public async Task <TokenHandlingResponse> HandleToken(HandleTokenContext context)
{
var partnerId = context._federationPartyId;
ClaimsIdentity identity = null;
var reader = XmlReader.Create(new StringReader(context.Token.OuterXml));
var token = this._tokenSerialiser.DeserialiseToken(reader, partnerId);
var validationResult = new List <ValidationResult>();
var isValid = this._tokenValidator.Validate(token, validationResult, partnerId);
if (isValid)
{
var identities = await this._identityProvider.GenerateUserIdentitiesAsync(new Tuple <Saml2SecurityToken, HandleTokenContext>((Saml2SecurityToken)token, context), new[] { context.AuthenticationMethod });
identity = identities[context.AuthenticationMethod];
}
return(new TokenHandlingResponse(token, identity, context.RelayState, validationResult));
}
public async Task Handle(HttpPostResponseInboundContext context)
{
try
{
if (context == null)
{
throw new ArgumentNullException("context");
}
var responseStatus = await this._responseParser.Parse(context);
var samlResponse = responseStatus.StatusResponse as TokenResponse;
var hasToken = (samlResponse != null && samlResponse.Assertions != null && samlResponse.Assertions.Length == 1);
context.HasSecurityToken = hasToken;
this._logProvider.LogMessage(String.Format("Response is{0} a security token carrier.", hasToken ? String.Empty : " not"));
if (hasToken)
{
var token = samlResponse.Assertions[0];
var handlerContext = new HandleTokenContext(token, responseStatus.FederationPartyId, context.AuthenticationMethod, responseStatus.SamlInboundMessage.RelayState);
var response = await this._tokenHandler.HandleToken(handlerContext);
if (!response.IsValid)
{
throw new Exception(EnumerableExtensions.Aggregate(response.ValidationResults.Select(x => x.ErrorMessage)));
}
context.Identity = response.Identity;
if (response.Token != null)
{
context.Properties.Add("ValidFrom", response.Token.ValidFrom);
context.Properties.Add("ValidTo", response.Token.ValidTo);
}
}
}
catch (Exception ex)
{
Exception innerEx;
this._logProvider.TryLogException(ex, out innerEx);
if (innerEx != null)
{
throw innerEx;
}
}
}
public async Task <ClaimsIdentity> Handle(HttpPostResponseContext context)
{
try
{
//ToDo handle this properly, response handling, token validation, claims generation etc
var elements = context.Form;
var responseBase64 = elements[HttpRedirectBindingConstants.SamlResponse];
var responseBytes = Convert.FromBase64String(responseBase64);
var responseText = Encoding.UTF8.GetString(responseBytes);
var relayState = await this._relayStateHandler.GetRelayStateFromFormData(elements);
this._logProvider.LogMessage(String.Format("Response recieved:\r\n {0}", responseText));
var responseStatus = ResponseHelper.ParseResponseStatus(responseText, this._logProvider);
ResponseHelper.EnsureSuccessAndThrow(responseStatus);
using (var reader = new StringReader(responseText))
{
using (var xmlReader = XmlReader.Create(reader))
{
var handlerContext = new HandleTokenContext(xmlReader, relayState, context.AuthenticationMethod);
var response = await this._tokenHandler.HandleToken(handlerContext);
if (!response.IsValid)
{
throw new Exception(EnumerableExtensions.Aggregate(response.ValidationResults.Select(x => x.ErrorMessage)));
}
return(response.Identity);
}
}
}
catch (Exception ex)
{
Exception innerEx;
this._logProvider.TryLogException(ex, out innerEx);
if (innerEx != null)
{
throw innerEx;
}
}
return(null);
}
public async Task <TokenHandlingResponse> HandleToken(HandleTokenContext context)
{
var relayState = context.RelayState as IDictionary <string, object>;
if (relayState == null)
{
throw new InvalidOperationException(String.Format("Expected relay state type of: {0}, but it was: {1}", typeof(IDictionary <string, object>).Name, context.RelayState.GetType().Name));
}
var partnerId = relayState["federationPartyId"].ToString();
ClaimsIdentity identity = null;
var token = this._tokenSerialiser.DeserialiseToken(context.Token, partnerId);
var validationResult = new List <ValidationResult>();
var isValid = this._tokenValidator.Validate(token, validationResult, partnerId);
if (isValid)
{
var identities = await this._identityProvider.GenerateUserIdentitiesAsync((Saml2SecurityToken)token, new[] { context.AuthenticationMethod });
identity = identities[context.AuthenticationMethod];
}
return(new TokenHandlingResponse(token, identity, validationResult));
}
public bool CanHandleToken(HandleTokenContext context)
{
var reader = XmlReader.Create(new StringReader(context.Token.OuterXml));
return(this._tokenSerialiser.CanReadToken(reader));
}