public static void BuildResponse()
{
string[] encryptionParameters = ConfigurationManager.AppSettings["SIBTargetHashParameters"].Split(';');
string plaintext = String.Empty;
string ciphertext = String.Empty;
string timestamp;
// Populate timestamp parameter in preparation for use
if (ConfigurationManager.AppSettings["SIBTargetTimestampUTC"].ToLower() == "true")
{
timestamp = SIBTime.UTCTimeStamp();
}
else
{
timestamp = SIBTime.TimeStamp();
}
SIBLog.Write("Debug", "Timestamp", timestamp);
// acquire encryption parameters identified in config file and build a cleartext string
foreach (string parm in encryptionParameters)
{
switch (parm)
{
case "SIBTargetCipherKey":
plaintext += ConfigurationManager.AppSettings["SIBTargetCipherKey"];
break;
case "SIBTargetTimestamp":
plaintext += timestamp;
break;
default:
plaintext += SIBData.inParams[parm];
break;
}
}
SIBLog.Write("Debug", "Plaintext", plaintext);
// Encrypt the required parameters with appropirate cipher
switch (ConfigurationManager.AppSettings["SIBTargetCipher"].ToUpper())
{
case "MD5":
if (ConfigurationManager.AppSettings["SIBTargetCipherEncoding"].ToUpper() == "HEX")
{
ciphertext = SIBCrypto.HashMD5_HEX(plaintext);
}
else if (ConfigurationManager.AppSettings["SIBTargetCipherEncoding"].ToUpper() == "BASE64")
{
ciphertext = SIBCrypto.HashMD5_64(plaintext);
}
break;
default:
ciphertext = plaintext;
break;
}
SIBLog.Write("Debug", "Ciphertext", ciphertext);
// Replace values from source to target in parameter list
SIBData.outParams.Clear();
SIBData.outParams.Add(BuildNVC(ConfigurationManager.AppSettings["SIBTargetParameters"], ';', '='));
foreach (string key in SIBData.outParams.AllKeys)
{
switch (SIBData.outParams[key])
{
case "SIBTargetHashParameters":
SIBData.outParams[key] = ciphertext;
break;
case "SIBTargetTimestamp":
SIBData.outParams[key] = timestamp;
break;
default:
SIBData.outParams[key] = SIBData.inParams[SIBData.outParams[key]];
break;
}
}
//Build the redirect URL
SIBData.redirectGETRequest = ConfigurationManager.AppSettings["SIBTargetRedirectURL"] + "?";
for (int i = 0; i < SIBData.outParams.Count; i++)
{
SIBData.redirectGETRequest += String.Format("{0}={1}", SIBData.outParams.GetKey(i), SIBData.outParams[i]);
if (i < SIBData.outParams.Count - 1)
{
SIBData.redirectGETRequest += "&";
}
}
SIBLog.Write("Debug", "Get Request", SIBData.redirectGETRequest);
//Build the response/redirect HTLM document
SIBData.redirectPOSTRequest = "<html>";
SIBData.redirectPOSTRequest += @"<body onload='document.forms[""form""].submit()'>";
SIBData.redirectPOSTRequest += String.Format("<form name='form' action='{0}' method='post'>", ConfigurationManager.AppSettings["SIBTargetRedirectURL"]);
foreach (string key in SIBData.outParams.AllKeys)
{
SIBData.redirectPOSTRequest += String.Format("<input type='hidden' name='{0}' value='{1}'>", key, SIBData.outParams[key]);
}
SIBData.redirectPOSTRequest += "</form></body></html>";
SIBLog.Write("Debug", "Post Request", SIBData.redirectPOSTRequest);
}
public static void ParseRequest(HttpRequest request)
{
SIBLog.Write("Debug", "HTTPRequest GET.", request.QueryString.ToString());
SIBData.inParams.Clear();
foreach (string key in request.QueryString.AllKeys)
{
SIBData.inParams.Set(key, request.QueryString[key]);
}
SIBLog.Write("Debug", "HTTPRequest POST.", request.Form.ToString());
foreach (string key in request.Form.AllKeys)
{
SIBData.inParams.Set(key, request.Form[key]);
}
if (!String.IsNullOrEmpty(SIBData.inParams["SAMLResponse"]))
{
SIBLog.Write("Information", "SAMLResponse detected.");
try
{
XmlDocument xmlSAML = new XmlDocument();
string decodedSAML = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(SIBData.inParams["SAMLResponse"]));
SIBLog.Write("Debug", "Decoded SAML", decodedSAML);
xmlSAML.LoadXml(decodedSAML);
if (IsValidSignature(xmlSAML))
{
SIBLog.Write("Information", "SAML Signature is valid.");
XmlNodeList nodeList = xmlSAML.GetElementsByTagName(ConfigurationManager.AppSettings["SIBSourceSAMLAttributeElement"].ToString());
for (int i = 0; i < nodeList.Count; i++)
{
SIBData.inParams.Set(nodeList.Item(i).Attributes.Item(0).Value, nodeList.Item(i).InnerText);
}
}
else
{
SIBLog.Write("Error", "SAML Signature is invalid.");
}
}
catch
{
SIBLog.Write("Error", "No or improperly formated SAMLResponse value presented");
}
}
SIBLog.Write("Debug", "Parameters consumed from target post processing...");
for (int i = 0; i < SIBData.inParams.Count; i++)
{
SIBLog.Write("Debug", SIBData.inParams.GetKey(i), SIBData.inParams[i]);
}
// Override static configuration values set by implementation
NameValueCollection n = new NameValueCollection();
n.Add(BuildNVC(ConfigurationManager.AppSettings["SIBSourceParametersOverride"], ';', '='));
foreach (string key in n.AllKeys)
{
SIBData.inParams.Set(key, n[key]);
}
SIBLog.Write("Debug", "Parameters post override processing...");
for (int i = 0; i < SIBData.inParams.Count; i++)
{
SIBLog.Write("Debug", SIBData.inParams.GetKey(i), SIBData.inParams[i]);
}
}
