Exemple #1
0
        public static SignInRequestMessage GetSignInRequestMessage(this IRelyingParty rp, Uri baseUri)
        {
            var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(baseUri);

            requestMessage.Realm = requestMessage.Realm ?? rp.Realm;
            return(requestMessage);
        }
Exemple #2
0
        public IHttpActionResult LoginMock(string id)
        {
            if (string.IsNullOrWhiteSpace(id))
            {
                return(BadRequest("No relying party id provided"));
            }

            IRelyingParty rp = STSConfiguration <RelyingParty> .Current.RelyingParties.FindByName(id);

            if (rp == null)
            {
                return(BadRequest(string.Format("Relying party with id {0} was not found", id)));
            }

            var sts      = new SimpleSts(rp.GetStsConfiguration());
            var rMessage = rp.GetSignInRequestMessage(Request.RequestUri);


            ClaimsPrincipal principal = GetMockPrincipalPrincipal(GetMockUser(rMessage));

            //ClearAllCookies();

            SignInResponseMessage res = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(rMessage, principal, sts);

            FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(res, HttpContext.Current.Response);

            return(StatusCode(HttpStatusCode.NoContent));
        }
Exemple #3
0
        public ActionResult Login(LoginModel model)
        {
            try
            {
                if (model.Id == null)
                {
                    model.Id = "test";
                }



                ActionResult  redirection;
                IRelyingParty rp = model.Id.GetRelyingPartyElement(out redirection);

                if (redirection != null)
                {
                    return(redirection);
                }

                var result = HandleSignInRequestLocal(model, (m) => { return(true); }, rp);
                if (result != null)
                {
                    return(result);
                }
            }
            catch (Exception ex)
            {
                throw;
                return(new RedirectResult(OnErrorRedirectUrl));
            }

            return(new EmptyResult());
        }
Exemple #4
0
        public Scope(ClaimsIdentity subject, IRelyingParty party)
        {
            AppliesToAddress = party.AppliesTo;

            Subject      = subject;
            RelyingParty = party;
        }
        public static SignInResponseMessage ProcessSignInRequest(this IRelyingParty rp, Uri baseUri, ClaimsPrincipal principal)
        {
            var sts      = new SimpleSts(rp.GetStsConfiguration());
            var rMessage = rp.GetSignInRequestMessage(baseUri);

            return(FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(
                       rMessage, principal, sts));
        }
        public static void HandleSignIn(this HttpResponse httpResponse, Uri baseUri, IRelyingParty rp, ClaimsPrincipal principal)
        {
            var resp = rp.ProcessSignInRequest(baseUri, principal);

            var httpMessage = resp.WriteFormPost()
                .Replace("window.setTimeout('document.forms[0].submit()', 0);",
                    "window.setTimeout(submit, 0);function submit(){document.forms[0].submit();}");

            httpResponse.Write(httpMessage);
        }
Exemple #7
0
        public static X509EncryptingCredentials GetEncryptingCredentials(this IRelyingParty rp)
        {
            var cert = rp.GetEncryptingCertificate();

            if (cert == null)
            {
                return(null);
            }
            return(new X509EncryptingCredentials(cert));
        }
        public static void HandleSignIn(this HttpResponse httpResponse, Uri baseUri, IRelyingParty rp, ClaimsPrincipal principal)
        {
            var resp = rp.ProcessSignInRequest(baseUri, principal);

            var httpMessage = resp.WriteFormPost()
                              .Replace("window.setTimeout('document.forms[0].submit()', 0);",
                                       "window.setTimeout(submit, 0);function submit(){document.forms[0].submit();}");

            httpResponse.Write(httpMessage);
        }
Exemple #9
0
        public static IRelyingParty GetRelyingPartyElement(this string id, out ActionResult action)
        {
            IRelyingParty rp = StsConfiguration <RelyingParty> .Current.RelyingParties.FindByName(id);

            action = null;
            if (rp == null)
            {
                action = new RedirectResult(OnErrorRedirectUrl);
            }
            return(rp);
        }
 public static SimpleStsConfiguration ForRelyingParty(IRelyingParty rp)
 {
     if (!CurrentConfigurations.ContainsKey(rp.Name))
     {
         lock (Locker)
         {
             if (!CurrentConfigurations.ContainsKey(rp.Name))
             {
                 CurrentConfigurations.Add(rp.Name, new SimpleStsConfiguration(rp));
             }
         }
     }
     return CurrentConfigurations[rp.Name];
 }
 public static SimpleStsConfiguration ForRelyingParty(IRelyingParty rp)
 {
     if (!CurrentConfigurations.ContainsKey(rp.Name))
     {
         lock (Locker)
         {
             if (!CurrentConfigurations.ContainsKey(rp.Name))
             {
                 CurrentConfigurations.Add(rp.Name, new SimpleStsConfiguration(rp));
             }
         }
     }
     return(CurrentConfigurations[rp.Name]);
 }
        public SimpleStsConfiguration(IRelyingParty rp)
            : base(rp.IssuerName)
        {
            RelyingParty = rp;
            SecurityTokenService = typeof(SimpleSts);

            SecurityTokenHandlers.Clear();
            SecurityTokenHandlers.Add(rp.TokenType.GetSecurityTokenHandler());


            ServiceCertificate = rp.GetEncryptingCertificate();
            if (ServiceCertificate != null)
            {
                SecurityTokenHandlers.Add(new EncryptedSecurityTokenHandler());
            }
        }
Exemple #13
0
 public RequestScope(Uri uri, IRelyingParty rp):
     base(uri.ToString(), rp.GetSigningCertificate().GetSigningCredentials())
 {
     RelyingParty = rp;
     EncryptingCredentials = rp.GetEncryptingCertificate().GetEncryptingCredentials();
     if (EncryptingCredentials != null)
     {
         TokenEncryptionRequired = true;
         SymmetricKeyEncryptionRequired = true;
     }
     else
     {
         TokenEncryptionRequired = false;
         SymmetricKeyEncryptionRequired = false;
     }
 }
Exemple #14
0
 public RequestScope(Uri uri, IRelyingParty rp) :
     base(uri.ToString(), rp.GetSigningCertificate().GetSigningCredentials())
 {
     RelyingParty          = rp;
     EncryptingCredentials = rp.GetEncryptingCertificate().GetEncryptingCredentials();
     if (EncryptingCredentials != null)
     {
         TokenEncryptionRequired        = true;
         SymmetricKeyEncryptionRequired = true;
     }
     else
     {
         TokenEncryptionRequired        = false;
         SymmetricKeyEncryptionRequired = false;
     }
 }
        public SimpleStsConfiguration(IRelyingParty rp)
            : base(rp.IssuerName)
        {
            RelyingParty         = rp;
            SecurityTokenService = typeof(SimpleSts);

            SecurityTokenHandlers.Clear();
            SecurityTokenHandlers.Add(TokenTypes.GetSecurityTokenHandler(rp.TokenType));


            ServiceCertificate = rp.GetEncryptingCertificate();
            if (ServiceCertificate != null)
            {
                SecurityTokenHandlers.Add(new EncryptedSecurityTokenHandler());
            }
        }
Exemple #16
0
        public IHttpActionResult Tokens([FromUri] string id)
        {
            if (string.IsNullOrWhiteSpace(id))
            {
                return(BadRequest("No relying party id provided"));
            }

            IRelyingParty rp = STSConfiguration <RelyingParty> .Current.RelyingParties.FindByName(id);

            if (rp == null)
            {
                return(BadRequest(string.Format("Relying party with id {0} was not found", id)));
            }

            var sts      = new SimpleSts(rp.GetStsConfiguration());
            var rMessage = rp.GetSignInRequestMessage(Request.RequestUri);



            //ClearAllCookies();

            SignInResponseMessage res = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(rMessage, GetPrincipal(), sts);



            //SecurityToken st = FederatedAuthentication.WSFederationAuthenticationModule.GetSecurityToken(res);

            //XmlReader reader = XmlReader.Create("addressdata.xml");
            //XmlDictionaryReader dictReader = XmlDictionaryReader.CreateDictionaryReader(reader);



            //string  s= FederatedAuthentication.WSFederationAuthenticationModule.GetXmlTokenFromMessage(res);
            //FederatedPassiveSecurityTokenServiceOperations..ProcessSignInResponse(res, HttpContext.Current.Response);

            var response = Request.CreateResponse(HttpStatusCode.OK);

            NameValueCollection nvc = WSFederationMessage.ParseQueryString(new Uri(res.WriteQueryString()));

            response.Content = new FormUrlEncodedContent(nvc.AllKeys.Select(f => new KeyValuePair <string, string>(f, nvc[f])));

            //response.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/soap+xml");

            return(ResponseMessage(response));
        }
        ActionResult HandleSignInRequestLocal(Models.LoginModel model,
            Func<Models.LoginModel, bool> logonFunction, IRelyingParty rp)
        {
            try
            {

                var actualPrincipal = GetPrincipal(model);

                ClearAllCookies(); //except [culture, theme, font, etc] cookies

                System.Web.HttpContext.Current.Response.HandleSignIn(Request.Url, rp, actualPrincipal);

                return new EmptyResult();
            }
            catch (Exception ex)
            {
                throw new Exception("HandleSingleInRequest Failed. ", ex);
            }
        }
        public ValueTask <IEnumerable <Claim> > GetClaimsAsync(ClaimsIdentity identity, IRelyingParty party, IEnumerable <Claim> outgoingClaims)
        {
            var attributes = outgoingClaims
                             .Where(c => c.Type != ClaimTypes.NameIdentifier)
                             .Where(c => c.Type != ClaimTypes.AuthenticationInstant)
                             .Where(c => c.Type != ClaimTypes.AuthenticationMethod)
            ;
            var claims = new List <Claim>();

            if (!attributes.Any())
            {
                claims.Add(new Claim("http://schemas.solidsoft.works/ws/2020/08/identity/claims/null", bool.TrueString, ClaimValueTypes.Boolean));
            }

            return(new ValueTask <IEnumerable <Claim> >(claims));
        }
Exemple #19
0
        ActionResult HandleSignInRequestLocal(Models.LoginModel model,
                                              Func <Models.LoginModel, bool> logonFunction, IRelyingParty rp)
        {
            try
            {
                var actualPrincipal = GetPrincipal(model);

                ClearAllCookies(); //except [culture, theme, font, etc] cookies

                System.Web.HttpContext.Current.Response.HandleSignIn(Request.Url, rp, actualPrincipal);

                return(new EmptyResult());
            }
            catch (Exception ex)
            {
                throw new Exception("HandleSingleInRequest Failed. ", ex);
            }
        }
Exemple #20
0
        private async Task <bool> TryGetClaimsAsync(IEnumerable <string> requestedClaimTypes, string requirement, ClaimsIdentity source, IRelyingParty party, ICollection <Claim> claims)
        {
            var list   = requestedClaimTypes.ToList();
            var stores = new List <IRelyingPartyClaimStore>();

            foreach (var type in requestedClaimTypes)
            {
                if (!_relyingPartyClaimStores.TryGetValue(type, out var relyingPartyClaimStores))
                {
                    continue;
                }
                stores.AddRange(relyingPartyClaimStores);
            }

            foreach (var store in stores.Distinct())
            {
                if (!store.CanGenerateClaims(party.AppliesTo))
                {
                    continue;
                }

                _logger.LogDebug($"Attempting to get {requirement} claims from {store.GetType().Name}");
                var requiredClaims = await store.GetClaimsAsync(source, party);

                foreach (var claim in requiredClaims)
                {
                    _logger.LogTrace($"Adding {requirement} claim '{claim.Type}' from {store.GetType().Name}");
                    claims.Add(claim);
                    if (list.Contains(claim.Type))
                    {
                        list.Remove(claim.Type);
                    }
                }
            }

            var copy = list.ToArray();

            foreach (var type in copy)
            {
                var claim = source.FindFirst(type);
                if (claim == null)
                {
                    continue;
                }

                _logger.LogDebug($"Adding {requirement} claim '{type}' from source identity.");
                claims.Add(claim);
                list.Remove(type);
            }

            var success = !list.Any();

            if (!success)
            {
                WsTrustLogMessages.UnableToGetAllClaims(_logger, requirement, new UnableToGetAllClaims {
                    UnpopulatedClaimTypes = list
                }, null);
            }

            return(success);
        }
 public abstract ValueTask <IEnumerable <Claim> > GetClaimsAsync(ClaimsIdentity identity, IRelyingParty party);
        protected virtual async ValueTask <Scope> CreateScopeAsync(ClaimsPrincipal principal, WsTrustRequest request, IRelyingParty party, CancellationToken cancellationToken)
        {
            var identity = ClaimsPrincipal.PrimaryIdentitySelector(principal.Identities);
            var claims   = await MapIncomingClaimsAsync(principal.Claims);

            var user  = new ClaimsIdentity(claims, identity.AuthenticationType, identity.NameClaimType, identity.RoleClaimType);
            var scope = new Scope(user, party);

            scope.SigningCredentials = await CreateSigningCredentialsAsync(party, cancellationToken);

            scope.EncryptingCredentials = await CreateEncryptingCredentialsAsync(party, cancellationToken);

            return(scope);
        }
Exemple #23
0
        public async ValueTask <ClaimsIdentity> CreateOutgoingSubjectAsync(ClaimsIdentity identity, IRelyingParty relyingParty, string tokenType)
        {
            var claims = new List <Claim>();

            var required = relyingParty.RequiredClaims ?? Enumerable.Empty <string>();
            var optional = relyingParty.OptionalClaims ?? Enumerable.Empty <string>();

            _logger.LogInformation($"Getting required claims for party: {relyingParty.AppliesTo}");
            if (required.Any())
            {
                if (!await TryGetClaimsAsync(required, nameof(required), identity, relyingParty, claims))
                {
                    throw new SecurityException($"Unable to get all required claim values for party: {relyingParty.AppliesTo}");
                }
            }
            else
            {
                _logger.LogInformation($"No required claims for party: {relyingParty.AppliesTo}");
            }

            _logger.LogInformation($"Getting optional claims for party: {relyingParty.AppliesTo}");
            if (optional.Any())
            {
                _ = await TryGetClaimsAsync(optional, nameof(optional), identity, relyingParty, claims);
            }
            else
            {
                _logger.LogInformation($"No optional claims for party: {relyingParty.AppliesTo}");
            }


            var tokenTypeClaimStores = _tokenTypeClaimStores.Where(s => s.CanGenerateClaims(tokenType));

            if (tokenTypeClaimStores.Any())
            {
                _logger.LogDebug($"Getting claims for token type: {tokenType}");
                foreach (var store in tokenTypeClaimStores)
                {
                    var tokenTypeClaims = await store.GetClaimsAsync(identity, relyingParty, claims);

                    foreach (var claim in tokenTypeClaims)
                    {
                        _logger.LogTrace($"Adding {claim.Type} from {store.GetType().Name}");
                        claims.Add(claim);
                    }
                }
            }

            var outgoing = new ClaimsIdentity(claims, identity.AuthenticationType, identity.NameClaimType, identity.RoleClaimType);

            return(outgoing);
        }
        protected virtual ValueTask <EncryptingCredentials> CreateEncryptingCredentialsAsync(IRelyingParty party, CancellationToken cancellationToken)
        {
            if (!party.RequiresEncryptedToken && !party.RequiresEncryptedSymmetricKeys)
            {
                return(new ValueTask <EncryptingCredentials>());
            }

            var key    = party.EncryptingKey;
            var method = party.EncryptingAlgorithm ?? Options.DefaultEncryptionAlgorithm;

            if (key == null)
            {
                key    = Options.DefaultSigningKey;
                method = Options.DefaultEncryptionAlgorithm;
            }

            if (key == null)
            {
                return(new ValueTask <EncryptingCredentials>());
            }

            var credentials = method.CreateCredentials(key);

            var information = new EncryptingCredentialsInformation
            {
                SecurityKeyName         = (key is X509SecurityKey x509) ? x509.Certificate.Subject : key.KeyId,
                SecurityKeyType         = key.GetType().Name,
                DataEncryptionAlgorithm = method.EncryptionAlgorithm,
                KeyWrapAlgorithm        = method.KeyWrapAlgorithm
            };

            WsTrustLogMessages.EncryptingCredentialsCreated(Logger, information, null);

            return(new ValueTask <EncryptingCredentials>(credentials));
        }
        protected virtual async ValueTask ValidateRelyingPartyAsync(ClaimsPrincipal principal, WsTrustRequest request, IRelyingParty party, CancellationToken cancellationToken)
        {
            var issuer    = principal.FindFirst(WsSecurityClaimTypes.Issuer)?.Value;
            var appliesTo = request.AppliesTo.EndpointReference.Uri;

            if (party.ValidateRequestedTokenType && !party.SupportedTokenTypes.Contains(request.TokenType))
            {
                throw new SecurityException($"Identity provider ({issuer}) attempting to request a token type the relying party ({appliesTo}) doesn't support: {request.TokenType}");
            }

            if (!await party.AuthorizeAsync(Services, principal))
            {
                throw new SecurityException($"User is not authorized to be issued a token for {party.AppliesTo}");
            }
        }
        protected virtual ValueTask <SigningCredentials> CreateSigningCredentialsAsync(IRelyingParty party, CancellationToken cancellationToken)
        {
            var key    = party.SigningKey;
            var method = party.SigningAlgorithm ?? Options.DefaultSigningAlgorithm;

            if (key == null)
            {
                key    = Options.DefaultSigningKey;
                method = Options.DefaultSigningAlgorithm;
            }

            if (key == null)
            {
                return(new ValueTask <SigningCredentials>());
            }

            var credentials = method.CreateCredentials(key);

            var information = new SigningCredentialsInformation
            {
                SecurityKeyName = (key is X509SecurityKey x509) ? x509.Certificate.Subject : key.KeyId,
                SecurityKeyType = key.GetType().Name,
                Algorithm       = method.SignatureAlgortihm,
                Digest          = method.DigestAlgorithm
            };

            WsTrustLogMessages.SigningCredentialsCreated(Logger, information, null);

            return(new ValueTask <SigningCredentials>(credentials));
        }
Exemple #27
0
        public string Issue(string relayingPartyName, string realm, string userName, string userId)
        {
            if (string.IsNullOrWhiteSpace(relayingPartyName))
            {
                throw new ArgumentNullException("relayingPartyName");
            }

            if (string.IsNullOrWhiteSpace(realm))
            {
                throw new ArgumentNullException("realm");
            }

            if (string.IsNullOrWhiteSpace(userName))
            {
                throw new ArgumentNullException("userName");
            }

            if (string.IsNullOrWhiteSpace(userId))
            {
                throw new ArgumentNullException("userId");
            }

            ClaimsPrincipal principal = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim> {
                new Claim(ClaimTypes.Name, userName), new Claim(ClaimTypes.Sid, userId)
            }));

            // Signin message for cross service -> issuer realm == home realm == issuer url
            SignInRequestMessage signInRequestMessage = new SignInRequestMessage(new Uri(realm), realm)
            {
                CurrentTime = DateTime.UtcNow.ToString("s", CultureInfo.InvariantCulture) + "Z",
                HomeRealm   = realm
            };

            IRelyingParty rp = STSConfiguration <RelyingParty> .Current.RelyingParties.FindByName(relayingPartyName);

            if (rp == null)
            {
                throw new ConfigurationErrorsException(string.Format("Relying party with name {0} was not found", relayingPartyName));
            }

            if (FederatedAuthentication.WSFederationAuthenticationModule == null)
            {
                throw new ConfigurationErrorsException("WSFederationAuthenticationModule was not found");
            }

            var sts = new SimpleSts(rp.GetStsConfiguration());

            SignInResponseMessage signInResponseMessage = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(signInRequestMessage, principal, sts);



            string tokenXml = signInResponseMessage.Result;

            XmlDocument xml = new XmlDocument();

            xml.LoadXml(tokenXml);

            string xmlSecurityToken = xml.DocumentElement.GetElementsByTagName("trust:RequestedSecurityToken").Item(0).InnerXml; // <Assertion>



            //WSFederationSerializer ser = new WSFederationSerializer();

            //GenericXmlSecurityToken xmlt = new GenericXmlSecurityToken()


            //string xmlSecurityToken = FederatedAuthentication.WSFederationAuthenticationModule.GetXmlTokenFromMessage(signInResponseMessage);

            var xmlSecurityTokenBase64Encoded = Convert.ToBase64String(Encoding.UTF8.GetBytes(xmlSecurityToken));

            return(xmlSecurityTokenBase64Encoded);
        }
 public static SignInRequestMessage GetSignInRequestMessage(this IRelyingParty rp, Uri baseUri)
 {
     return(new SignInRequestMessage(baseUri, rp.Realm));
 }
Exemple #29
0
        public async Task <IHttpActionResult> Login(string relyingPartyName)
        {
            if (string.IsNullOrWhiteSpace(relyingPartyName))
            {
                return(BadRequest("No relying party id provided"));
            }


            string action;
            NameValueCollection content = null;
            NameValueCollection qs      = Request.RequestUri.ParseQueryString();

            action = qs.Get(WSFederationConstants.Parameters.Action);
            if (string.IsNullOrWhiteSpace(action))
            {
                content = await Request.Content.ReadAsFormDataAsync();

                action = content.Get(WSFederationConstants.Parameters.Action);
            }

            if (action == WSFederationConstants.Actions.SignIn)
            {
                IRelyingParty rp = STSConfiguration <RelyingParty> .Current.RelyingParties.FindByName(relyingPartyName);


                if (this.User != null && this.User.Identity.IsAuthenticated)
                {
                    if (content == null)
                    {
                        content = await Request.Content.ReadAsFormDataAsync();
                    }

                    WSFederationMessage responseMessageFromIssuer = WSFederationMessage.CreateFromNameValueCollection(Request.RequestUri, content);

                    var contextId = responseMessageFromIssuer.Context;

                    var ctxCookie = System.Web.HttpContext.Current.Request.Cookies[contextId];
                    if (ctxCookie == null)
                    {
                        throw new InvalidOperationException("Context cookie not found");
                    }

                    var        originalRequestUri = new Uri(ctxCookie.Value);
                    HttpCookie cookie             = DeleteContextCookie(contextId);
                    System.Web.HttpContext.Current.Response.Cookies.Add(cookie);

                    var requestMessage = (SignInRequestMessage)WSFederationMessage.CreateFromUri(originalRequestUri);

                    var sts = new SimpleSts(rp.GetStsConfiguration());

                    SignInResponseMessage rm = FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest(requestMessage, User as ClaimsPrincipal, sts);

                    //WSTrustSerializationContext context = new WSTrustSerializationContext(FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlerCollectionManager);
                    //WSFederationSerializer fedSer = new WSFederationSerializer();
                    //RequestSecurityTokenResponse token = fedSer.CreateResponse(rm, context);
                    //token.RequestedSecurityToken.SecurityToken.

                    FederatedPassiveSecurityTokenServiceOperations.ProcessSignInResponse(rm, System.Web.HttpContext.Current.Response);


                    return(StatusCode(HttpStatusCode.NoContent));
                }
                else
                {
                    var        contextId = Guid.NewGuid().ToString();
                    HttpCookie cookie    = CreateContextCookie(contextId, HttpUtility.UrlDecode(this.Request.RequestUri.AbsoluteUri));
                    System.Web.HttpContext.Current.Response.Cookies.Add(cookie);

                    var message = new SignInRequestMessage(new Uri(rp.AuthenticationUrl), FederatedAuthentication.WSFederationAuthenticationModule.Realm)
                    {
                        CurrentTime = DateTime.UtcNow.ToString("s", CultureInfo.InvariantCulture) + "Z",
                        HomeRealm   = rp.Realm,
                        Context     = contextId,
                        Reply       = Url.Link("Login", new { relyingPartyName = relyingPartyName })
                    };

                    message.Parameters.Add(new KeyValuePair <string, string>("originalRequest", Request.RequestUri.ToString()));

                    return(Redirect(message.RequestUrl));
                }
            }
            else
            {
                return(BadRequest(String.Format(
                                      CultureInfo.InvariantCulture,
                                      "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.",
                                      String.IsNullOrEmpty(action) ? "<EMPTY>" : action,
                                      WSFederationConstants.Parameters.Action,
                                      WSFederationConstants.Actions.SignIn,
                                      WSFederationConstants.Actions.SignOut)));
            }
        }
 public static SimpleStsConfiguration GetStsConfiguration(this IRelyingParty rp)
 {
     return(SimpleStsConfiguration.ForRelyingParty(rp));
 }