Esempio n. 1
0
        public ValueTask <LogoutModel> LogoutCallback(IdentityHttpRequest request)
        {
            var callbackBinding = Saml2Binding.GetBindingForRequest(request, BindingDirection.Response);

            callbackBinding.ValidateSignature(identityProviderCert, true);
            callbackBinding.ValidateFields(new string[] { redirectUrl });

            var callbackDocument = new Saml2LogoutResponse(callbackBinding);

            SamlIDManager.Validate(serviceProvider, callbackDocument.InResponseTo);

            if (String.IsNullOrWhiteSpace(callbackDocument.Issuer))
            {
                return(new ValueTask <LogoutModel>((LogoutModel)null));
            }

            var logout = new LogoutModel()
            {
                ServiceProvider = callbackDocument.Issuer,
                State           = null,
                OtherClaims     = null
            };

            return(new ValueTask <LogoutModel>(logout));
        }
Esempio n. 2
0
        public ValueTask <IdentityModel> LoginCallback(IdentityHttpRequest request)
        {
            var callbackBinding = Saml2Binding.GetBindingForRequest(request, BindingDirection.Response);

            callbackBinding.ValidateSignature(identityProviderCert, true);
            callbackBinding.Decrypt(serviceProviderCert, requiredEncryption);
            callbackBinding.ValidateFields(new string[] { redirectUrl });

            var callbackDocument = new Saml2AuthnResponse(callbackBinding);

            SamlIDManager.Validate(serviceProvider, callbackDocument.InResponseTo);

            if (callbackDocument.Audience != serviceProvider)
            {
                throw new IdentityProviderException("Saml Audience is not valid",
                                                    String.Format("Received: {0}, Expected: {1}", serviceProvider, callbackDocument.Audience));
            }

            if (String.IsNullOrWhiteSpace(callbackDocument.UserID))
            {
                return(new ValueTask <IdentityModel>((IdentityModel)null));
            }

            var identity = new IdentityModel()
            {
                UserID          = callbackDocument.UserID,
                UserName        = callbackDocument.UserName,
                Name            = callbackDocument.UserName,
                Roles           = callbackDocument.Roles,
                ServiceProvider = callbackDocument.Issuer,
                State           = null,
                OtherClaims     = null
            };

            return(new ValueTask <IdentityModel>(identity));
        }