private HttpAuth ToArtifactResolution(HttpAuthElement artifactResolution)
{
if (artifactResolution == null)
{
return(null);
}
return(new HttpAuth
{
ClientCertificate = ToX509Certificate2(artifactResolution.ClientCertificate),
Credentials = ToHttpAuthCredentials(artifactResolution.Credentials)
});
}
private HttpAuth ToAttributeQuery(HttpAuthElement attributeQuery)
{
if (attributeQuery == null)
{
return(null);
}
return(new HttpAuth
{
ClientCertificate = attributeQuery.ClientCertificate.GetCertificate(),
Credentials = ToHttpAuthCredentials(attributeQuery.Credentials)
});
}
private HttpAuth ToArtifactResolution(HttpAuthElement artifactResolution)
{
if (artifactResolution == null) return null;
return new HttpAuth
{
ClientCertificate = ToX509Certificate2(artifactResolution.ClientCertificate),
Credentials = ToHttpAuthCredentials(artifactResolution.Credentials)
};
}
/// <summary>
/// Gets a response from the IdP based on a message.
/// </summary>
/// <param name="endpoint">The IdP endpoint.</param>
/// <param name="message">The message.</param>
/// <param name="auth">Basic authentication settings.</param>
/// <returns>The Stream.</returns>
public Stream GetResponse(string endpoint, string message, HttpAuthElement auth)
{
if (auth != null && auth.ClientCertificate != null && auth.Credentials != null)
{
throw new Saml20Exception(string.Format("Artifact resolution cannot specify both client certificate and basic credentials for endpoint {0}", endpoint));
}
var binding = CreateSslBinding();
if (auth != null && auth.ClientCertificate != null)
{
// Client certificate auth
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
}
var request = Message.CreateMessage(binding.MessageVersion, HttpArtifactBindingConstants.SoapAction, new SimpleBodyWriter(message));
request.Headers.To = new Uri(endpoint);
var property = new HttpRequestMessageProperty {
Method = "POST"
};
property.Headers.Add(HttpRequestHeader.ContentType, "text/xml; charset=utf-8");
if (auth != null && auth.Credentials != null)
{
// Basic http auth over ssl
var basicAuthzHeader = "Basic " + Convert.ToBase64String(Encoding.UTF8.GetBytes(auth.Credentials.Username + ":" + auth.Credentials.Password));
property.Headers.Add(HttpRequestHeader.Authorization, basicAuthzHeader);
}
request.Properties.Add(HttpRequestMessageProperty.Name, property);
if (Context.Request.Params["relayState"] != null)
{
request.Properties.Add("relayState", Context.Request.Params["relayState"]);
}
var epa = new EndpointAddress(endpoint);
var factory = new ChannelFactory <IRequestChannel>(binding, epa);
if (auth != null && auth.ClientCertificate != null)
{
// Client certificate
factory.Credentials.ClientCertificate.Certificate = auth.ClientCertificate.GetCertificate();
}
var reqChannel = factory.CreateChannel();
reqChannel.Open();
var response = reqChannel.Request(request);
Console.WriteLine(response);
reqChannel.Close();
var doc = new XmlDocument {
PreserveWhitespace = true
};
doc.Load(response.GetReaderAtBodyContents());
var outerXml = doc.DocumentElement.OuterXml;
var memStream = new MemoryStream(Encoding.UTF8.GetBytes(outerXml));
return(memStream);
}
private HttpAuth ToAttributeQuery(HttpAuthElement attributeQuery)
{
if (attributeQuery == null) return null;
return new HttpAuth
{
ClientCertificate = attributeQuery.ClientCertificate.GetCertificate(),
Credentials = ToHttpAuthCredentials(attributeQuery.Credentials)
};
}
