public async Task AddOrUpdate(string tenantId) { var scheme = $"{tenantId}-scheme"; var oidOptions = new OpenIdConnectOptions(); var samlOptions = new Saml2pAuthenticationOptions(); var saml2SpOptions = new SpOptions(); var saml2IdpOptions = new IdpOptions(); var tenant = _repo.GetAllTenants().FirstOrDefault(x => x.TenantId.Equals(tenantId)); var oidcProtocol = tenant.Protocol.Equals("oidc"); if (tenant != null && oidcProtocol) { var oidConfig = _repo.GetOpenIdConfig(tenantId); oidOptions = BuildOidOptions(oidConfig); } else { var samlConfig = _repo.GetSamlConfig(tenantId); saml2SpOptions = new SpOptions() { EntityId = "https://localhost:44374/saml", SigningCertificate = new X509Certificate2("testclient.pfx", "test"), MetadataPath = "/saml/metadata", SignAuthenticationRequests = true }; saml2IdpOptions = new IdpOptions() { EntityId = samlConfig.IdpEntityId, SingleSignOnEndpoint = new SamlEndpoint(samlConfig.SingleSignOnEndpoint, SamlBindingTypes.HttpPost), SingleLogoutEndpoint = new SamlEndpoint(samlConfig.SingleLogoutEndpoint, SamlBindingTypes.HttpPost), SigningCertificate = new X509Certificate2(samlConfig.IdpSigningCertificate), //file name }; samlOptions = BuildSamlOptions(samlConfig, saml2SpOptions, saml2IdpOptions); } if (await _schemeProvider.GetSchemeAsync(scheme) == null) { _schemeProvider.AddScheme(new AuthenticationScheme(scheme, scheme, oidcProtocol ? typeof(OpenIdConnectHandler) : typeof(Saml2pAuthenticationHandler))); } else { if (oidcProtocol) { _openIdOptions.TryRemove(scheme); } else { _saml2pOptions.TryRemove(scheme); } } if (oidcProtocol) { _oidPostConfOptions.PostConfigure(scheme, oidOptions); _openIdOptions.TryAdd(scheme, oidOptions); } else { _saml2pOptions.TryAdd(scheme, samlOptions); } }
private Saml2pAuthenticationOptions BuildSamlOptions(SamlConfig config, SpOptions spOptions, IdpOptions idpOptions) { return(new Saml2pAuthenticationOptions { Licensee = "Demo", LicenseKey = "eyJTb2xkRm9yIjowLjAsIktleVByZXNldCI6NiwiU2F2ZUtleSI6ZmFsc2UsIkxlZ2FjeUtleSI6ZmFsc2UsImF1dGgiOiJERU1PIiwiZXhwIjoiMjAxOS0wOS0xMlQwMTowMDowMS4wODkwNTkzKzAxOjAwIiwiaWF0IjoiMjAxOS0wOC0xM1QwMDowMDowMS4wMDAwNTkzIiwib3JnIjoiREVNTyIsImF1ZCI6Mn0=.aIIw1/atlaiBci5zSxPIhdinI7tEmBZYK3Xuhe19a5twDeSzRm/i57gWpMMu/2x8O40nfAi9yk2Gbpadzv8RpOxaF5+OnnIcg4yevKLipJKZJ9bBDDC78Yl/nkhM6N65e18haUmgO/l8EYeRpYNTBE7dNGK2wZJAyqDpWpBYQ8tbCvfjchj5GGqudqFT/YLNuHn1y0Ps7mP4rh4V5G7TyIaY9QfW3ZMGJGtOQyjvTzlc02IZrw6idhRpNNazMqZAFnUKUV+bR//jyx1uBkz1H+hF0eslQt9Wt9yse3JAZi/D4oUTFyPOfzzhGkW2ceftX8tmYEWE/lPjQ3+xonKX+XNxJEXjib6d6GkTJpALpBniXS6XIKDnDV2h0Bs14lMA+2ddEDBMWVid4ubdUBZBkQLKWfZkPACUd6aBfx001v3QE2YQ9yxzdq0EAWnvEV5EE3NR4sLaNNuYxxMSoBs8ZRovhcT7Yo+o6skNu1cVvGVjOl+YMURdQgc7dPU+NxNG4oekEyW+i9N3RidvZeM1xz8dQipBMCMrrOymLV5hT32N9Y/XX4yC26zbuc5aYoaQKNqF7ZVfbrOa2H4G/Jr3pYj3EWRWfy2xlLDbUSzjcJ4ut2OZFHs5ql2Ut9y/LQ8yB3Impur6h8TpwbziWza/z2j2Gmj3rwKbN0vO2zYQJv4=", IdentityProviderOptions = idpOptions, ServiceProviderOptions = spOptions, //SaveTokens = true, NameIdClaimType = "sub", CallbackPath = $"/signin-saml-{config.TenantId}", SignInScheme = "idsrv.external", ClaimsIssuer = idpOptions.EntityId, }); }