protected virtual XmlElement Build(string binding, string destination)
{
var request = AuthnRequestBuilder.New(Options.SPName)
.SetBinding(binding)
.SetDestination(destination)
.SetIssuer(Constants.NameIdentifierFormats.EntityIdentifier, Options.SPId);
if (Options.AuthnRequestSigned && Options.SignatureAlg != null && Options.SigningCertificate != null)
{
return(request.SignAndBuild(Options.SigningCertificate, Options.SignatureAlg.Value, Options.CanonicalizationMethod));
}
return(request.Build());
}
public void When_Build_And_Sign_AuthnRequest()
{
var payload = File.ReadAllBytes(Path.Combine(Directory.GetCurrentDirectory(), "localhost.pfx"));
var certificate = new X509Certificate2(payload, "password");
// https://en.wikipedia.org/wiki/SAML_2.0
// https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
// https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf
// https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf
// https://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf
// http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml2-holder-of-key-cs-02.html
// https://developers.onelogin.com/saml/examples/authnrequest : explains how to sign AuthnRequest
// https://dtservices.bosa.be/sites/default/files/content/download/files/fas_saml_integration_guide_v0.51_1.pdf
// ARRANGE
var builder = AuthnRequestBuilder.New("SP")
.SetIssuer(Constants.NameIdentifierFormats.EntityIdentifier, "urn:sp");
// ACT
var authnRequest = builder.SignAndBuild(certificate, SignatureAlgorithms.RSASHA256, CanonicalizationMethods.C14);
// ASSERT
Assert.True(SignatureHelper.CheckSignature(authnRequest, certificate));
}