public void ConfigureServices(IServiceCollection services) { IdentityModelEventSource.ShowPII = true; services.AddLogging(builder => builder.AddDebug()); services.AddWsTrust(builder => { var god = new Tokens.GodSecurityTokenHandler(); builder .AddWsTrust13AsyncContract() .AddPasswordValidator <TestPasswordValidator>() .AddX509Validator <TestX509Validator>() .Configure(options => { options.AddSamlSecurityTokenHandler(); options.AddSaml2SecurityTokenHandler(); options.AddSecurityTokenHandler(god, god.GetTokenTypeIdentifiers()); options.AddIdentityProvider("urn:alpha:and:omega", idp => { idp.Name = "God token"; idp.AllowedRelyingParties.Add("urn:tests"); }); options.AddIdentityProvider("CN=test.valid", idp => { idp.Name = "Certificate authentication"; idp.AllowedRelyingParties.Add("urn:tests"); }); options.AddIdentityProvider("urn:test:issuer", idp => { using (var certificate = new X509Certificate2(Convert.FromBase64String(Certificates.ClientCertificateBase64))) { var publicCertificate = new X509Certificate2(certificate.Export(X509ContentType.Cert)); idp.AllowedRelyingParties.Add("urn:tests"); idp.SecurityKeys.Add(new X509SecurityKey(publicCertificate)); } }); options.AddIdentityProvider("urn:test:issuer:embedded_cert", idp => { idp.AllowedRelyingParties.Add("urn:tests"); idp.ValidEmbeddedCertificateSubjectNames.Add(X509Name.Parse("CN=wstrust.tests.client")); }); options.AddRelyingParty("urn:tests", party => { var certificate = new X509Certificate2(Convert.FromBase64String(Certificates.RelyingPartyValidBase64)); party.Name = "My test relying party"; party.SigningKey = new X509SecurityKey(certificate); party.SigningAlgorithm = SignatureMethod.RsaSha256; party.DefaultTokenType = Saml2Constants.Saml2TokenProfile11; }); }) ; }); }
public static bool HasSubject(this X509Certificate2 certificate, X509Name subject) { var certificateSubject = X509Name.Parse(certificate.Subject); return(certificateSubject == subject); }
public static bool HasIssuer(this X509Certificate2 certificate, X509Name issuer) { var certificateIssuer = X509Name.Parse(certificate.Issuer); return(certificateIssuer == issuer); }