private static void ReceiveLogoutMessageFromIdentityProvider(XmlElement xmlElement)
{
SAML.HttpContext = new SAMLHttpContext();
SAMLHttpRequest samlHttpRequest = new SAMLHttpRequest(xmlElement, null, null, null);
bool isRequest = false;
string logoutReason = null;
string partnerSP = null;
string relayState = null;
SAMLServiceProvider.ReceiveSLO(samlHttpRequest, out isRequest, out logoutReason, out partnerSP, out relayState);
Console.WriteLine("Logout request: {0}", isRequest);
Console.WriteLine("Logout reason: {0}", logoutReason);
Console.WriteLine("Partner SP: {0}", partnerSP);
}
public ActionResult Logout()
{
bool isRequest;
string logoutReason, partnerSp;
SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerSp);
if (isRequest)
{
FormsAuthentication.SignOut();
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
return(RedirectToLocal(FormsAuthentication.LoginUrl));
}
return(new EmptyResult());
}
public ActionResult SingleLogoutService()
{
string relayState = null;
try
{
bool isRequest = false;
string logoutReason = null;
string partnerIdP = null;
SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerIdP, out relayState);
if (isRequest)
{
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
if (!string.IsNullOrEmpty(relayState))
{
if (SamlAuthorizedDomains.IsAutorizedUrl(relayState))
{
return(Redirect(relayState));
}
}
}
return(RedirectToAction("Index", "Home"));
}
catch (Exception e)
{
if (!string.IsNullOrEmpty(relayState))
{
TempData["error"] = e;
TempData["ReturnURL"] = relayState;
return(RedirectToAction("error", "Home"));
}
else
{
TempData["err"] = e;
return(RedirectToAction("Index", "Home"));
}
}
}
public ActionResult SingleLogoutService()
{
// Receive the single logout request or response.
// If a request is received then single logout is being initiated by the identity provider.
// If a response is received then this is in response to single logout having been initiated by the service provider.
bool isRequest;
string logoutReason;
string partnerName;
string relayState;
SAMLServiceProvider.ReceiveSLO(
Request,
out isRequest,
out logoutReason,
out partnerName,
out relayState);
if (isRequest)
{
// Logout locally.
HttpContext.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
// Respond to the IdP-initiated SLO request indicating successful logout.
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
// SP-initiated SLO has completed.
if (!string.IsNullOrEmpty(relayState) && Url.IsLocalUrl(relayState))
{
return(Redirect(relayState));
}
return(RedirectToAction("Index", "Home"));
}
return(new EmptyResult());
}
protected void Page_Load(object sender, EventArgs e)
{
// Receive the single logout request or response.
// If a request is received then single logout is being initiated by the identity provider.
// If a response is received then this is in response to single logout having been initiated by the service provider.
bool isRequest = false;
string logoutReason = null;
string partnerIdP = null;
string relayState = null;
SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerIdP, out relayState);
//System.Diagnostics.Debug.WriteLine("SLOService !!!!!!!!!!!!!!!!!!!!!!!!!!");
//System.Diagnostics.Debug.WriteLine("isRequest: {0} ", isRequest);
//this if means the ReceiveSLO is a Request not Response
//the else means the ReceiveSLO is a Response
if (isRequest)
{
// Logout locally.
FormsAuthentication.SignOut();
// Respond to the IdP-initiated SLO request indicating successful logout.
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
// SP-initiated SLO has completed.
//FormsAuthentication.RedirectToLoginPage();
Response.Redirect("loginSP.aspx");
}
// To check the StatusCode Value in the SAML Response you must subscribe to SAML notifications and access the logout response directly to check the status.
// see SAMLObserver.aspx.cs and Global.aspx where we subscribe ---SAMLObservable.Subscribe(new SAMLObserver());---
}
public ActionResult SLOService()
{
SamlPocTraceListener.Log("SAML", "SamlController.SLOService: Request to single logout received from Identity Provider");
// Receive the single logout request or response.
// If a request is received then single logout is being initiated by the identity provider.
// If a response is received then this is in response to single logout having been initiated by the service provider.
bool isRequest = false;
string logoutReason = null;
string partnerIdP = null;
string relayState = null;
SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerIdP, out relayState);
if (isRequest)
{
SamlPocTraceListener.Log("SAML", "SamlController.SLOService: Processing IdP initiated logout");
// Logout locally.
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
SamlPocTraceListener.Log("SAML", "SamlController.SLOService: User was logged out. Respond to IdP that logout succeeded.");
// Respond to the IdP-initiated SLO request indicating successful logout.
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
SamlPocTraceListener.Log("SAML", "SamlController.SLOService: SP-initiated SLO has completed. Redirecting to login page.");
// SP-initiated SLO has completed.
return(RedirectToAction("Index", "Home"));
}
return(new EmptyResult());
}