/// <summary>
/// Construct the options from the given configuration section
/// </summary>
/// <param name="configSection"></param>
public SPOptions(KentorAuthServicesSection configSection)
{
if (configSection == null)
{
throw new ArgumentNullException(nameof(configSection));
}
systemIdentityModelIdentityConfiguration = new IdentityConfiguration(true);
ReturnUrl = configSection.ReturnUrl;
MetadataCacheDuration = configSection.Metadata.CacheDuration;
MetadataValidDuration = configSection.Metadata.ValidUntil;
WantAssertionsSigned = configSection.Metadata.WantAssertionsSigned;
ValidateCertificates = configSection.ValidateCertificates;
DiscoveryServiceUrl = configSection.DiscoveryServiceUrl;
EntityId = configSection.EntityId;
ModulePath = configSection.ModulePath;
PublicOrigin = configSection.PublicOrigin;
Organization = configSection.Organization;
AuthenticateRequestSigningBehavior = configSection.AuthenticateRequestSigningBehavior;
NameIdPolicy = new Saml2NameIdPolicy(
configSection.NameIdPolicyElement.AllowCreate, configSection.NameIdPolicyElement.Format);
RequestedAuthnContext = new Saml2RequestedAuthnContext(configSection.RequestedAuthnContext);
configSection.ServiceCertificates.RegisterServiceCertificates(this);
foreach (var acs in configSection.AttributeConsumingServices)
{
AttributeConsumingServices.Add(acs);
}
foreach (var contact in configSection.Contacts)
{
Contacts.Add(contact);
}
}
public void Saml2ReqestedAuthnContext_Ctor()
{
var classRef = "http://id.sambi.se/loa2";
var subject = new Saml2RequestedAuthnContext(new Uri(classRef), AuthnContextComparisonType.Maximum);
subject.ClassRef.OriginalString.Should().Be(classRef);
subject.Comparison.Should().Be(AuthnContextComparisonType.Maximum);
}
public void Saml2RequestedAuthnContext_Ctor_HandlesEmpty()
{
var config = new RequestedAuthnContextElement();
var subject = new Saml2RequestedAuthnContext(config);
subject.ClassRef.Should().BeNull();
}
public void Saml2RequestedAuthnContext_Ctor_HandlesFullUri()
{
var config = new RequestedAuthnContextElement();
config.AllowChange = true;
var classRef = "http://id.sambi.se/loa2";
config.AuthnContextClassRef = classRef;
var subject = new Saml2RequestedAuthnContext(config);
subject.ClassRef.Should().Be(classRef);
}
private void InitializeAuthnRequestProperties(AuthenticationRequest samlRequest)
{
samlRequest.AssertionConsumerServiceUrl = new Uri(ssoAgentConfig.Saml2.ACSURL);
samlRequest.DestinationUrl = new Uri(ssoAgentConfig.Saml2.IdPURL);
samlRequest.ForceAuthentication = ssoAgentConfig.Saml2.IsForceAuthn;
samlRequest.Issuer = new EntityId(ssoAgentConfig.Saml2.SPEntityId);
samlRequest.ProtocolBinding = ssoAgentConfig.Saml2.HttpBinding;
if (Int32.TryParse(ssoAgentConfig.Saml2.AttributeConsumingServiceIndex, out int attributeConsumingServiceIndex))
{
samlRequest.AttributeConsumingServiceIndex = attributeConsumingServiceIndex;
}
Saml2NameIdPolicy nameIdPolocy = new Saml2NameIdPolicy(true, NameIdFormat.Persistent);
Saml2RequestedAuthnContext saml2RequestedAuthnContext = new Saml2RequestedAuthnContext(
new Uri("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"), AuthnContextComparisonType.Exact);
samlRequest.RequestedAuthnContext = saml2RequestedAuthnContext;
}
/// <summary>
/// Construct the options from the given configuration section
/// </summary>
/// <param name="configSection"></param>
public SPOptions(SustainsysSaml2Section configSection)
{
if (configSection == null)
{
throw new ArgumentNullException(nameof(configSection));
}
ReturnUrl = configSection.ReturnUrl;
MetadataCacheDuration = configSection.Metadata.CacheDuration;
MetadataValidDuration = configSection.Metadata.ValidUntil;
WantAssertionsSigned = configSection.Metadata.WantAssertionsSigned;
ValidateCertificates = configSection.ValidateCertificates;
DiscoveryServiceUrl = configSection.DiscoveryServiceUrl;
EntityId = configSection.EntityId;
ModulePath = configSection.ModulePath;
PublicOrigin = configSection.PublicOrigin;
Organization = configSection.Organization;
OutboundSigningAlgorithm = XmlHelpers.GetFullSigningAlgorithmName(configSection.OutboundSigningAlgorithm);
MinIncomingSigningAlgorithm =
XmlHelpers.GetFullSigningAlgorithmName(configSection.MinIncomingSigningAlgorithm);
AuthenticateRequestSigningBehavior = configSection.AuthenticateRequestSigningBehavior;
NameIdPolicy = new Saml2NameIdPolicy(
configSection.NameIdPolicyElement.AllowCreate, configSection.NameIdPolicyElement.Format);
RequestedAuthnContext = new Saml2RequestedAuthnContext(configSection.RequestedAuthnContext);
Compatibility = new Compatibility(configSection.Compatibility);
configSection.ServiceCertificates.RegisterServiceCertificates(this);
foreach (var acs in configSection.AttributeConsumingServices)
{
AttributeConsumingServices.Add(acs);
}
foreach (var contact in configSection.Contacts)
{
Contacts.Add(contact);
}
}
