/// <summary>CreateRequest</summary>
/// <param name="issuer">string</param>
/// <param name="protocolBinding">SAML2Enum.ProtocolBinding</param>
/// <param name="nameIDFormat">SAML2Enum.NameIDFormat</param>
/// <param name="assertionConsumerServiceURL">string</param>
/// <param name="id">string</param>
/// <returns>SAMLRequest</returns>
public static XmlDocument CreateRequest(string issuer,
SAML2Enum.ProtocolBinding protocolBinding,
SAML2Enum.NameIDFormat nameIDFormat,
string assertionConsumerServiceURL, out string id)
{
// idの先頭は[A-Za-z]のみで、s2とするのが慣例っぽい。
id = "s2" + Guid.NewGuid().ToString("N");
string xmlString = SAML2Const.RequestTemplate;
#region enum 2 string
string urnNameIDFormatString = SAML2Enum.EnumToString(nameIDFormat);
string protocolBindingString = SAML2Enum.EnumToString(protocolBinding);
#endregion
#region Replace
// 固定値
xmlString = xmlString.Replace("{UrnProtocol}", SAML2Const.UrnProtocol);
xmlString = xmlString.Replace("{UrnAssertion}", SAML2Const.UrnAssertion);
// 可変値
// - 共通
xmlString = xmlString.Replace("{ID}", id);
xmlString = xmlString.Replace("{Issuer}", issuer);
xmlString = xmlString.Replace("{IssueInstant}", FormatConverter.ToW3cTimestamp(DateTime.UtcNow));
// - ...
xmlString = xmlString.Replace("{UrnNameIDFormat}", urnNameIDFormatString);
// XmlDocument化
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.PreserveWhitespace = false;
xmlDoc.LoadXml(xmlString);
#endregion
#region Append
// 以下はオプション属性
XmlNode node = xmlDoc.GetElementsByTagName("samlp:AuthnRequest")[0];
XmlAttribute attr = null;
// - ProtocolBinding属性
if (!string.IsNullOrEmpty(protocolBindingString))
{
attr = xmlDoc.CreateAttribute("ProtocolBinding");
attr.Value = protocolBindingString;
node.Attributes.Append(attr);
}
// - AssertionConsumerServiceURL属性
if (!string.IsNullOrEmpty(assertionConsumerServiceURL))
{
attr = xmlDoc.CreateAttribute("AssertionConsumerServiceURL");
attr.Value = assertionConsumerServiceURL;
node.Attributes.Append(attr);
}
#endregion
return(xmlDoc);
}
/// <summary>CreateAssertion</summary>
/// <param name="inResponseTo">string</param>
/// <param name="issuer">string</param>
/// <param name="nameID">string</param>
/// <param name="nameIDFormat">SAML2Enum.NameIDFormat</param>
/// <param name="authnContextClassRef">SAML2Enum.AuthnContextClassRef</param>
/// <param name="expiresFromSecond">double</param>
/// <param name="recipient">string</param>
/// <param name="id">string</param>
/// <param name="rsa">RSA</param>
/// <returns>SAMLAssertion</returns>
public static XmlDocument CreateAssertion(
string inResponseTo, string issuer, string nameID,
SAML2Enum.NameIDFormat nameIDFormat,
SAML2Enum.AuthnContextClassRef authnContextClassRef,
double expiresFromSecond, string recipient,
out string id, RSA rsa = null)
{
// idの先頭は[A-Za-z]のみで、s2とするのが慣例っぽい。
id = "s2" + Guid.NewGuid().ToString("N");
string xmlString = SAML2Const.AssertionTemplate;
#region enum 2 string
string urnNameIDFormatString = SAML2Enum.EnumToString(nameIDFormat);
string urnAuthnContextClassRefString = SAML2Enum.EnumToString(authnContextClassRef);
#endregion
#region Replace
// 固定値
xmlString = xmlString.Replace("{UrnProtocol}", SAML2Const.UrnProtocol);
xmlString = xmlString.Replace("{UrnAssertion}", SAML2Const.UrnAssertion);
xmlString = xmlString.Replace("{UrnMethod}", SAML2Const.UrnMethodBearer);
// 可変値
// - ID
xmlString = xmlString.Replace("{ID}", id);
xmlString = xmlString.Replace("{InResponseTo}", inResponseTo);
xmlString = xmlString.Replace("{Issuer}", issuer);
// - 認証関連
xmlString = xmlString.Replace("{NameID}", nameID);
xmlString = xmlString.Replace("{UrnNameIDFormat}", urnNameIDFormatString);
xmlString = xmlString.Replace("{UrnAuthnContextClassRef}", urnAuthnContextClassRefString);
// - 時間関連
string utcNow = FormatConverter.ToW3cTimestamp(DateTime.UtcNow);
xmlString = xmlString.Replace("{IssueInstant}", utcNow);
xmlString = xmlString.Replace("{AuthnInstant}", utcNow);
xmlString = xmlString.Replace("{NotBefore}", utcNow);
string utcExpires = FormatConverter.ToW3cTimestamp(DateTime.UtcNow.AddSeconds(expiresFromSecond));
xmlString = xmlString.Replace("{NotOnOrAfter}", utcExpires);
// - SP関連
xmlString = xmlString.Replace("{Recipient}", recipient);
xmlString = xmlString.Replace("{Audience}", recipient); // recipientのFQDNまでらしい
// XmlDocument化
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.PreserveWhitespace = false;
xmlDoc.LoadXml(xmlString);
#endregion
#region Sign
if (rsa != null)
{
SignedXml2 signedXml2 = new SignedXml2(rsa);
xmlDoc = signedXml2.Create(xmlDoc, id);
}
#endregion
return(xmlDoc);
}
