public Task InitiateSsoAsync(string providerName, string requestId, string relayState = null)
{
var assertionConsumerServiceUrl = $"{Request.GetBaseUrl()}/{ServiceProviderConfiguration.AssertionConsumerServiceUrl}";
var saml20AuthnRequest = _samlMessageFactory.CreateAuthnRequest(providerName, requestId, assertionConsumerServiceUrl);
var authnRequestUrl = _httpRedirectBinding.BuildAuthnRequestUrl(providerName, saml20AuthnRequest, relayState);
_logger.LogDebug($"Method={nameof(InitiateSsoAsync)}. Redirecting to saml identity provider for SSO. Url={authnRequestUrl}");
Context.Response.Redirect(authnRequestUrl);
return(Task.CompletedTask);
}
public string GetAuthnRequest(string authnRequestId, string relayState, string assertionConsumerServiceUrl)
{
var signingCertificate = _certificateProvider.GetCertificate();
var saml20AuthnRequest =
_saml2MessageFactory.CreateAuthnRequest(authnRequestId, assertionConsumerServiceUrl);
// check protocol binding if supporting more than HTTP-REDIRECT
return(_httpRedirectBinding.BuildAuthnRequestUrl(saml20AuthnRequest,
signingCertificate.ServiceProvider.PrivateKey,
_identityProviderConfiguration.HashingAlgorithm, relayState));
}
public string GetAuthnRequest(string authnRequestId, string relayState, string assertionConsumerServiceUrl)
{
System.Console.WriteLine("");
System.Console.WriteLine("[SamlService][GetAuthnRequest] => authnRequestId: " + authnRequestId);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => relayState: " + relayState);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => assertionConsumerServiceUrl: " + assertionConsumerServiceUrl);
var signingCertificate = _certificateProvider.GetCertificate();
System.Console.WriteLine("[SamlService][GetAuthnRequest] => signingCertificate.IdentityProvider: " + signingCertificate.IdentityProvider);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => signingCertificate.ServiceProvider: " + signingCertificate.ServiceProvider);
var saml20AuthnRequest =
_saml2MessageFactory.CreateAuthnRequest(authnRequestId, assertionConsumerServiceUrl);
System.Console.WriteLine("");
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.ID: " + saml20AuthnRequest.ID);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.Issuer: " + saml20AuthnRequest.Issuer);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.ForceAuthn: " + saml20AuthnRequest.ForceAuthn);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.IsPassive: " + saml20AuthnRequest.IsPassive);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.Destination: " + saml20AuthnRequest.Destination);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.IssuerFormat: " + saml20AuthnRequest.IssuerFormat);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.IssueInstant: " + saml20AuthnRequest.IssueInstant);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.ProtocolBinding: " + saml20AuthnRequest.ProtocolBinding);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.Request.AssertionConsumerServiceUR: " + saml20AuthnRequest.Request.AssertionConsumerServiceURL);
System.Console.WriteLine("");
System.Console.WriteLine("[SamlService][GetAuthnRequest] => saml20AuthnRequest.GetXml(): " + saml20AuthnRequest.GetXml());
System.Console.WriteLine("[SamlService][GetAuthnRequest] => signingCertificate.ServiceProvider.PrivateKey: " + signingCertificate.ServiceProvider.PrivateKey);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => _identityProviderConfiguration.HashingAlgorithm: " + _identityProviderConfiguration.HashingAlgorithm);
System.Console.WriteLine("[SamlService][GetAuthnRequest] => relayState: " + relayState);
// check protocol binding if supporting more than HTTP-REDIRECT
return(_httpRedirectBinding.BuildAuthnRequestUrl(saml20AuthnRequest,
signingCertificate.ServiceProvider.PrivateKey,
_identityProviderConfiguration.HashingAlgorithm, relayState));
}
