/// <summary>
        /// Initializes a new instance of the AttributeQueryRequest class.
        /// </summary>
        /// <param name="identityProvider">
        /// IdentityProvider of the AttributeQueryRequest
        /// </param>
        /// <param name="serviceProvider">
        /// ServiceProvider of the AttributeQueryRequest
        /// </param>
        /// <param name="parameters">
        /// NameValueCollection of varying parameters for use in the
        /// construction of the AttributeQueryRequest.
        /// </param>
        /// <param name="attributes">
        /// List of SamlAttribute to query
        /// </param>
        public AttributeQueryRequest(IdentityProvider identityProvider,
                                     ServiceProvider serviceProvider, NameValueCollection parameters, List <SamlAttribute> attributes)
        {
            try
            {
                this.xml = new XmlDocument();
                this.xml.PreserveWhitespace = true;
                this.X509SubjectName        = false;

                this.nsMgr = new XmlNamespaceManager(this.xml.NameTable);
                this.nsMgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
                this.nsMgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
                this.nsMgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");

                string subjectNameId = null;

                if (parameters != null)
                {
                    subjectNameId        = parameters[Saml2Constants.SubjectNameId];
                    this.X509SubjectName = Saml2Utils.GetBoolean(parameters[Saml2Constants.X509SubjectName]);
                }

                if (string.IsNullOrWhiteSpace(subjectNameId))
                {
                    throw new Saml2Exception(Resources.AttributeQueryRequestSubjectNameIdNotDefined);
                }
                else if (serviceProvider == null)
                {
                    throw new Saml2Exception(Resources.AttributeQueryRequestServiceProviderIsNull);
                }
                else if (identityProvider == null)
                {
                    throw new Saml2Exception(Resources.AttributeQueryRequestIdentityProviderIsNull);
                }
                else if (attributes == null || attributes.Count == 0)
                {
                    throw new Saml2Exception(Resources.AttributeQueryRequestIsEmpty);
                }

                StringBuilder rawXml = new StringBuilder();
                rawXml.Append("<samlp:AttributeQuery xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"");
                rawXml.Append(" ID=\"" + Saml2Utils.GenerateId() + "\"");
                rawXml.Append(" Version=\"2.0\"");
                rawXml.Append(" IssueInstant=\"" + Saml2Utils.GenerateIssueInstant() + "\">");
                rawXml.Append("<saml:Issuer>" + serviceProvider.EntityId + "</saml:Issuer>");
                rawXml.Append("<saml:Subject>");
                rawXml.Append("<saml:NameID");

                if (this.X509SubjectName)
                {
                    rawXml.Append(" Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName\"");
                }
                else
                {
                    rawXml.Append(" Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:transient\"");
                }

                rawXml.Append(" SPNameQualifier=\"" + serviceProvider.EntityId + "\"");
                rawXml.Append(" NameQualifier=\"" + identityProvider.EntityId + "\">" + subjectNameId + "</saml:NameID>");
                rawXml.Append("</saml:Subject>");

                foreach (SamlAttribute attr in attributes)
                {
                    if (attr != null)
                    {
                        rawXml.Append(attr.ToString());
                    }
                }

                rawXml.Append("</samlp:AttributeQuery>");

                this.xml.LoadXml(rawXml.ToString());
            }
            catch (ArgumentNullException ane)
            {
                throw new Saml2Exception(Resources.AttributeQueryRequestNullArgument, ane);
            }
            catch (XmlException xe)
            {
                throw new Saml2Exception(Resources.AttributeQueryRequestXmlException, xe);
            }
        }
Esempio n. 2
0
        /// <summary>
        /// Initializes a new instance of the AuthnRequest class.
        /// </summary>
        /// <param name="identityProvider">
        /// IdentityProvider to receive the AuthnRequest
        /// </param>
        /// <param name="serviceProvider">
        /// ServiceProvider to issue the AuthnRequest
        /// </param>
        /// <param name="parameters">
        /// NameValueCollection of varying parameters for use in the
        /// construction of the AuthnRequest.
        /// </param>
        public AuthnRequest(IdentityProvider identityProvider, ServiceProvider serviceProvider, NameValueCollection parameters)
        {
            this.xml = new XmlDocument();
            this.xml.PreserveWhitespace = true;

            this.nsMgr = new XmlNamespaceManager(this.xml.NameTable);
            this.nsMgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
            this.nsMgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");

            this.Id           = Saml2Utils.GenerateId();
            this.IssueInstant = Saml2Utils.GenerateIssueInstant();
            this.Issuer       = serviceProvider.EntityId;

            if (parameters != null)
            {
                this.AllowCreate = Saml2Utils.GetBoolean(parameters[Saml2Constants.AllowCreate]);
                this.AssertionConsumerServiceIndex = parameters[Saml2Constants.AssertionConsumerServiceIndex];
                this.Binding     = parameters[Saml2Constants.Binding];
                this.Consent     = parameters[Saml2Constants.Consent];
                this.Destination = parameters[Saml2Constants.Destination];
                this.ForceAuthn  = Saml2Utils.GetBoolean(parameters[Saml2Constants.ForceAuthn]);
                this.IsPassive   = Saml2Utils.GetBoolean(parameters[Saml2Constants.IsPassive]);
            }

            string assertionConsumerSvcUrl = null;

            if (!String.IsNullOrEmpty(this.Binding))
            {
                if (!String.IsNullOrEmpty(this.AssertionConsumerServiceIndex))
                {
                    // find assertion consumer service location by binding and index.
                    assertionConsumerSvcUrl = serviceProvider.GetAssertionConsumerServiceLocation(this.Binding, this.AssertionConsumerServiceIndex);
                }
                else
                {
                    // find assertion consumer service location by binding only, using first found.
                    assertionConsumerSvcUrl = serviceProvider.GetAssertionConsumerServiceLocation(this.Binding);
                }
            }

            // neither index nor binding, throw exception
            if (String.IsNullOrEmpty(this.AssertionConsumerServiceIndex) && String.IsNullOrEmpty(assertionConsumerSvcUrl))
            {
                throw new Saml2Exception(Resources.AuthnRequestAssertionConsumerServiceNotDefined);
            }

            // If destination not specified, use SSO location by binding
            if (string.IsNullOrEmpty(this.Destination))
            {
                this.Destination
                    = identityProvider.GetSingleSignOnServiceLocation(parameters[Saml2Constants.RequestBinding]);

                if (string.IsNullOrEmpty(this.Destination))
                {
                    // default to HttpRedirect
                    this.Destination = identityProvider.GetSingleSignOnServiceLocation(Saml2Constants.HttpRedirectProtocolBinding);
                }
            }

            // Get RequestedAuthnContext if parameters are available...
            RequestedAuthnContext reqAuthnContext = GetRequestedAuthnContext(serviceProvider, parameters);

            // Get Scoping if available...
            Scoping scoping = GetScoping(serviceProvider);

            // Generate the XML for the AuthnRequest...
            StringBuilder rawXml = new StringBuilder();

            rawXml.Append("<samlp:AuthnRequest");
            rawXml.Append(" xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"");
            rawXml.Append(" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"");
            rawXml.Append(" ID=\"" + this.Id + "\"");
            rawXml.Append(" Version=\"2.0\"");
            rawXml.Append(" IssueInstant=\"" + this.IssueInstant + "\"");
            rawXml.Append(" IsPassive=\"" + (this.IsPassive ? "true" : "false") + "\"");
            rawXml.Append(" ForceAuthn=\"" + (this.ForceAuthn ? "true" : "false") + "\"");

            if (!String.IsNullOrEmpty(this.Consent))
            {
                rawXml.Append(" Consent=\"" + this.Consent + "\"");
            }

            if (!String.IsNullOrEmpty(this.Destination))
            {
                rawXml.Append(" Destination=\"" + this.Destination + "\"");
            }

            if (!String.IsNullOrEmpty(assertionConsumerSvcUrl))
            {
                rawXml.Append(" ProtocolBinding=\"" + this.Binding + "\"");
                rawXml.Append(" AssertionConsumerServiceURL=\"" + assertionConsumerSvcUrl + "\"");
            }
            else
            {
                rawXml.Append(" AssertionConsumerIndex=\"" + this.AssertionConsumerServiceIndex + "\"");
            }

            rawXml.Append(">");
            rawXml.Append("<saml:Issuer>" + serviceProvider.EntityId + "</saml:Issuer>");
            rawXml.Append("<samlp:NameIDPolicy AllowCreate=\"" + (this.AllowCreate ? "true" : "false") + "\" />");

            if (reqAuthnContext != null)
            {
                rawXml.Append(reqAuthnContext.GenerateXmlString());
            }

            if (scoping != null)
            {
                rawXml.Append(scoping.GenerateXmlString());
            }

            rawXml.Append("</samlp:AuthnRequest>");

            this.xml.LoadXml(rawXml.ToString());
        }
Esempio n. 3
0
        /// <summary>
        /// Internal method to load all configuration information for all
        /// identity providers' metadata founds in the home folder.
        /// </summary>
        private void InitializeIdentityProviders()
        {
            DirectoryInfo dirInfo = new DirectoryInfo(this.homeFolder);
            FileInfo[] files = dirInfo.GetFiles("idp*.xml");

            string metadataFilePattern = "idp(.*).xml";         // for regex.match
            string extendedFilePattern = "idp{0}-extended.xml"; // for string.format
            string fileIndex = null;

            foreach (FileInfo metadataFile in files)
            {
                Match m = Regex.Match(metadataFile.Name, metadataFilePattern);

                // determine index
                if (m.Success)
                {
                    fileIndex = m.Groups[1].Value;
                }

                string extendedFileName;
                if (fileIndex == null)
                {
                    extendedFileName = string.Format(CultureInfo.InvariantCulture, extendedFilePattern, string.Empty);
                }
                else
                {
                    extendedFileName = string.Format(CultureInfo.InvariantCulture, extendedFilePattern, fileIndex);
                }

                FileInfo extendedFile = new FileInfo(this.homeFolder + @"/" + extendedFileName);
                if (metadataFile.Exists && extendedFile.Exists)
                {
                    IdentityProvider identityProvider = new IdentityProvider(metadataFile.FullName, extendedFile.FullName);
                    this.IdentityProviders.Add(identityProvider.EntityId, identityProvider);
                }
            }

            if (this.IdentityProviders.Count <= 0)
            {
                throw new ServiceProviderUtilityException(Resources.ServiceProviderUtilityIdentityProvidersNotFound);
            }
        }
Esempio n. 4
0
        /// <summary>
        /// Initializes a new instance of the LogoutRequest class.
        /// </summary>
        /// <param name="identityProvider">
        /// IdentityProvider of the LogoutRequest
        /// </param>
        /// <param name="serviceProvider">
        /// ServiceProvider of the LogoutRequest
        /// </param>
        /// <param name="parameters">
        /// NameValueCollection of varying parameters for use in the 
        /// construction of the LogoutRequest.
        /// </param>
        public LogoutRequest(
            IdentityProvider identityProvider, 
            ServiceProvider serviceProvider, 
            NameValueCollection parameters)
        {
            try
            {
                this.xml = new XmlDocument();
                this.xml.PreserveWhitespace = true;

                this.nsMgr = new XmlNamespaceManager(this.xml.NameTable);
                this.nsMgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
                this.nsMgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
                this.nsMgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");

                string sessionIndex = null;
                string subjectNameId = null;
                string binding = null;
                string destination = null;

                if (parameters != null)
                {
                    sessionIndex = parameters[Saml2Constants.SessionIndex];
                    subjectNameId = parameters[Saml2Constants.SubjectNameId];
                    binding = parameters[Saml2Constants.Binding];
                    destination = parameters[Saml2Constants.Destination];
                }

                if (String.IsNullOrEmpty(sessionIndex))
                {
                    throw new Saml2Exception(Resources.LogoutRequestSessionIndexNotDefined);
                }
                else if (String.IsNullOrEmpty(subjectNameId))
                {
                    throw new Saml2Exception(Resources.LogoutRequestSubjectNameIdNotDefined);
                }
                else if (serviceProvider == null)
                {
                    throw new Saml2Exception(Resources.LogoutRequestServiceProviderIsNull);
                }
                else if (identityProvider == null)
                {
                    throw new Saml2Exception(Resources.LogoutRequestIdentityProviderIsNull);
                }

                if (string.IsNullOrEmpty(destination))
                {
                    destination = identityProvider.GetSingleLogoutServiceLocation(binding);

                    if (string.IsNullOrEmpty(destination))
                    {
                        // default with HttpRedirect
                        destination = identityProvider.GetSingleLogoutServiceLocation(Saml2Constants.HttpRedirectProtocolBinding);
                    }
                }

                StringBuilder rawXml = new StringBuilder();
                rawXml.Append("<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"");
                rawXml.Append(" ID=\"" + Saml2Utils.GenerateId() + "\"");
                rawXml.Append(" Version=\"2.0\"");
                rawXml.Append(" IssueInstant=\"" + Saml2Utils.GenerateIssueInstant() + "\"");

                if (!String.IsNullOrEmpty(destination))
                {
                    rawXml.Append(" Destination=\"" + destination + "\"");
                }

                rawXml.Append(" >");
                rawXml.Append(" <saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"");
                rawXml.Append("  Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:transient\"");
                rawXml.Append("  NameQualifier=\"" + identityProvider.EntityId + "\">" + subjectNameId + "</saml:NameID> ");
                rawXml.Append(" <saml:SessionIndex xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" + sessionIndex + "</saml:SessionIndex>");
                rawXml.Append(" <saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" + serviceProvider.EntityId + "</saml:Issuer>");
                rawXml.Append("</samlp:LogoutRequest>");

                this.xml.LoadXml(rawXml.ToString());
            }
            catch (ArgumentNullException ane)
            {
                throw new Saml2Exception(Resources.LogoutRequestNullArgument, ane);
            }
            catch (XmlException xe)
            {
                throw new Saml2Exception(Resources.LogoutRequestXmlException, xe);
            }
        }
Esempio n. 5
0
        /// <summary>
        /// Initializes a new instance of the LogoutResponse class based on
        /// the complimentary logout request.
        /// </summary>
        /// <param name="identityProvider">
        /// IdentityProvider of the LogoutResponse
        /// </param>
        /// <param name="serviceProvider">
        /// ServiceProvider of the LogoutResponse
        /// </param>
        /// <param name="logoutRequest">
        /// Logout request that requires this response
        /// </param>
        /// <param name="parameters">
        /// NameValueCollection of varying parameters for use in the 
        /// construction of the LogoutResponse.
        /// </param>
        public LogoutResponse(
            IdentityProvider identityProvider, 
            ServiceProvider serviceProvider,
            LogoutRequest logoutRequest,
            NameValueCollection parameters)
        {
            if (identityProvider == null)
            {
                throw new Saml2Exception(Resources.LogoutResponseIdentityProviderIsNull);
            }
            else if (serviceProvider == null)
            {
                throw new Saml2Exception(Resources.LogoutResponseServiceProviderIsNull);
            }
            else if (logoutRequest == null)
            {
                throw new Saml2Exception(Resources.LogoutResponseLogoutRequestIsNull);
            }

            if (parameters == null)
            {
                parameters = new NameValueCollection();
            }

            string inResponseToValue = logoutRequest.Id;
            string issuerValue = serviceProvider.EntityId;

            string binding = parameters[Saml2Constants.Binding];
            if (string.IsNullOrEmpty(binding))
            {
                binding = Saml2Constants.HttpPostProtocolBinding;
            }

            string idpSvcResponseLocation = null;
            if (binding != Saml2Constants.HttpSoapProtocolBinding)
            {
                idpSvcResponseLocation = identityProvider.GetSingleLogoutServiceResponseLocation(binding);
            }

            this.xml = new XmlDocument();
            this.xml.PreserveWhitespace = true;

            this.nsMgr = new XmlNamespaceManager(this.xml.NameTable);
            this.nsMgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");
            this.nsMgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");

            StringBuilder rawXml = new StringBuilder();
            rawXml.Append("<samlp:LogoutResponse xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ");
            rawXml.Append(" ID=\"" + Saml2Utils.GenerateId() + "\" Version=\"2.0\" ");
            rawXml.Append(" IssueInstant=\"" + Saml2Utils.GenerateIssueInstant() + "\" ");
            
            if (idpSvcResponseLocation != null) 
            {
                rawXml.Append(" Destination=\"" + idpSvcResponseLocation + "\" ");
            }

            rawXml.Append(" InResponseTo=\"" + inResponseToValue + "\">");
            rawXml.Append(" <saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" + issuerValue + "</saml:Issuer>");
            rawXml.Append(" <samlp:Status xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\">");
            rawXml.Append("   <samlp:StatusCode ");
            rawXml.Append("     xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ");
            rawXml.Append("     Value=\"" + Saml2Constants.Success + "\">");
            rawXml.Append("   </samlp:StatusCode>");
            rawXml.Append(" </samlp:Status>");
            rawXml.Append("</samlp:LogoutResponse>");
            
            this.xml.LoadXml(rawXml.ToString());
        }
Esempio n. 6
0
        /// <summary>
        /// Initializes a new instance of the AuthnRequest class.
        /// </summary>
        /// <param name="identityProvider">
        /// IdentityProvider to receive the AuthnRequest
        /// </param>
        /// <param name="serviceProvider">
        /// ServiceProvider to issue the AuthnRequest
        /// </param>
        /// <param name="parameters">
        /// NameValueCollection of varying parameters for use in the 
        /// construction of the AuthnRequest.
        /// </param>
        public AuthnRequest(IdentityProvider identityProvider, ServiceProvider serviceProvider, NameValueCollection parameters)
        {
            this.xml = new XmlDocument();
            this.xml.PreserveWhitespace = true;

            this.nsMgr = new XmlNamespaceManager(this.xml.NameTable);
            this.nsMgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
            this.nsMgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");

            this.Id = Saml2Utils.GenerateId();
            this.IssueInstant = Saml2Utils.GenerateIssueInstant();
            this.Issuer = serviceProvider.EntityId;

            if (parameters != null)
            {
                this.AllowCreate = Saml2Utils.GetBoolean(parameters[Saml2Constants.AllowCreate]);
                this.AssertionConsumerServiceIndex = parameters[Saml2Constants.AssertionConsumerServiceIndex];
                this.Binding = parameters[Saml2Constants.Binding];
                this.Consent = parameters[Saml2Constants.Consent];
                this.Destination = parameters[Saml2Constants.Destination];
                this.ForceAuthn = Saml2Utils.GetBoolean(parameters[Saml2Constants.ForceAuthn]);
                this.IsPassive = Saml2Utils.GetBoolean(parameters[Saml2Constants.IsPassive]);
            }

            string assertionConsumerSvcUrl = null;
            if (!String.IsNullOrEmpty(this.Binding))
            {
                if (!String.IsNullOrEmpty(this.AssertionConsumerServiceIndex))
                {
                    // find assertion consumer service location by binding and index.
                    assertionConsumerSvcUrl = serviceProvider.GetAssertionConsumerServiceLocation(this.Binding, this.AssertionConsumerServiceIndex);
                }
                else
                {
                    // find assertion consumer service location by binding only, using first found.
                    assertionConsumerSvcUrl = serviceProvider.GetAssertionConsumerServiceLocation(this.Binding);
                }
            }

            // neither index nor binding, throw exception
            if (String.IsNullOrEmpty(this.AssertionConsumerServiceIndex) && String.IsNullOrEmpty(assertionConsumerSvcUrl))
            {
                throw new Saml2Exception(Resources.AuthnRequestAssertionConsumerServiceNotDefined);
            }

            // If destination not specified, use SSO location by binding
            if (string.IsNullOrEmpty(this.Destination))
            {
                this.Destination
                    = identityProvider.GetSingleSignOnServiceLocation(parameters[Saml2Constants.RequestBinding]);

                if (string.IsNullOrEmpty(this.Destination))
                {
                    // default to HttpRedirect
                    this.Destination = identityProvider.GetSingleSignOnServiceLocation(Saml2Constants.HttpRedirectProtocolBinding);
                }
            }

            // Get RequestedAuthnContext if parameters are available...
            RequestedAuthnContext reqAuthnContext = GetRequestedAuthnContext(serviceProvider, parameters);

            // Generate the XML for the AuthnRequest...
            StringBuilder rawXml = new StringBuilder();
            rawXml.Append("<samlp:AuthnRequest ");
            rawXml.Append(" xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"");
            rawXml.Append(" ID=\"" + this.Id + "\"");
            rawXml.Append(" Version=\"2.0\"");
            rawXml.Append(" IssueInstant=\"" + this.IssueInstant + "\"");
            rawXml.Append(" IsPassive=\"" + this.IsPassive + "\"");
            rawXml.Append(" ForceAuthn=\"" + this.ForceAuthn + "\"");

            if (!String.IsNullOrEmpty(this.Consent))
            {
                rawXml.Append(" Consent=\"" + this.Consent + "\"");
            }

            if (!String.IsNullOrEmpty(this.Destination))
            {
                rawXml.Append(" Destination=\"" + this.Destination + "\"");
            }

            if (!String.IsNullOrEmpty(assertionConsumerSvcUrl))
            {
                rawXml.Append(" ProtocolBinding=\"" + this.Binding + "\"");
                rawXml.Append(" AssertionConsumerServiceURL=\"" + assertionConsumerSvcUrl + "\"");
            }
            else
            {
                rawXml.Append(" AssertionConsumerIndex=\"" + this.AssertionConsumerServiceIndex + "\"");
            }

            rawXml.Append(">");
            rawXml.Append("<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" + serviceProvider.EntityId + "</saml:Issuer>");

            if (reqAuthnContext != null)
            {
                rawXml.Append(reqAuthnContext.GenerateXmlString());
            }

            rawXml.Append("<samlp:NameIdPolicy AllowCreate=\"" + this.AllowCreate + "\" />");
            rawXml.Append("</samlp:AuthnRequest>");

            this.xml.LoadXml(rawXml.ToString());
        }
Esempio n. 7
0
        /// <summary>
        /// Initializes a new instance of the LogoutRequest class.
        /// </summary>
        /// <param name="identityProvider">
        /// IdentityProvider of the LogoutRequest
        /// </param>
        /// <param name="serviceProvider">
        /// ServiceProvider of the LogoutRequest
        /// </param>
        /// <param name="parameters">
        /// NameValueCollection of varying parameters for use in the
        /// construction of the LogoutRequest.
        /// </param>
        public LogoutRequest(
            IdentityProvider identityProvider,
            ServiceProvider serviceProvider,
            NameValueCollection parameters)
        {
            try
            {
                this.xml = new XmlDocument();
                this.xml.PreserveWhitespace = true;

                this.nsMgr = new XmlNamespaceManager(this.xml.NameTable);
                this.nsMgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
                this.nsMgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
                this.nsMgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");

                string sessionIndex  = null;
                string subjectNameId = null;
                string binding       = null;
                string destination   = null;

                if (parameters != null)
                {
                    sessionIndex  = parameters[Saml2Constants.SessionIndex];
                    subjectNameId = parameters[Saml2Constants.SubjectNameId];
                    binding       = parameters[Saml2Constants.Binding];
                    destination   = parameters[Saml2Constants.Destination];
                }

                if (String.IsNullOrEmpty(sessionIndex))
                {
                    throw new Saml2Exception(Resources.LogoutRequestSessionIndexNotDefined);
                }
                else if (String.IsNullOrEmpty(subjectNameId))
                {
                    throw new Saml2Exception(Resources.LogoutRequestSubjectNameIdNotDefined);
                }
                else if (serviceProvider == null)
                {
                    throw new Saml2Exception(Resources.LogoutRequestServiceProviderIsNull);
                }
                else if (identityProvider == null)
                {
                    throw new Saml2Exception(Resources.LogoutRequestIdentityProviderIsNull);
                }

                if (string.IsNullOrEmpty(destination))
                {
                    destination = identityProvider.GetSingleLogoutServiceLocation(binding);

                    if (string.IsNullOrEmpty(destination))
                    {
                        // default with HttpRedirect
                        destination = identityProvider.GetSingleLogoutServiceLocation(Saml2Constants.HttpRedirectProtocolBinding);
                    }
                }

                StringBuilder rawXml = new StringBuilder();
                rawXml.Append("<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"");
                rawXml.Append(" ID=\"" + Saml2Utils.GenerateId() + "\"");
                rawXml.Append(" Version=\"2.0\"");
                rawXml.Append(" IssueInstant=\"" + Saml2Utils.GenerateIssueInstant() + "\"");

                if (!String.IsNullOrEmpty(destination))
                {
                    rawXml.Append(" Destination=\"" + destination + "\"");
                }

                rawXml.Append(" >");
                rawXml.Append(" <saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"");
                rawXml.Append("  Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:transient\"");
                rawXml.Append("  NameQualifier=\"" + identityProvider.EntityId + "\">" + subjectNameId + "</saml:NameID> ");
                rawXml.Append(" <samlp:SessionIndex xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\">" + sessionIndex + "</samlp:SessionIndex>");
                rawXml.Append(" <saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" + serviceProvider.EntityId + "</saml:Issuer>");
                rawXml.Append("</samlp:LogoutRequest>");

                this.xml.LoadXml(rawXml.ToString());
            }
            catch (ArgumentNullException ane)
            {
                throw new Saml2Exception(Resources.LogoutRequestNullArgument, ane);
            }
            catch (XmlException xe)
            {
                throw new Saml2Exception(Resources.LogoutRequestXmlException, xe);
            }
        }
        /// <summary>
        /// Initializes a new instance of the AttributeQueryRequest class.
        /// </summary>
        /// <param name="identityProvider">
        /// IdentityProvider of the AttributeQueryRequest
        /// </param>
        /// <param name="serviceProvider">
        /// ServiceProvider of the AttributeQueryRequest
        /// </param>
        /// <param name="parameters">
        /// NameValueCollection of varying parameters for use in the 
        /// construction of the AttributeQueryRequest.
        /// </param>
        /// <param name="attributes">
        /// List of SamlAttribute to query
        /// </param>
        public AttributeQueryRequest(IdentityProvider identityProvider,
            ServiceProvider serviceProvider, NameValueCollection parameters, List<SamlAttribute> attributes)
        {
            try
            {
                this.xml = new XmlDocument();
                this.xml.PreserveWhitespace = true;
                this.X509SubjectName = false;

                this.nsMgr = new XmlNamespaceManager(this.xml.NameTable);
                this.nsMgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
                this.nsMgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
                this.nsMgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");

                string subjectNameId = null;

                if (parameters != null)
                {
                    subjectNameId = parameters[Saml2Constants.SubjectNameId];
                    this.X509SubjectName = Saml2Utils.GetBoolean(parameters[Saml2Constants.X509SubjectName]);
                }

                if (string.IsNullOrWhiteSpace(subjectNameId))
                {
                    throw new Saml2Exception(Resources.AttributeQueryRequestSubjectNameIdNotDefined);
                }
                else if (serviceProvider == null)
                {
                    throw new Saml2Exception(Resources.AttributeQueryRequestServiceProviderIsNull);
                }
                else if (identityProvider == null)
                {
                    throw new Saml2Exception(Resources.AttributeQueryRequestIdentityProviderIsNull);
                }
                else if (attributes == null || attributes.Count == 0)
                {
                    throw new Saml2Exception(Resources.AttributeQueryRequestIsEmpty);
                }

                StringBuilder rawXml = new StringBuilder();
                rawXml.Append("<samlp:AttributeQuery xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"");
                rawXml.Append(" ID=\"" + Saml2Utils.GenerateId() + "\"");
                rawXml.Append(" Version=\"2.0\"");
                rawXml.Append(" IssueInstant=\"" + Saml2Utils.GenerateIssueInstant() + "\">");
                rawXml.Append("<saml:Issuer>" + serviceProvider.EntityId + "</saml:Issuer>");
                rawXml.Append("<saml:Subject>");
                rawXml.Append("<saml:NameID");

                if (this.X509SubjectName)
                {
                    rawXml.Append(" Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName\"");
                }
                else
                {
                    rawXml.Append(" Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:transient\"");
                }

                rawXml.Append(" SPNameQualifier=\"" + serviceProvider.EntityId + "\"");
                rawXml.Append(" NameQualifier=\"" + identityProvider.EntityId + "\">" + subjectNameId + "</saml:NameID>");
                rawXml.Append("</saml:Subject>");

                foreach (SamlAttribute attr in attributes)
                {
                    if (attr != null)
                    {
                        rawXml.Append(attr.ToString());
                    }
                }

                rawXml.Append("</samlp:AttributeQuery>");

                this.xml.LoadXml(rawXml.ToString());
            }
            catch (ArgumentNullException ane)
            {
                throw new Saml2Exception(Resources.AttributeQueryRequestNullArgument, ane);
            }
            catch (XmlException xe)
            {
                throw new Saml2Exception(Resources.AttributeQueryRequestXmlException, xe);
            }
        }
Esempio n. 9
0
        /// <summary>
        /// Initializes a new instance of the LogoutResponse class based on
        /// the complimentary logout request.
        /// </summary>
        /// <param name="identityProvider">
        /// IdentityProvider of the LogoutResponse
        /// </param>
        /// <param name="serviceProvider">
        /// ServiceProvider of the LogoutResponse
        /// </param>
        /// <param name="logoutRequest">
        /// Logout request that requires this response
        /// </param>
        /// <param name="parameters">
        /// NameValueCollection of varying parameters for use in the
        /// construction of the LogoutResponse.
        /// </param>
        public LogoutResponse(
            IdentityProvider identityProvider,
            ServiceProvider serviceProvider,
            LogoutRequest logoutRequest,
            NameValueCollection parameters)
        {
            if (identityProvider == null)
            {
                throw new Saml2Exception(Resources.LogoutResponseIdentityProviderIsNull);
            }
            else if (serviceProvider == null)
            {
                throw new Saml2Exception(Resources.LogoutResponseServiceProviderIsNull);
            }
            else if (logoutRequest == null)
            {
                throw new Saml2Exception(Resources.LogoutResponseLogoutRequestIsNull);
            }

            if (parameters == null)
            {
                parameters = new NameValueCollection();
            }

            string inResponseToValue = logoutRequest.Id;
            string issuerValue       = serviceProvider.EntityId;

            string binding = parameters[Saml2Constants.Binding];

            if (string.IsNullOrEmpty(binding))
            {
                binding = Saml2Constants.HttpPostProtocolBinding;
            }

            string idpSvcResponseLocation = null;

            if (binding != Saml2Constants.HttpSoapProtocolBinding)
            {
                idpSvcResponseLocation = identityProvider.GetSingleLogoutServiceResponseLocation(binding);
            }

            this.xml = new XmlDocument();
            this.xml.PreserveWhitespace = true;

            this.nsMgr = new XmlNamespaceManager(this.xml.NameTable);
            this.nsMgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");
            this.nsMgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");

            StringBuilder rawXml = new StringBuilder();

            rawXml.Append("<samlp:LogoutResponse xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ");
            rawXml.Append(" ID=\"" + Saml2Utils.GenerateId() + "\" Version=\"2.0\" ");
            rawXml.Append(" IssueInstant=\"" + Saml2Utils.GenerateIssueInstant() + "\" ");

            if (idpSvcResponseLocation != null)
            {
                rawXml.Append(" Destination=\"" + idpSvcResponseLocation + "\" ");
            }

            rawXml.Append(" InResponseTo=\"" + inResponseToValue + "\">");
            rawXml.Append(" <saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" + issuerValue + "</saml:Issuer>");
            rawXml.Append(" <samlp:Status xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\">");
            rawXml.Append("   <samlp:StatusCode ");
            rawXml.Append("     xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ");
            rawXml.Append("     Value=\"" + Saml2Constants.Success + "\">");
            rawXml.Append("   </samlp:StatusCode>");
            rawXml.Append(" </samlp:Status>");
            rawXml.Append("</samlp:LogoutResponse>");

            this.xml.LoadXml(rawXml.ToString());
        }