コード例 #1
0
ファイル: IDPSelectionUtil.cs プロジェクト: ahydrax/SAML2
        /// <summary>
        /// Handles the selection of an IDP. If only one IDP is found, the user is automatically redirected to it.
        /// If several are found, and nothing indicates to which one the user should be sent, this method returns null.
        /// </summary>
        /// <param name="context">The context.</param>
        /// <param name="config">Configuration.  If null, configuration will be populated from application config</param>
        /// <returns>The <see cref="IdentityProvider"/>.</returns>
        public IdentityProvider RetrieveIDP(NameValueCollection allparams, NameValueCollection queryString, Saml2Configuration config, Action <string> redirectToSelection)
        {
            // If idpChoice is set, use it value
            if (!string.IsNullOrEmpty(allparams[IdpChoiceParameterName]))
            {
                logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromQueryString, allparams[IdpChoiceParameterName]);
                var endPoint = config.IdentityProvidersSource.GetById(allparams[IdpChoiceParameterName]);
                if (endPoint != null)
                {
                    return(endPoint);
                }
            }

            // If we have a common domain cookie, use it's value
            // It must have been returned from the local common domain cookie reader endpoint.
            if (!string.IsNullOrEmpty(queryString["_saml_idp"]))
            {
                var cdc = new Protocol.CommonDomainCookie(queryString["_saml_idp"]);
                if (cdc.IsSet)
                {
                    var endPoint = config.IdentityProvidersSource.GetById(cdc.PreferredIDP);
                    if (endPoint != null)
                    {
                        logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromCommonDomainCookie, cdc.PreferredIDP);
                        return(endPoint);
                    }

                    logger.WarnFormat(ErrorMessages.CommonDomainCookieIdentityProviderInvalid, cdc.PreferredIDP);
                }
            }

            // If there is only one configured IdentityProviderEndpointElement lets just use that
            if (config.IdentityProvidersSource.GetAll().Any())
            {
                var idp = config.IdentityProvidersSource.GetAll().First();
                logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromDefault, idp.Name);
                return(idp);
            }

            // If one of the endpoints are marked with default, use that one
            var defaultIDP = config.IdentityProvidersSource.GetAll().FirstOrDefault(idp => idp.Default);

            if (defaultIDP != null)
            {
                logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromDefault, defaultIDP.Id);
                return(defaultIDP);
            }

            // In case an IDP selection url has been configured, redirect to that one.
            if (!string.IsNullOrEmpty(config.IdentityProvidersSource.SelectionUrl))
            {
                logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromSelection, config.IdentityProvidersSource.SelectionUrl);
                redirectToSelection(config.IdentityProvidersSource.SelectionUrl);
                return(null);
            }

            // If an IDPSelectionEvent handler is present, request the handler for an IDP endpoint to use.
            return(IdpSelectionUtil.InvokeIDPSelectionEventHandler(config.IdentityProvidersSource));
        }
コード例 #2
0
ファイル: IDPSelectionUtil.cs プロジェクト: jbparker/SAML2
        /// <summary>
        /// Handles the selection of an IDP. If only one IDP is found, the user is automatically redirected to it.
        /// If several are found, and nothing indicates to which one the user should be sent, this method returns null.
        /// </summary>
        /// <param name="context">The context.</param>
        /// <param name="config">Configuration.  If null, configuration will be populated from application config</param>
        /// <returns>The <see cref="IdentityProvider"/>.</returns>
        public IdentityProvider RetrieveIDP(NameValueCollection allparams, NameValueCollection queryString, Saml2Configuration config, Action<string> redirectToSelection)
        {
            // If idpChoice is set, use it value
            if (!string.IsNullOrEmpty(allparams[IdpChoiceParameterName])) {
                logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromQueryString, allparams[IdpChoiceParameterName]);
                var endPoint = config.IdentityProviders.FirstOrDefault(x => x.Id == allparams[IdpChoiceParameterName]);
                if (endPoint != null) {
                    return endPoint;
                }
            }

            // If we have a common domain cookie, use it's value
            // It must have been returned from the local common domain cookie reader endpoint.
            if (!string.IsNullOrEmpty(queryString["_saml_idp"])) {
                var cdc = new Protocol.CommonDomainCookie(queryString["_saml_idp"]);
                if (cdc.IsSet) {
                    var endPoint = config.IdentityProviders.FirstOrDefault(x => x.Id == cdc.PreferredIDP);
                    if (endPoint != null) {
                        logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromCommonDomainCookie, cdc.PreferredIDP);
                        return endPoint;
                    }

                    logger.WarnFormat(ErrorMessages.CommonDomainCookieIdentityProviderInvalid, cdc.PreferredIDP);
                }
            }

            // If there is only one configured IdentityProviderEndpointElement lets just use that
            if (config.IdentityProviders.Count == 1 && config.IdentityProviders[0].Metadata != null) {
                logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromDefault, config.IdentityProviders[0].Name);
                return config.IdentityProviders[0];
            }

            // If one of the endpoints are marked with default, use that one
            var defaultIDP = config.IdentityProviders.FirstOrDefault(idp => idp.Default);
            if (defaultIDP != null) {
                logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromDefault, defaultIDP.Id);
                return defaultIDP;
            }

            // In case an IDP selection url has been configured, redirect to that one.
            if (!string.IsNullOrEmpty(config.IdentityProviders.SelectionUrl)) {
                logger.DebugFormat(TraceMessages.IdentityProviderRetreivedFromSelection, config.IdentityProviders.SelectionUrl);
                redirectToSelection(config.IdentityProviders.SelectionUrl);
                return null;
            }

            // If an IDPSelectionEvent handler is present, request the handler for an IDP endpoint to use.
            return IdpSelectionUtil.InvokeIDPSelectionEventHandler(config.IdentityProviders);
        }