public async Task <TokenHandlingResponse> HandleToken(HandleTokenContext context) { var partnerId = context._federationPartyId; ClaimsIdentity identity = null; var reader = XmlReader.Create(new StringReader(context.Token.OuterXml)); var token = this._tokenSerialiser.DeserialiseToken(reader, partnerId); var validationResult = new List <ValidationResult>(); var isValid = this._tokenValidator.Validate(token, validationResult, partnerId); if (isValid) { var identities = await this._identityProvider.GenerateUserIdentitiesAsync(new Tuple <Saml2SecurityToken, HandleTokenContext>((Saml2SecurityToken)token, context), new[] { context.AuthenticationMethod }); identity = identities[context.AuthenticationMethod]; } return(new TokenHandlingResponse(token, identity, context.RelayState, validationResult)); }
public async Task Handle(HttpPostResponseInboundContext context) { try { if (context == null) { throw new ArgumentNullException("context"); } var responseStatus = await this._responseParser.Parse(context); var samlResponse = responseStatus.StatusResponse as TokenResponse; var hasToken = (samlResponse != null && samlResponse.Assertions != null && samlResponse.Assertions.Length == 1); context.HasSecurityToken = hasToken; this._logProvider.LogMessage(String.Format("Response is{0} a security token carrier.", hasToken ? String.Empty : " not")); if (hasToken) { var token = samlResponse.Assertions[0]; var handlerContext = new HandleTokenContext(token, responseStatus.FederationPartyId, context.AuthenticationMethod, responseStatus.SamlInboundMessage.RelayState); var response = await this._tokenHandler.HandleToken(handlerContext); if (!response.IsValid) { throw new Exception(EnumerableExtensions.Aggregate(response.ValidationResults.Select(x => x.ErrorMessage))); } context.Identity = response.Identity; if (response.Token != null) { context.Properties.Add("ValidFrom", response.Token.ValidFrom); context.Properties.Add("ValidTo", response.Token.ValidTo); } } } catch (Exception ex) { Exception innerEx; this._logProvider.TryLogException(ex, out innerEx); if (innerEx != null) { throw innerEx; } } }
public async Task <ClaimsIdentity> Handle(HttpPostResponseContext context) { try { //ToDo handle this properly, response handling, token validation, claims generation etc var elements = context.Form; var responseBase64 = elements[HttpRedirectBindingConstants.SamlResponse]; var responseBytes = Convert.FromBase64String(responseBase64); var responseText = Encoding.UTF8.GetString(responseBytes); var relayState = await this._relayStateHandler.GetRelayStateFromFormData(elements); this._logProvider.LogMessage(String.Format("Response recieved:\r\n {0}", responseText)); var responseStatus = ResponseHelper.ParseResponseStatus(responseText, this._logProvider); ResponseHelper.EnsureSuccessAndThrow(responseStatus); using (var reader = new StringReader(responseText)) { using (var xmlReader = XmlReader.Create(reader)) { var handlerContext = new HandleTokenContext(xmlReader, relayState, context.AuthenticationMethod); var response = await this._tokenHandler.HandleToken(handlerContext); if (!response.IsValid) { throw new Exception(EnumerableExtensions.Aggregate(response.ValidationResults.Select(x => x.ErrorMessage))); } return(response.Identity); } } } catch (Exception ex) { Exception innerEx; this._logProvider.TryLogException(ex, out innerEx); if (innerEx != null) { throw innerEx; } } return(null); }
public async Task <TokenHandlingResponse> HandleToken(HandleTokenContext context) { var relayState = context.RelayState as IDictionary <string, object>; if (relayState == null) { throw new InvalidOperationException(String.Format("Expected relay state type of: {0}, but it was: {1}", typeof(IDictionary <string, object>).Name, context.RelayState.GetType().Name)); } var partnerId = relayState["federationPartyId"].ToString(); ClaimsIdentity identity = null; var token = this._tokenSerialiser.DeserialiseToken(context.Token, partnerId); var validationResult = new List <ValidationResult>(); var isValid = this._tokenValidator.Validate(token, validationResult, partnerId); if (isValid) { var identities = await this._identityProvider.GenerateUserIdentitiesAsync((Saml2SecurityToken)token, new[] { context.AuthenticationMethod }); identity = identities[context.AuthenticationMethod]; } return(new TokenHandlingResponse(token, identity, validationResult)); }
public bool CanHandleToken(HandleTokenContext context) { var reader = XmlReader.Create(new StringReader(context.Token.OuterXml)); return(this._tokenSerialiser.CanReadToken(reader)); }