/// <summary> /// This Post Action is used to Generate the AuthN Request and redirect to the B2C Login endpoint /// </summary> public IActionResult OnPost() { var options = _options.CurrentValue; var tenantId = options.Tenant.ToLower()?.Replace(".onmicrosoft.com", ""); var SamlRequest = string.Empty; string b2cloginurl = tenantId + ".b2clogin.com"; var policy = options.Policy.StartsWith("B2C_1A_") ? options.Policy : "B2C_1A_" + options.Policy; var tenant = (options.Tenant.ToLower().Contains("onmicrosoft.com") || options.Tenant.ToLower().Contains(".net")) ? options.Tenant : options.Tenant + ".onmicrosoft.com"; var dcInfo = string.IsNullOrWhiteSpace(options.DCInfo) ? string.Empty : "&" + options.DCInfo; var issuer = string.IsNullOrWhiteSpace(options.Issuer) ? SAMLHelper.GetThisURL(this) : options.Issuer; var RelayState = SAMLHelper.toB64(tenant) + "." + SAMLHelper.toB64(policy) + "." + SAMLHelper.toB64(issuer); if (!string.IsNullOrEmpty(dcInfo)) { RelayState = RelayState + "." + SAMLHelper.toB64(dcInfo); } AuthnRequest AuthnReq; var URL = "https://" + b2cloginurl + "/" + tenant + "/" + policy + "/samlp/sso/login?" + dcInfo; AuthnReq = new AuthnRequest(URL, SAMLHelper.GetThisURL(this), issuer); var cdoc = SAMLHelper.Compress(AuthnReq.ToString()); URL = URL + "&SAMLRequest=" + System.Web.HttpUtility.UrlEncode(cdoc) + "&RelayState=" + System.Web.HttpUtility.UrlEncode(RelayState); return(Redirect(URL)); }
/// <summary> /// This Post Action is used to Generate the AuthN Request and redirect to the B2C Login endpoint /// </summary> public IActionResult OnPost(string Tenant, string Policy, string Issuer, string DCInfo, bool IsAzureAD) { if (string.IsNullOrEmpty(Policy) || IsAzureAD) { return(SendAzureAdRequest()); } var TenantId = Tenant.ToLower()?.Replace(".onmicrosoft.com", string.Empty); var b2cloginurl = TenantId + ".b2clogin.com"; Policy = Policy.StartsWith("B2C_1A_") ? Policy : "B2C_1A_" + Policy; Tenant = (Tenant.ToLower().Contains("onmicrosoft.com") || Tenant.ToLower().Contains(".net")) ? Tenant : Tenant + ".onmicrosoft.com"; DCInfo = string.IsNullOrWhiteSpace(DCInfo) ? string.Empty : "&" + DCInfo; Issuer = string.IsNullOrWhiteSpace(Issuer) ? SAMLHelper.GetThisURL(this) : Issuer; var RelayState = $"{SAMLHelper.toB64(Tenant)}.{SAMLHelper.toB64(Policy)}.{SAMLHelper.toB64(Issuer)}"; if (!string.IsNullOrEmpty(DCInfo)) { RelayState += $".{SAMLHelper.toB64(DCInfo)}"; } var URL = $"https://{b2cloginurl}/{Tenant}/{Policy}/samlp/sso/login?{DCInfo}"; var AuthnReq = new AuthnRequest(URL, SAMLHelper.GetThisURL(this), Issuer); var cdoc = SAMLHelper.Compress(AuthnReq.ToString()); URL += "&SAMLRequest=" + System.Web.HttpUtility.UrlEncode(cdoc) + "&RelayState=" + System.Web.HttpUtility.UrlEncode(RelayState); return(Redirect(URL)); }
/// <summary> /// This Post Action is used to Generate the AuthN Request and redirect to the B2C Login endpoint /// </summary> public IActionResult OnPost(string Tenant, string Policy, string Issuer, string DCInfo, bool IsAzureAD) { if (string.IsNullOrEmpty(Policy) || IsAzureAD) { return(SendAzureAdRequest(Tenant)); } String TenantId = Tenant.ToLower()?.Replace(".onmicrosoft.com", ""); string SamlRequest = string.Empty; string b2cloginurl = TenantId + ".b2clogin.com"; Policy = Policy.StartsWith("B2C_1A_") ? Policy : "B2C_1A_" + Policy; Tenant = (Tenant.ToLower().Contains("onmicrosoft.com") || Tenant.ToLower().Contains(".net")) ? Tenant : Tenant + ".onmicrosoft.com"; DCInfo = string.IsNullOrWhiteSpace(DCInfo) ? string.Empty : "&" + DCInfo; Issuer = string.IsNullOrWhiteSpace(Issuer) ? SAMLHelper.GetThisURL(this) : Issuer; string RelayState = SAMLHelper.toB64(Tenant) + "." + SAMLHelper.toB64(Policy) + "." + SAMLHelper.toB64(Issuer); if (!string.IsNullOrEmpty(DCInfo)) { RelayState = RelayState + "." + SAMLHelper.toB64(DCInfo); } AuthnRequest AuthnReq; string URL = "https://" + b2cloginurl + "/" + Tenant + "/" + Policy + "/samlp/sso/login?" + DCInfo; AuthnReq = new AuthnRequest(URL, SAMLHelper.GetThisURL(this), Issuer); string cdoc = SAMLHelper.Compress(AuthnReq.ToString()); URL = URL + "&SAMLRequest=" + System.Web.HttpUtility.UrlEncode(cdoc) + "&RelayState=" + System.Web.HttpUtility.UrlEncode(RelayState); return(Redirect(URL)); }
public IActionResult OnPost(string Tenant, string Policy, string SessionId, string NameId, string Issuer, string DCInfo) { string b2cloginurl = "";// Tenant.Split('.')[0] + ".b2clogin.com"; if (!Tenant.EndsWith(".onmicrosoft.com")) { b2cloginurl = Tenant; } else { b2cloginurl = Tenant.Split('.')[0] + ".b2clogin.com"; } if (!string.IsNullOrEmpty(DCInfo)) { DCInfo = DCInfo.Replace("dc", "&dc"); DCInfo = DCInfo.Replace("slice", "&slice"); } Policy = Policy.StartsWith("B2C_1A_") ? Policy : "B2C_1A_" + Policy; Tenant = (Tenant.ToLower().Contains("onmicrosoft.com") || Tenant.ToLower().Contains("ccsctp.net")) ? Tenant : Tenant + ".onmicrosoft.com"; string URL = "https://" + b2cloginurl + "/te/" + Tenant + "/" + Policy + "/samlp/sso/logout?" + DCInfo; LogoutRequest logoutRequest = new LogoutRequest(URL, SAMLHelper.GetThisURL(this), SessionId, NameId, Issuer); string cdoc = SAMLHelper.Compress(logoutRequest.ToString()); URL = URL + "&SAMLRequest=" + System.Web.HttpUtility.UrlEncode(cdoc); return(Redirect(URL)); }
/// <summary> /// This Post Action is used to Generate the AuthN Request and redirect to the B2C Login endpoint /// </summary> public IActionResult OnPost(string Tenant, string HostName, string Policy, string Issuer, string DCInfo, bool IsAzureAD) { if (string.IsNullOrEmpty(Policy) || IsAzureAD) { return(SendAzureAdRequest(Tenant)); } string SamlRequest = string.Empty; string b2cloginurl = HostName.ToLower(); if (!String.IsNullOrEmpty(HostName)) { b2cloginurl = HostName; } else if (!String.IsNullOrEmpty(this.Tenant) && this.Tenant.EndsWith(".onmicrosoft.com")) { string TenantName = Tenant.ToLower()?.Replace(".onmicrosoft.com", ""); b2cloginurl = TenantName + ".b2clogin.com"; } Policy = Policy.StartsWith("B2C_1A_") ? Policy : "B2C_1A_" + Policy; //Tenant = (Tenant.ToLower().Contains("onmicrosoft.com") || Tenant.ToLower().Contains(".net")) ? Tenant : Tenant + ".onmicrosoft.com"; DCInfo = string.IsNullOrWhiteSpace(DCInfo) ? string.Empty : "&" + DCInfo; Issuer = string.IsNullOrWhiteSpace(Issuer) ? SAMLHelper.GetThisURL(this) : Issuer; if (null != Tenant) { HttpContext.Session.SetString("Tenant", Tenant); } if (null != b2cloginurl) { HttpContext.Session.SetString("HostName", b2cloginurl); } if (null != Policy) { HttpContext.Session.SetString("Policy", Policy); } if (null != Issuer) { HttpContext.Session.SetString("Issuer", Issuer); } string RelayState = SAMLHelper.toB64(Tenant) + "." + SAMLHelper.toB64(Policy) + "." + SAMLHelper.toB64(Issuer); if (!string.IsNullOrEmpty(DCInfo)) { RelayState = RelayState + "." + SAMLHelper.toB64(DCInfo); } AuthnRequest AuthnReq; string URL = "https://" + b2cloginurl + "/" + Tenant + "/" + Policy + "/samlp/sso/login?" + DCInfo; AuthnReq = new AuthnRequest(URL, SAMLHelper.GetThisURL(this), Issuer); string cdoc = SAMLHelper.Compress(AuthnReq.ToString()); URL = URL + "&SAMLRequest=" + System.Web.HttpUtility.UrlEncode(cdoc) + "&RelayState=" + System.Web.HttpUtility.UrlEncode(RelayState); return(Redirect(URL)); }
public void OnGet(string showpage = "false") { ServerName = SAMLHelper.GetThisURL(this); if (showpage != "false") { ShowView = true; } }
public IActionResult SendAzureAdRequest() { var AuthnReq = new AuthnRequest("https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/saml2", SAMLHelper.GetThisURL(this), string.Empty); var cdoc = SAMLHelper.Compress(AuthnReq.ToString()); var URL = $"https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/saml2?SAMLRequest=" + System.Web.HttpUtility.UrlEncode(cdoc); return(Redirect(URL)); }
/// <summary> /// This Post Action is used to Generate the AuthN Request and redirect to the B2C Login endpoint /// </summary> public IActionResult OnPost(string Tenant, string Policy) { string b2cloginurl = _configuration["SAMLTEST:b2cloginurl"]; Policy = Policy.StartsWith("B2C_1A_") ? Policy : "B2C_1A_" + Policy; AuthnRequest AuthnReq = new AuthnRequest("https://" + b2cloginurl + "/te/" + Tenant + ".onmicrosoft.com/" + Policy + "/samlp/sso/login", SAMLHelper.GetThisURL(this)); string cdoc = SAMLHelper.Compress(AuthnReq.ToString()); string URL = "https://" + b2cloginurl + "/te/" + Tenant + ".onmicrosoft.com/" + Policy + "/samlp/sso/login?SAMLRequest=" + System.Web.HttpUtility.UrlEncode(cdoc); return(Redirect(URL)); }
public IActionResult SendAzureAdRequest(string Tenant) { AuthnRequest AuthnReq; AuthnReq = new AuthnRequest("https://login.microsoftonline.com/42cf448f-0704-4dd0-85b5-87e61c2804a9/saml2", SAMLHelper.GetThisURL(this), string.Empty); string cdoc = SAMLHelper.Compress(AuthnReq.ToString()); string URL = $"https://login.microsoftonline.com/42cf448f-0704-4dd0-85b5-87e61c2804a9/saml2?SAMLRequest=" + System.Web.HttpUtility.UrlEncode(cdoc); return(Redirect(URL)); }
/// <summary> /// This Constructor is used to retrieve the Appsettings data /// </summary> public IndexModel(IConfiguration configuration) { _configuration = configuration; Issuer = _configuration["Issuer"]; Tenant = _configuration["Tenant"]; DCInfo = _configuration["DCInfo"]; // Normalization TenantId = Tenant.ToLower()?.Replace(".onmicrosoft.com", string.Empty); DCInfo = string.IsNullOrWhiteSpace(DCInfo) ? string.Empty : "&" + DCInfo; Issuer = string.IsNullOrWhiteSpace(Issuer) ? SAMLHelper.GetThisURL(this) : Issuer; }
/// <summary> /// This Post Action is used to Generate and POST the SAML Repsonse for and IDP initiated SSO /// </summary> public IActionResult OnPost(string Tenant, string Policy) { string b2cloginurl = _configuration["SAMLTEST:b2cloginurl"]; Policy = Policy.StartsWith("B2C_1A_") ? Policy : "B2C_1A_" + Policy; string ACS = "https://" + b2cloginurl + "/te/" + Tenant + ".onmicrosoft.com/" + Policy + "/samlp/sso/assertionconsumer"; SAMLResponse Resp = new SAMLResponse(ACS, "", SAMLHelper.GetThisURL(this), _configuration); string SAMLResponse = Convert.ToBase64String(Encoding.UTF8.GetBytes(Resp.ToString())); return(Content(SAMLHelper.GeneratePost(SAMLResponse, ACS), "text/html")); }
public IActionResult OnPost(String Tenant, String Policy) { Policy = Policy.StartsWith("B2C_1A_") ? Policy : "B2C_1A_" + Policy; Tenant = Tenant.ToLower().Contains("onmicrosoft.com") ? Tenant : Tenant + ".onmicrosoft.com"; Assembly _assembly = Assembly.GetExecutingAssembly(); Stream polstream = _assembly.GetManifestResourceStream("SAMLTEST.B2CPolicyTemplate.xml"); StreamReader _textStreamReader = new StreamReader(polstream); String Polfile = _textStreamReader.ReadToEnd(); Polfile = Polfile.Replace("%TENANTID%", Tenant); Polfile = Polfile.Replace("%POLICYID%", Policy); Polfile = Polfile.Replace("%THISWEBAPP%", SAMLHelper.GetThisURL(this)); //Comment out the below line if you would prefer to show on the page Response.Headers.Add("Content-Disposition", "attachment; filename" + Policy + ".xml"); return(Content(Polfile, "text/xml")); }
private IActionResult RunB2CLogin(string policy, PageModel model) { var b2cloginurl = TenantId + ".b2clogin.com"; Tenant = (Tenant.ToLower().Contains("onmicrosoft.com") || Tenant.ToLower().Contains(".net")) ? Tenant : Tenant + ".onmicrosoft.com"; DCInfo = string.IsNullOrWhiteSpace(DCInfo) ? string.Empty : "&" + DCInfo; Issuer = string.IsNullOrWhiteSpace(Issuer) ? SAMLHelper.GetThisURL(model) : Issuer; var RelayState = $"{SAMLHelper.toB64(Tenant)}.{SAMLHelper.toB64(policy)}.{SAMLHelper.toB64(Issuer)}"; if (!string.IsNullOrEmpty(DCInfo)) { RelayState += "." + SAMLHelper.toB64(DCInfo); } var URL = $"https://{b2cloginurl}/{Tenant}/{policy}/samlp/sso/login?{DCInfo}"; var AuthnReq = new AuthnRequest(URL, SAMLHelper.GetThisURL(model), Issuer); var cdoc = SAMLHelper.Compress(AuthnReq.ToString()); URL += "&SAMLRequest=" + HttpUtility.UrlEncode(cdoc) + "&RelayState=" + HttpUtility.UrlEncode(RelayState); return(Redirect(URL)); }
/// <summary> /// This Get Action is used to Generate and POST the SAML Repsonse /// based on a supplied AuthN Request /// </summary> public void OnGet(String SAMLRequest, String RelayState) { this.RelayState = RelayState; String sml = SAMLHelper.Decompress(SAMLRequest); XmlDocument doc = new XmlDocument(); XmlNamespaceManager nsmgr = new XmlNamespaceManager(doc.NameTable); nsmgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion"); nsmgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol"); doc.LoadXml(sml); XmlElement root = doc.DocumentElement; ACS = root.SelectSingleNode("/samlp:AuthnRequest/@AssertionConsumerServiceURL", nsmgr).Value; ID = root.SelectSingleNode("/samlp:AuthnRequest/@ID", nsmgr).Value; string httpors = HttpContext.Request.IsHttps ? "https://" : "http://"; string thisurl = httpors + HttpContext.Request.Host.Value; SAMLResponse Resp = new SAMLResponse(ACS, ID, thisurl, _configuration); this.SAMLResponse = Convert.ToBase64String(Encoding.UTF8.GetBytes(Resp.ToString())); this.RelayState = RelayState; }
public IActionResult OnPost(string SAMLResponse, string RelayState) { //Get Tenant, Policy, Issuer and DCInfo from RelayState if (!String.IsNullOrWhiteSpace(RelayState)) { string[] RelayStateBits = RelayState.Split("."); this.TenantId = SAMLHelper.fromB64(RelayStateBits[0]); this.PolicyId = SAMLHelper.fromB64(RelayStateBits[1]); this.Issuer = SAMLHelper.fromB64(RelayStateBits[2]); if (RelayStateBits.Length > 3) { this.DCInfo = SAMLHelper.fromB64(RelayStateBits[3]); this.DCInfo = this.DCInfo.Replace("&", ""); } else { this.DCInfo = string.Empty; } } byte[] ENcSAMLByteArray = Convert.FromBase64String(SAMLResponse); String sml = System.Text.ASCIIEncoding.ASCII.GetString(ENcSAMLByteArray); XmlDocument doc = new XmlDocument(); XmlNamespaceManager nsmgr = new XmlNamespaceManager(doc.NameTable); nsmgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion"); nsmgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol"); doc.LoadXml(sml); XmlElement root = doc.DocumentElement; string statusCode = root.SelectSingleNode("/samlp:Response/samlp:Status/samlp:StatusCode/@Value", nsmgr).Value; if (statusCode.Trim() != "urn:oasis:names:tc:SAML:2.0:status:Success") { string statusMessage = root.SelectSingleNode("/samlp:Response/samlp:Status/samlp:StatusMessage", nsmgr).InnerText; return(Redirect("/Error?ErrorMessage=" + statusMessage)); } XmlNodeList nodes = root.SelectNodes("/samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute", nsmgr); this.attrsandvals = new Dictionary <string, string>(); foreach (XmlNode node in nodes) { String attrname = node.Attributes["Name"].Value; String val = ""; if (node.HasChildNodes && node.ChildNodes.Count > 1) { var values = node.ChildNodes.Cast <XmlNode>() .Select(item => item.InnerText).ToList(); val = string.Join("<br>", values); } else { val = node.InnerText; } this.attrsandvals.Add(attrname, val); } this.SAMLResponse = sml; this.SessionId = root.SelectSingleNode("/samlp:Response/saml:Assertion/saml:AuthnStatement/@SessionIndex", nsmgr).Value; this.NameId = root.SelectSingleNode("/samlp:Response/saml:Assertion/saml:Subject/saml:NameID", nsmgr).InnerText; return(Page()); }