public static void SetNotOnOrAfter(this Saml2SecurityToken token, DateTime?notOnOrAfter) { var data = token.GetBearerSubjectConfirmationData(); if (data == null) { return; } data.NotOnOrAfter = notOnOrAfter; }
public static void SetRecipient(this Saml2SecurityToken token, Uri recipient, Saml2Id inResponseTo) { var data = token.GetBearerSubjectConfirmationData(); if (data == null) { return; } data.Recipient = recipient; data.InResponseTo = inResponseTo; }
public static void ValidateResponseToken(this Saml2SecurityToken token, string authnRequestId, DateTime now) { var data = token.GetBearerSubjectConfirmationData(); if (data == null) { throw new SecurityException("Missing bearer subject confirmation data."); } if (data.InResponseTo?.Value != authnRequestId) { throw new SecurityException($"Invalid InResponseTo. Expected '{authnRequestId}' but got '{data.InResponseTo?.Value}'."); } if (data.NotBefore != null && now < data.NotBefore) { throw new SecurityException($"NotBefore validation failed."); } if (data.NotOnOrAfter != null && data.NotOnOrAfter <= now) { throw new SecurityException($"NotOnOrAfter validation failed."); } }
public static Saml2Id GetInResponseTo(this Saml2SecurityToken token) { var data = token.GetBearerSubjectConfirmationData(); return(data?.InResponseTo); }