public ValueTask <LogoutModel> LogoutCallback(IdentityHttpRequest request) { var callbackBinding = Saml2Binding.GetBindingForRequest(request, BindingDirection.Response); callbackBinding.ValidateSignature(identityProviderCert, true); callbackBinding.ValidateFields(new string[] { redirectUrl }); var callbackDocument = new Saml2LogoutResponse(callbackBinding); SamlIDManager.Validate(serviceProvider, callbackDocument.InResponseTo); if (String.IsNullOrWhiteSpace(callbackDocument.Issuer)) { return(new ValueTask <LogoutModel>((LogoutModel)null)); } var logout = new LogoutModel() { ServiceProvider = callbackDocument.Issuer, State = null, OtherClaims = null }; return(new ValueTask <LogoutModel>(logout)); }
public ValueTask <IdentityHttpResponse> Logout(string state) { var id = SamlIDManager.Generate(serviceProvider); var requestDocument = new Saml2LogoutRequest( id: id, issuer: serviceProvider, destination: redirectUrlPostLogout ); var requestBinding = Saml2Binding.GetBindingForDocument(requestDocument, BindingType.Query, XmlSignatureAlgorithmType.RsaSha256, null, null); requestBinding.Sign(serviceProviderCert, requiredSignature); requestBinding.GetResponse(logoutUrl); var response = requestBinding.GetResponse(logoutUrl); return(new ValueTask <IdentityHttpResponse>(response)); }
public ValueTask <IdentityHttpResponse> Login(string state) { var id = SamlIDManager.Generate(serviceProvider); var requestDocument = new Saml2AuthnRequest( id: id, issuer: serviceProvider, assertionConsumerServiceURL: redirectUrl, bindingType: BindingType.Form ); var requestBinding = Saml2Binding.GetBindingForDocument(requestDocument, BindingType.Form, XmlSignatureAlgorithmType.RsaSha256, null, null); requestBinding.Sign(serviceProviderCert, requiredSignature); var response = requestBinding.GetResponse(loginUrl); return(new ValueTask <IdentityHttpResponse>(response)); }
public ValueTask <IdentityModel> LoginCallback(IdentityHttpRequest request) { var callbackBinding = Saml2Binding.GetBindingForRequest(request, BindingDirection.Response); callbackBinding.ValidateSignature(identityProviderCert, true); callbackBinding.Decrypt(serviceProviderCert, requiredEncryption); callbackBinding.ValidateFields(new string[] { redirectUrl }); var callbackDocument = new Saml2AuthnResponse(callbackBinding); SamlIDManager.Validate(serviceProvider, callbackDocument.InResponseTo); if (callbackDocument.Audience != serviceProvider) { throw new IdentityProviderException("Saml Audience is not valid", String.Format("Received: {0}, Expected: {1}", serviceProvider, callbackDocument.Audience)); } if (String.IsNullOrWhiteSpace(callbackDocument.UserID)) { return(new ValueTask <IdentityModel>((IdentityModel)null)); } var identity = new IdentityModel() { UserID = callbackDocument.UserID, UserName = callbackDocument.UserName, Name = callbackDocument.UserName, Roles = callbackDocument.Roles, ServiceProvider = callbackDocument.Issuer, State = null, OtherClaims = null }; return(new ValueTask <IdentityModel>(identity)); }