public static AuthMetadata GetOpenIdConnectAuthMetadata(string content, bool requireIssuingEndpoint)
{
OpenIdConnectJsonMetadataDocument document = AuthMetadataParser.GetDocument <OpenIdConnectJsonMetadataDocument>(content);
AuthMetadata authMetadata = new AuthMetadata();
if (!string.IsNullOrEmpty(document.token_endpoint))
{
authMetadata.IssuingEndpoint = document.token_endpoint.Trim();
}
if (requireIssuingEndpoint && string.IsNullOrEmpty(authMetadata.IssuingEndpoint))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoIssuingEndpoint);
}
string serviceName;
string realm;
if (AuthMetadataParser.TryExtractUrlFormatServiceNameAndRealm(document.issuer, out serviceName, out realm))
{
authMetadata.ServiceName = serviceName;
authMetadata.Realm = realm;
}
if (string.IsNullOrEmpty(authMetadata.ServiceName))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataCannotResolveServiceName);
}
if (!string.IsNullOrEmpty(document.jwks_uri))
{
authMetadata.KeysEndpoint = document.jwks_uri.Trim();
}
if (string.IsNullOrEmpty(authMetadata.KeysEndpoint))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoSigningKey);
}
if (!string.IsNullOrEmpty(document.authorization_endpoint))
{
authMetadata.AuthorizationEndpoint = document.authorization_endpoint.Trim();
}
if (string.IsNullOrEmpty(authMetadata.AuthorizationEndpoint))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataNoIssuingEndpoint);
}
return(authMetadata);
}
public static AuthMetadata GetWSFederationMetadata(string content)
{
AuthMetadata result;
try
{
using (TextReader textReader = new StringReader(content))
{
using (XmlReader xmlReader = XmlReader.Create(textReader))
{
MetadataSerializer metadataSerializer = new MetadataSerializer
{
CertificateValidationMode = X509CertificateValidationMode.None
};
EntityDescriptor entityDescriptor = metadataSerializer.ReadMetadata(xmlReader) as EntityDescriptor;
SecurityTokenServiceDescriptor securityTokenServiceDescriptor = entityDescriptor.RoleDescriptors.OfType <SecurityTokenServiceDescriptor>().First <SecurityTokenServiceDescriptor>();
List <string> list = new List <string>();
foreach (KeyDescriptor keyDescriptor in from k in securityTokenServiceDescriptor.Keys
where k.Use == KeyType.Signing
select k)
{
foreach (SecurityKeyIdentifierClause securityKeyIdentifierClause in keyDescriptor.KeyInfo)
{
X509RawDataKeyIdentifierClause x509RawDataKeyIdentifierClause = securityKeyIdentifierClause as X509RawDataKeyIdentifierClause;
if (x509RawDataKeyIdentifierClause != null)
{
list.Add(Convert.ToBase64String(x509RawDataKeyIdentifierClause.GetX509RawData()));
}
}
}
AuthMetadata authMetadata = new AuthMetadata();
authMetadata.CertificateStrings = list.ToArray();
string serviceName;
string realm;
if (AuthMetadataParser.TryExtractUrlFormatServiceNameAndRealm(entityDescriptor.EntityId.Id, out serviceName, out realm))
{
authMetadata.ServiceName = serviceName;
authMetadata.Realm = realm;
}
else
{
authMetadata.ServiceName = entityDescriptor.EntityId.Id;
authMetadata.Realm = null;
}
if (string.IsNullOrEmpty(authMetadata.ServiceName))
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorAuthMetadataCannotResolveServiceName);
}
result = authMetadata;
}
}
}
catch (XmlException innerException)
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorCannotParseAuthMetadata, innerException);
}
catch (IOException innerException2)
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorCannotParseAuthMetadata, innerException2);
}
catch (SecurityException innerException3)
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorCannotParseAuthMetadata, innerException3);
}
catch (SystemException innerException4)
{
throw new AuthMetadataParserException(DirectoryStrings.ErrorCannotParseAuthMetadata, innerException4);
}
return(result);
}
