public static void AddAccessKey(this AuthenticationConfiguration configuration, SimpleSecurityTokenHandler handler, AuthenticationOptions options)
{
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options
});
}
public void AddAccessKey(SimpleSecurityTokenHandler.ValidateTokenDelegate validateTokenDelegate, AuthenticationOptions options)
{
AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { new SimpleSecurityTokenHandler("", validateTokenDelegate) },
Options = options
});
}
public static void AddAccessKey(this AuthenticationConfiguration configuration, SimpleSecurityTokenHandler.ValidateTokenDelegate validateTokenDelegate, AuthenticationOptions options)
{
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { new SimpleSecurityTokenHandler(validateTokenDelegate) },
Options = options
});
}
public void AddAccessKey(SimpleSecurityTokenHandler handler, AuthenticationOptions options)
{
AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options
});
}
private static AuthenticationConfiguration CreateAuthenticationConfiguration()
{
var options = new AuthenticationOptions()
{
RequestType = HttpRequestType.AuthorizationHeader,
Scheme = "SAML"
};
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer("18145fb6b5d96b3cc34ec7599f12172bb93c68ef", "DummySTS");
var adfsConfig = new SecurityTokenHandlerConfiguration();
adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri("urn:claimsdemo:http45mvc"));
adfsConfig.IssuerNameRegistry = registry;
adfsConfig.CertificateValidator = X509CertificateValidator.None;
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certificates = store.Certificates;
X509Certificate2Collection matchingCertificates = certificates.Find(
X509FindType.FindByThumbprint,
"a2028f8e7f7b082cd35e81fd0ca0b70b04651abf", false);
X509Certificate2 certificate = certificates[0];
List<SecurityToken> serviceTokens = new List<SecurityToken>();
serviceTokens.Add(new X509SecurityToken(certificate));
SecurityTokenResolver serviceResolver =
SecurityTokenResolver.CreateDefaultSecurityTokenResolver(
serviceTokens.AsReadOnly(), false);
adfsConfig.ServiceTokenResolver = serviceResolver;
var config = new AuthenticationConfiguration
{
RequireSsl = false
};
config.AddSaml11(adfsConfig, options);
return config;
}
public static void AddJsonWebToken(this AuthenticationConfiguration configuration, string issuer, string audience, string signingKey, AuthenticationOptions options)
{
var config = new SecurityTokenHandlerConfiguration();
var registry = new WebTokenIssuerNameRegistry();
registry.AddTrustedIssuer(issuer, issuer);
config.IssuerNameRegistry = registry;
var issuerResolver = new WebTokenIssuerTokenResolver();
issuerResolver.AddSigningKey(issuer, signingKey);
config.IssuerTokenResolver = issuerResolver;
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri(audience));
var handler = new JsonWebTokenHandler();
handler.Configuration = config;
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options
});
}
public static void AddMsftJsonWebToken(
this AuthenticationConfiguration configuration,
string issuer, string audience,
X509Certificate2 signingCert,
AuthenticationOptions options,
AuthenticationScheme scheme)
{
var validationParameters = new TokenValidationParameters()
{
AllowedAudience = audience,
SigningToken = new X509SecurityToken(signingCert),
ValidIssuer = issuer,
ValidateExpiration = true
};
var handler = new JWTSecurityTokenHandlerWrapper(validationParameters);
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options,
Scheme = scheme
});
}
public void AddAccessKey(SimpleSecurityTokenHandler.ValidateTokenDelegate validateTokenDelegate, AuthenticationOptions options)
{
AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
new SimpleSecurityTokenHandler(validateTokenDelegate)
},
Options = options
});
}
public void AddJsonWebToken(string issuer, string audience, string signingKey, AuthenticationOptions options)
{
var config = new SecurityTokenHandlerConfiguration();
var registry = new WebTokenIssuerNameRegistry();
registry.AddTrustedIssuer(issuer, issuer);
config.IssuerNameRegistry = registry;
var issuerResolver = new WebTokenIssuerTokenResolver();
issuerResolver.AddSigningKey(issuer, signingKey);
config.IssuerTokenResolver = issuerResolver;
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri(audience));
var handler = new JsonWebTokenHandler();
handler.Configuration = config;
AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
handler
},
Options = options
});
}
public static void AddAccessKey(this AuthenticationConfiguration configuration, SimpleSecurityTokenHandler.ValidateTokenDelegate validateTokenDelegate, AuthenticationOptions options)
{
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
new SimpleSecurityTokenHandler(validateTokenDelegate)
},
Options = options,
});
}
public static void AddSaml11(this AuthenticationConfiguration configuration, SecurityTokenHandlerConfiguration handlerConfiguration, AuthenticationOptions options)
{
var handler = new HttpSamlSecurityTokenHandler();
handler.Configuration = handlerConfiguration;
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
handler
},
Options = options
});
}
public static void AddSaml2AndJwt(this AuthenticationConfiguration configuration, string issuerThumbprint, X509Certificate2 signingCertificate, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme, X509Certificate2 encryptionCertificate)
{
var validationParameters = new TokenValidationParameters()
{
AllowedAudience = audienceUri,
SigningToken = new X509SecurityToken(signingCertificate),
ValidIssuer = issuerName,
};
var jwtHandler = new JwtSecurityTokenHandlerWrapper(validationParameters);
var samlHandlerConfig = CreateSaml2SecurityTokenHandlerConfiguration(issuerThumbprint, issuerName, audienceUri, certificateValidator, encryptionCertificate);
var saml2Handler = new HttpSaml2SecurityTokenHandler()
{
Configuration = samlHandlerConfig
};
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
jwtHandler, saml2Handler
},
Options = options,
Scheme = scheme
});
}
public static void AddSaml2AndJwt(this AuthenticationConfiguration configuration, string issuerThumbprint, X509Certificate2 signingCertificate, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme, X509Certificate2 encryptionCertificate)
{
var validationParameters = new TokenValidationParameters()
{
AllowedAudience = audienceUri,
SigningToken = new X509SecurityToken(signingCertificate),
ValidIssuer = issuerName,
};
var jwtHandler = new JwtSecurityTokenHandlerWrapper(validationParameters);
var samlHandlerConfig = CreateSaml2SecurityTokenHandlerConfiguration(issuerThumbprint, issuerName, audienceUri, certificateValidator, encryptionCertificate);
var saml2Handler = new HttpSaml2SecurityTokenHandler() { Configuration = samlHandlerConfig };
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { jwtHandler, saml2Handler },
Options = options,
Scheme = scheme
});
}
public static void AddBasicAuthentication(this AuthenticationConfiguration configuration, BasicAuthenticationSecurityTokenHandler.ValidateUserNameCredentialDelegate validationDelegate, AuthenticationOptions options, string realm = "localhost", bool retainPassword = false)
{
var handler = new BasicAuthenticationSecurityTokenHandler(validationDelegate);
handler.RetainPassword = retainPassword;
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
handler
},
Options = options,
Scheme = AuthenticationScheme.SchemeAndRealm("Basic", realm)
});
}
public static void AddSaml2(this AuthenticationConfiguration configuration, string issuerThumbprint, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme)
{
var handlerConfig = CreateSaml2SecurityTokenHandlerConfiguration(issuerThumbprint, issuerName, audienceUri, certificateValidator);
configuration.AddSaml2(handlerConfig, options, scheme);
}
public void AddSaml2(SecurityTokenHandlerConfiguration configuration, AuthenticationOptions options)
{
var handler = new HttpSaml2SecurityTokenHandler();
handler.Configuration = configuration;
AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options
});
}
public static void AddSaml2(this AuthenticationConfiguration configuration, string issuerThumbprint, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme)
{
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer(issuerThumbprint, issuerName);
var handlerConfig = new SecurityTokenHandlerConfiguration();
handlerConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(audienceUri));
handlerConfig.IssuerNameRegistry = registry;
handlerConfig.CertificateValidator = certificateValidator;
configuration.AddSaml2(handlerConfig, options, scheme);
}
public static void AddBasicAuthentication(this AuthenticationConfiguration configuration, BasicAuthenticationSecurityTokenHandler.ValidateUserNameCredentialDelegate validationDelegate, AuthenticationOptions options, string realm = "localhost", bool retainPassword = false)
{
var handler = new BasicAuthenticationSecurityTokenHandler(validationDelegate);
handler.RetainPassword = retainPassword;
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options,
Scheme = AuthenticationScheme.SchemeAndRealm("Basic", realm)
});
}
public static void AddJsonWebToken(
this AuthenticationConfiguration configuration,
TokenValidationParameters validationParameters,
AuthenticationOptions options,
AuthenticationScheme scheme,
Dictionary<string, string> claimMappings = null)
{
var handler = new JwtSecurityTokenHandlerWrapper(validationParameters, claimMappings);
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options,
Scheme = scheme
});
}
public static void AddSaml11(this AuthenticationConfiguration configuration, SecurityTokenHandlerConfiguration handlerConfiguration, AuthenticationOptions options)
{
var handler = new HttpSamlSecurityTokenHandler();
handler.Configuration = handlerConfiguration;
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options
});
}
public static void AddAccessKey(this AuthenticationConfiguration configuration, SimpleSecurityTokenHandler handler, AuthenticationOptions options)
{
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
handler
},
Options = options,
});
}
public static void AddBasicAuthentication(this AuthenticationConfiguration configuration, BasicAuthenticationSecurityTokenHandler.ValidateUserNameCredentialDelegate validationDelegate, AuthenticationOptions options, bool retainPassword = false)
{
var handler = new BasicAuthenticationSecurityTokenHandler(validationDelegate);
handler.RetainPassword = retainPassword;
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options
});
}
public static void AddSaml2(this AuthenticationConfiguration configuration, string issuerThumbprint, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme)
{
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer(issuerThumbprint, issuerName);
var handlerConfig = new SecurityTokenHandlerConfiguration();
handlerConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(audienceUri));
handlerConfig.IssuerNameRegistry = registry;
handlerConfig.CertificateValidator = certificateValidator;
configuration.AddSaml2(handlerConfig, options, scheme);
}
public static void AddSaml2(this AuthenticationConfiguration configuration, string issuerThumbprint, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme)
{
var handlerConfig = CreateSaml2SecurityTokenHandlerConfiguration(issuerThumbprint, issuerName, audienceUri, certificateValidator);
configuration.AddSaml2(handlerConfig, options, scheme);
}
public static void AddSaml2(this AuthenticationConfiguration configuration, SecurityTokenHandlerConfiguration handlerConfiguration, AuthenticationOptions options, AuthenticationScheme scheme)
{
var handler = new HttpSaml2SecurityTokenHandler
{
Configuration = handlerConfiguration
};
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
handler
},
Options = options,
Scheme = scheme
});
}
