public ActionResult AuthenticateResponse()
{
var viewModel = new HomeViewModel();
// get the response
var responseHandler = SuisseIdSdkObjectFactory.GetResponseHandler();
try
{
// handel reponse
var response = responseHandler.HandleResponse(this.ControllerContext.HttpContext);
// get the requested claims
var claim = response.AllClaims[CoreClaimTypes.IsOver18];
// fill view model data
if (claim != null)
{
//viewModel.OlderThan18 = (bool)claim.Value;
}
//viewModel.SuisseIdNummer = response.SubjectNameId;
this.ControllerContext.HttpContext.Session.Add("HomeViewModel", viewModel);
return(null); //viewModel.OlderThan18 ? this.RedirectToAction("Full") : this.RedirectToAction("NoAge");
}
catch (StatusException ex)
{
// handle status error in response
var errorViewModel = new ErrorViewModel {
ErrorText = ex.Message
};
return(this.View("Error", errorViewModel));
}
catch (SignatureException ex)
{
// handle signature error in response
var errorViewModel = new ErrorViewModel {
ErrorText = ex.Message
};
return(this.View("Error", errorViewModel));
}
catch (InResponseToException ex)
{
// handle in response to error in response
var errorViewModel = new ErrorViewModel {
ErrorText = ex.Message
};
return(this.View("Error", errorViewModel));
}
catch (LifetimeExceededException ex)
{
// handle lifetime exeeded error in response
var errorViewModel = new ErrorViewModel {
ErrorText = ex.Message
};
return(this.View("Error", errorViewModel));
}
}
public ActionResult LogonCertificate()
{
// check certificate and get age
// read certificate and validate
var validator = SuisseIdSdkObjectFactory.GetCertificateValidator();
var certificate = new X509Certificate2(this.Request.ClientCertificate.Certificate);
try
{
validator.Validate(certificate);
var certHelper = SuisseIdSdkObjectFactory.GetCertificateHelper();
var issuer = certHelper.GetIssuerOrganization(certificate);
var request = SuisseIdSdkObjectFactory.GetAuthenticationRequest();
// get the ProviderName from the certificate
request.ProviderName = issuer;
// get age from assigned IdP
request.Claims.Add(new ClaimDescriptor {
IsRequired = true, Name = CoreClaimTypes.IsOver18
});
// get the IdP-Url from the configuration
var configSettings = SuisseID.Configuration.SuisseIdSettings.GetSettings();
foreach (SuisseID.Configuration.SuisseIdSettings.TrustedEndpoint idP in configSettings.TrustedEndpoints)
{
if (idP.IdentifyingName.Equals(issuer))
{
request.Destination = new Uri(idP.RequestUrl);
break;
}
}
if (request.Destination == null)
{
throw new Exception("No endpoint found for this certificate.");
}
request.AssertionConsumerServiceUrl = new Uri(string.Format("{0}://{1}{2}", Request.Url.Scheme, Request.Url.Host, Url.Action("AuthenticateResponse")));
request.PrivacyNoticeAddress = new Uri(ConfigurationManager.AppSettings["PrivacyUrl"]);
request.Issuer = "Test SuisseID SP .NET";
var sender = SuisseIdSdkObjectFactory.GetRequestSender();
// Wenn explizit gelesen, X509KeyStorageFlags.MachineKeySet setzen.
// var signingCert = new X509Certificate2(@"C:\projects\seco\SuisseID\Trunk\SDK\Source\ApiTestWeb\SigningCert\[email protected]_Qualified.p12", "SuisseID.123", X509KeyStorageFlags.MachineKeySet);
// sender.SendRequest(request, this.ControllerContext.HttpContext, signingCert);
// Sonst kann es das CertifictaeRepository nun auch
sender.SendRequest(request, this.ControllerContext.HttpContext);
}
catch (Exception ex)
{
var viewModel = new ErrorViewModel();
viewModel.ErrorText = ex.Message;
return(this.View("Error", viewModel));
}
return(null);
}
