public static string GetSamlBase64StringToGetToken(SSOLoginData ssoLoginData) { var xmlDoc = GetSamlXmlDocToGetToken(ssoLoginData); EncryptAssertionInDoc(xmlDoc); return(GetBase64String(xmlDoc)); }
private static XmlDocument GetDoc(SSOLoginData ssoLoginData) { var id = "_" + Guid.NewGuid().ToString().Replace("-", ""); var xmlDoc = new XmlDocument(); var response = xmlDoc.CreateElement("samlp", "Response", SAML2_Protocol); response.SetAttribute("ID", id); response.SetAttribute("Version", "2.0"); response.SetAttribute("IssueInstant", DateTime.UtcNow.ToString(DateTimeFormat)); response.SetAttribute("Destination", "https://dev.axco.co.uk/Axco.sso/saml2/v1/signin/AssurexGlobal"); var docIssuer = xmlDoc.CreateElement("saml", "Issuer", SAML2_Assertion); docIssuer.InnerText = "Assurex Global Test System"; response.AppendChild(docIssuer); var status = xmlDoc.CreateElement("samlp", "Status"); var statuscode = xmlDoc.CreateElement("samlp", "StatusCode"); statuscode.SetAttribute("Value", SAML2_Success); status.AppendChild(statuscode); response.AppendChild(status); var xmlAssertion = GetAssertion(xmlDoc, ssoLoginData); response.AppendChild(xmlAssertion); xmlDoc.AppendChild(response); xmlDoc.DocumentElement.AppendChild(GetSignature(xmlDoc, id)); return xmlDoc; }
private static XmlNode GetAssertion(XmlDocument xmlDoc, SSOLoginData ssoLoginData) { if (File.Exists(certPath)) { var assertion = new Saml2Assertion(new Saml2NameIdentifier("Assurex Global Test System")); assertion.Subject = new Saml2Subject(new Saml2NameIdentifier("*****@*****.**")); assertion.Subject.SubjectConfirmations.Add(new Saml2SubjectConfirmation(new Uri(SAML2_Bearer)) { SubjectConfirmationData = new Saml2SubjectConfirmationData() { Recipient = new Uri(recepient) } }); assertion.Statements.Add(new Saml2AuthenticationStatement(new Saml2AuthenticationContext(new Uri(SAML2_Password)))); List<Saml2Attribute> attributes = new List<Saml2Attribute>() { GetAttribute("UserName", ssoLoginData.Email), GetAttribute("FirstName", ssoLoginData.FirstName), GetAttribute("LastName", ssoLoginData.LastName), GetAttribute("Country", ssoLoginData.Country), GetAttribute("City", ssoLoginData.City), GetAttribute("Department", ssoLoginData.Department), GetAttribute("PhoneNumber", ssoLoginData.PhoneNumber), GetAttribute("GroupMembership", ssoLoginData.GroupMembership), GetAttribute("ErrorUrl", ssoLoginData.ErrorUrl), }; assertion.Statements.Add(new Saml2AttributeStatement(attributes)); var samlAssertion = assertion; var serializer = new Saml2Serializer(); var sb = new StringBuilder(); var settings = new XmlWriterSettings(); using (var writer = XmlWriter.Create(sb, settings)) { serializer.WriteSaml2Assertion(writer, samlAssertion); } var samlXmlDoc = new XmlDocument(); samlXmlDoc.LoadXml(sb.ToString()); var xmlAssertion = xmlDoc.ImportNode(samlXmlDoc.DocumentElement, true); return xmlAssertion; } else { throw new Exception($"Unable to find Certificate. Path: {certPath}"); } }
private static XmlDocument GetSamlXmlDocToGetToken(SSOLoginData ssoLoginData) { var xmlDoc = new XmlDocument(); var requestId = Guid.NewGuid().ToString(); var elemReq = CreateRequestNode(xmlDoc, requestId); xmlDoc.AppendChild(elemReq); var samlAssertion = CreateSamlAssertionsForTokenRequest(requestId, ssoLoginData); AppendSamlAssertion(xmlDoc, elemReq, samlAssertion); return(xmlDoc); }
private static Saml2Assertion CreateSamlAssertionsForTokenRequest(string requestId, SSOLoginData ssoLoginData) { if (!File.Exists(certPath)) { throw new Exception($"Unable to find Certificate. Path: {certPath}"); } var assertion = new Saml2Assertion(new Saml2NameIdentifier("SSO")); assertion.Subject = new Saml2Subject(new Saml2NameIdentifier($"SalesRadixAuthenticationRequest : {requestId}")); assertion.Conditions = new Saml2Conditions() { NotBefore = DateTime.Now.AddSeconds(-30), NotOnOrAfter = DateTime.Now.AddSeconds(30), }; var statement = new Saml2AttributeStatement(); AddAttributeToStatement("FirstName", ssoLoginData.FirstName, statement); AddAttributeToStatement("LastName", ssoLoginData.LastName, statement); AddAttributeToStatement("Email", ssoLoginData.Email, statement); //AddAttributeToStatement("AdditionalEmail1", ssoLoginData.AdditionalEmail1, statement); //AddAttributeToStatement("AdditionalEmail2", ssoLoginData.AdditionalEmail2, statement); //AddAttributeToStatement("RoleId", ssoLoginData.RoleId.ToString(), statement); //AddAttributeToStatement("GlobalUserId", ssoLoginData.GlobalUserId.ToString(), statement); //AddAttributeToStatement("ManagerGlobalId", ssoLoginData.ManagerGlobalUserId.ToString(), statement); assertion.Statements.Add(statement); var x509 = new X509Certificate2(); x509.Import(certPath, certPwd, X509KeyStorageFlags.MachineKeySet); var clientSigningCreds = new X509SigningCredentials(x509); assertion.SigningCredentials = clientSigningCreds; return(assertion); }
public static string GetSamlBase64StringToGetToken(SSOLoginData ssoLoginData) { var xmlDoc = GetDoc(ssoLoginData); return GetBase64String(xmlDoc); }