private static AuthenticationHandler GetDefaultAuthenticationHandler() { var authConfig = new AuthenticationConfiguration { InheritHostClientIdentity = false }; #region Basic Authentication authConfig.Handler.AddBasicAuthenticationHandler((userName, password) => { return userName == password; }); #endregion #region SWT authConfig.Handler.AddSimpleWebTokenHandler( "SWT", Constants.Issuer, Constants.Realm, "Dc9Mpi3jbooUpBQpB/4R7XtUsa3D/ALSjTVvK8IUZbg="); #endregion #region SAML tokens var registry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer("D263DDCF598E716F0037380796A4A62DF017ADB8", "TEST"); var adfsConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); adfsConfig.IssuerNameRegistry = registry; adfsConfig.CertificateValidator = X509CertificateValidator.None; // token decryption (read from configuration section) adfsConfig.ServiceTokenResolver = FederatedAuthentication.ServiceConfiguration.CreateAggregateTokenResolver(); authConfig.Handler.AddSaml11SecurityTokenHandler("SAML", adfsConfig); //manager.AddSaml2SecurityTokenHandler("AdfsSaml", adfsConfig); #endregion var authHandler = new AuthenticationHandler(authConfig); return authHandler; }
private AuthenticationConfiguration ConfigureAuthentication() { var config = new AuthenticationConfiguration { // sample claims transformation for consultants sample, comment out to see raw claims ClaimsAuthenticationManager = new ConsultantsClaimsTransformer(), // value of the www-authenticate header, if not set, the first scheme added to the handler collection is used DefaultAuthenticationScheme = "Basic" }; #region Basic Authentication config.Handler.AddBasicAuthenticationHandler((username, password) => username == password); #endregion #region IdSrv Simple Web Tokens config.Handler.AddSimpleWebTokenHandler( "IdSrv", "http://identity.thinktecture.com/trust", Constants.Realm, "Dc9Mpi3jbooUpBQpB/4R7XtUsa3D/ALSjTVvK8IUZbg="); #endregion #region ACS Simple Web Tokens config.Handler.AddSimpleWebTokenHandler( "ACS", "https://" + Constants.ACS + "/", Constants.Realm, "yFvxu8Xkmo/xBSSPrzqZLSAiB4lgjR4PIi0Bn1RsUDI="); #endregion #region ADFS SAML tokens // SAML via ADFS var registry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer("d1 c5 b1 25 97 d0 36 94 65 1c e2 64 fe 48 06 01 35 f7 bd db", "ADFS"); var adfsConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); adfsConfig.IssuerNameRegistry = registry; adfsConfig.CertificateValidator = X509CertificateValidator.None; // token decryption (read from configuration section) adfsConfig.ServiceTokenResolver = FederatedAuthentication.ServiceConfiguration.CreateAggregateTokenResolver(); config.Handler.AddSaml11SecurityTokenHandler("AdfsSaml", adfsConfig); //manager.AddSaml2SecurityTokenHandler("AdfsSaml", adfsConfig); #endregion #region IdSrv SAML tokens // SAML via IdSrv var idsrvRegistry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer("A1EED7897E55388FCE60FEF1A1EED81FF1CBAEC6", "Thinktecture IdSrv"); var idsrvConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Constants.Realm)); adfsConfig.IssuerNameRegistry = registry; adfsConfig.CertificateValidator = X509CertificateValidator.None; // token decryption (read from configuration section) adfsConfig.ServiceTokenResolver = FederatedAuthentication.ServiceConfiguration.CreateAggregateTokenResolver(); config.Handler.AddSaml2SecurityTokenHandler("IdSrvSaml", adfsConfig); #endregion return config; }
public AuthenticationHandler(AuthenticationConfiguration configuration) { _configuration = configuration; }
private static AuthenticationConfiguration ConfigureAuthentication() { var config = new AuthenticationConfiguration(); config.ClaimsAuthenticationManager = new ConsultantsClaimsTransformer(); #region Basic Authentication config.Handler.AddBasicAuthenticationHandler((username, password) => username == password); #endregion #region IdSrv Simple Web Tokens config.Handler.AddSimpleWebTokenHandler( "IdSrv", "http://identity.thinktecture.com/trust", Thinktecture.Samples.Constants.Realm, "Dc9Mpi3jbooUpBQpB/4R7XtUsa3D/ALSjTVvK8IUZbg="); #endregion #region ACS Simple Web Tokens config.Handler.AddSimpleWebTokenHandler( "ACS", "https://" + Thinktecture.Samples.Constants.ACS + "/", Thinktecture.Samples.Constants.Realm, "yFvxu8Xkmo/xBSSPrzqZLSAiB4lgjR4PIi0Bn1RsUDI="); #endregion #region ADFS SAML tokens // SAML via ADFS var registry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer("d1 c5 b1 25 97 d0 36 94 65 1c e2 64 fe 48 06 01 35 f7 bd db", "ADFS"); var adfsConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Thinktecture.Samples.Constants.Realm)); adfsConfig.IssuerNameRegistry = registry; adfsConfig.CertificateValidator = X509CertificateValidator.None; // token decryption (read from configuration section) adfsConfig.ServiceTokenResolver = FederatedAuthentication.ServiceConfiguration.CreateAggregateTokenResolver(); config.Handler.AddSaml11SecurityTokenHandler("AdfsSaml", adfsConfig); //manager.AddSaml2SecurityTokenHandler("AdfsSaml", adfsConfig); #endregion #region IdSrv SAML tokens // SAML via IdSrv var idsrvRegistry = new ConfigurationBasedIssuerNameRegistry(); registry.AddTrustedIssuer("CD638612A35CD2F9232ECE36226B731FC666EF07", "Thinktecture IdSrv"); var idsrvConfig = new SecurityTokenHandlerConfiguration(); adfsConfig.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Thinktecture.Samples.Constants.Realm)); adfsConfig.IssuerNameRegistry = registry; adfsConfig.CertificateValidator = X509CertificateValidator.None; // token decryption (read from configuration section) adfsConfig.ServiceTokenResolver = FederatedAuthentication.ServiceConfiguration.CreateAggregateTokenResolver(); config.Handler.AddSaml2SecurityTokenHandler("IdSrvSaml", adfsConfig); #endregion return config; }