/// <summary>CreateRequest</summary> /// <param name="issuer">string</param> /// <param name="protocolBinding">SAML2Enum.ProtocolBinding</param> /// <param name="nameIDFormat">SAML2Enum.NameIDFormat</param> /// <param name="assertionConsumerServiceURL">string</param> /// <param name="id">string</param> /// <returns>SAMLRequest</returns> public static XmlDocument CreateRequest(string issuer, SAML2Enum.ProtocolBinding protocolBinding, SAML2Enum.NameIDFormat nameIDFormat, string assertionConsumerServiceURL, out string id) { // idの先頭は[A-Za-z]のみで、s2とするのが慣例っぽい。 id = "s2" + Guid.NewGuid().ToString("N"); string xmlString = SAML2Const.RequestTemplate; #region enum 2 string string urnNameIDFormatString = SAML2Enum.EnumToString(nameIDFormat); string protocolBindingString = SAML2Enum.EnumToString(protocolBinding); #endregion #region Replace // 固定値 xmlString = xmlString.Replace("{UrnProtocol}", SAML2Const.UrnProtocol); xmlString = xmlString.Replace("{UrnAssertion}", SAML2Const.UrnAssertion); // 可変値 // - 共通 xmlString = xmlString.Replace("{ID}", id); xmlString = xmlString.Replace("{Issuer}", issuer); xmlString = xmlString.Replace("{IssueInstant}", FormatConverter.ToW3cTimestamp(DateTime.UtcNow)); // - ... xmlString = xmlString.Replace("{UrnNameIDFormat}", urnNameIDFormatString); // XmlDocument化 XmlDocument xmlDoc = new XmlDocument(); xmlDoc.PreserveWhitespace = false; xmlDoc.LoadXml(xmlString); #endregion #region Append // 以下はオプション属性 XmlNode node = xmlDoc.GetElementsByTagName("samlp:AuthnRequest")[0]; XmlAttribute attr = null; // - ProtocolBinding属性 if (!string.IsNullOrEmpty(protocolBindingString)) { attr = xmlDoc.CreateAttribute("ProtocolBinding"); attr.Value = protocolBindingString; node.Attributes.Append(attr); } // - AssertionConsumerServiceURL属性 if (!string.IsNullOrEmpty(assertionConsumerServiceURL)) { attr = xmlDoc.CreateAttribute("AssertionConsumerServiceURL"); attr.Value = assertionConsumerServiceURL; node.Attributes.Append(attr); } #endregion return(xmlDoc); }
/// <summary>CreateAssertion</summary> /// <param name="inResponseTo">string</param> /// <param name="issuer">string</param> /// <param name="nameID">string</param> /// <param name="nameIDFormat">SAML2Enum.NameIDFormat</param> /// <param name="authnContextClassRef">SAML2Enum.AuthnContextClassRef</param> /// <param name="expiresFromSecond">double</param> /// <param name="recipient">string</param> /// <param name="id">string</param> /// <param name="rsa">RSA</param> /// <returns>SAMLAssertion</returns> public static XmlDocument CreateAssertion( string inResponseTo, string issuer, string nameID, SAML2Enum.NameIDFormat nameIDFormat, SAML2Enum.AuthnContextClassRef authnContextClassRef, double expiresFromSecond, string recipient, out string id, RSA rsa = null) { // idの先頭は[A-Za-z]のみで、s2とするのが慣例っぽい。 id = "s2" + Guid.NewGuid().ToString("N"); string xmlString = SAML2Const.AssertionTemplate; #region enum 2 string string urnNameIDFormatString = SAML2Enum.EnumToString(nameIDFormat); string urnAuthnContextClassRefString = SAML2Enum.EnumToString(authnContextClassRef); #endregion #region Replace // 固定値 xmlString = xmlString.Replace("{UrnProtocol}", SAML2Const.UrnProtocol); xmlString = xmlString.Replace("{UrnAssertion}", SAML2Const.UrnAssertion); xmlString = xmlString.Replace("{UrnMethod}", SAML2Const.UrnMethodBearer); // 可変値 // - ID xmlString = xmlString.Replace("{ID}", id); xmlString = xmlString.Replace("{InResponseTo}", inResponseTo); xmlString = xmlString.Replace("{Issuer}", issuer); // - 認証関連 xmlString = xmlString.Replace("{NameID}", nameID); xmlString = xmlString.Replace("{UrnNameIDFormat}", urnNameIDFormatString); xmlString = xmlString.Replace("{UrnAuthnContextClassRef}", urnAuthnContextClassRefString); // - 時間関連 string utcNow = FormatConverter.ToW3cTimestamp(DateTime.UtcNow); xmlString = xmlString.Replace("{IssueInstant}", utcNow); xmlString = xmlString.Replace("{AuthnInstant}", utcNow); xmlString = xmlString.Replace("{NotBefore}", utcNow); string utcExpires = FormatConverter.ToW3cTimestamp(DateTime.UtcNow.AddSeconds(expiresFromSecond)); xmlString = xmlString.Replace("{NotOnOrAfter}", utcExpires); // - SP関連 xmlString = xmlString.Replace("{Recipient}", recipient); xmlString = xmlString.Replace("{Audience}", recipient); // recipientのFQDNまでらしい // XmlDocument化 XmlDocument xmlDoc = new XmlDocument(); xmlDoc.PreserveWhitespace = false; xmlDoc.LoadXml(xmlString); #endregion #region Sign if (rsa != null) { SignedXml2 signedXml2 = new SignedXml2(rsa); xmlDoc = signedXml2.Create(xmlDoc, id); } #endregion return(xmlDoc); }