public Issuer AddIdentityProviderManually(string displayName, string federationUrl, WebSSOProtocolType protocolType, byte[] signingValidationCert = null, string[] allowedRelyingParties = null) { try { var client = this.CreateManagementServiceClient(); var defaultStartDate = DateTime.UtcNow; var defaultEndDate = defaultStartDate.AddYears(1); var issuer = new Issuer { Name = displayName }; var oldIssuer = client.Issuers.Where(ip => ip.Name == issuer.Name).FirstOrDefault(); if (oldIssuer != null) { client.DeleteObject(oldIssuer); } client.AddToIssuers(issuer); client.SaveChanges(SaveChangesOptions.Batch); var identityProvider = new IdentityProvider { DisplayName = displayName, WebSSOProtocolType = protocolType.ToString(), LoginLinkName = displayName, IssuerId = issuer.Id }; var oldIdentityProvider = client.IdentityProviders.Where(ip => ip.DisplayName.Equals(identityProvider.DisplayName, StringComparison.OrdinalIgnoreCase)) .FirstOrDefault(); if (oldIdentityProvider != null) { client.DeleteObject(oldIdentityProvider); client.SaveChanges(); } client.AddToIdentityProviders(identityProvider); client.SaveChanges(SaveChangesOptions.Batch); // Identity provider public key to verify the signature if (signingValidationCert != null) { var key = new IdentityProviderKey { IdentityProviderId = identityProvider.Id, DisplayName = "Signing Key for " + displayName, StartDate = defaultStartDate, EndDate = defaultEndDate, Type = KeyType.X509Certificate.ToString(), Usage = KeyUsage.Signing.ToString(), Value = signingValidationCert }; client.AddToIdentityProviderKeys(key); client.SaveChanges(SaveChangesOptions.Batch); } // WS-Federation sign-in URL var federationSignInAddress = new IdentityProviderAddress { IdentityProviderId = identityProvider.Id, EndpointType = EndpointType.SignIn.ToString(), Address = federationUrl }; client.AddToIdentityProviderAddresses(federationSignInAddress); client.SaveChanges(SaveChangesOptions.Batch); return(issuer); } catch (Exception ex) { throw TryGetExceptionDetails(ex); } }
public Issuer AddIdentityProviderManually(string displayName, string federationUrl, WebSSOProtocolType protocolType, byte[] signingValidationCert = null, string[] allowedRelyingParties = null) { try { var client = this.CreateManagementServiceClient(); var defaultStartDate = DateTime.UtcNow; var defaultEndDate = defaultStartDate.AddYears(1); var issuer = new Issuer { Name = displayName }; var oldIssuer = client.Issuers.Where(ip => ip.Name == issuer.Name).FirstOrDefault(); if (oldIssuer != null) { client.DeleteObject(oldIssuer); } client.AddToIssuers(issuer); client.SaveChanges(SaveChangesOptions.Batch); var identityProvider = new IdentityProvider { DisplayName = displayName, WebSSOProtocolType = protocolType.ToString(), LoginLinkName = displayName, IssuerId = issuer.Id }; var oldIdentityProvider = client.IdentityProviders.Where(ip => ip.DisplayName.Equals(identityProvider.DisplayName, StringComparison.OrdinalIgnoreCase)) .FirstOrDefault(); if (oldIdentityProvider != null) { client.DeleteObject(oldIdentityProvider); client.SaveChanges(); } client.AddToIdentityProviders(identityProvider); client.SaveChanges(SaveChangesOptions.Batch); // Identity provider public key to verify the signature if (signingValidationCert != null) { var key = new IdentityProviderKey { IdentityProviderId = identityProvider.Id, DisplayName = "Signing Key for " + displayName, StartDate = defaultStartDate, EndDate = defaultEndDate, Type = KeyType.X509Certificate.ToString(), Usage = KeyUsage.Signing.ToString(), Value = signingValidationCert }; client.AddToIdentityProviderKeys(key); client.SaveChanges(SaveChangesOptions.Batch); } // WS-Federation sign-in URL var federationSignInAddress = new IdentityProviderAddress { IdentityProviderId = identityProvider.Id, EndpointType = EndpointType.SignIn.ToString(), Address = federationUrl }; client.AddToIdentityProviderAddresses(federationSignInAddress); client.SaveChanges(SaveChangesOptions.Batch); return issuer; } catch (Exception ex) { throw TryGetExceptionDetails(ex); } }