/// <summary>
/// Creates a bearer SAML security token from an IClaimsIdentity
/// </summary>
/// <param name="identity">The identity.</param>
/// <returns>A self-generated SAML bearer token</returns>
public static SamlSecurityToken CreateToken(IClaimsIdentity identity)
{
var description = new SecurityTokenDescriptor
{
Subject = identity,
TokenIssuerName = "http://self"
};
var handler = new Saml11SecurityTokenHandler();
return((SamlSecurityToken)handler.CreateToken(description));
}
/// <summary>
/// Issues a token for the specified realm.
/// </summary>
/// <param name="realm">The realm name.</param>
/// <returns>A SecurityToken as XElement</returns>
public XElement Issue(string realm)
{
if (String.IsNullOrEmpty(realm))
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.BadRequest;
return(null);
}
if (ServiceSecurityContext.Current == null)
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.InternalServerError;
return(null);
}
var username = ServiceSecurityContext.Current.PrimaryIdentity.Name;
var handler = new Saml11SecurityTokenHandler();
var descriptor = new SecurityTokenDescriptor
{
AppliesToAddress = realm,
Lifetime = GetLifetime(realm, username),
TokenIssuerName = GetIssuerName().AbsoluteUri,
EncryptingCredentials = GetEncryptingCredentials(realm),
SigningCredentials = GetSigningCredentials(),
Subject = GetOutputClaimsIdentity(realm, username)
};
var token = handler.CreateToken(descriptor);
StringBuilder sb = new StringBuilder();
var writer = XmlWriter.Create(sb);
handler.WriteToken(writer, token);
WebOperationContext.Current.OutgoingResponse.ContentType = "text/xml";
return(XElement.Parse(sb.ToString()));
}
/// <summary>
/// Creates a bearer SAML security token from an IClaimsIdentity
/// </summary>
/// <param name="identity">The identity.</param>
/// <returns>A self-generated SAML bearer token</returns>
public static SamlSecurityToken CreateToken(IClaimsIdentity identity)
{
var description = new SecurityTokenDescriptor
{
Subject = identity,
TokenIssuerName = "http://self"
};
var handler = new Saml11SecurityTokenHandler();
return (SamlSecurityToken)handler.CreateToken(description);
}
public static string CreateSaml11Token(string name)
{
var id = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, name) });
var descriptor = new SecurityTokenDescriptor
{
Subject = id,
AppliesToAddress = Constants.Realm,
TokenIssuerName = Constants.Issuer,
SigningCredentials = GetSamlSigningCredential()
};
var handler = new Saml11SecurityTokenHandler();
handler.Configuration = new SecurityTokenHandlerConfiguration();
var token = handler.CreateToken(descriptor);
return token.ToTokenXmlString();
}
/// <summary>
/// Issues a token for the specified realm.
/// </summary>
/// <param name="realm">The realm name.</param>
/// <returns>A SecurityToken as XElement</returns>
public XElement Issue(string realm)
{
if (String.IsNullOrEmpty(realm))
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.BadRequest;
return null;
}
if (ServiceSecurityContext.Current == null)
{
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.InternalServerError;
return null;
}
var username = ServiceSecurityContext.Current.PrimaryIdentity.Name;
var handler = new Saml11SecurityTokenHandler();
var descriptor = new SecurityTokenDescriptor
{
AppliesToAddress = realm,
Lifetime = GetLifetime(realm, username),
TokenIssuerName = GetIssuerName().AbsoluteUri,
EncryptingCredentials = GetEncryptingCredentials(realm),
SigningCredentials = GetSigningCredentials(),
Subject = GetOutputClaimsIdentity(realm, username)
};
var token = handler.CreateToken(descriptor);
StringBuilder sb = new StringBuilder();
var writer = XmlWriter.Create(sb);
handler.WriteToken(writer, token);
WebOperationContext.Current.OutgoingResponse.ContentType = "text/xml";
return XElement.Parse(sb.ToString());
}