public string GetRequest(SamlRequestFormat format, string assertionConsumerServiceUrl, string certPath, string certPassword) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", _id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", _issueInstant); xw.WriteAttributeString("Destination", _ssoSettings.SsoEndPoint); xw.WriteAttributeString("AssertionConsumerServiceURL", assertionConsumerServiceUrl); // for ADFS xw.WriteAttributeString("Consent", "urn:oasis:names:tc:SAML:2.0:consent:unspecified"); xw.WriteStartElement("Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("www.sp.com"); xw.WriteEndElement(); // for ADFS xw.WriteStartElement("Conditions", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteStartElement("AudienceRestriction"); xw.WriteStartElement("Audience"); xw.WriteString(assertionConsumerServiceUrl); xw.WriteEndElement(); xw.WriteEndElement(); xw.WriteEndElement(); xw.WriteEndElement(); } _log.DebugFormat("Format: {0}, SAML Request: {1}", format, sw.ToString()); if (format == SamlRequestFormat.Base64) { XmlDocument xdoc = new XmlDocument(); xdoc.LoadXml(sw.ToString()); AsymmetricAlgorithm privateKey; try { _log.DebugFormat("Using certificate for signing saml requests. certPath={0}", certPath); X509Certificate2 cert = new X509Certificate2(certPath, certPassword); privateKey = cert.PrivateKey; } catch (CryptographicException ex) { _log.DebugFormat("Using SAML requests without certificate. {0}", ex); privateKey = null; } catch (Exception ex) { _log.ErrorFormat("Certification error. {0}", ex); throw new Exception("Certification error"); } return(CreateQueryString(xdoc.DocumentElement, privateKey)); } _log.ErrorFormat("Unknown format: {0}", format); return(null); } }
public string GetRequest(SamlRequestFormat format, string assertionConsumerServiceUrl, string certPath, string certPassword) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", _id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", _issueInstant); xw.WriteAttributeString("Destination", _ssoSettings.SsoEndPoint); xw.WriteAttributeString("AssertionConsumerServiceURL", assertionConsumerServiceUrl); // for ADFS xw.WriteAttributeString("Consent", "urn:oasis:names:tc:SAML:2.0:consent:unspecified"); xw.WriteStartElement("Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("www.sp.com"); xw.WriteEndElement(); // for ADFS xw.WriteStartElement("Conditions", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteStartElement("AudienceRestriction"); xw.WriteStartElement("Audience"); xw.WriteString(assertionConsumerServiceUrl); xw.WriteEndElement(); xw.WriteEndElement(); xw.WriteEndElement(); xw.WriteEndElement(); } _log.DebugFormat("Format: {0}, SAML Request: {1}", format, sw.ToString()); if (format == SamlRequestFormat.Base64) { XmlDocument xdoc = new XmlDocument(); xdoc.LoadXml(sw.ToString()); AsymmetricAlgorithm privateKey; try { _log.DebugFormat("Using certificate for signing saml requests. certPath={0}", certPath); X509Certificate2 cert = new X509Certificate2(certPath, certPassword); privateKey = cert.PrivateKey; } catch (CryptographicException ex) { _log.DebugFormat("Using SAML requests without certificate. {0}", ex); privateKey = null; } catch (Exception ex) { _log.ErrorFormat("Certification error. {0}", ex); throw new Exception("Certification error"); } return CreateQueryString(xdoc.DocumentElement, privateKey); } _log.ErrorFormat("Unknown format: {0}", format); return null; } }