protected override void OnLoad(EventArgs e) { string action = this.Request.QueryString[WSFederationConstants.Parameters.Action]; if (action == WSFederationConstants.Actions.SignOut || action == WSFederationConstants.Actions.SignOutCleanup) { // Process signout request. SimulatedWindowsAuthenticationOperations.LogOutUser(this.Request, this.Response); WSFederationMessage requestMessage = WSFederationMessage.CreateFromUri(this.Request.Url); FederatedPassiveSecurityTokenServiceOperations.ProcessSignOutRequest(requestMessage, this.User, null, this.Response); this.ActionExplanationLabel.Text = @"Sign out from the issuer has been requested."; this.SignOutRelyingParties(); SingleSignOnManager.Clear(); } else { throw new InvalidOperationException( String.Format( CultureInfo.InvariantCulture, "The action '{0}' (Request.QueryString['{1}']) is unexpected. Expected actions are: '{2}' or '{3}'.", String.IsNullOrEmpty(action) ? "<EMPTY>" : action, WSFederationConstants.Parameters.Action, WSFederationConstants.Actions.SignIn, WSFederationConstants.Actions.SignOut)); } base.OnLoad(e); }
private void SignOutRelyingParties() { var signedInUrls = SingleSignOnManager.SignOutRelyingParties(); if (signedInUrls.Length > 0) { this.RelyingPartyLabel.Visible = true; foreach (string url in signedInUrls) { this.RelyingPartySignOutLinks.Controls.Add( new LiteralControl(string.Format("<p><a href='{0}'>{0}</a> <img src='{0}?wa=wsignoutcleanup1.0' title='Signout request: {0}?wa=wsignoutcleanup1.0'/></p>", url))); } } }
protected override IClaimsIdentity GetOutputClaimsIdentity(IClaimsPrincipal principal, RequestSecurityToken request, Scope scope) { var outputIdentity = new ClaimsIdentity(); if (null == principal) { throw new InvalidRequestException("The caller's principal is null."); } SingleSignOnManager.RegisterRelyingParty(scope.ReplyToAddress); // In a production environment, all the information that will be added // as claims should be read from the authenticated Windows Principal. // The following lines are hardcoded because windows integrated // authentication is disabled. switch (principal.Identity.Name.ToUpperInvariant()) { case "ADATUM\\JOHNDOE": outputIdentity.Claims.AddRange(new List <Claim> { new Claim(ClaimTypes.Name, "johndoe"), new Claim(ClaimTypes.GivenName, "John"), new Claim(ClaimTypes.Surname, "Doe"), new Claim(ClaimTypes.StreetAddress, "12 Green park Ln."), new Claim(ClaimTypes.StateOrProvince, "WA"), new Claim(ClaimTypes.Country, "United States"), new Claim(Adatum.ClaimTypes.CostCenter, Adatum.CostCenters.CustomerService), new Claim(Microsoft.IdentityModel.Claims.ClaimTypes.Role, Adatum.Roles.OrderTracker), new Claim(AllOrganizations.ClaimTypes.Group, Adatum.Groups.CustomerService) }); break; case "ADATUM\\MARY": outputIdentity.Claims.AddRange(new List <Claim> { new Claim(ClaimTypes.Name, "mary"), new Claim(ClaimTypes.GivenName, "Mary"), new Claim(ClaimTypes.Surname, "May"), new Claim(ClaimTypes.StreetAddress, "164 Big Lake Av."), new Claim(ClaimTypes.StateOrProvince, "WA"), new Claim(ClaimTypes.Country, "United States"), new Claim(Adatum.ClaimTypes.CostCenter, Adatum.CostCenters.Accountancy), new Claim(Microsoft.IdentityModel.Claims.ClaimTypes.Role, Adatum.Roles.OrderTracker), new Claim(Microsoft.IdentityModel.Claims.ClaimTypes.Role, Adatum.Roles.OrderApprover), new Claim(AllOrganizations.ClaimTypes.Group, Adatum.Groups.CustomerService) }); break; case "ADATUM\\PETER": outputIdentity.Claims.AddRange(new List <Claim> { new Claim(ClaimTypes.Name, "peter"), new Claim(ClaimTypes.GivenName, "Peter"), new Claim(ClaimTypes.Surname, "Porter"), new Claim(ClaimTypes.StreetAddress, "45 Top hill Rd."), new Claim(ClaimTypes.StateOrProvince, "WA"), new Claim(ClaimTypes.Country, "United States"), new Claim(Adatum.ClaimTypes.CostCenter, Adatum.CostCenters.CustomerService), new Claim(Microsoft.IdentityModel.Claims.ClaimTypes.Role, Adatum.Roles.OrderTracker), new Claim(AllOrganizations.ClaimTypes.Group, Adatum.Groups.OrderFulfillments), new Claim(AllOrganizations.ClaimTypes.Group, Adatum.Groups.ItAdmins), }); break; } outputIdentity.Claims.Add(new Claim(Adatum.ClaimTypes.Organization, Adatum.OrganizationName)); return(outputIdentity); }