Esempio n. 1
1
        protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, X509Certificate2 signatureValidationCertificate)
        {
            if (request == null)
                throw new ArgumentNullException("request");

            if (saml2RequestResponse == null)
                throw new ArgumentNullException("saml2RequestResponse");

            if (signatureValidationCertificate == null)
            {
                throw new ArgumentNullException("signatureValidationCertificate");
            }
            if (signatureValidationCertificate.PublicKey == null)
            {
                throw new ArgumentException("No Public Key present in Signature Validation Certificate.");
            }
            if (!(signatureValidationCertificate.PublicKey.Key is DSA || signatureValidationCertificate.PublicKey.Key is RSACryptoServiceProvider))
            {
                throw new ArgumentException("The Public Key present in Signature Validation Certificate must be either DSA or RSACryptoServiceProvider.");
            }

            saml2RequestResponse.SignatureValidationCertificate = signatureValidationCertificate;

            return saml2RequestResponse;
        }
Esempio n. 2
0
        protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, X509Certificate2 signatureValidationCertificate)
        {
            if (request == null)
            {
                throw new ArgumentNullException("request");
            }

            if (saml2RequestResponse == null)
            {
                throw new ArgumentNullException("saml2RequestResponse");
            }

            if (signatureValidationCertificate == null)
            {
                throw new ArgumentNullException("signatureValidationCertificate");
            }
            if (signatureValidationCertificate.PublicKey == null)
            {
                throw new ArgumentException("No Public Key present in Signature Validation Certificate.");
            }
            if (!(signatureValidationCertificate.PublicKey.Key is DSA || signatureValidationCertificate.PublicKey.Key is RSACryptoServiceProvider))
            {
                throw new ArgumentException("The Public Key present in Signature Validation Certificate must be either DSA or RSACryptoServiceProvider.");
            }

            saml2RequestResponse.SignatureValidationCertificate = signatureValidationCertificate;

            return(saml2RequestResponse);
        }
Esempio n. 3
0
        protected virtual Saml2Binding BindInternal(Saml2Request saml2RequestResponse, X509Certificate2 signingCertificate)
        {
            if (saml2RequestResponse == null)
            {
                throw new ArgumentNullException("saml2RequestResponse");
            }

            if (signingCertificate != null)
            {
                if (signingCertificate.PrivateKey == null)
                {
                    throw new ArgumentException("No Private Key present in Signing Certificate or missing private key read credentials.");
                }
                if (!(signingCertificate.PrivateKey is DSA || signingCertificate.PrivateKey is RSACryptoServiceProvider))
                {
                    throw new ArgumentException("The Private Key present in Signing Certificate must be either DSA or RSACryptoServiceProvider.");
                }
            }

            XmlDocument = saml2RequestResponse.ToXml();

#if DEBUG
            Debug.WriteLine("Saml2P: " + XmlDocument.OuterXml);
#endif
            return(this);
        }
Esempio n. 4
0
        protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signatureValidationCertificate)
        {
            base.UnbindInternal(request, saml2RequestResponse, signatureValidationCertificate);

            if (!"GET".Equals(request.HttpMethod, StringComparison.InvariantCultureIgnoreCase))
            {
                throw new InvalidSaml2BindingException("Not HTTP GET Method.");
            }

            if (!request.QueryString.AllKeys.Contains(messageName))
            {
                throw new Saml2BindingException("HTTP Query String does not contain " + messageName);
            }

            if (!request.QueryString.AllKeys.Contains(Saml2Constants.Message.Signature))
            {
                throw new Saml2BindingException("HTTP Query String does not contain " + Saml2Constants.Message.Signature);
            }

            if (!request.QueryString.AllKeys.Contains(Saml2Constants.Message.SigAlg))
            {
                throw new Saml2BindingException("HTTP Query String does not contain " + Saml2Constants.Message.SigAlg);
            }

            if (request.QueryString.AllKeys.Contains(Saml2Constants.Message.RelayState))
            {
                RelayState = request.QueryString[Saml2Constants.Message.RelayState];
            }

            SignatureAlgorithm = request.QueryString[Saml2Constants.Message.SigAlg];
            ValidateQueryStringSignature(request.Url.Query, messageName, Convert.FromBase64String(request.QueryString[Saml2Constants.Message.Signature]), signatureValidationCertificate);
            saml2RequestResponse.Read(DecompressResponse(request.QueryString[messageName]));
            XmlDocument = saml2RequestResponse.XmlDocument;
            return(saml2RequestResponse);
        }
Esempio n. 5
0
        protected Saml2PostBinding BindInternal(Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signingCertificate)
        {
            base.BindInternal(saml2RequestResponse, signingCertificate);

            if (signingCertificate != null)
            {
                XmlDocument = XmlDocument.SignDocument(signingCertificate, CertificateIncludeOption, saml2RequestResponse.Id.Value);
            }

            PostContent = string.Concat(HtmlPostPage(saml2RequestResponse.Destination, messageName));
            return(this);
        }
        protected Saml2PostBinding BindInternal(Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signingCertificate)
        {
            base.BindInternal(saml2RequestResponse, signingCertificate);

            if (signingCertificate != null)
            {
                XmlDocument = XmlDocument.SignDocument(signingCertificate, CertificateIncludeOption, saml2RequestResponse.Id.Value);
            }

            PostContent = string.Concat(HtmlPostPage(saml2RequestResponse.Destination, messageName));
            return this;
        }
Esempio n. 7
0
        protected Saml2RedirectBinding BindInternal(Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signingCertificate)
        {
            base.BindInternal(saml2RequestResponse, signingCertificate);

            var requestQueryString = string.Join("&", RequestQueryString(signingCertificate, messageName));

            if (signingCertificate != null)
            {
                requestQueryString = SigneQueryString(requestQueryString, signingCertificate);
            }

            RedirectLocation = new Uri(string.Join("?", saml2RequestResponse.Destination.Uri.OriginalString, requestQueryString));

            return(this);
        }
Esempio n. 8
0
        protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signatureValidationCertificate)
        {
            base.UnbindInternal(request, saml2RequestResponse, signatureValidationCertificate);

            if (!"POST".Equals(request.HttpMethod, StringComparison.InvariantCultureIgnoreCase))
            {
                throw new InvalidSaml2BindingException("Not HTTP POST Method.");
            }

            if (!request.Form.AllKeys.Contains(messageName))
            {
                throw new Saml2BindingException("HTTP Form does not contain " + messageName);
            }

            if (request.Form.AllKeys.Contains(Saml2Constants.Message.RelayState))
            {
                RelayState = request.Form[Saml2Constants.Message.RelayState];
            }

            saml2RequestResponse.Read(Encoding.UTF8.GetString(Convert.FromBase64String(request.Form[messageName])), true);
            XmlDocument = saml2RequestResponse.XmlDocument;
            return(saml2RequestResponse);
        }
Esempio n. 9
0
        protected virtual Saml2Binding BindInternal(Saml2Request saml2RequestResponse, X509Certificate2 signingCertificate)
        {
            if (saml2RequestResponse == null)
                throw new ArgumentNullException("saml2RequestResponse");

            if (signingCertificate != null)
            {
                if (signingCertificate.PrivateKey == null)
                {
                    throw new ArgumentException("No Private Key present in Signing Certificate or missing private key read credentials.");
                }
                if (!(signingCertificate.PrivateKey is DSA || signingCertificate.PrivateKey is RSACryptoServiceProvider))
                {
                    throw new ArgumentException("The Private Key present in Signing Certificate must be either DSA or RSACryptoServiceProvider.");
                }
            }

            XmlDocument = saml2RequestResponse.ToXml();

#if DEBUG
            Debug.WriteLine("Saml2P: " + XmlDocument.OuterXml);
#endif
            return this;
        }
Esempio n. 10
0
 public Saml2Response Unbind(HttpRequestBase request, Saml2Request saml2Request, X509Certificate2 signatureValidationCertificate)
 {
     return(UnbindInternal(request, saml2Request as Saml2Request, Saml2Constants.Message.SamlRequest, signatureValidationCertificate) as Saml2Response);
 }
Esempio n. 11
0
 public Saml2RedirectBinding Bind(Saml2Request saml2Request, X509Certificate2 signingCertificate = null)
 {
     return(BindInternal(saml2Request, Saml2Constants.Message.SamlRequest, signingCertificate));
 }
Esempio n. 12
0
 public Saml2PostBinding Bind(Saml2Request saml2Request, X509Certificate2 signingCertificate = null)
 {
     return BindInternal(saml2Request, Saml2Constants.Message.SamlRequest, signingCertificate);
 }
Esempio n. 13
0
        protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signatureValidationCertificate)
        {
            base.UnbindInternal(request, saml2RequestResponse, signatureValidationCertificate);

            if (!"POST".Equals(request.HttpMethod, StringComparison.InvariantCultureIgnoreCase))
                throw new InvalidSaml2BindingException("Not HTTP POST Method.");

            if (!request.Form.AllKeys.Contains(messageName))
                throw new Saml2BindingException("HTTP Form does not contain " + messageName);

            if (request.Form.AllKeys.Contains(Saml2Constants.Message.RelayState))
            {
                RelayState = request.Form[Saml2Constants.Message.RelayState];
            }

            saml2RequestResponse.Read(Encoding.UTF8.GetString(Convert.FromBase64String(request.Form[messageName])), true);
            XmlDocument = saml2RequestResponse.XmlDocument;
            return saml2RequestResponse;
        }
Esempio n. 14
0
 public Saml2Request Unbind(HttpRequestBase request, Saml2Request saml2Request, X509Certificate2 signatureValidationCertificate)
 {
     return UnbindInternal(request, saml2Request, Saml2Constants.Message.SamlRequest, signatureValidationCertificate);
 }