protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, X509Certificate2 signatureValidationCertificate)
{
if (request == null)
throw new ArgumentNullException("request");
if (saml2RequestResponse == null)
throw new ArgumentNullException("saml2RequestResponse");
if (signatureValidationCertificate == null)
{
throw new ArgumentNullException("signatureValidationCertificate");
}
if (signatureValidationCertificate.PublicKey == null)
{
throw new ArgumentException("No Public Key present in Signature Validation Certificate.");
}
if (!(signatureValidationCertificate.PublicKey.Key is DSA || signatureValidationCertificate.PublicKey.Key is RSACryptoServiceProvider))
{
throw new ArgumentException("The Public Key present in Signature Validation Certificate must be either DSA or RSACryptoServiceProvider.");
}
saml2RequestResponse.SignatureValidationCertificate = signatureValidationCertificate;
return saml2RequestResponse;
}
protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, X509Certificate2 signatureValidationCertificate)
{
if (request == null)
{
throw new ArgumentNullException("request");
}
if (saml2RequestResponse == null)
{
throw new ArgumentNullException("saml2RequestResponse");
}
if (signatureValidationCertificate == null)
{
throw new ArgumentNullException("signatureValidationCertificate");
}
if (signatureValidationCertificate.PublicKey == null)
{
throw new ArgumentException("No Public Key present in Signature Validation Certificate.");
}
if (!(signatureValidationCertificate.PublicKey.Key is DSA || signatureValidationCertificate.PublicKey.Key is RSACryptoServiceProvider))
{
throw new ArgumentException("The Public Key present in Signature Validation Certificate must be either DSA or RSACryptoServiceProvider.");
}
saml2RequestResponse.SignatureValidationCertificate = signatureValidationCertificate;
return(saml2RequestResponse);
}
protected virtual Saml2Binding BindInternal(Saml2Request saml2RequestResponse, X509Certificate2 signingCertificate)
{
if (saml2RequestResponse == null)
{
throw new ArgumentNullException("saml2RequestResponse");
}
if (signingCertificate != null)
{
if (signingCertificate.PrivateKey == null)
{
throw new ArgumentException("No Private Key present in Signing Certificate or missing private key read credentials.");
}
if (!(signingCertificate.PrivateKey is DSA || signingCertificate.PrivateKey is RSACryptoServiceProvider))
{
throw new ArgumentException("The Private Key present in Signing Certificate must be either DSA or RSACryptoServiceProvider.");
}
}
XmlDocument = saml2RequestResponse.ToXml();
#if DEBUG
Debug.WriteLine("Saml2P: " + XmlDocument.OuterXml);
#endif
return(this);
}
protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signatureValidationCertificate)
{
base.UnbindInternal(request, saml2RequestResponse, signatureValidationCertificate);
if (!"GET".Equals(request.HttpMethod, StringComparison.InvariantCultureIgnoreCase))
{
throw new InvalidSaml2BindingException("Not HTTP GET Method.");
}
if (!request.QueryString.AllKeys.Contains(messageName))
{
throw new Saml2BindingException("HTTP Query String does not contain " + messageName);
}
if (!request.QueryString.AllKeys.Contains(Saml2Constants.Message.Signature))
{
throw new Saml2BindingException("HTTP Query String does not contain " + Saml2Constants.Message.Signature);
}
if (!request.QueryString.AllKeys.Contains(Saml2Constants.Message.SigAlg))
{
throw new Saml2BindingException("HTTP Query String does not contain " + Saml2Constants.Message.SigAlg);
}
if (request.QueryString.AllKeys.Contains(Saml2Constants.Message.RelayState))
{
RelayState = request.QueryString[Saml2Constants.Message.RelayState];
}
SignatureAlgorithm = request.QueryString[Saml2Constants.Message.SigAlg];
ValidateQueryStringSignature(request.Url.Query, messageName, Convert.FromBase64String(request.QueryString[Saml2Constants.Message.Signature]), signatureValidationCertificate);
saml2RequestResponse.Read(DecompressResponse(request.QueryString[messageName]));
XmlDocument = saml2RequestResponse.XmlDocument;
return(saml2RequestResponse);
}
protected Saml2PostBinding BindInternal(Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signingCertificate)
{
base.BindInternal(saml2RequestResponse, signingCertificate);
if (signingCertificate != null)
{
XmlDocument = XmlDocument.SignDocument(signingCertificate, CertificateIncludeOption, saml2RequestResponse.Id.Value);
}
PostContent = string.Concat(HtmlPostPage(saml2RequestResponse.Destination, messageName));
return(this);
}
protected Saml2PostBinding BindInternal(Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signingCertificate)
{
base.BindInternal(saml2RequestResponse, signingCertificate);
if (signingCertificate != null)
{
XmlDocument = XmlDocument.SignDocument(signingCertificate, CertificateIncludeOption, saml2RequestResponse.Id.Value);
}
PostContent = string.Concat(HtmlPostPage(saml2RequestResponse.Destination, messageName));
return this;
}
protected Saml2RedirectBinding BindInternal(Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signingCertificate)
{
base.BindInternal(saml2RequestResponse, signingCertificate);
var requestQueryString = string.Join("&", RequestQueryString(signingCertificate, messageName));
if (signingCertificate != null)
{
requestQueryString = SigneQueryString(requestQueryString, signingCertificate);
}
RedirectLocation = new Uri(string.Join("?", saml2RequestResponse.Destination.Uri.OriginalString, requestQueryString));
return(this);
}
protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signatureValidationCertificate)
{
base.UnbindInternal(request, saml2RequestResponse, signatureValidationCertificate);
if (!"POST".Equals(request.HttpMethod, StringComparison.InvariantCultureIgnoreCase))
{
throw new InvalidSaml2BindingException("Not HTTP POST Method.");
}
if (!request.Form.AllKeys.Contains(messageName))
{
throw new Saml2BindingException("HTTP Form does not contain " + messageName);
}
if (request.Form.AllKeys.Contains(Saml2Constants.Message.RelayState))
{
RelayState = request.Form[Saml2Constants.Message.RelayState];
}
saml2RequestResponse.Read(Encoding.UTF8.GetString(Convert.FromBase64String(request.Form[messageName])), true);
XmlDocument = saml2RequestResponse.XmlDocument;
return(saml2RequestResponse);
}
protected virtual Saml2Binding BindInternal(Saml2Request saml2RequestResponse, X509Certificate2 signingCertificate)
{
if (saml2RequestResponse == null)
throw new ArgumentNullException("saml2RequestResponse");
if (signingCertificate != null)
{
if (signingCertificate.PrivateKey == null)
{
throw new ArgumentException("No Private Key present in Signing Certificate or missing private key read credentials.");
}
if (!(signingCertificate.PrivateKey is DSA || signingCertificate.PrivateKey is RSACryptoServiceProvider))
{
throw new ArgumentException("The Private Key present in Signing Certificate must be either DSA or RSACryptoServiceProvider.");
}
}
XmlDocument = saml2RequestResponse.ToXml();
#if DEBUG
Debug.WriteLine("Saml2P: " + XmlDocument.OuterXml);
#endif
return this;
}
public Saml2Response Unbind(HttpRequestBase request, Saml2Request saml2Request, X509Certificate2 signatureValidationCertificate)
{
return(UnbindInternal(request, saml2Request as Saml2Request, Saml2Constants.Message.SamlRequest, signatureValidationCertificate) as Saml2Response);
}
public Saml2RedirectBinding Bind(Saml2Request saml2Request, X509Certificate2 signingCertificate = null)
{
return(BindInternal(saml2Request, Saml2Constants.Message.SamlRequest, signingCertificate));
}
public Saml2PostBinding Bind(Saml2Request saml2Request, X509Certificate2 signingCertificate = null)
{
return BindInternal(saml2Request, Saml2Constants.Message.SamlRequest, signingCertificate);
}
protected Saml2Request UnbindInternal(HttpRequestBase request, Saml2Request saml2RequestResponse, string messageName, X509Certificate2 signatureValidationCertificate)
{
base.UnbindInternal(request, saml2RequestResponse, signatureValidationCertificate);
if (!"POST".Equals(request.HttpMethod, StringComparison.InvariantCultureIgnoreCase))
throw new InvalidSaml2BindingException("Not HTTP POST Method.");
if (!request.Form.AllKeys.Contains(messageName))
throw new Saml2BindingException("HTTP Form does not contain " + messageName);
if (request.Form.AllKeys.Contains(Saml2Constants.Message.RelayState))
{
RelayState = request.Form[Saml2Constants.Message.RelayState];
}
saml2RequestResponse.Read(Encoding.UTF8.GetString(Convert.FromBase64String(request.Form[messageName])), true);
XmlDocument = saml2RequestResponse.XmlDocument;
return saml2RequestResponse;
}
public Saml2Request Unbind(HttpRequestBase request, Saml2Request saml2Request, X509Certificate2 signatureValidationCertificate)
{
return UnbindInternal(request, saml2Request, Saml2Constants.Message.SamlRequest, signatureValidationCertificate);
}