private static XElement MakeDgwsStsReq(SealCard sc, string issuer)
{
var xassertion = new XDocument();
using (var wr = xassertion.CreateWriter())
{
sc.Xassertion.WriteTo(wr);
}
var xrst = new XElement(NameSpaces.xwst + "RequestSecurityToken",
new XAttribute("Context", "www.sosi.dk"),
new XElement(NameSpaces.xwst + "TokenType", "urn:oasis:names:tc:SAML:2.0:assertion"),
new XElement(NameSpaces.xwst + "RequestType", "http://schemas.xmlsoap.org/ws/2005/02/security/trust/Issue"),
new XElement(NameSpaces.xwst + "Claims", xassertion.Root),
new XElement(NameSpaces.xwst + "Issuer",
new XElement(NameSpaces.xwsa04 + "Address", issuer)
)
);
return(new XElement(NameSpaces.xsoap + "Envelope",
new XElement(NameSpaces.xsoap + "Header",
new XElement(NameSpaces.xwsse + "Security",
new XElement(NameSpaces.xwsu + "Timestamp",
new XElement(NameSpaces.xwsu + "Created", DateTime.Now.ToString("u").Replace(' ', 'T'))
)
)
),
new XElement(NameSpaces.xsoap + "Body", xrst)
));
}
public static SealCard SignIn(SealCard sc, string issuer, string endpointAdr)
{
var ss = WebPost(MakeDgwsStsReq(sc, issuer), endpointAdr);
var fault = ss.Element(NameSpaces.xsoap + "Body").Element(NameSpaces.xsoap + "Fault");
if (fault != null)
{
throw new FaultException(new FaultReason(fault.Element("faultstring")?.Value), new FaultCode(fault.Element("faultcode")?.Value), null);
}
if (!new SealSignedXml(ss).CheckAssertionSignature())
{
throw new FaultException(new FaultReason("Signature error"), new FaultCode("STS"), null);
}
return(new SealCard(ss.Descendants(NameSpaces.xsaml + "Assertion").First()));
}
public SealCardMessageHeader(SealCard sc) : this()
{
this.sc = sc;
}
public SecurityToken ExchangeAssertion(Saml2Assertion assertion, Saml2Assertion healthAssertion, SealCard sc, string appliesTo)
{
var rst = CreateWsTrustRequest();
rst.Context = "urn:uuid:" + Guid.NewGuid().ToString("D");
rst.ActAs = new SecurityTokenElement(new Saml2SecurityToken2(assertion, healthAssertion));
rst.AppliesTo = new AppliesTo(new EndpointReference(appliesTo));
rst.TokenType = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";
return(this.GetTokenCore(TimeSpan.Zero) as SealSaml2SecurityToken);
/*
* RequestSecurityTokenResponse rstr = null;
* var cc = Channel.Channel as IContextChannel;
* using (var scope = new OperationContextScope(cc))
* {
* OperationContext.Current.OutgoingMessageHeaders.Add(new SealCardMessageHeader(sc));
* return Channel.Issue(rst, out rstr);
* }*/
}