public bool IsValid()
{
log.Debug("Checking Saml response.");
XmlNamespaceManager manager = new XmlNamespaceManager(xmlDoc.NameTable);
manager.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
XmlNodeList nodeList = xmlDoc.SelectNodes("//ds:Signature", manager);
SamlSignedXml signedXml = new SamlSignedXml(xmlDoc);
if (nodeList == null)
{
log.Error("Certificate signature not found.");
return(false);
}
foreach (XmlNode node in nodeList)
{
signedXml.LoadXml((XmlElement)node);
if (!signedXml.CheckSignature(_certificate.Cert.PublicKey.Key))
{
log.Error("Certificate validaiton failed.");
return(false);
}
}
return(IsValidEmail(GetNameID()));
}
public bool IsValid()
{
_log.Debug("Checking Saml response.");
XmlNamespaceManager manager = new XmlNamespaceManager(xmlDoc.NameTable);
manager.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
XmlNodeList nodeList = xmlDoc.SelectNodes("//ds:Signature", manager);
//SignedXml signedXml = new SignedXml(xmlDoc);
SamlSignedXml signedXml = new SamlSignedXml(xmlDoc);
XmlNode nodePublicKey = xmlDoc.SelectSingleNode("//ds:X509Certificate", manager);
if (nodePublicKey != null)
{
var key = _ssoSettings.PublicKey.Replace("-----BEGIN CERTIFICATE-----", string.Empty).
Replace("-----END CERTIFICATE-----", string.Empty).Replace("\n", string.Empty).Replace(" ", string.Empty);
if (nodePublicKey.InnerText != key)
{
_log.ErrorFormat("Certificate public keys do not match. nodePublicKey.InnerText={0}, _ssoSettings.PublicKey={1}",
nodePublicKey.InnerText, key);
return(false);
}
}
if (nodeList == null)
{
_log.Error("Certificate signature not found.");
return(false);
}
foreach (XmlNode node in nodeList)
{
signedXml.LoadXml((XmlElement)node);
if (!signedXml.CheckSignature(_certificate.cert.PublicKey.Key))
{
_log.Error("Certificate validaiton failed.");
return(false);
}
}
return(IsValidEmail(GetNameID()));
}