static GenericXmlSecurityToken WrapJwt(string jwt) { var subject = new ClaimsIdentity("saml"); subject.AddClaim(new Claim("jwt", jwt)); var descriptor = new SecurityTokenDescriptor { TokenType = TokenTypes.Saml2TokenProfile11, TokenIssuerName = "urn:wrappedjwt", Subject = subject }; var handler = new Saml2SecurityTokenHandler(); var token = handler.CreateToken(descriptor); var xmlToken = new GenericXmlSecurityToken( XElement.Parse(token.ToTokenXmlString()).ToXmlElement(), null, DateTime.Now, DateTime.Now.AddHours(1), null, null, null); return xmlToken; }
private static SecurityToken GenerateHardcodedToken() { var securityTokenDescriptor = new SecurityTokenDescriptor(); securityTokenDescriptor.Subject = ClaimsPrincipal.Current.Identity as ClaimsIdentity; securityTokenDescriptor.Lifetime = new Lifetime(DateTime.Now, DateTime.Now.AddDays(2)); securityTokenDescriptor.TokenIssuerName = "http://identityserver.v2.thinktecture.com/trust/changethis"; securityTokenDescriptor.AppliesToAddress = "https://windows7:444/identity/wstrust/bearer"; securityTokenDescriptor.SigningCredentials = GenerateSigningCredentials(); Saml2SecurityTokenHandler saml2SecurityTokenHandler = new Saml2SecurityTokenHandler(); var saml2SecurityToken = saml2SecurityTokenHandler.CreateToken(securityTokenDescriptor) as Saml2SecurityToken; var authenticationMethod = "urn:oasis:names:tc:SAML:2.0:ac:classes:Password"; var authenticationContext = new Saml2AuthenticationContext(new Uri(authenticationMethod)); saml2SecurityToken.Assertion.Statements.Add(new Saml2AuthenticationStatement(authenticationContext)); return saml2SecurityToken; }
public static string CreateSaml2Token(string name) { var id = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, name) }, "SAML"); var descriptor = new SecurityTokenDescriptor { Subject = id, AppliesToAddress = "https://test", TokenIssuerName = "http://issuer", SigningCredentials = GetSamlSigningCredential(), }; var handler = new Saml2SecurityTokenHandler(); handler.Configuration = new SecurityTokenHandlerConfiguration(); var token = handler.CreateToken(descriptor); return token.ToTokenXmlString(); }
private void CreateSaml2Tokens( SecurityTokenDescriptor tokenDescriptor ) { Saml2SecurityTokenHandler samlTokenHandler = new Saml2SecurityTokenHandler(); Saml2SecurityToken token = samlTokenHandler.CreateToken( tokenDescriptor ) as Saml2SecurityToken; MemoryStream ms = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter( ms ); samlTokenHandler.WriteToken( writer, token ); }
private void RunValidationTests( SecurityTokenDescriptor tokenDescriptor, SecurityToken securityToken, SecurityKey key, int iterations, bool display = true ) { // Create jwts using wif // Create Saml2 tokens // Create Saml tokens DateTime started; string validating = "Validating, signed: '{0}', '{1}' Tokens. Time: '{2}'"; SetReturnSecurityTokenResolver str = new Test.SetReturnSecurityTokenResolver( securityToken, key ); SecurityTokenHandlerConfiguration tokenHandlerConfiguration = new SecurityTokenHandlerConfiguration() { IssuerTokenResolver = str, SaveBootstrapContext = true, CertificateValidator = AlwaysSucceedCertificateValidator.New, AudienceRestriction = new AudienceRestriction( AudienceUriMode.Never ), IssuerNameRegistry = new SetNameIssuerNameRegistry( Issuers.GotJwt ), }; Saml2SecurityTokenHandler samlTokenHandler = new Saml2SecurityTokenHandler(); Saml2SecurityToken token = samlTokenHandler.CreateToken( tokenDescriptor ) as Saml2SecurityToken; StringBuilder sb = new StringBuilder(); XmlWriter writer = XmlWriter.Create(sb); samlTokenHandler.WriteToken( writer, token ); writer.Flush(); writer.Close(); string tokenXml = sb.ToString(); samlTokenHandler.Configuration = tokenHandlerConfiguration; started = DateTime.UtcNow; for ( int i = 0; i < iterations; i++ ) { StringReader sr = new StringReader( tokenXml ); XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader( XmlReader.Create( sr ) ); reader.MoveToContent(); SecurityToken saml2Token = samlTokenHandler.ReadToken( reader ); samlTokenHandler.ValidateToken( saml2Token ); } if ( display ) { Console.WriteLine( string.Format( validating, "Saml2SecurityTokenHandler", iterations, DateTime.UtcNow - started ) ); } JwtSecurityTokenHandler jwtTokenHandler = new JwtSecurityTokenHandler(); JwtSecurityToken jwt = jwtTokenHandler.CreateToken( tokenDescriptor ) as JwtSecurityToken; jwtTokenHandler.Configuration = tokenHandlerConfiguration; started = DateTime.UtcNow; for ( int i = 0; i < iterations; i++ ) { jwtTokenHandler.ValidateToken( jwt.RawData ); } if ( display ) { Console.WriteLine( string.Format( validating, "JwtSecurityTokenHandle - ValidateToken( jwt.RawData )", iterations, DateTime.UtcNow - started ) ); } jwt = jwtTokenHandler.CreateToken( tokenDescriptor ) as JwtSecurityToken; sb = new StringBuilder(); writer = XmlWriter.Create(sb); jwtTokenHandler.WriteToken( writer, jwt ); writer.Flush(); writer.Close(); tokenXml = sb.ToString(); started = DateTime.UtcNow; for ( int i = 0; i<iterations; i++ ) { StringReader sr = new StringReader( tokenXml ); XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader( XmlReader.Create( sr ) ); reader.MoveToContent(); SecurityToken jwtToken = jwtTokenHandler.ReadToken( reader ); jwtTokenHandler.ValidateToken( jwtToken ); } if ( display ) { Console.WriteLine( string.Format( validating, "JwtSecurityTokenHandle - ReadToken( reader ), ValidateToken( jwtToken )", iterations, DateTime.UtcNow - started ) ); } started = DateTime.UtcNow; for ( int i = 0; i < iterations; i++ ) { StringReader sr = new StringReader( tokenXml ); XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader( XmlReader.Create( sr ) ); reader.MoveToContent(); JwtSecurityToken jwtToken = jwtTokenHandler.ReadToken( reader ) as JwtSecurityToken; jwtTokenHandler.ValidateToken( jwtToken.RawData ); } if ( display ) { Console.WriteLine( string.Format( validating, "JwtSecurityTokenHandle - ReadToken( reader ), ValidateToken( jwtToken.RawData )", iterations, DateTime.UtcNow - started ) ); } }