public void Saml2AuthenticationRequest_Read() { var xmlData = @"<?xml version=""1.0"" encoding=""UTF-8""?> <samlp:AuthnRequest xmlns:samlp=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml=""urn:oasis:names:tc:SAML:2.0:assertion"" ID=""Saml2AuthenticationRequest_AssertionConsumerServiceUrl"" Version=""2.0"" Destination=""http://destination.example.com"" AssertionConsumerServiceURL=""https://sp.example.com/SAML2/Acs"" IssueInstant=""2004-12-05T09:21:59Z"" ForceAuthn=""true""> <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer> /> </samlp:AuthnRequest> "; var relayState = "My relay state"; var forceAuthn = true; var subject = Saml2AuthenticationRequest.Read(xmlData, relayState); subject.Id.Should().Be(new Saml2Id("Saml2AuthenticationRequest_AssertionConsumerServiceUrl")); subject.AssertionConsumerServiceUrl.Should().Be(new Uri("https://sp.example.com/SAML2/Acs")); subject.RelayState.Should().Be(relayState); subject.ForceAuthentication.Should().Be(forceAuthn); }
public void Saml2AuthenticationRequest_Read_ShouldReturnNullOnNullXml() { string xmlData = null; var subject = Saml2AuthenticationRequest.Read(xmlData, null); subject.Should().BeNull(); }
public ActionResult Index() { var model = AssertionModel.CreateFromConfiguration(); var request = Saml2AuthenticationRequest.Read(Saml2Binding.Get(Saml2BindingType.HttpRedirect).Unbind(Request)); if (request != null) { model.InResponseTo = request.Id; model.AssertionConsumerServiceUrl = request.AssertionConsumerServiceUrl.ToString(); } return(View(model)); }
public ActionResult Index(Guid?idpId) { var model = new HomePageModel { AssertionModel = AssertionModel.CreateFromConfiguration(), }; if (idpId.HasValue) { var fileData = GetCachedConfiguration(idpId.Value); if (fileData != null) { if (!string.IsNullOrEmpty(fileData.DefaultAssertionConsumerServiceUrl)) { // Override default StubIdp Acs with Acs from IdpConfiguration model.AssertionModel.AssertionConsumerServiceUrl = fileData.DefaultAssertionConsumerServiceUrl; } model.CustomDescription = fileData.IdpDescription; model.AssertionModel.NameId = null; model.HideDetails = fileData.HideDetails; } } var requestData = Request.ToHttpRequestData(); if (requestData.QueryString["SAMLRequest"].Any()) { var extractedMessage = Saml2Binding.Get(Saml2BindingType.HttpRedirect) .Unbind(requestData); var request = Saml2AuthenticationRequest.Read( extractedMessage.Data, extractedMessage.RelayState); model.AssertionModel.InResponseTo = request.Id.Value; model.AssertionModel.AssertionConsumerServiceUrl = request.AssertionConsumerServiceUrl.ToString(); model.AssertionModel.RelayState = extractedMessage.RelayState; model.AssertionModel.AuthnRequestXml = extractedMessage.Data; } return(View(model)); }
public void Saml2AuthenticationRequest_Read_NoFormat() { var xmlData = @"<?xml version=""1.0"" encoding=""UTF-8""?> <saml2p:AuthnRequest xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml2 =""urn:oasis:names:tc:SAML:2.0:assertion"" ID=""ide3c2f1c88255463ab4eb1b158fa6f616"" Version=""2.0"" IssueInstant=""2016-01-25T13:01:09Z"" Destination=""http://destination.example.com"" AssertionConsumerServiceURL=""https://sp.example.com/SAML2/Acs"" > <saml2:Issuer>https://sp.example.com/SAML2</saml2:Issuer> <saml2p:NameIDPolicy AllowCreate = ""false""/> </saml2p:AuthnRequest>"; var subject = Saml2AuthenticationRequest.Read(xmlData, null); subject.NameIdPolicy.AllowCreate.Should().Be(false); subject.NameIdPolicy.Format.Should().Be(NameIdFormat.NotConfigured); }
public void Saml2AuthenticationRequest_Read_NoACS() { var xmlData = @"<?xml version=""1.0"" encoding=""UTF-8""?> <samlp:AuthnRequest xmlns:samlp=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml=""urn:oasis:names:tc:SAML:2.0:assertion"" ID=""Saml2AuthenticationRequest_Read_NoACS"" Version=""2.0"" Destination=""http://destination.example.com"" IssueInstant=""2004-12-05T09:21:59Z""> <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer> /> </samlp:AuthnRequest> "; var subject = Saml2AuthenticationRequest.Read(xmlData, null); subject.Id.Should().Be(new Saml2Id("Saml2AuthenticationRequest_Read_NoACS")); subject.AssertionConsumerServiceUrl.Should().Be(null); }
public ActionResult Index() { var model = AssertionModel.CreateFromConfiguration(); var requestData = Request.ToHttpRequestData(); if (requestData.QueryString["SAMLRequest"].Any()) { var decodedXmlData = Saml2Binding.Get(Saml2BindingType.HttpRedirect) .Unbind(requestData); var request = Saml2AuthenticationRequest.Read(decodedXmlData); model.InResponseTo = request.Id; model.AssertionConsumerServiceUrl = request.AssertionConsumerServiceUrl.ToString(); model.AuthnRequestXml = decodedXmlData; } return(View(model)); }
public void Saml2AuthenticationRequest_Read_ShouldThrowOnInvalidMessageName() { var xmlData = @"<?xml version=""1.0"" encoding=""UTF-8""?> <samlp:NotAuthnRequest xmlns:samlp=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml=""urn:oasis:names:tc:SAML:2.0:assertion"" ID=""Saml2AuthenticationRequest_Read_ShouldThrowOnInvalidMessageName"" Version=""2.0"" Destination=""http://destination.example.com"" AssertionConsumerServiceURL=""https://sp.example.com/SAML2/Acs"" IssueInstant=""2004-12-05T09:21:59Z"" InResponseTo=""111222333""> <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer> /> </samlp:NotAuthnRequest> "; Action a = () => Saml2AuthenticationRequest.Read(xmlData, null); a.ShouldThrow <XmlException>().WithMessage("Expected a SAML2 authentication request document"); }
public ActionResult Index(Guid?idpId) { var requestData = Request.ToHttpRequestData(); if (requestData.QueryString["SAMLRequest"].Any()) { var decodedXmlData = Saml2Binding.Get(Saml2BindingType.HttpRedirect) .Unbind(requestData); var request = Saml2AuthenticationRequest.Read(decodedXmlData); var model = new AssertionModel(); model.InResponseTo = request.Id; model.AssertionConsumerServiceUrl = request.AssertionConsumerServiceUrl.ToString(); model.AuthnRequestXml = decodedXmlData; model.NameId = ((ClaimsIdentity)User.Identity).Name; var manager = SessionManager.Instance; var response = model.ToSaml2Response(); manager.AddSession(model.NameId, new Session() { Id = Guid.Parse(request.Id.Substring(2)), Ip = Request.UserHostAddress, UserAgent = Request.UserAgent, LogoutUrl = request.Issuer.Id, Issuer = response.Issuer.Id }); var commandResult = Saml2Binding.Get(Saml2BindingType.HttpPost) .Bind(response); return(commandResult.ToActionResult()); } throw new InvalidOperationException(); }
public void Saml2AuthenticationRequest_Read_Extensions() { var xmlData = @"<?xml version=""1.0"" encoding=""UTF-8""?> <samlp:AuthnRequest xmlns:samlp=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml=""urn:oasis:names:tc:SAML:2.0:assertion"" ID=""Saml2AuthenticationRequest_AssertionConsumerServiceUrl"" Version=""2.0"" Destination=""http://destination.example.com"" AssertionConsumerServiceURL=""https://sp.example.com/SAML2/Acs"" IssueInstant=""2004-12-05T09:21:59Z"" ForceAuthn=""true""> <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer> <samlp:Extensions> <additional xmlns=""testurn:test"" /> </samlp:Extensions> </samlp:AuthnRequest> "; var subject = Saml2AuthenticationRequest.Read(xmlData, null); subject.ExtensionContents.Should().HaveCount(1); subject.ExtensionContents[0].ToString().Should().BeEquivalentTo(@"<additional xmlns=""testurn:test"" />"); }