private void ConfigureSaml2(IAppBuilder app, string signInAsType)
{
var options = new Saml2AuthenticationOptions(false)
{
SPOptions = new SPOptions
{
EntityId = new EntityId("http://localhost:4589/IdSrv3/Saml2"),
},
SignInAsAuthenticationType = signInAsType,
Caption = "SAML2p"
};
UseIdSrv3LogoutOnFederatedLogout(app, options);
options.SPOptions.ServiceCertificates.Add(new X509Certificate2(
AppDomain.CurrentDomain.SetupInformation.ApplicationBase + "/App_Data/Sustainsys.Saml2.Tests.pfx"));
options.IdentityProviders.Add(new IdentityProvider(
new EntityId("http://localhost:52071/Metadata"),
options.SPOptions)
{
LoadMetadata = true
});
app.UseSaml2Authentication(options);
}
protected override void ProcessCore(IdentityProvidersArgs args)
{
var options = new Saml2AuthenticationOptions(false)
{
SPOptions = new SPOptions
{
EntityId = new EntityId(_spEntityId),
ReturnUrl = new Uri(_spReturnUrl)
},
AuthenticationType = GetAuthenticationType()
};
options.IdentityProviders.Add(new Sustainsys.Saml2.IdentityProvider(new EntityId(_ipEntityId), options.SPOptions)
{
MetadataLocation = _ipMetadataLocation,
LoadMetadata = true
});
options.Notifications = new Saml2Notifications
{
AcsCommandResultCreated = (result, response) =>
{
var identityProvider = GetIdentityProvider();
((ClaimsIdentity)result.Principal.Identity).ApplyClaimsTransformations(new TransformationContext(FederatedAuthenticationConfiguration, identityProvider));
}
};
args.App.UseSaml2Authentication(options);
}
private static Saml2AuthenticationOptions CreateAuthServicesOptions()
{
// Configure Auth0 parameters
string auth0Domain = ConfigurationManager.AppSettings["auth0:Domain"];
string auth0ClientId = ConfigurationManager.AppSettings["auth0:ClientId"];
string auth0ReturnUrl = ConfigurationManager.AppSettings["auth0:ReturnUrl"];
string auth0AppName = ConfigurationManager.AppSettings["auth0:AppName"];
var authServicesOptions = new Saml2AuthenticationOptions(false)
{
SPOptions = new SPOptions
{
EntityId = new EntityId($"urn:{auth0AppName}"),
ReturnUrl = new Uri(auth0ReturnUrl),
MinIncomingSigningAlgorithm = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
}
};
authServicesOptions.IdentityProviders.Add(new IdentityProvider(new EntityId($"urn:{auth0Domain}"), authServicesOptions.SPOptions)
{
AllowUnsolicitedAuthnResponse = true,
MetadataLocation = String.Format("https://{0}/samlp/metadata/{1}", auth0Domain, auth0ClientId),
Binding = Saml2BindingType.HttpPost
});
return(authServicesOptions);
}
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
// and to use a cookie to temporarily store information about a user logging in with a third party login provider
// Configure the sign in cookie
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
// Forces redirect to default login page if unauthenticated user directly tries to access protected page
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
LoginPath = new PathString("/SignIn/Link"),
});
// Load IDP and Options from web.config
var saml2Options = new Saml2AuthenticationOptions(true);
saml2Options.Notifications = new Saml2Notifications
{
// Notification called when the SignIn command is about to select what Idp to use for the request.
// To select a specicic IdentityProvider simply return it.
// Return null to fall back to built in selection.
SelectIdentityProvider = (entityid, relaydata) =>
{
IdentityProvider idp = null;
// Get the user selected Brand IDP so can use Branded Login Page
saml2Options.IdentityProviders.TryGetValue(new EntityId(IdentityProviderManagement.GetIndentityProvider()), out idp);
return(idp);
}
};
// Add SAML2 Authentication to the OWIN pipeline
app.UseSaml2Authentication(saml2Options);
}
public void Saml2AuthenticationOptions_Ctor_IgnoresConfiguration()
{
var subject = new Saml2AuthenticationOptions(false);
subject.SPOptions.Should().BeNull();
subject.IdentityProviders.IsEmpty.Should().BeTrue();
}
public void Saml2AuthenticationOptions_Ctor_SetsDefault()
{
var subject = new Saml2AuthenticationOptions(true);
subject.Description.Caption.Should().Be(Constants.DefaultCaption);
subject.AuthenticationMode.Should().Be(AuthenticationMode.Passive);
}
private static Saml2AuthenticationOptions CreateSaml2Options()
{
var spOptions = CreateSPOptions();
var Saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var idp = new IdentityProvider(new EntityId("https://stubidp.sustainsys.com/Metadata"), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
SingleSignOnServiceUrl = new Uri("https://stubidp.sustainsys.com")
};
idp.SigningKeys.AddConfiguredKey(
new X509Certificate2(
HostingEnvironment.MapPath(
"~/App_Data/stubidp.sustainsys.com.cer")));
Saml2Options.IdentityProviders.Add(idp);
// It's enough to just create the federation and associate it
// with the options. The federation will load the metadata and
// update the options with any identity providers found.
new Federation("http://localhost:52071/Federation", true, Saml2Options);
return(Saml2Options);
}
private static Saml2AuthenticationOptions CreateSaml2Options()
{
SPOptions spOptions = CreateSPOptions();
Saml2AuthenticationOptions Saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions,
};
//var idp = new IdentityProvider(new EntityId("https://sts.windows.net/e1413b17-c8b7-4388-99f0-2f613124050c/"), spOptions)
// {
// AllowUnsolicitedAuthnResponse = true,
// Binding = Saml2BindingType.HttpRedirect,
// SingleSignOnServiceUrl = new Uri("https://login.microsoftonline.com/e1413b17-c8b7-4388-99f0-2f613124050c/saml2")
// };
//idp.SigningKeys.AddConfiguredKey(
// new X509Certificate2(
// HostingEnvironment.MapPath(
// "~/App_Data/SAMLThing.cer")));
//Saml2Options.IdentityProviders.Add(idp);
// It's enough to just create the federation and associate it
// with the options. The federation will load the metadata and
// update the options with any identity providers found.
// new Federation("https://login.microsoftonline.com/e1413b17-c8b7-4388-99f0-2f613124050c/federationmetadata/2007-06/federationmetadata.xml?appid=6d137192-dc97-42d0-a651-ce32b2804c33", true, Saml2Options);
new Federation(@"~/odx_fedmyohio_idp_federation_metadata.xml", true, Saml2Options);
return(Saml2Options);
}
public Saml2AuthenticationOptions CreateSaml2Options()
{
string samlIdpUrl = "http://localhost:44358/";
string x509FileNamePath = "~/App_Data/AzureADTest.cer";
var spOptions = CreateSPOptions();
var Saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var idp = new IdentityProvider(new EntityId("https://sts.windows.net/8b67b292-ebf3-4d29-89a6-47f7971c2e16/"), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
SingleSignOnServiceUrl = new Uri(samlIdpUrl)
};
idp.SigningKeys.AddConfiguredKey(
new X509Certificate2(HostingEnvironment.MapPath(x509FileNamePath)));
Saml2Options.IdentityProviders.Add(idp);
new Federation(samlIdpUrl, true, Saml2Options);
return(Saml2Options);
}
private static Saml2AuthenticationOptions CreateAuthServicesOptions()
{
var spOptions = new SPOptions
{
EntityId = new EntityId(ApplicationIdpEntityId),
ReturnUrl = ExternalAuthDefaultCallbackUrl,
MinIncomingSigningAlgorithm = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
};
var authServicesOptions = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var idp = new IdentityProvider(new EntityId(MetadataLocation.AbsoluteUri), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
MetadataLocation = MetadataLocation.AbsoluteUri,
DisableOutboundLogoutRequests = true
};
authServicesOptions.IdentityProviders.Add(idp);
return(authServicesOptions);
}
private static Saml2AuthenticationOptions GetSaml2AuthenticationOptions()
{
var spOptions = CreateSPOptions();
var saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var idp = new IdentityProvider(new EntityId(IdpEntityId), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
MetadataLocation = IdpMetadataUrl
};
idp.LoadMetadata = true;
saml2Options.IdentityProviders.Add(idp);
saml2Options.Notifications.ProcessSingleLogoutResponseStatus = (response, state) =>
{
// "Requestor" error usually means the user is already signed out; send true to indicate it is handled
return(response.Status == Sustainsys.Saml2.Saml2P.Saml2StatusCode.Requester);
};
return(saml2Options);
}
public void Saml2AuthenticationOptions_Caption()
{
var subject = new Saml2AuthenticationOptions(false)
{
Caption = "MyCaption"
};
subject.Caption.Should().Be("MyCaption");
subject.Description.Caption.Should().Be("MyCaption");
}
public void Saml2AuthenticationOptions_Ctor_LoadsConfiguration()
{
var subject = new Saml2AuthenticationOptions(true);
subject.SPOptions.EntityId.Id.Should().Be("https://github.com/SustainsysIT/Saml2");
subject.IdentityProviders.IsEmpty.Should().BeFalse();
subject.IdentityProviders[new EntityId("https://idp.example.com")]
.SingleSignOnServiceUrl.Should().Be("https://idp.example.com/idp");
}
public void Saml2AuthenticationExtensions_UseSaml2Authentication()
{
var app = Substitute.For <IAppBuilder>();
var options = new Saml2AuthenticationOptions(true);
app.UseSaml2Authentication(options);
app.Received().Use(typeof(Saml2AuthenticationMiddleware), app, options);
}
private static Saml2AuthenticationOptions CreateSaml2Options()
{
var spOptions = CreateSPOptions("arxspan");
var Saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions,
AuthenticationType = "arxspan",
Caption = "arxspan"
};
var idp = new IdentityProvider(new EntityId("http://www.okta.com/exkez48ebtXNSGr3g0h7"), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
SingleSignOnServiceUrl = new Uri("https://dev-871818.oktapreview.com/app/beldev871818_arxspansaml_1/exkez48ebtXNSGr3g0h7/sso/saml")
};
idp.SigningKeys.AddConfiguredKey(
new X509Certificate2(
HostingEnvironment.MapPath(
"~/secure/okta.cert")));
new Federation("http://localhost:52071/Federation", true, Saml2Options);
Saml2Options.IdentityProviders.Add(idp);
var spOptions2 = CreateSPOptions("belatrix");
var Saml2Options2 = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions2,
AuthenticationType = "belatrix",
Caption = "belatrix"
};
var idp2 = new IdentityProvider(new EntityId("https://aax0038.my.centrify.com/ce0d8092-49bf-4e73-8306-5a5b2c2eb39c"), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
SingleSignOnServiceUrl = new Uri("https://aax0038.my.centrify.com/applogin/appKey/ce0d8092-49bf-4e73-8306-5a5b2c2eb39c/customerId/AAX0038")
};
idp2.SigningKeys.AddConfiguredKey(
new X509Certificate2(
HostingEnvironment.MapPath(
"~/App_Data/centrify.cert")));
Saml2Options2.IdentityProviders.Add(idp2);
// It's enough to just create the federation and associate it
// with the options. The federation will load the metadata and
// update the options with any identity providers found.
new Federation("http://localhost:52071/ Federation", true, Saml2Options2);
return(Saml2Options);
}
public void Saml2AuthenticationOptions_Ctor_LoadsFederationFromConfigurationAndRegistersIdp()
{
var subject = new Saml2AuthenticationOptions(true);
Action a = () =>
{
var i = subject.IdentityProviders[new EntityId("http://idp.federation.example.com/metadata")];
};
a.ShouldNotThrow();
}
/// <summary>
/// Add Sustainsys Saml2 SAML2 authentication to the Owin pipeline.
/// </summary>
/// <param name="app">Owin pipeline builder.</param>
/// <param name="options">Options for the middleware.</param>
/// <returns></returns>
public static IAppBuilder UseSaml2Authentication(this IAppBuilder app,
Saml2AuthenticationOptions options)
{
if (app == null)
{
throw new ArgumentNullException(nameof(app));
}
app.Use(typeof(Saml2AuthenticationMiddleware), app, options);
return(app);
}
private static Saml2AuthenticationOptions CreateSaml2Options()
{
var spOptions = CreateSPOptions();
var Saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions,
// Set up SAML2 SP notifications.
Notifications = new Saml2Notifications
{
AuthenticationRequestCreated = (request, provider, dictionary) =>
{
//Add Forceauthn=True in SAML request
request.ForceAuthentication = true;
}
}
};
var idp = new IdentityProvider(new EntityId(ConfigurationManager.AppSettings["IDPEntityID"]), spOptions)
{
WantAuthnRequestsSigned = true,
AllowUnsolicitedAuthnResponse = true,
MetadataLocation = ConfigurationManager.AppSettings["IDPMetadataURL"],
LoadMetadata = true,
Binding = Saml2BindingType.HttpRedirect,
//Logout Binding
//SingleLogoutServiceBinding = Saml2BindingType.HttpPost,
//SingleSignOnServiceUrl = new Uri("https://stubidp.sustainsys.com")
SingleSignOnServiceUrl = new Uri(ConfigurationManager.AppSettings["IDPLoginURL"]),
SingleLogoutServiceUrl = new Uri(ConfigurationManager.AppSettings["IDPLoginURL"]),
//SingleLogoutServiceResponseUrl = new Uri("https://localhost:44303/saml2/logout"),
DisableOutboundLogoutRequests = false
};
//idp.SigningKeys.AddConfiguredKey(
// new X509Certificate2(
// HostingEnvironment.MapPath(
// //"~/App_Data/stubidp.sustainsys.com.cer")));
// //IDP Signing Certificate
// "~/App_Data/adfssiging.cer")));
Saml2Options.IdentityProviders.Add(idp);
// It's enough to just create the federation and associate it
// with the options. The federation will load the metadata and
// update the options with any identity providers found.
//new Federation("https://sts.azurehybrid.tk/FederationMetadata/2007-06/FederationMetadata.xml", true, Saml2Options);
//Debug.WriteLine("stop here");
return(Saml2Options);
}
private static Saml2AuthenticationOptions CreateSaml2Options()
{
var spOptions = CreateSpOptions();
var saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var idp5 = new IdentityProvider(
new EntityId("http://idp5.canadacentral.cloudapp.azure.com:80/opensso"), spOptions)
{
MetadataLocation = HostingEnvironment.MapPath("~/App_Data/idp5-metadata.xml"),
AllowUnsolicitedAuthnResponse = true
};
// Key from IDP COT
idp5.SigningKeys.AddConfiguredKey(new X509Certificate2(
HostingEnvironment.MapPath("~/App_Data/idp5.canadacentral.cloudapp.azure.com.cer")));
var cbs = new IdentityProvider(
new EntityId("https://cbs-uat-cbs.securekey.com"), spOptions)
{
MetadataLocation = HostingEnvironment.MapPath("~/App_Data/cbs-metadata-signed.xml")
};
cbs.SigningKeys.AddConfiguredKey(GetGccfSigninCertificate());
var gckey = new IdentityProvider(
new EntityId("https://te.clegc-gckey.gc.ca"), spOptions)
{
MetadataLocation = HostingEnvironment.MapPath("~/App_Data/gckey-metadata-signed.xml")
};
gckey.SigningKeys.AddConfiguredKey(GetGccfSigninCertificate());
saml2Options.Notifications = new Saml2Notifications
{
GetBinding = GccfAuthorizationFilter.GetSaml2Binding()
};
saml2Options.IdentityProviders.Add(idp5);
saml2Options.IdentityProviders.Add(cbs);
saml2Options.IdentityProviders.Add(gckey);
return(saml2Options);
}
private Saml2AuthenticationOptions CreateSaml2Options()
{
var spOptions = new SPOptions
{
EntityId = new EntityId("https://sts.windows.net/8b67b292-ebf3-4d29-89a6-47f7971c2e16/"),
ReturnUrl = new Uri("https://localhost:44358/"),
};
var attributeConsumingService = new AttributeConsumingService
{
IsDefault = true,
ServiceNames = { new LocalizedName("Saml2", "en") }
};
attributeConsumingService.RequestedAttributes.Add(
new RequestedAttribute("urn:password")
{
FriendlyName = "AzureADTest",
IsRequired = true,
NameFormat = RequestedAttribute.AttributeNameFormatUri
});
attributeConsumingService.RequestedAttributes.Add(
new RequestedAttribute("Minimal"));
spOptions.AttributeConsumingServices.Add(attributeConsumingService);
var Saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var idp = new IdentityProvider(new EntityId("https://sts.windows.net/8b67b292-ebf3-4d29-89a6-47f7971c2e16/"), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
SingleSignOnServiceUrl = new Uri("https://localhost:44358/")
};
idp.SigningKeys.AddConfiguredKey(new X509Certificate2(HostingEnvironment.MapPath("~/App_Data/AzureADTest.cer") ?? throw new InvalidOperationException()));
Saml2Options.IdentityProviders.Add(idp);
return(Saml2Options);
}
private static Saml2AuthenticationOptions CreateAuthServicesOptions()
{
var spOptions = CreateSPOptions();
var authServicesOptions = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var idp = new IdentityProvider(new EntityId("http://dfe-sign-in-simulator.azurewebsites.net/Metadata"), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
SingleSignOnServiceUrl = new Uri("http://dfe-sign-in-simulator.azurewebsites.net/")
};
authServicesOptions.IdentityProviders.Add(idp);
new Federation("http://dfe-sign-in-simulator.azurewebsites.net/Federation", true, authServicesOptions);
return(authServicesOptions);
}
// For more information on configuring authentication, please visit https://go.microsoft.com/fwlink/?LinkId=301864
public void ConfigureAuth(IAppBuilder app)
{
var options = new Saml2AuthenticationOptions(false);
options.SPOptions = CreateSPOptions();
options.SignInAsAuthenticationType = DefaultAuthenticationTypes.ApplicationCookie;
options.IdentityProviders.Add(new IdentityProvider(new EntityId("http://adfs.groupyfy.com/adfs/services/trust"), options.SPOptions)
{
MetadataLocation = "https://adfs.groupyfy.com/FederationMetadata/2007-06/FederationMetadata.xml",
});
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/saml2/signin")
});
app.UseSaml2Authentication(options);
}
private static Saml2AuthenticationOptions CreateSaml2Options()
{
var entiyId = ConfigurationManager.AppSettings["saml:BackendAuthUrl"];
var returnUrl = ConfigurationManager.AppSettings["saml:FrontendAuthUrl"];
var spOptions = new SPOptions()
{
EntityId = new EntityId(entiyId),
ReturnUrl = new Uri(returnUrl)
};
var saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions,
// can tie into pipeline here
// uncomment to see saml working
Notifications = new Saml2Notifications()
{
AuthenticationRequestCreated = (request, rIdp, parms) =>
{
var test = parms;
},
AcsCommandResultCreated = (commandResult, response) =>
{
var test = commandResult.Principal.Claims;
}
}
};
var ipEntityId = ConfigurationManager.AppSettings["saml:IPEntityId"];
var ipMetadata = ConfigurationManager.AppSettings["saml:IPMetadataUrl"];
var idp = new IdentityProvider(new EntityId(ipEntityId), spOptions)
{
//enable idp initiated signin
AllowUnsolicitedAuthnResponse = true,
MetadataLocation = ipMetadata
};
saml2Options.IdentityProviders.Add(idp);
return(saml2Options);
}
private static Saml2AuthenticationOptions CreateSaml2Options()
{
var spOptions = CreateSPOptions();
var Saml2Options = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var idp = new IdentityProvider(new EntityId(SalesforceIdentityProvider), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
MetadataLocation = MetadataUrl
};
idp.SigningKeys.AddConfiguredKey(new X509Certificate2(SalesforceCertificatePath));
Saml2Options.IdentityProviders.Add(idp);
return(Saml2Options);
}
private static Saml2AuthenticationOptions CreateAuthServicesOptions()
{
var spOptions = CreateSPOptions();
var authServicesOptions = new Saml2AuthenticationOptions(false)
{
SPOptions = spOptions
};
var stubGuid = AppSettings["SASimulatorGuid"];
var idpUrl = AppSettings["SASimulatorUri"] + stubGuid;
var idp = new IdentityProvider(new EntityId(idpUrl + "/Metadata"), spOptions)
{
AllowUnsolicitedAuthnResponse = true,
Binding = Saml2BindingType.HttpRedirect,
SingleSignOnServiceUrl = new Uri(idpUrl)
};
authServicesOptions.IdentityProviders.Add(idp);
new Federation(idpUrl + "/Federation", true, authServicesOptions);
return(authServicesOptions);
}
protected override void ProcessCore(IdentityProvidersArgs args)
{
Assert.ArgumentNotNull(args, "args");
//Settings from config
string entityId = Settings.GetSetting("MyProject.EntityId");
string returnUrl = Settings.GetSetting("MyProject.ReturnUrl");
string metadataLocation = Settings.GetSetting("MyProject.MetadataLocation");
var options = new Saml2AuthenticationOptions(false)
{
SPOptions = new SPOptions
{
EntityId = new System.IdentityModel.Metadata.EntityId(entityId),
ReturnUrl = new Uri(returnUrl)
},
AuthenticationType = GetAuthenticationType()
};
options.IdentityProviders.Add(
new Sustainsys.Saml2.IdentityProvider(new System.IdentityModel.Metadata.EntityId(entityId), options.SPOptions)
{
MetadataLocation = metadataLocation,
LoadMetadata = true
});
options.Notifications = new Saml2Notifications
{
AcsCommandResultCreated = (result, response) =>
{
var identityProvider = GetIdentityProvider();
((ClaimsIdentity)result.Principal.Identity).ApplyClaimsTransformations(
new TransformationContext(FederatedAuthenticationConfiguration, identityProvider));
}
};
args.App.UseSaml2Authentication(options);
}
private void UseIdSrv3LogoutOnFederatedLogout(IAppBuilder app, Saml2AuthenticationOptions options)
{
app.Map("/signoutcleanup", cleanup =>
{
cleanup.Run(async ctx =>
{
await ctx.Environment.ProcessFederatedSignoutAsync();
});
});
app.Use(async(context, next) =>
{
await next.Invoke();
if (context.Authentication.AuthenticationResponseRevoke != null &&
context.Response.StatusCode % 100 == 3 &&
!HttpContext.Current.Response.HeadersWritten)
{
var finalLocation = context.Response.Headers["Location"];
context.Response.StatusCode = 200;
await context.Response.WriteAsync($@"
<html>
<body>
<h1>Signing Out...<span id=""dots""></span></h1>
<iframe style=""display:none;"" src=""../signoutcleanup""></iframe>
<script>
setInterval(function() {{ var dots = document.getElementById(""dots""); dots.innerText = dots.innerText + "".""; }}, 250);
setTimeout(function() {{ window.location = ""{finalLocation}""; }}, 5000);
</script>
</body>
</html>");
}
});
}
public void Saml2AuthenticationOptions_Ctor_LoadsIdpFromConfiguration()
{
var subject = new Saml2AuthenticationOptions(true);
subject.IdentityProviders.Default.EntityId.Id.Should().Be("https://idp.example.com");
}
