private IEnumerable <Claim> CreateClaims(IdPSession idPSession)
{
yield return(new Claim(ClaimTypes.NameIdentifier, idPSession.NameIdentifier));
yield return(new Claim(ClaimTypes.Upn, idPSession.Upn));
yield return(new Claim(ClaimTypes.Email, idPSession.Email));
}
public async Task <IActionResult> Login()
{
var requestBinding = new Saml2RedirectBinding();
var relyingParty = ValidateRelyingParty(ReadRelyingPartyFromLoginRequest(requestBinding));
var saml2AuthnRequest = new Saml2AuthnRequest(saml2Config);
try
{
requestBinding.Unbind(Request.ToGenericHttpRequest(), saml2AuthnRequest);
// **** Handle user login e.g. in GUI ****
// Test user with session index and claims
var session = await idPSessionCookieRepository.GetAsync();
if (session == null)
{
session = new IdPSession
{
RelyingPartyIssuer = relyingParty.Issuer,
NameIdentifier = "12345",
Upn = "*****@*****.**",
Email = "*****@*****.**",
SessionIndex = Guid.NewGuid().ToString()
};
await idPSessionCookieRepository.SaveAsync(session);
}
var claims = CreateClaims(session);
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Success, requestBinding.RelayState, relyingParty, session.SessionIndex, claims));
}
catch (Exception ex)
{
logger.LogWarning(ex, $"SAML 2.0 Authn Request error. Authn Request '{saml2AuthnRequest.XmlDocument?.OuterXml}', Query String '{Request.QueryString}'.");
return(LoginResponse(saml2AuthnRequest.Id, Saml2StatusCodes.Responder, requestBinding.RelayState, relyingParty));
}
}
public Task SaveAsync(IdPSession idPSession)
{
return(SaveValueAsync(idPSession.ToJson()));
}