceURL"]);
//xw.WriteAttributeString("Destination", ConfigurationManager.AppSettings["Destination"]);
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("http://localhost"); // service provider home url
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
//xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
//xw.WriteAttributeString("Comparison", "exact");
//xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
//xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
//xw.WriteEndElement();
xw.WriteEndElement(); // RequestedAuthnContext
}
if (format == AuthRequestFormat.Base64)
{
var bytes = Encoding.UTF8.GetBytes(sw.ToString());
using (var output = new MemoryStream())
{
using (var zip = new DeflateStream(output, CompressionMode.Compress))
{
zip.Write(bytes, 0, bytes.Length);
}
var base64 = Convert.ToBase64String(output.ToArray());
return base64;
//return HttpUtility.UrlEncode(base64);
}
}
return null;
}
}
public string GetRequest(AuthRequestFormat format)
{
using (var sw = new StringWriter())
{
var xws = new XmlWriterSettings {
OmitXmlDeclaration = true
};
using (var xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issueInstant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", "http://localhost");
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(issuer);
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Comparison", "exact");
xw.WriteEndElement();
xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
xw.WriteEndElement();
xw.WriteEndElement();
}
if (format == AuthRequestFormat.Base64)
{
var toEncodeAsBytes = ASCIIEncoding.ASCII.GetBytes(sw.ToString());
return(Convert.ToBase64String(toEncodeAsBytes));
}
return(sw.ToString());
}
}
public string GetRequest(AuthRequestFormat format)
{
using (StringWriter sw = new StringWriter())
{
using (XmlWriter xw = XmlWriter.Create(sw, new XmlWriterSettings()
{
OmitXmlDeclaration = true
}))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl);
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(appSettings.issuer);
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Comparison", "exact");
xw.WriteEndElement();
xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
xw.WriteEndElement();
xw.WriteEndElement();
}
switch (format)
{
case AuthRequestFormat.Base64:
return Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes(sw.ToString()));
default:
throw new ApplicationException();
}
}
}
public string GetRequest(AuthRequestFormat format)
{
using (var sw = new StringWriter())
{
var xws = new XmlWriterSettings {
OmitXmlDeclaration = true
};
using (var xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", Saml2Constants.Protocol);
xw.WriteAttributeString("ID", Id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", _issueInstant);
xw.WriteAttributeString("ProtocolBinding", Saml2Constants.PostBinding);
xw.WriteAttributeString("AssertionConsumerServiceURL", _assertionConsumerServiceUrl);
xw.WriteStartElement("saml", "Issuer", Saml2Constants.Assertion);
xw.WriteString(_issuer);
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", Saml2Constants.Protocol);
xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
if (!string.IsNullOrEmpty(_audienceRestriction))
{
xw.WriteStartElement("saml", "Conditions", Saml2Constants.Assertion);
xw.WriteStartElement("saml", "AudienceRestriction", Saml2Constants.Assertion);
xw.WriteStartElement("saml", "Audience", Saml2Constants.Assertion);
xw.WriteString(_audienceRestriction);
xw.WriteEndElement();
xw.WriteEndElement();
xw.WriteEndElement();
}
xw.WriteStartElement("samlp", "RequestedAuthnContext", Saml2Constants.Protocol);
xw.WriteAttributeString("Comparison", _requestedAuthnContextComparisonMethod);
foreach (var authnContextClassRef in _authnContextClassRefs)
{
xw.WriteStartElement("saml", "AuthnContextClassRef", Saml2Constants.Assertion);
xw.WriteString(authnContextClassRef);
xw.WriteEndElement();
}
xw.WriteEndElement();
xw.WriteEndElement();
}
var result = sw.ToString();
byte[] compressedBytes = null;
if (format.HasFlag(AuthRequestFormat.Compressed))
{
compressedBytes = Compress(result);
}
if (format.HasFlag(AuthRequestFormat.Base64))
{
result = Convert.ToBase64String(compressedBytes ?? Encoding.ASCII.GetBytes(result));
}
if (format.HasFlag(AuthRequestFormat.UrlEncode))
{
result = HttpUtility.UrlEncode(result);
}
return(result);
}
}
public string GetRequest(AuthRequestFormat format)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", issue_instant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl);
xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString(appSettings.issuer);
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("Comparison", "exact");
xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
xw.WriteEndElement();
xw.WriteEndElement(); // RequestedAuthnContext
xw.WriteEndElement();
}
if (format == AuthRequestFormat.Base64)
{
byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(sw.ToString());
return System.Convert.ToBase64String(toEncodeAsBytes);
}
return null;
}
}
public string GetRequest(AuthRequestFormat format)
{
const string protocol = "urn:oasis:names:tc:SAML:2.0:protocol";
const string assertion = "urn:oasis:names:tc:SAML:2.0:assertion";
using (var sw = new StringWriter())
{
var xws = new XmlWriterSettings {OmitXmlDeclaration = true};
using (var xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", protocol);
xw.WriteAttributeString("ID", Id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", _issueInstant);
xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
xw.WriteAttributeString("AssertionConsumerServiceURL", _assertionConsumerServiceUrl);
xw.WriteStartElement("saml", "Issuer", assertion);
xw.WriteString(_issuer);
xw.WriteEndElement();
xw.WriteStartElement("samlp", "NameIDPolicy", protocol);
xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
xw.WriteAttributeString("AllowCreate", "true");
xw.WriteEndElement();
if (!string.IsNullOrEmpty(_audienceRestriction))
{
xw.WriteStartElement("saml", "Conditions", assertion);
xw.WriteStartElement("saml", "AudienceRestriction", assertion);
xw.WriteStartElement("saml", "Audience", assertion);
xw.WriteString(_audienceRestriction);
xw.WriteEndElement();
xw.WriteEndElement();
xw.WriteEndElement();
}
xw.WriteStartElement("samlp", "RequestedAuthnContext", protocol);
xw.WriteAttributeString("Comparison", _requestedAuthnContextComparisonMethod);
foreach (var authnContextClassRef in _authnContextClassRefs)
{
xw.WriteStartElement("saml", "AuthnContextClassRef", assertion);
xw.WriteString(authnContextClassRef);
xw.WriteEndElement();
}
xw.WriteEndElement();
xw.WriteEndElement();
}
var result = sw.ToString();
byte[] compressedBytes = null;
if (format.HasFlag(AuthRequestFormat.Compressed))
{
compressedBytes = Compress(result);
}
if (format.HasFlag(AuthRequestFormat.Base64))
{
result = Convert.ToBase64String(compressedBytes ?? Encoding.ASCII.GetBytes(result));
}
if (format.HasFlag(AuthRequestFormat.UrlEncode))
{
result = HttpUtility.UrlEncode(result);
}
return result;
}
}
