public HttpResponseMessage GetToken(string username, string password)
{
string relyingPartyId = System.Configuration.ConfigurationManager.AppSettings["AudianceUri"];
string identityServerEndpoint = System.Configuration.ConfigurationManager.AppSettings["SecurityEndPoint"];
var binding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
var credentials = new ClientCredentials();
credentials.UserName.UserName = username;
credentials.UserName.Password = password;
try
{
var token = WSTrustClient.Issue(
new EndpointAddress(identityServerEndpoint),
new EndpointAddress(relyingPartyId),
binding,
credentials) as GenericXmlSecurityToken;
return(new HttpResponseMessage()
{
Content = new StringContent(token.TokenXml.OuterXml, Encoding.UTF8, "application/xml")
});
}
catch (Exception)
{
throw new PMSSecurityIdentityException();
}
}
public GenericXmlSecurityToken GetIssuedToken(RequestSecurityToken rst)
{
EndpointAddress endpointAddress = new EndpointAddress(STSAddress, EndpointIdentity.CreateDnsIdentity(DnsIdentityForServiceCertificates));
WSTrustClient trustClient = WSTrustClientFactory.GetWSTrustClient(clientCertifikat, serviceCertifikat, endpointAddress);
GenericXmlSecurityToken token = (GenericXmlSecurityToken)trustClient.Issue(rst);
trustClient.Close();
return(token);
}
public GenericXmlSecurityToken AuthenticateUserName(string userName, string password, string appliesTo)
{
var credentials = new ClientCredentials();
credentials.UserName.UserName = userName;
credentials.UserName.Password = password;
return(WSTrustClient.Issue(
new EndpointAddress(_configuration.AdfsIntegration.UserNameAuthenticationEndpoint),
new EndpointAddress(appliesTo),
new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential),
credentials) as GenericXmlSecurityToken);
}
private static SecurityToken RequestToken()
{
var binding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
var credentials = new ClientCredentials();
credentials.UserName.UserName = "******";
credentials.UserName.Password = "******";
return(WSTrustClient.Issue(
new EndpointAddress(_idsrvEndpoint),
new EndpointAddress(_realm),
binding,
credentials));
}
public ClaimsPrincipal Validate(string userName, string password)
{
var binding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
var credentials = new ClientCredentials();
credentials.UserName.UserName = userName;
credentials.UserName.Password = password;
GenericXmlSecurityToken genericToken;
try
{
genericToken = WSTrustClient.Issue(
new EndpointAddress(_address),
new EndpointAddress(_realm),
binding,
credentials) as GenericXmlSecurityToken;
}
catch (MessageSecurityException ex)
{
Tracing.Error("WSTrustResourceOwnerCredentialValidation failed: " + ex.ToString());
return(null);
}
var config = new SecurityTokenHandlerConfiguration();
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri(_realm));
config.CertificateValidationMode = X509CertificateValidationMode.None;
config.CertificateValidator = X509CertificateValidator.None;
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer(_issuerThumbprint, _address);
config.IssuerNameRegistry = registry;
var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(config);
ClaimsPrincipal principal;
var token = genericToken.ToSecurityToken();
principal = new ClaimsPrincipal(handler.ValidateToken(token));
Tracing.Information("Successfully requested token for user via WS-Trust");
return(FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager.Authenticate("ResourceOwnerPasswordValidation", principal));
}
private static string RequestSamlToken()
{
string idpAddress = "https://roadie/stsce/users/issue.svc/mixed/username";
var credentials = new ClientCredentials();
credentials.UserName.UserName = "******";
credentials.UserName.Password = "******";
var token = WSTrustClient.Issue(
new EndpointAddress(idpAddress),
new EndpointAddress("http://websample"),
new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential),
credentials);
return((token as GenericXmlSecurityToken).TokenXml.OuterXml);
}