public string GetRequest(AuthRequestFormat format) { string samlReq = "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"" + " ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"" + " Version=\"2.0\"" + " IssueInstant=\"" + issueInstant + "\"" + " ID=\"" + id + "\"" + " AssertionConsumerServiceURL=\"" + LoadPropertities.assertionConsumerServiceUrl + "\">\n"; samlReq += "<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" + LoadPropertities.issuer + "</saml:Issuer>\n"; samlReq += "<samlp:NameIDPolicy Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\" />\n"; samlReq += "</samlp:AuthnRequest>"; if (format == AuthRequestFormat.Base64) { byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(samlReq); using (MemoryStream output = new MemoryStream()) { using (DeflateStream zip = new DeflateStream(output, CompressionMode.Compress, true)) { zip.Write(toEncodeAsBytes, 0, toEncodeAsBytes.Length); } string base64 = Convert.ToBase64String(output.ToArray()); return(HttpUtility.UrlEncode(base64)); } } return(null); }
public string GetRequest(AuthRequestFormat format) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { //xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteStartElement("saml2p", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("Destination", accountSettings.idp_sso_target_url); //xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl); //xw.WriteAttributeString("xmlns:saml2", "urn:oasis:names:tc:SAML:2.0:assertion"); //xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteStartElement("saml2", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(appSettings.issuer); xw.WriteEndElement(); //xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); //xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); //xw.WriteAttributeString("AllowCreate", "true"); //xw.WriteEndElement(); //xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); //xw.WriteAttributeString("Comparison", "exact"); //xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); //xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); //xw.WriteEndElement(); xw.WriteEndElement(); // RequestedAuthnContext //xw.WriteEndElement(); } if (format == AuthRequestFormat.Base64) { //byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(sb); //return System.Convert.ToBase64String(toEncodeAsBytes); using (var compressed = new MemoryStream()) { using (var writer = new StreamWriter(new DeflateStream(compressed, CompressionLevel.Optimal, true))) { writer.Write(sw.ToString()); } return(Convert.ToBase64String(compressed.GetBuffer())); } } return(null); } }
public string GetRequest(AuthRequestFormat format) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", _id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", _issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", _assertionConsumerServiceUrl); if (ForceAuthn.HasValue) { xw.WriteAttributeString("forceAuthn", ForceAuthn.ToString()); } xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(_issuer); xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); /*xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); * xw.WriteAttributeString("Comparison", "exact"); * xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); * xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); * xw.WriteEndElement(); * xw.WriteEndElement();*/ xw.WriteEndElement(); } if (format == AuthRequestFormat.Base64) { //byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(sw.ToString()); //return System.Convert.ToBase64String(toEncodeAsBytes); //https://stackoverflow.com/questions/25120025/acs75005-the-request-is-not-a-valid-saml2-protocol-message-is-showing-always%3C/a%3E var memoryStream = new MemoryStream(); var writer = new StreamWriter(new DeflateStream(memoryStream, CompressionMode.Compress, true), new UTF8Encoding(false)); writer.Write(sw.ToString()); writer.Close(); string result = Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length, Base64FormattingOptions.None); return(result); } return(null); } }
public string GetRequest(AuthRequestFormat format) { var xml = new XmlDocument(); using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"); xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(appSettings.issuer); xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Comparison", "exact"); xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); xw.WriteEndElement(); xw.WriteEndElement(); // RequestedAuthnContext xw.WriteEndElement(); //xml.LoadXml(xw.ToString()); } //xml.LoadXml(xws.ToString()); //var certificate = new Certificate(); ////certificate.LoadCertificate(accountSettings.certificate); //certificate.LoadCertificate("server.p12", "pass", X509KeyStorageFlags.Exportable); //EncryptXmlWithCert(xml, "", certificate.cert); if (format == AuthRequestFormat.Base64) { byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(xws.ToString()); return(System.Convert.ToBase64String(toEncodeAsBytes)); } return(null); } }
public string GetRequest(AuthRequestFormat format) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); //xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); //xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(appSettings.issuer); xw.WriteEndElement(); //xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); //xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); //xw.WriteAttributeString("AllowCreate", "true"); //xw.WriteEndElement(); //xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); //xw.WriteAttributeString("Comparison", "exact"); //xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); //xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); //xw.WriteEndElement(); //xw.WriteEndElement(); // RequestedAuthnContext xw.WriteEndElement(); } if (format == AuthRequestFormat.Base64) { var bytes = Encoding.UTF8.GetBytes(sw.ToString()); using (var output = new MemoryStream()) { using (var zip = new DeflateStream(output, CompressionMode.Compress)) { zip.Write(bytes, 0, bytes.Length); } var base64 = Convert.ToBase64String(output.ToArray()); return(HttpUtility.UrlEncode(base64)); } } return(null); } }
public string GetRequest(AuthRequestFormat format) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl); xw.WriteAttributeString("saml", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(appSettings.issuer); xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Comparison", "exact"); xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); xw.WriteEndElement(); xw.WriteEndElement(); // RequestedAuthnContext xw.WriteEndElement(); } if (format == AuthRequestFormat.DeflatedBase64) { return(System.Convert.ToBase64String(Deflate(System.Text.ASCIIEncoding.ASCII.GetBytes(sw.ToString())))); } if (format == AuthRequestFormat.Base64) { return(ConvertStringToBase64(sw.ToString())); } return(null); } }
public string GetRequest(AuthRequestFormat format) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(appSettings.issuer); xw.WriteEndElement(); //xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); //xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); //xw.WriteAttributeString("AllowCreate", "true"); //xw.WriteEndElement(); xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Comparison", "exact"); xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); xw.WriteEndElement(); xw.WriteEndElement(); // RequestedAuthnContext xw.WriteEndElement(); } if (format == AuthRequestFormat.Base64) { var memoryStream = new MemoryStream(); var writer = new StreamWriter(new DeflateStream(memoryStream, CompressionMode.Compress, true), new UTF8Encoding(false)); writer.Write(sw.ToString()); writer.Close(); return(Convert.ToBase64String(memoryStream.GetBuffer(), 0, (int)memoryStream.Length, Base64FormattingOptions.None)); } return(null); } }
public string GetRequest(AuthRequestFormat format) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", "http://localhost/SAML2/POST"); // service provider url to consume token . it should be post method xw.WriteAttributeString("Destination", "http://myshibboleth.idp.com/idp/profile/SAML2/Redirect/SSO"); //xw.WriteAttributeString("AssertionConsumerServiceURL", ConfigurationManager.AppSettings["AssertionConsumerServiceURL"]); //xw.WriteAttributeString("Destination", ConfigurationManager.AppSettings["Destination"]); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("http://localhost"); // service provider home url xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); //xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); //xw.WriteAttributeString("Comparison", "exact"); //xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); //xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); //xw.WriteEndElement(); xw.WriteEndElement(); // RequestedAuthnContext } if (format == AuthRequestFormat.Base64) { var bytes = Encoding.UTF8.GetBytes(sw.ToString()); using (var output = new MemoryStream()) { using (var zip = new DeflateStream(output, CompressionMode.Compress)) { zip.Write(bytes, 0, bytes.Length); } var base64 = Convert.ToBase64String(output.ToArray()); return base64; //return HttpUtility.UrlEncode(base64); } } return null; } }
public string GetRequest(AuthRequestFormat format) { using (var sw = new StringWriter()) { var xws = new XmlWriterSettings { OmitXmlDeclaration = true }; using (var xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issueInstant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", "http://localhost"); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(issuer); xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Comparison", "exact"); xw.WriteEndElement(); xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); xw.WriteEndElement(); xw.WriteEndElement(); } if (format == AuthRequestFormat.Base64) { var toEncodeAsBytes = ASCIIEncoding.ASCII.GetBytes(sw.ToString()); return(Convert.ToBase64String(toEncodeAsBytes)); } return(sw.ToString()); } }
public string GetRequest(AuthRequestFormat format) { using (StringWriter sw = new StringWriter()) { using (XmlWriter xw = XmlWriter.Create(sw, new XmlWriterSettings() { OmitXmlDeclaration = true })) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(appSettings.issuer); xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Comparison", "exact"); xw.WriteEndElement(); xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); xw.WriteEndElement(); xw.WriteEndElement(); } switch (format) { case AuthRequestFormat.Base64: return Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes(sw.ToString())); default: throw new ApplicationException(); } } }
public string GetRequest(AuthRequestFormat format) { using (var sw = new StringWriter()) { var xws = new XmlWriterSettings { OmitXmlDeclaration = true }; using (var xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", Saml2Constants.Protocol); xw.WriteAttributeString("ID", Id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", _issueInstant); xw.WriteAttributeString("ProtocolBinding", Saml2Constants.PostBinding); xw.WriteAttributeString("AssertionConsumerServiceURL", _assertionConsumerServiceUrl); xw.WriteStartElement("saml", "Issuer", Saml2Constants.Assertion); xw.WriteString(_issuer); xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", Saml2Constants.Protocol); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); if (!string.IsNullOrEmpty(_audienceRestriction)) { xw.WriteStartElement("saml", "Conditions", Saml2Constants.Assertion); xw.WriteStartElement("saml", "AudienceRestriction", Saml2Constants.Assertion); xw.WriteStartElement("saml", "Audience", Saml2Constants.Assertion); xw.WriteString(_audienceRestriction); xw.WriteEndElement(); xw.WriteEndElement(); xw.WriteEndElement(); } xw.WriteStartElement("samlp", "RequestedAuthnContext", Saml2Constants.Protocol); xw.WriteAttributeString("Comparison", _requestedAuthnContextComparisonMethod); foreach (var authnContextClassRef in _authnContextClassRefs) { xw.WriteStartElement("saml", "AuthnContextClassRef", Saml2Constants.Assertion); xw.WriteString(authnContextClassRef); xw.WriteEndElement(); } xw.WriteEndElement(); xw.WriteEndElement(); } var result = sw.ToString(); byte[] compressedBytes = null; if (format.HasFlag(AuthRequestFormat.Compressed)) { compressedBytes = Compress(result); } if (format.HasFlag(AuthRequestFormat.Base64)) { result = Convert.ToBase64String(compressedBytes ?? Encoding.ASCII.GetBytes(result)); } if (format.HasFlag(AuthRequestFormat.UrlEncode)) { result = HttpUtility.UrlEncode(result); } return(result); } }
public string GetRequest(AuthRequestFormat format) { using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", issue_instant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", appSettings.assertionConsumerServiceUrl); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(appSettings.issuer); xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); xw.WriteStartElement("samlp", "RequestedAuthnContext", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Comparison", "exact"); xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"); xw.WriteEndElement(); xw.WriteEndElement(); // RequestedAuthnContext xw.WriteEndElement(); } if (format == AuthRequestFormat.Base64) { byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(sw.ToString()); return System.Convert.ToBase64String(toEncodeAsBytes); } return null; } }
public string GetRequest(AuthRequestFormat format) { const string protocol = "urn:oasis:names:tc:SAML:2.0:protocol"; const string assertion = "urn:oasis:names:tc:SAML:2.0:assertion"; using (var sw = new StringWriter()) { var xws = new XmlWriterSettings {OmitXmlDeclaration = true}; using (var xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "AuthnRequest", protocol); xw.WriteAttributeString("ID", Id); xw.WriteAttributeString("Version", "2.0"); xw.WriteAttributeString("IssueInstant", _issueInstant); xw.WriteAttributeString("ProtocolBinding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"); xw.WriteAttributeString("AssertionConsumerServiceURL", _assertionConsumerServiceUrl); xw.WriteStartElement("saml", "Issuer", assertion); xw.WriteString(_issuer); xw.WriteEndElement(); xw.WriteStartElement("samlp", "NameIDPolicy", protocol); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"); xw.WriteAttributeString("AllowCreate", "true"); xw.WriteEndElement(); if (!string.IsNullOrEmpty(_audienceRestriction)) { xw.WriteStartElement("saml", "Conditions", assertion); xw.WriteStartElement("saml", "AudienceRestriction", assertion); xw.WriteStartElement("saml", "Audience", assertion); xw.WriteString(_audienceRestriction); xw.WriteEndElement(); xw.WriteEndElement(); xw.WriteEndElement(); } xw.WriteStartElement("samlp", "RequestedAuthnContext", protocol); xw.WriteAttributeString("Comparison", _requestedAuthnContextComparisonMethod); foreach (var authnContextClassRef in _authnContextClassRefs) { xw.WriteStartElement("saml", "AuthnContextClassRef", assertion); xw.WriteString(authnContextClassRef); xw.WriteEndElement(); } xw.WriteEndElement(); xw.WriteEndElement(); } var result = sw.ToString(); byte[] compressedBytes = null; if (format.HasFlag(AuthRequestFormat.Compressed)) { compressedBytes = Compress(result); } if (format.HasFlag(AuthRequestFormat.Base64)) { result = Convert.ToBase64String(compressedBytes ?? Encoding.ASCII.GetBytes(result)); } if (format.HasFlag(AuthRequestFormat.UrlEncode)) { result = HttpUtility.UrlEncode(result); } return result; } }