protected virtual XmlElement Build(string binding, string destination) { var request = AuthnRequestBuilder.New(Options.SPName) .SetBinding(binding) .SetDestination(destination) .SetIssuer(Constants.NameIdentifierFormats.EntityIdentifier, Options.SPId); if (Options.AuthnRequestSigned && Options.SignatureAlg != null && Options.SigningCertificate != null) { return(request.SignAndBuild(Options.SigningCertificate, Options.SignatureAlg.Value, Options.CanonicalizationMethod)); } return(request.Build()); }
public void When_Build_And_Sign_AuthnRequest() { var payload = File.ReadAllBytes(Path.Combine(Directory.GetCurrentDirectory(), "localhost.pfx")); var certificate = new X509Certificate2(payload, "password"); // https://en.wikipedia.org/wiki/SAML_2.0 // https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf // https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf // https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf // https://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf // http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-holder-of-key-cs-02.html // https://developers.onelogin.com/saml/examples/authnrequest : explains how to sign AuthnRequest // https://dtservices.bosa.be/sites/default/files/content/download/files/fas_saml_integration_guide_v0.51_1.pdf // ARRANGE var builder = AuthnRequestBuilder.New("SP") .SetIssuer(Constants.NameIdentifierFormats.EntityIdentifier, "urn:sp"); // ACT var authnRequest = builder.SignAndBuild(certificate, SignatureAlgorithms.RSASHA256, CanonicalizationMethods.C14); // ASSERT Assert.True(SignatureHelper.CheckSignature(authnRequest, certificate)); }