public ActionResult AuthenticateResponse() { var viewModel = new HomeViewModel(); // get the response var responseHandler = SuisseIdSdkObjectFactory.GetResponseHandler(); try { // handel reponse var response = responseHandler.HandleResponse(this.ControllerContext.HttpContext); // get the requested claims var claim = response.AllClaims[CoreClaimTypes.IsOver18]; // fill view model data if (claim != null) { //viewModel.OlderThan18 = (bool)claim.Value; } //viewModel.SuisseIdNummer = response.SubjectNameId; this.ControllerContext.HttpContext.Session.Add("HomeViewModel", viewModel); return(null); //viewModel.OlderThan18 ? this.RedirectToAction("Full") : this.RedirectToAction("NoAge"); } catch (StatusException ex) { // handle status error in response var errorViewModel = new ErrorViewModel { ErrorText = ex.Message }; return(this.View("Error", errorViewModel)); } catch (SignatureException ex) { // handle signature error in response var errorViewModel = new ErrorViewModel { ErrorText = ex.Message }; return(this.View("Error", errorViewModel)); } catch (InResponseToException ex) { // handle in response to error in response var errorViewModel = new ErrorViewModel { ErrorText = ex.Message }; return(this.View("Error", errorViewModel)); } catch (LifetimeExceededException ex) { // handle lifetime exeeded error in response var errorViewModel = new ErrorViewModel { ErrorText = ex.Message }; return(this.View("Error", errorViewModel)); } }
public ActionResult LogonCertificate() { // check certificate and get age // read certificate and validate var validator = SuisseIdSdkObjectFactory.GetCertificateValidator(); var certificate = new X509Certificate2(this.Request.ClientCertificate.Certificate); try { validator.Validate(certificate); var certHelper = SuisseIdSdkObjectFactory.GetCertificateHelper(); var issuer = certHelper.GetIssuerOrganization(certificate); var request = SuisseIdSdkObjectFactory.GetAuthenticationRequest(); // get the ProviderName from the certificate request.ProviderName = issuer; // get age from assigned IdP request.Claims.Add(new ClaimDescriptor { IsRequired = true, Name = CoreClaimTypes.IsOver18 }); // get the IdP-Url from the configuration var configSettings = SuisseID.Configuration.SuisseIdSettings.GetSettings(); foreach (SuisseID.Configuration.SuisseIdSettings.TrustedEndpoint idP in configSettings.TrustedEndpoints) { if (idP.IdentifyingName.Equals(issuer)) { request.Destination = new Uri(idP.RequestUrl); break; } } if (request.Destination == null) { throw new Exception("No endpoint found for this certificate."); } request.AssertionConsumerServiceUrl = new Uri(string.Format("{0}://{1}{2}", Request.Url.Scheme, Request.Url.Host, Url.Action("AuthenticateResponse"))); request.PrivacyNoticeAddress = new Uri(ConfigurationManager.AppSettings["PrivacyUrl"]); request.Issuer = "Test SuisseID SP .NET"; var sender = SuisseIdSdkObjectFactory.GetRequestSender(); // Wenn explizit gelesen, X509KeyStorageFlags.MachineKeySet setzen. // var signingCert = new X509Certificate2(@"C:\projects\seco\SuisseID\Trunk\SDK\Source\ApiTestWeb\SigningCert\[email protected]_Qualified.p12", "SuisseID.123", X509KeyStorageFlags.MachineKeySet); // sender.SendRequest(request, this.ControllerContext.HttpContext, signingCert); // Sonst kann es das CertifictaeRepository nun auch sender.SendRequest(request, this.ControllerContext.HttpContext); } catch (Exception ex) { var viewModel = new ErrorViewModel(); viewModel.ErrorText = ex.Message; return(this.View("Error", viewModel)); } return(null); }