public IActionResult Login(string returnUrl = null, LoginType?loginType = null)
{
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(new Dictionary <string, string>
{
{ relayStateReturnUrl, returnUrl ?? Url.Content("~/") },
{ relayStateLoginType, loginType.HasValue ? loginType.Value.ToString() : LoginType.FoxIDsLogin.ToString() }
});
var saml2AuthnRequest = new Saml2AuthnRequest(saml2Config)
{
//ForceAuthn = true,
//NameIdPolicy = new NameIdPolicy { AllowCreate = true, Format = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" },
//RequestedAuthnContext = new RequestedAuthnContext
//{
// Comparison = AuthnContextComparisonTypes.Exact,
// AuthnContextClassRef = new string[] { AuthnContextClassTypes.PasswordProtectedTransport.OriginalString },
//},
};
saml2AuthnRequest.Destination = AddUpParty(saml2AuthnRequest.Destination, loginType.HasValue ? loginType.Value : LoginType.FoxIDsLogin);
return(binding.Bind(saml2AuthnRequest).ToActionResult());
}
public IActionResult Login(string returnUrl = null)
{
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(new Dictionary <string, string> {
{ relayStateReturnUrl, returnUrl ?? Url.Content("~/") }
});
return(binding.Bind(new Saml2AuthnRequest(config)
{
//ForceAuthn = true,
RequestedAuthnContext = new RequestedAuthnContext
{
Comparison = AuthnContextComparisonTypes.Minimum,
AuthnContextClassRef = new string[]
{
//"https://data.gov.dk/concept/core/nsis/loa/Low"
"https://data.gov.dk/concept/core/nsis/loa/Substantial",
//"https://data.gov.dk/concept/core/nsis/loa/High"
//"https://nemlogin.dk/internal/credential/type/nemidkeycard"
//"https://nemlogin.dk/internal/credential/type/nemidkeyfile"
//"https://nemlogin.dk/internal/credential/type/mitid"
//"https://nemlogin.dk/internal/credential/type/local"
//"https://nemlogin.dk/internal/credential/type/test"
//"https://data.gov.dk/eid/Professional"
//"https://data.gov.dk/eid/Person"
},
},
}).ToActionResult());
}
public IActionResult Login(string returnUrl = null)
{
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(new Dictionary <string, string> {
{ relayStateReturnUrl, returnUrl ?? Url.Content("~/") }
});
return(binding.Bind(new Saml2AuthnRequest(config)
{
//ForceAuthn = true,
Subject = new Subject {
NameID = new NameID {
ID = "abcd"
}
},
NameIdPolicy = new NameIdPolicy {
AllowCreate = true, Format = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
},
//Extensions = new AppExtensions(),
//RequestedAuthnContext = new RequestedAuthnContext
//{
// Comparison = AuthnContextComparisonTypes.Exact,
// AuthnContextClassRef = new string[] { AuthnContextClassTypes.PasswordProtectedTransport.OriginalString },
//},
}).ToActionResult());
}
public IActionResult Login(string returnUrl = null)
{
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(new Dictionary <string, string> {
{ relayStateReturnUrl, returnUrl ?? Url.Content("~/") }
});
return(binding.Bind(new Saml2AuthnRequest(_samlConfig)).ToActionResult());
}
public IActionResult Login(string returnUrl = null)
{
if (User.Identity.IsAuthenticated)
{
return(Redirect("~/Docusign"));
}
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(new Dictionary <string, string> {
{ relayStateReturnUrl, returnUrl ?? Url.Content("~/") }
});
return(binding.Bind(new Saml2AuthnRequest(config)).ToActionResult());
}
public IActionResult LogIn(string returnUrl)
{
var binding = new Saml2RedirectBinding();
var relayState = new Dictionary <string, string>
{
{ ReturnUrlRelayStateKey, returnUrl ?? Url.Action("Index", "Home") }
};
binding.SetRelayStateQuery(relayState);
var request = new Saml2AuthnRequest(_configuration);
return(binding.Bind(request)
.ToActionResult());
}
public ActionResult Login(string returnUrl)
{
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(new Dictionary<string, string> { { relayStateReturnUrl, returnUrl } });
return binding.Bind(new Saml2AuthnRequest
{
//ForceAuthn = true,
//NameIdPolicy = new NameIdPolicy { AllowCreate = true, Format = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" },
RequestedAuthnContext = new RequestedAuthnContext
{
Comparison = AuthnContextComparisonTypes.Exact,
AuthnContextClassRef = new string[] { AuthnContextClassTypes.PasswordProtectedTransport.OriginalString },
},
Issuer = new EndpointReference("http://udv.itfoxtec.com/webapptest"),
Destination = new EndpointAddress("https://udv.itfoxtec.com/adfs/ls/"),
AssertionConsumerServiceUrl = new EndpointAddress("https://udv.itfoxtec.com/webapptest/Auth/AssertionConsumerService")
}).ToActionResult();
}
public ActionResult Login(string returnUrl)
{
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(new Dictionary <string, string> {
{ relayStateReturnUrl, returnUrl }
});
return(binding.Bind(new Saml2AuthnRequest
{
//ForceAuthn = true,
//NameIdPolicy = new NameIdPolicy { AllowCreate = true, Format = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" },
RequestedAuthnContext = new RequestedAuthnContext
{
Comparison = AuthnContextComparisonTypes.Exact,
AuthnContextClassRef = new string[] { AuthnContextClassTypes.PasswordProtectedTransport.OriginalString },
},
Issuer = new EndpointReference("http://udv.itfoxtec.com/webapptest"),
Destination = new EndpointAddress("https://udv.itfoxtec.com/adfs/ls/"),
AssertionConsumerServiceUrl = new EndpointAddress("https://udv.itfoxtec.com/webapptest/Auth/AssertionConsumerService")
}).ToActionResult());
}
protected override async Task ApplyResponseGrantAsync()
{
var options = Options as Saml2AuthenticationOptions;
if (options == null)
{
return;
}
// handle sign-out response
if (options.SingleLogoutServiceResponsePath.HasValue && options.SingleLogoutServiceResponsePath == (Request.PathBase + Request.Path))
{
await ApplyResponseLogoutAsync();
return;
}
// handle sign-out request
if (options.SingleLogoutServiceRequestPath.HasValue && options.SingleLogoutServiceRequestPath == (Request.PathBase + Request.Path))
{
await ApplyRequestLogoutAsync();
return;
}
var signout = Helper.LookupSignOut(Options.AuthenticationType, Options.AuthenticationMode);
if (signout == null)
{
return;
}
if (_configuration == null)
{
_configuration = await options.ConfigurationManager.GetConfigurationAsync(Context.Request.CallCancelled);
}
// reusing the SingleSignOnService location from the configuration to determine the destination
var issuer = options.Wtrealm;
var destination = _configuration.TokenEndpoint ?? string.Empty;
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("issuer={0}", "destination={1}", issuer, destination));
var properties = signout.Properties;
if (string.IsNullOrEmpty(properties.RedirectUri))
{
properties.RedirectUri = options.SignOutWreply ?? GetCurrentUri();
}
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("RedirectUri={0}", properties.RedirectUri));
var state = new Dictionary <string, string>
{
{ _relayStateWctx, Options.StateDataFormat.Protect(properties) }
};
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(state);
var redirectBinding = binding.Bind(new Saml2LogoutRequest
{
Issuer = new EndpointReference(issuer),
Destination = new EndpointAddress(destination)
}, options.SigningCertificate);
var redirectLocation = redirectBinding.RedirectLocation.AbsoluteUri;
if (!Uri.IsWellFormedUriString(redirectLocation, UriKind.Absolute))
{
ADXTrace.Instance.TraceWarning(TraceCategory.Application, string.Format("The sign-out redirect URI is malformed: {0}", redirectLocation));
}
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("redirectLocation={0}", redirectLocation));
Response.Redirect(redirectLocation);
}
protected override async Task ApplyResponseChallengeAsync()
{
if (Response.StatusCode != 401)
{
return;
}
var challenge = Helper.LookupChallenge(Options.AuthenticationType, Options.AuthenticationMode);
if (challenge == null)
{
return;
}
var options = Options as Saml2AuthenticationOptions;
if (options == null)
{
return;
}
if (_configuration == null)
{
_configuration = await options.ConfigurationManager.GetConfigurationAsync(Context.Request.CallCancelled);
}
var issuer = options.Wtrealm;
var destination = _configuration.TokenEndpoint ?? string.Empty;
var assertionConsumerServiceUrl = options.Wreply;
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("issuer={0}, destination={1}, assertionConsumerServiceUrl={2}", issuer, destination, assertionConsumerServiceUrl));
var properties = challenge.Properties;
if (string.IsNullOrEmpty(properties.RedirectUri))
{
properties.RedirectUri = GetCurrentUri();
}
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("RedirectUri={0}", properties.RedirectUri));
var state = new Dictionary <string, string>
{
{ _relayStateWctx, Options.StateDataFormat.Protect(properties) }
};
var binding = new Saml2RedirectBinding();
binding.SetRelayStateQuery(state);
var redirectBinding = binding.Bind(new Saml2AuthnRequest
{
ForceAuthn = options.ForceAuthn,
NameIdPolicy = options.NameIdPolicy,
RequestedAuthnContext = new RequestedAuthnContext
{
Comparison = options.Comparison,
AuthnContextClassRef = options.AuthnContextClassRef,
},
Issuer = new EndpointReference(issuer),
Destination = new EndpointAddress(destination),
AssertionConsumerServiceUrl = new EndpointAddress(assertionConsumerServiceUrl)
});
var redirectLocation = redirectBinding.RedirectLocation.AbsoluteUri;
if (!Uri.IsWellFormedUriString(redirectLocation, UriKind.Absolute))
{
ADXTrace.Instance.TraceWarning(TraceCategory.Application, string.Format("The sign-in redirect URI is malformed: {0}", redirectLocation));
}
ADXTrace.Instance.TraceInfo(TraceCategory.Application, string.Format("redirectLocation={0}", redirectLocation));
Response.Redirect(redirectLocation);
}
