public Saml2LogoutResponse GetLogoutReponse(Uri uri, AsymmetricAlgorithm key) { var response = new Saml2LogoutResponse(); var parser = new HttpRedirectBindingParser(uri); if (key == null) { throw new ArgumentNullException(nameof(key)); } response.OriginalLogoutRequest = parser.LogoutRequest; if (!parser.IsSigned) { response.StatusCode = Saml2Constants.StatusCodes.RequestDenied; } // Validates the signature using the public part of the asymmetric key given as parameter. var signatureProvider = _signatureProviderFactory.CreateFromAlgorithmUri(key.GetType(), parser.SignatureAlgorithm); if (!signatureProvider.VerifySignature(key, Encoding.UTF8.GetBytes(parser.SignedQuery), parser.DecodeSignature())) { response.StatusCode = Saml2Constants.StatusCodes.RequestDenied; } response.StatusCode = Saml2Constants.StatusCodes.Success; return(response); }
public string GetLogoutResponseUrl(Saml2LogoutResponse logoutResponse, string relayState) { var signingCertificate = _certificateProvider.GetCertificate(); var response = _saml2MessageFactory.CreateLogoutResponse(logoutResponse.StatusCode, logoutResponse.OriginalLogoutRequest.ID); return(_httpRedirectBinding.BuildLogoutResponseUrl(response, signingCertificate.ServiceProvider.PrivateKey, _identityProviderConfiguration.HashingAlgorithm, relayState)); }