public string GetSpidAuthRequest(SpidProviderConfiguration spidProviderConfiguration)
{
string result = "";
AuthRequestOptions requestOptions = new AuthRequestOptions()
{
AssertionConsumerServiceIndex = spidProviderConfiguration.LoginAssertionConsumerServiceIndex,
AttributeConsumingServiceIndex = spidProviderConfiguration.LoginAttributeConsumingServiceIndex,
Destination = spidProviderConfiguration.IdentityProviderLoginPostUrl,
SPIDLevel = spidProviderConfiguration.LoginSPIDLevel,
SPUID = spidProviderConfiguration.ServiceProviderId,
UUID = Guid.NewGuid().ToString()
};
AuthRequest request = new AuthRequest(requestOptions);
try
{
X509Certificate2 signinCert = new X509Certificate2(_appEnvironment.ContentRootPath + spidProviderConfiguration.ServiceProviderCertPath, spidProviderConfiguration.ServiceProviderCertPassword, X509KeyStorageFlags.MachineKeySet);
if (string.IsNullOrEmpty(spidProviderConfiguration.ServiceProviderPrivatekey))
{
result = request.GetSignedAuthRequest(signinCert);
}
else
{
result = request.GetSignedAuthRequest(signinCert, spidProviderConfiguration.ServiceProviderPrivatekey);
}
}
catch (Exception ex)
{
_logger.LogError(ex, "Error creating SAML Request for {0}", spidProviderConfiguration.IdentityProviderId);
}
return(result);
}
public string GetSpidAuthRequest(SpidProviderConfiguration spidProviderConfiguration)
{
string result = "";
AuthRequestOptions requestOptions = new AuthRequestOptions()
{
AssertionConsumerServiceIndex = 0,
AttributeConsumingServiceIndex = 2,
Destination = spidProviderConfiguration.IdentityProviderLoginPostUrl,
SPIDLevel = SPIDLevel.SPIDL1,
SPUID = spidProviderConfiguration.ServiceProviderId,
UUID = Guid.NewGuid().ToString()
};
AuthRequest request = new AuthRequest(requestOptions);
X509Certificate2 signinCert = new X509Certificate2(_appEnvironment.ContentRootPath + spidProviderConfiguration.ServiceProviderCertPath, spidProviderConfiguration.ServiceProviderCertPassword, X509KeyStorageFlags.Exportable);
if (string.IsNullOrEmpty(spidProviderConfiguration.ServiceProviderPrivatekey))
{
result = request.GetSignedAuthRequest(signinCert);
}
else
{
result = request.GetSignedAuthRequest(signinCert, spidProviderConfiguration.ServiceProviderPrivatekey);
}
return(result);
}
