// Send the SAML response to the SP.
private void SendSAMLResponse(SAMLResponse samlResponse, string relayState)
{
Trace.Write("IdP", "Sending SAML response");
// Serialize the SAML response for transmission.
XmlElement samlResponseXml = samlResponse.ToXml();
// Sign the SAML response.
X509Certificate2 x509Certificate = (X509Certificate2)Application[Global.IdPX509Certificate];
SAMLMessageSignature.Generate(samlResponseXml, x509Certificate.PrivateKey, x509Certificate);
IdentityProvider.SendSAMLResponseByHTTPPost(Response, Configuration.AssertionConsumerServiceURL, samlResponseXml, relayState);
Trace.Write("IdP", "Sent SAML response");
}
// Send the SAML response over the specified binding.
private void SendSAMLResponse(SAMLResponse samlResponse, SSOState ssoState)
{
Trace.Write("IdP", "Sending SAML response");
// Serialize the SAML response for transmission.
XmlElement samlResponseXml = samlResponse.ToXml();
// Sign the SAML response
X509Certificate2 x509Certificate = (X509Certificate2)Application[Global.IdPX509Certificate];
SAMLMessageSignature.Generate(samlResponseXml, x509Certificate.PrivateKey, x509Certificate);
// Send the SAML response to the service provider.
switch (ssoState.idpProtocolBinding)
{
case SAMLIdentifiers.Binding.HTTPPost:
IdentityProvider.SendSAMLResponseByHTTPPost(Response, ssoState.assertionConsumerServiceURL, samlResponseXml, ssoState.relayState);
break;
case SAMLIdentifiers.Binding.HTTPArtifact:
// Create the artifact.
string identificationURL = CreateAbsoluteURL("~/");
HTTPArtifactType4 httpArtifact = new HTTPArtifactType4(HTTPArtifactType4.CreateSourceId(identificationURL), HTTPArtifactType4.CreateMessageHandle());
// Cache the authentication request for subsequent sending using the artifact resolution protocol.
HTTPArtifactState httpArtifactState = new HTTPArtifactState(samlResponseXml, null);
HTTPArtifactStateCache.Add(httpArtifact, httpArtifactState);
// Send the artifact.
IdentityProvider.SendArtifactByHTTPArtifact(Response, ssoState.assertionConsumerServiceURL, httpArtifact, ssoState.relayState, false);
break;
default:
Trace.Write("IdP", "Invalid identity provider binding");
break;
}
Trace.Write("IdP", "Sent SAML response");
}
private void RedirectWithSAML(string dest)
{
var FBReturnToken = Session["FBReturnToken"].ToString();
SAMLResponse samlResponse = new SAMLResponse();
samlResponse.Destination = WebConfigurationManager.AppSettings["AssertionConsumerServiceURL"];
Issuer issuer = new Issuer( new Uri(Request.Url, Url.Content("~")).ToString());
samlResponse.Issuer = issuer;
samlResponse.Status = new Status(SAMLIdentifiers.PrimaryStatusCodes.Success, null);
samlResponse.Assertions.Add(new SAMLAssertion(FBReturnToken));
var samlResponseXml = samlResponse.ToXml();
// Sign the SAML response.
X509Certificate2 x509Certificate = (X509Certificate2)HttpContext.Application[MvcApplication.DecrypterX509Certificate];
SAMLMessageSignature.Generate(samlResponseXml, x509Certificate.PrivateKey, x509Certificate);
HttpResponse theResponse = (HttpResponse)HttpContext.GetService(typeof(HttpResponse));
IdentityProvider.SendSAMLResponseByHTTPPost(theResponse,
WebConfigurationManager.AppSettings["AssertionConsumerServiceURL"],
samlResponseXml, dest);
}
private string BuildSAML()
{
var strIssuer = queryParameters.FirstOrDefault(i => i.Key == "issuer").Value;
var member = queryParameters.FirstOrDefault(i => i.Key == "member").Value;
var userEmail = queryParameters.FirstOrDefault(i => i.Key == "userEmail").Value;
var cn = queryParameters.FirstOrDefault(i => i.Key == "cn").Value;
var uid = queryParameters.FirstOrDefault(i => i.Key == "uid").Value;
var pfxLocation = queryParameters.FirstOrDefault(i => i.Key == "pfxLocation").Value;
var pfxPwd = queryParameters.FirstOrDefault(i => i.Key == "pfxPwd").Value;
var samlResponse = new SAMLResponse();
samlResponse.Issuer = new Issuer(strIssuer);
samlResponse.Destination = strIssuer;
var samlAssertion = new SAMLAssertion();
samlAssertion.Issuer = new Issuer(strIssuer);
samlAssertion.Subject = new Subject(new NameID(userEmail, null, null, SAMLIdentifiers.NameIdentifierFormats.EmailAddress, null));
samlAssertion.Conditions = new Conditions(new TimeSpan(1, 0, 0));
var authnStatement = new AuthnStatement();
authnStatement.AuthnContext = new AuthnContext();
authnStatement.AuthnContext.AuthnContextClassRef = new AuthnContextClassRef(SAMLIdentifiers.AuthnContextClasses.PasswordProtectedTransport);
samlAssertion.Statements.Add(authnStatement);
var attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(new SAMLAttribute("member", SAMLIdentifiers.AttributeNameFormats.Basic, null, member));
samlAssertion.Statements.Add(attributeStatement);
attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(new SAMLAttribute("mail", SAMLIdentifiers.AttributeNameFormats.Basic, null, userEmail));
samlAssertion.Statements.Add(attributeStatement);
attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(new SAMLAttribute("cn", SAMLIdentifiers.AttributeNameFormats.Basic, null, cn));
samlAssertion.Statements.Add(attributeStatement);
attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(new SAMLAttribute("uid", SAMLIdentifiers.AttributeNameFormats.Basic, null, uid));
samlAssertion.Statements.Add(attributeStatement);
samlResponse.Assertions.Add(samlAssertion);
if (true)
{
var x509Certificate = Util.LoadSignKeyAndCertificate(pfxLocation, pfxPwd);
var signedXml = new SignedXml(samlResponse.ToXml());
signedXml.SigningKey = x509Certificate.PrivateKey;
var keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(x509Certificate));
signedXml.KeyInfo = keyInfo;
// Create a reference to be signed.
var reference = new Reference();
reference.Uri = "#" + samlAssertion.ID;
var env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
signedXml.AddReference(reference);
signedXml.ComputeSignature();
samlResponse.Signature = signedXml.GetXml();
}
var result = samlResponse.ToXml().OuterXml.ToString();
File.WriteAllText("SAMLPayload.xml", result);
return(Util.EncodeToBase64(result));
}
// Send the SAML response over the specified binding.
private void SendSAMLResponse(SAMLResponse samlResponse, SSOState ssoState)
{
Trace.Write("IdP", "Sending SAML response");
// Serialize the SAML response for transmission.
XmlElement samlResponseXml = samlResponse.ToXml();
// Sign the SAML response
X509Certificate2 x509Certificate = (X509Certificate2) Application[Global.IdPX509Certificate];
SAMLMessageSignature.Generate(samlResponseXml, x509Certificate.PrivateKey, x509Certificate);
// Send the SAML response to the service provider.
switch (ssoState.idpProtocolBinding) {
case SAMLIdentifiers.Binding.HTTPPost:
IdentityProvider.SendSAMLResponseByHTTPPost(Response, ssoState.assertionConsumerServiceURL, samlResponseXml, ssoState.relayState);
break;
case SAMLIdentifiers.Binding.HTTPArtifact:
// Create the artifact.
string identificationURL = CreateAbsoluteURL("~/");
HTTPArtifactType4 httpArtifact = new HTTPArtifactType4(HTTPArtifactType4.CreateSourceId(identificationURL), HTTPArtifactType4.CreateMessageHandle());
// Cache the authentication request for subsequent sending using the artifact resolution protocol.
HTTPArtifactState httpArtifactState = new HTTPArtifactState(samlResponseXml, null);
HTTPArtifactStateCache.Add(httpArtifact, httpArtifactState);
// Send the artifact.
IdentityProvider.SendArtifactByHTTPArtifact(Response, ssoState.assertionConsumerServiceURL, httpArtifact, ssoState.relayState, false);
break;
default:
Trace.Write("IdP", "Invalid identity provider binding");
break;
}
Trace.Write("IdP", "Sent SAML response");
}
private static XmlElement CreateSamlResponse(string assertionConsumerServiceUrl, List <SAMLAttribute> attributes, string requestId = null, bool signAssertion = false, bool signResponse = false, bool encryptAssertion = false)
{
var samlResponse = new SAMLResponse {
Destination = assertionConsumerServiceUrl
};
var issuer = new Issuer(SAMLConfiguration.Current.IdentityProviderConfiguration.Name);
var issuerX509CertificateFilePath = Path.Combine(HttpRuntime.AppDomainAppPath, SAMLConfiguration.Current.IdentityProviderConfiguration.CertificateFile);
var issuerX509Certificate = new X509Certificate2(issuerX509CertificateFilePath, SAMLConfiguration.Current.IdentityProviderConfiguration.CertificatePassword);
var partner = SessionHelper.Get <string>(PartnerSpSessionKey) ?? SAMLConfiguration.Current.ServiceProviderConfiguration.Name;
var partnerConfig = SAMLConfiguration.Current.PartnerServiceProviderConfigurations[partner];
var partnerX509CertificateFilePath = string.Empty;
var partnerX509Certificate = null as X509Certificate2;
if (partnerConfig != null)
{
partnerX509CertificateFilePath = Path.Combine(HttpRuntime.AppDomainAppPath, partnerConfig.CertificateFile);
partnerX509Certificate = new X509Certificate2(partnerX509CertificateFilePath);
signAssertion = partnerConfig.SignAssertion;
signResponse = partnerConfig.SignSAMLResponse;
encryptAssertion = partnerConfig.EncryptAssertion;
}
samlResponse.Issuer = issuer;
samlResponse.Status = new Status(SAMLIdentifiers.PrimaryStatusCodes.Success, null);
samlResponse.IssueInstant = DateTime.Now;
samlResponse.InResponseTo = requestId;
var samlAssertion = new SAMLAssertion {
Issuer = issuer, IssueInstant = samlResponse.IssueInstant
};
var profileId = attributes.Where(a => a.Name == PortalClaimTypes.ProfileId).Select(a => a.Values[0].ToString()).FirstOrDefault();
var subject = new Subject(new NameID(profileId));
var subjectConfirmation = new SubjectConfirmation(SAMLIdentifiers.SubjectConfirmationMethods.Bearer);
var subjectConfirmationData = new SubjectConfirmationData {
Recipient = assertionConsumerServiceUrl
};
subjectConfirmation.SubjectConfirmationData = subjectConfirmationData;
subject.SubjectConfirmations.Add(subjectConfirmation);
samlAssertion.Subject = subject;
var conditions = new Conditions(DateTime.Now, DateTime.Now.AddDays(1));
var audienceRestriction = new AudienceRestriction();
audienceRestriction.Audiences.Add(new Audience(partner));
conditions.ConditionsList.Add(audienceRestriction);
samlAssertion.Conditions = conditions;
var authnStatement = new AuthnStatement {
AuthnContext = new AuthnContext(), AuthnInstant = samlResponse.IssueInstant
};
authnStatement.AuthnContext.AuthnContextClassRef = new AuthnContextClassRef(SAMLIdentifiers.AuthnContextClasses.X509);
samlAssertion.Statements.Add(authnStatement);
attributes.ForEach(a =>
{
var attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(a);
samlAssertion.Statements.Add(attributeStatement);
});
var samlAssertionXml = samlAssertion.ToXml();
if (signAssertion)
{
SAMLAssertionSignature.Generate(samlAssertionXml, issuerX509Certificate.PrivateKey, issuerX509Certificate);
}
if (encryptAssertion)
{
var encryptedAssertion = new EncryptedAssertion(samlAssertionXml, partnerX509Certificate);
samlResponse.Assertions.Add(encryptedAssertion.ToXml());
}
else
{
samlResponse.Assertions.Add(samlAssertionXml);
}
var samlResponseXml = samlResponse.ToXml();
if (signResponse)
{
SAMLMessageSignature.Generate(samlResponseXml, issuerX509Certificate.PrivateKey, issuerX509Certificate);
}
return(samlResponseXml);
}
// Send the SAML response to the SP.
private void SendSAMLResponse(SAMLResponse samlResponse, string relayState, string samlService)
{
Trace.Write("IdP", "Sending SAML response");
// Serialize the SAML response for transmission.
XmlElement samlResponseXml = samlResponse.ToXml();
// Sign the SAML response.
X509Certificate2 x509Certificate = (X509Certificate2)HttpContext.Application[FB.StrawPortal.MvcApplication.IdPX509Certificate];
SAMLMessageSignature.Generate(samlResponseXml, x509Certificate.PrivateKey, x509Certificate);
//IdentityProvider.SendSAMLResponseByHTTPPost(Response, WebConfigurationManager.AppSettings["AssertionConsumerServiceURL"], samlResponseXml, relayState);
ComponentSpace.SAML2.Bindings.HTTPPostBinding.SendResponse(Response.OutputStream, samlService, samlResponseXml, relayState);
Trace.Write("IdP", "Sent SAML response");
}
private static string BuildSAMLRequest(IList <string> attributes)
{
var strIssuer = "https://sso.staging.gnohie.org/MirthSignOn-idp/ssoresp";
var samlResponse = new SAMLResponse();
samlResponse.Issuer = new Issuer(strIssuer);
samlResponse.Destination = strIssuer;
var samlAssertion = new SAMLAssertion();
samlAssertion.Issuer = new Issuer(strIssuer);
samlAssertion.Subject = new Subject(new NameID(attributes.ElementAt(1), null, null, SAMLIdentifiers.NameIdentifierFormats.EmailAddress, null));
samlAssertion.Conditions = new Conditions(new TimeSpan(1, 0, 0));
var authnStatement = new AuthnStatement();
authnStatement.AuthnContext = new AuthnContext();
authnStatement.AuthnContext.AuthnContextClassRef = new AuthnContextClassRef(SAMLIdentifiers.AuthnContextClasses.PasswordProtectedTransport);
samlAssertion.Statements.Add(authnStatement);
var attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(new SAMLAttribute("member", SAMLIdentifiers.AttributeNameFormats.Basic, null, attributes.ElementAt(0)));
samlAssertion.Statements.Add(attributeStatement);
attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(new SAMLAttribute("mail", SAMLIdentifiers.AttributeNameFormats.Basic, null, attributes.ElementAt(1)));
samlAssertion.Statements.Add(attributeStatement);
attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(new SAMLAttribute("cn", SAMLIdentifiers.AttributeNameFormats.Basic, null, attributes.ElementAt(2)));
samlAssertion.Statements.Add(attributeStatement);
attributeStatement = new AttributeStatement();
attributeStatement.Attributes.Add(new SAMLAttribute("uid", SAMLIdentifiers.AttributeNameFormats.Basic, null, attributes.ElementAt(3)));
samlAssertion.Statements.Add(attributeStatement);
samlResponse.Assertions.Add(samlAssertion);
if (true)
{
var x509Certificate = Util.LoadSignKeyAndCertificate();
var signedXml = new SignedXml(samlResponse.ToXml());
signedXml.SigningKey = x509Certificate.PrivateKey;
var keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(x509Certificate));
signedXml.KeyInfo = keyInfo;
// Create a reference to be signed.
var reference = new Reference();
reference.Uri = "#" + samlAssertion.ID;
var env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
signedXml.AddReference(reference);
signedXml.ComputeSignature();
samlResponse.Signature = signedXml.GetXml();
}
//samlResponse.Status = new Status(SAMLIdentifiers.PrimaryStatusCodes.Success, null);
var result = samlResponse.ToXml().OuterXml.ToString();
File.WriteAllText("SAMLPayload.xml", result);
return(Util.EncodeToBase64(result));
}
// Send the SAML response to the SP.
private void SendSAMLResponse(SAMLResponse samlResponse, string relayState)
{
Trace.Write("IdP", "Sending SAML response");
// Serialize the SAML response for transmission.
XmlElement samlResponseXml = samlResponse.ToXml();
// Sign the SAML response.
X509Certificate2 x509Certificate = (X509Certificate2)Application[Global.IdPX509Certificate];
SAMLMessageSignature.Generate(samlResponseXml, x509Certificate.PrivateKey, x509Certificate);
IdentityProvider.SendSAMLResponseByHTTPPost(Response, Configuration.AssertionConsumerServiceURL, samlResponseXml, relayState);
Trace.Write("IdP", "Sent SAML response");
}
private void BuildSamlRequest()
{
ClientScript.RegisterStartupScript(typeof(Page), "OpaqueDivider",
@"
<script language=""javascript"">
<!--
var dividerID = '" + this.SamlAgentDiv.ClientID + @"';
var divider = document.getElementById(dividerID);
divider.style.visibility = 'visible';
//-->
</script>" );
//Creating SAML response
X509Certificate2 vendorCertificate = GetVendorCertificate();
X509Certificate2 selerixCertificate = GetSelerixCertificate();
//string assertionConsumerServiceURL = "SamlResponse.aspx";
string assertionConsumerServiceURL = "http://localhost:49000/login.aspx?Path=SAML_TEST";
string audienceName = "whatever audience";
SAMLResponse samlResponse = new SAMLResponse();
samlResponse.Destination = assertionConsumerServiceURL;
Issuer issuer = new Issuer("Vendor");
samlResponse.Issuer = issuer;
samlResponse.Status = new Status(SAMLIdentifiers.PrimaryStatusCodes.Success, null);
SAMLAssertion samlAssertion = new SAMLAssertion();
samlAssertion.Issuer = issuer;
Subject subject = null;
//subject = new Subject(new EncryptedID(new NameID(this._EmailText.Text), selerixCertificate, new EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl)));
subject = new Subject(new NameID(this._EmailText.Text));
SubjectConfirmation subjectConfirmation = new SubjectConfirmation(SAMLIdentifiers.SubjectConfirmationMethods.Bearer);
SubjectConfirmationData subjectConfirmationData = new SubjectConfirmationData();
subjectConfirmationData.Recipient = assertionConsumerServiceURL;
subjectConfirmationData.NotOnOrAfter = DateTime.UtcNow.AddHours(1);
subjectConfirmation.SubjectConfirmationData = subjectConfirmationData;
subject.SubjectConfirmations.Add(subjectConfirmation);
samlAssertion.Subject = subject;
Conditions conditions = new Conditions(new TimeSpan(1, 0, 0));
AudienceRestriction audienceRestriction = new AudienceRestriction();
audienceRestriction.Audiences.Add(new Audience(audienceName));
conditions.ConditionsList.Add(audienceRestriction);
samlAssertion.Conditions = conditions;
AuthnStatement authnStatement = new AuthnStatement();
authnStatement.AuthnContext = new AuthnContext();
authnStatement.AuthnContext.AuthnContextClassRef = new AuthnContextClassRef(SAMLIdentifiers.AuthnContextClasses.Unspecified);
samlAssertion.Statements.Add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatement();
Transmittal transmittal = BuildTransmittal();
if (transmittal != null && !string.IsNullOrEmpty(this._FirstName.Text) && !string.IsNullOrEmpty(this._LastName.Text))
{
attributeStatement.Attributes.Add(new SAMLAttribute("Transmittal", SAMLIdentifiers.AttributeNameFormats.Basic, null, SerializationHelper.SerializeToString(transmittal)));
}
samlAssertion.Statements.Add(attributeStatement);
// EncryptedAssertion encryptedAssertion = new EncryptedAssertion(samlAssertion, selerixCertificate, new EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl));
// samlResponse.Assertions.Add(encryptedAssertion);
samlResponse.Assertions.Add(samlAssertion);
//Created SAML response
//Sending SAML response
// Serialize the SAML response for transmission.
XmlElement samlResponseXml = samlResponse.ToXml();
// Sign the SAML response.
SAMLMessageSignature.Generate(samlResponseXml, vendorCertificate.PrivateKey, vendorCertificate);
HttpContext.Current.Response.AddHeader("Cache-Control", "no-cache");
HttpContext.Current.Response.AddHeader("Pragma", "no-cache");
IdentityProvider.SendSAMLResponseByHTTPPost(HttpContext.Current.Response, assertionConsumerServiceURL, samlResponseXml, "");// for test purposes
}
/// <summary>
/// Handles the Click event of the submitButton control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
private void submitButton_Click(object sender, EventArgs e)
{
Transmittal transmittal = null;
string employeeID = this._EmployeeID.Text;
if (!string.IsNullOrEmpty(this._XMLText.Text))
{
try
{
transmittal = (Transmittal)SerializationHelper.DeserializeFromString(this._XMLText.Text, typeof(Transmittal));
}
catch (Exception exception)
{
this._XMLText.Text = exception.Message;
Exception inner = exception.InnerException;
while (inner != null)
{
this._XMLText.Text += "\n" + inner.Message;
inner = inner.InnerException;
}
this._XMLText.Text = PrepareSourceCode(this._XMLText.Text);
}
}
if (!string.IsNullOrEmpty(employeeID) && transmittal != null && transmittal.Applicants != null && transmittal.Applicants.Count > 0)
{
transmittal.Applicants[0].EmployeeIdent = employeeID;
}
Session["Transmittal"] = transmittal;
//Creating SAML responce
X509Certificate2 vendorCertificate = GetVendorCertificate();
X509Certificate2 selerixCertificate = GetSelerixCertificate();
string assertionConsumerServiceURL = "SamlResponse.aspx";
string audienceName = "whatever audience";
SAMLResponse samlResponse = new SAMLResponse();
samlResponse.Destination = assertionConsumerServiceURL;
Issuer issuer = new Issuer("Vendor");
samlResponse.Issuer = issuer;
samlResponse.Status = new Status(SAMLIdentifiers.PrimaryStatusCodes.Success, null);
SAMLAssertion samlAssertion = new SAMLAssertion();
samlAssertion.Issuer = issuer;
Subject subject = null;
// subject = new Subject(new EncryptedID(new NameID(employeeID), selerixCertificate, new EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl))); //employee ID
subject = new Subject(new NameID(employeeID)); //employee ID
SubjectConfirmation subjectConfirmation = new SubjectConfirmation(SAMLIdentifiers.SubjectConfirmationMethods.Bearer);
SubjectConfirmationData subjectConfirmationData = new SubjectConfirmationData();
subjectConfirmationData.Recipient = assertionConsumerServiceURL;
subjectConfirmationData.NotOnOrAfter = DateTime.UtcNow.AddHours(1);
subjectConfirmation.SubjectConfirmationData = subjectConfirmationData;
subject.SubjectConfirmations.Add(subjectConfirmation);
samlAssertion.Subject = subject;
Conditions conditions = new Conditions(new TimeSpan(1, 0, 0));
AudienceRestriction audienceRestriction = new AudienceRestriction();
audienceRestriction.Audiences.Add(new Audience(audienceName));
conditions.ConditionsList.Add(audienceRestriction);
samlAssertion.Conditions = conditions;
AuthnStatement authnStatement = new AuthnStatement();
authnStatement.AuthnContext = new AuthnContext();
authnStatement.AuthnContext.AuthnContextClassRef = new AuthnContextClassRef(SAMLIdentifiers.AuthnContextClasses.Unspecified);
samlAssertion.Statements.Add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatement();
if (transmittal != null)
{
attributeStatement.Attributes.Add(new SAMLAttribute("Transmittal", SAMLIdentifiers.AttributeNameFormats.Basic, null, SerializationHelper.SerializeToString(transmittal)));
if (transmittal.Applicants != null && transmittal.Applicants.Count > 0)
{
transmittal.Applicants[0].EmployeeIdent = employeeID;
}
}
//Check for Transmittal Options
for (int i = 0; i < _TransmittalOptionsList.Items.Count; i++)
{
string answer = "no";
if (_TransmittalOptionsList.Items[i].Selected)
{
answer = "yes";
}
if (_TransmittalOptionsList.Items[i].Value == "HeaderAndFooter")
{
attributeStatement.Attributes.Add(new SAMLAttribute("HeaderAndFooter", SAMLIdentifiers.AttributeNameFormats.Basic, null, answer));
}
else if (_TransmittalOptionsList.Items[i].Value == "Sidebar")
{
attributeStatement.Attributes.Add(new SAMLAttribute("Sidebar", SAMLIdentifiers.AttributeNameFormats.Basic, null, answer));
}
else if (_TransmittalOptionsList.Items[i].Value == "PersonalInfo")
{
attributeStatement.Attributes.Add(new SAMLAttribute("PersonalInfo", SAMLIdentifiers.AttributeNameFormats.Basic, null, answer));
}
else if (_TransmittalOptionsList.Items[i].Value == "Welcome")
{
attributeStatement.Attributes.Add(new SAMLAttribute("Welcome", SAMLIdentifiers.AttributeNameFormats.Basic, null, answer));
}
else if (_TransmittalOptionsList.Items[i].Value == "Review")
{
attributeStatement.Attributes.Add(new SAMLAttribute("Review", SAMLIdentifiers.AttributeNameFormats.Basic, null, answer));
}
}
samlAssertion.Statements.Add(attributeStatement);
// EncryptedAssertion encryptedAssertion = new EncryptedAssertion(samlAssertion, selerixCertificate, new EncryptionMethod(EncryptedXml.XmlEncTripleDESUrl));
// samlResponse.Assertions.Add(encryptedAssertion);
samlResponse.Assertions.Add(samlAssertion);
//Created SAML response
//Sending SAML response
// Serialize the SAML response for transmission.
XmlElement samlResponseXml = samlResponse.ToXml();
// Sign the SAML response.
SAMLMessageSignature.Generate(samlResponseXml, vendorCertificate.PrivateKey, vendorCertificate);
HttpContext.Current.Response.AddHeader("Cache-Control", "no-cache");
HttpContext.Current.Response.AddHeader("Pragma", "no-cache");
IdentityProvider.SendSAMLResponseByHTTPPost(HttpContext.Current.Response, assertionConsumerServiceURL, samlResponseXml, "");// for test purposes
}
