static void CreateSampleRelyingParty() { ManagementService svc = ManagementServiceHelper.CreateManagementServiceClient(); DateTime startDate = DateTime.UtcNow; DateTime endDate = startDate.AddYears(1); // Create Relying Party RelyingParty relyingParty = svc.CreateRelyingParty(TestRelyingPartyNameString, "http://TestRelyingParty.com/Realm", "http://TestRelyingParty.com/Reply", RelyingPartyTokenType.SAML_2_0, false); string pfxFileName = "SampleCert.pfx"; string pfxPassword = @"pass@word1"; byte[] signingCertificate = ManagementServiceHelper.ReadBytesFromPfxFile(pfxFileName, pfxPassword); svc.CreateRelyingPartyKey(relyingParty, signingCertificate, pfxPassword, RelyingPartyKeyType.X509Certificate, RelyingPartyKeyUsage.Signing, true); // Create a rule group and you can follow the 'Rule' sample code to add rules to it as needed. string sampleRuleGroupName = "Sample Rule Group for " + relyingParty.Name; RuleGroup ruleGroup = svc.RuleGroups.Where(rg => rg.Name == sampleRuleGroupName).FirstOrDefault(); if (ruleGroup == null) { ruleGroup = new RuleGroup() { Name = sampleRuleGroupName }; svc.AddToRuleGroups(ruleGroup); } svc.AssignRuleGroupToRelyingParty(ruleGroup, relyingParty); svc.SaveChangesBatch(); }
/// <summary> /// Add a rule group. /// </summary> private static void AddRuleGroup(string name) { ManagementService svc = ManagementServiceHelper.CreateManagementServiceClient(); RuleGroup rg = new RuleGroup() { Name = name }; svc.AddToRuleGroups(rg); svc.SaveChangesBatch(); }
/// <summary> /// Creates a rule group with the given name. /// </summary> public static RuleGroup CreateRuleGroup(this ManagementService svc, string name) { svc.DeleteRuleGroupByNameIfExists(name); RuleGroup ruleGroup = new RuleGroup { Name = name }; svc.AddToRuleGroups(ruleGroup); return(ruleGroup); }
public static RuleGroup AddPassthroughRule(this ManagementService svc, RelyingParty relyingParty, string ruleGroupName) { Contract.Requires(svc != null); Contract.Requires(relyingParty != null); Contract.Requires(!string.IsNullOrWhiteSpace(ruleGroupName)); var ruleGroup = new RuleGroup() { Name = ruleGroupName }; svc.AddToRuleGroups(ruleGroup); svc.SaveChanges(SaveChangesOptions.Batch); var localAuthority = svc.Issuers.Where( m => m.Name == "LOCAL AUTHORITY").FirstOrDefault(); var passthrough = new Rule(); passthrough.Description = "Passthough all ACS claims"; svc.AddToRules(passthrough); svc.SetLink(passthrough, "RuleGroup", ruleGroup); svc.SetLink(passthrough, "Issuer", localAuthority); var rprg = new RelyingPartyRuleGroup(); svc.AddToRelyingPartyRuleGroups(rprg); svc.AddLink(relyingParty, "RelyingPartyRuleGroups", rprg); svc.AddLink(ruleGroup, "RelyingPartyRuleGroups", rprg); svc.SaveChanges(SaveChangesOptions.Batch); return(ruleGroup); }
/// <summary> /// Copies the <paramref name="source"/> into a new rule group with name <paramref name="newRuleGroupName"/> /// </summary> /// <param name="svc"></param> /// <param name="source">Source rule group</param> /// <param name="newRuleGroupName">Name of the new rule group</param> public static void CopyRuleGroup(this ManagementService svc, RuleGroup source, string newRuleGroupName) { RuleGroup newRuleGroup = new RuleGroup() { Name = newRuleGroupName, }; svc.AddToRuleGroups(newRuleGroup); foreach (Rule rule in svc.Rules.Expand("Issuer").Where(r => r.RuleGroupId == source.Id)) { Rule newRule = new Rule(); newRule.Description = rule.Description; newRule.InputClaimType = rule.InputClaimType; newRule.InputClaimValue = rule.InputClaimValue; newRule.OutputClaimType = rule.OutputClaimType; newRule.OutputClaimValue = rule.OutputClaimValue; svc.AddToRules(newRule); svc.SetLink(newRule, "Issuer", rule.Issuer); svc.SetLink(newRule, "RuleGroup", newRuleGroup); } }
private static void CreateRelyingParty(ManagementService client, string relyingPartyName, string ruleGroupName, string realmAddress, string replyAddress, TokenType tokenType, int tokenLifetime, bool asymmetricTokenEncryptionRequired, out RelyingParty relyingParty) { // Create Relying Party relyingParty = new RelyingParty { Name = relyingPartyName, DisplayName = relyingPartyName, Description = relyingPartyName, TokenType = tokenType.ToString(), TokenLifetime = tokenLifetime, AsymmetricTokenEncryptionRequired = asymmetricTokenEncryptionRequired }; client.AddObject("RelyingParties", relyingParty); client.SaveChanges(); if (!string.IsNullOrWhiteSpace(ruleGroupName)) { RuleGroup ruleGroup = client.RuleGroups.Where(rg => rg.Name.Equals(ruleGroupName, StringComparison.OrdinalIgnoreCase)).FirstOrDefault(); if (ruleGroup == null) { ruleGroup = new RuleGroup { Name = ruleGroupName }; client.AddToRuleGroups(ruleGroup); client.SaveChanges(); } var relyingPartyRuleGroup = new RelyingPartyRuleGroup { RuleGroupId = ruleGroup.Id, RelyingParty = relyingParty }; client.AddRelatedObject(relyingParty, "RelyingPartyRuleGroups", relyingPartyRuleGroup); } // Create the Realm for Relying Party var realm = new RelyingPartyAddress { Address = realmAddress, EndpointType = RelyingPartyAddressEndpointType.Realm.ToString(), RelyingParty = relyingParty }; client.AddRelatedObject(relyingParty, "RelyingPartyAddresses", realm); if (!string.IsNullOrEmpty(replyAddress)) { var reply = new RelyingPartyAddress { Address = replyAddress, EndpointType = RelyingPartyAddressEndpointType.Reply.ToString(), RelyingParty = relyingParty }; client.AddRelatedObject(relyingParty, "RelyingPartyAddresses", reply); } client.SaveChanges(SaveChangesOptions.Batch); }