예제 #1
0
        protected override void ProcessRecord()
        {
            var getRelyingPartyTrustCommand = new GetRelyingPartyTrustCommand();

            getRelyingPartyTrustCommand.Name = new[] { Name };
            var exists = getRelyingPartyTrustCommand.Invoke <RelyingPartyTrust>().Any();

            if (exists)
            {
                var error = "Relying party already exists";
                ThrowTerminatingError(new ErrorRecord(new Exception(error), error, ErrorCategory.ResourceExists, Name));
            }
            PortableRelyingParty portableRelyingParty;
            var path = SessionState.Path.GetUnresolvedProviderPathFromPSPath(Path);

            using (var stream = File.OpenRead(path))
            {
                var serializer = new DataContractSerializer(typeof(PortableRelyingParty));
                portableRelyingParty = (PortableRelyingParty)serializer.ReadObject(stream);
            }

            var generator          = FederationMetadataGenerator.FromSerializedRelyingParty(portableRelyingParty);
            var federationMetadata = generator.Generate();

            var addRelyingPartyTrustCommand = new AddRelyingPartyTrustCommand
            {
                Name         = Name,
                MetadataFile = GetTempMetadataFile(federationMetadata),
                PassThru     = PassThru
            };

            portableRelyingParty.CopyToRelyingPartyTrust(addRelyingPartyTrustCommand);
            // Cannot clean up metadata, as that seems to introduce a timing issue, preventing the RP from being created correctly

            var rp = addRelyingPartyTrustCommand.Invoke <RelyingPartyTrust>().ToArray();

            if (PassThru)
            {
                foreach (var relyingPartyTrust in rp)
                {
                    WriteObject(relyingPartyTrust);
                }
            }
        }
예제 #2
0
        public void CopyToRelyingPartyTrust(AddRelyingPartyTrustCommand relyingPartyTrust)
        {
            var source = this;
            var target = relyingPartyTrust;

            target.AutoUpdateEnabled            = source.AutoUpdateEnabled;
            target.DelegationAuthorizationRules = source.DelegationAuthorizationRules;
            target.EncryptClaims           = source.EncryptClaims;
            target.EncryptedNameIdRequired = source.EncryptedNameIdRequired;
            target.EncryptionCertificate   = source.EncryptionCertificate;
            target.EncryptionCertificateRevocationCheck = source.EncryptionCertificateRevocationCheck.ToString();
            target.Identifier = source.Identifier.ToArray();
            target.ImpersonationAuthorizationRules = source.ImpersonationAuthorizationRules;
            target.IssuanceAuthorizationRules      = source.IssuanceAuthorizationRules;
            target.IssuanceTransformRules          = source.IssuanceTransformRules;
            target.MetadataUrl                       = source.MetadataUrl;
            target.MonitoringEnabled                 = source.MonitoringEnabled;
            target.NotBeforeSkew                     = source.NotBeforeSkew;
            target.Notes                             = source.Notes;
            target.ProtocolProfile                   = source.ProtocolProfile;
            target.RequestSigningCertificate         = source.RequestSigningCertificate.ToArray();
            target.SamlResponseSignature             = source.SamlResponseSignature;
            target.SignatureAlgorithm                = source.SignatureAlgorithm;
            target.SignedSamlRequestsRequired        = source.SignedSamlRequestsRequired;
            target.TokenLifetime                     = source.TokenLifetime;
            target.WSFedEndpoint                     = source.WSFedEndpoint;
            target.SamlEndpoint                      = source.SamlEndpoints.Select(endpoint => SamlEndpointFactory.Create(endpoint.Protocol, endpoint.Location, endpoint.ResponseLocation, endpoint.Binding, endpoint.IsDefault, endpoint.Index)).ToArray();
            target.SigningCertificateRevocationCheck = source.SigningCertificateRevocationCheck.ToString();
            //target.ClaimsAccepted = source.ClaimsAccepted.Select(SerializableClaimDescription.FromClaimDescription).ToList();
            //target.ConflictWithPublishedPolicy = source.ConflictWithPublishedPolicy;
            //target.LastMonitoredTime = source.LastMonitoredTime;
            //target.LastPublishedPolicyCheckSuccessful = source.LastPublishedPolicyCheckSuccessful;
            //target.LastUpdateTime = source.LastUpdateTime;
            //target.Name = source.Name;
            //target.OrganizationInfo = source.OrganizationInfo;
        }
예제 #3
0
파일: Program.cs 프로젝트: vjohnson01/Tools
        static void Main(string[] args)
        {
            if (args.Length != 1)
            {
                Console.WriteLine("Usage: AddRelyingParty filename");
                return;
            }

            XElement relyingPartyTrustXml = XElement.Load(args[0]);

            string name = relyingPartyTrustXml.Element("Name").Value;

            string[] identifiers = null;
            foreach (XElement identifiersXml in relyingPartyTrustXml.Elements("Identifiers"))
            {
                int i = 0;
                identifiers = new string[identifiersXml.Elements("Identifier").Count()];
                foreach (XElement identifierXml in identifiersXml.Elements("Identifier"))
                {
                    identifiers[i++] = identifierXml.Value;
                }
            }

            SamlEndpoint[] samlEndpoints = null;
            foreach (XElement samlEndpointsXml in relyingPartyTrustXml.Elements("SamlEndpoints"))
            {
                int i = 0;
                samlEndpoints = new SamlEndpoint[samlEndpointsXml.Elements("SamlEndpoint").Count()];
                foreach (XElement samlEndpointXml in samlEndpointsXml.Elements("SamlEndpoint"))
                {
                    NewSamlEndpointCommand newSamlEndpointCommand = new NewSamlEndpointCommand();
                    newSamlEndpointCommand.Binding = samlEndpointXml.Element("Binding").Value;
                    newSamlEndpointCommand.Uri = new Uri(samlEndpointXml.Element("Location").Value);
                    newSamlEndpointCommand.IsDefault = bool.Parse(samlEndpointXml.Element("IsDefault").Value);
                    newSamlEndpointCommand.Index = int.Parse(samlEndpointXml.Element("Index").Value);
                    newSamlEndpointCommand.Protocol = samlEndpointXml.Element("Protocol").Value;
                    newSamlEndpointCommand.ResponseUri = String.IsNullOrEmpty(samlEndpointXml.Element("ResponseLocation").Value) ? null : new Uri(samlEndpointXml.Element("ResponseLocation").Value);
                    IEnumerable commandResults = newSamlEndpointCommand.Invoke();
                    SamlEndpoint samlEndpoint = null;
                    foreach (SamlEndpoint commandResult in commandResults)
                    {
                        samlEndpoint = commandResult;
                    }
                    samlEndpoints[i++] = samlEndpoint;
                }
            }

            Uri wsFedEndpoint = String.IsNullOrEmpty(relyingPartyTrustXml.Element("WsFedEndpoint").Value) ? null : new Uri(relyingPartyTrustXml.Element("WsFedEndpoint").Value);

            X509Certificate2[] requestSigningCertificates = null;
            foreach (XElement requestSigningCertificatesXml in relyingPartyTrustXml.Elements("RequestSigningCertificates"))
            {
                int i = 0;
                requestSigningCertificates = new X509Certificate2[requestSigningCertificatesXml.Elements("RequestSigningCertificate").Count()];
                foreach (XElement requestSigningCertificateXml in requestSigningCertificatesXml.Elements("RequestSigningCertificate"))
                {
                    requestSigningCertificates[i++] = new X509Certificate2(Convert.FromBase64String(requestSigningCertificateXml.Value));
                }
            }

            X509Certificate2 encryptionCertificate = null;
            if (!String.IsNullOrEmpty(relyingPartyTrustXml.Element("EncryptionCertificate").Value))
            {
                encryptionCertificate = new X509Certificate2(Convert.FromBase64String(relyingPartyTrustXml.Element("EncryptionCertificate").Value));
            }

            string issuanceTransformRules = relyingPartyTrustXml.Element("IssuanceTransformRules").Value;
            string issuanceAuthorizationRules = relyingPartyTrustXml.Element("IssuanceAuthorizationRules").Value;
            string delegationAuthorizationRules = relyingPartyTrustXml.Element("DelegationAuthorizationRules").Value;
            bool autoUpdateEnabled = bool.Parse(relyingPartyTrustXml.Element("AutoUpdateEnabled").Value);
            bool monitoringEnabled = bool.Parse(relyingPartyTrustXml.Element("MonitoringEnabled").Value);
            Uri metadataUrl = String.IsNullOrEmpty(relyingPartyTrustXml.Element("MetadataUrl").Value) ? null : new Uri(relyingPartyTrustXml.Element("MetadataUrl").Value);
            string signatureAlgorithm = relyingPartyTrustXml.Element("SignatureAlgorithm").Value;
            bool encryptClaims = bool.Parse(relyingPartyTrustXml.Element("EncryptClaims").Value);
            bool encryptedNameIdRequired = bool.Parse(relyingPartyTrustXml.Element("EncryptedNameIdRequired").Value);
            string encryptionCertificateRevocationCheck = relyingPartyTrustXml.Element("EncryptionCertificateRevocationCheck").Value;
            int notBeforeSkew = int.Parse(relyingPartyTrustXml.Element("NotBeforeSkew").Value);
            string notes = relyingPartyTrustXml.Element("Notes").Value;
            string protocolProfile = relyingPartyTrustXml.Element("ProtocolProfile").Value;
            string samlResponseSignature = relyingPartyTrustXml.Element("SamlResponseSignature").Value;
            bool signedSamlRequestsRequired = bool.Parse(relyingPartyTrustXml.Element("SignedSamlRequestsRequired").Value);
            string signingCertificateRevocationCheck = relyingPartyTrustXml.Element("SigningCertificateRevocationCheck").Value;
            int tokenLifetime = int.Parse(relyingPartyTrustXml.Element("TokenLifetime").Value);

            AddRelyingPartyTrustCommand addRelyingPartyTrustCommand = new AddRelyingPartyTrustCommand();
            addRelyingPartyTrustCommand.Name = name;
            addRelyingPartyTrustCommand.Identifier = identifiers;
            addRelyingPartyTrustCommand.SamlEndpoint = samlEndpoints;
            addRelyingPartyTrustCommand.WSFedEndpoint = wsFedEndpoint;
            addRelyingPartyTrustCommand.RequestSigningCertificate = requestSigningCertificates;
            addRelyingPartyTrustCommand.IssuanceTransformRules = issuanceTransformRules;
            addRelyingPartyTrustCommand.IssuanceAuthorizationRules = issuanceAuthorizationRules;
            addRelyingPartyTrustCommand.DelegationAuthorizationRules = delegationAuthorizationRules;
            addRelyingPartyTrustCommand.AutoUpdateEnabled = autoUpdateEnabled;
            addRelyingPartyTrustCommand.MonitoringEnabled = monitoringEnabled;
            addRelyingPartyTrustCommand.MetadataUrl = metadataUrl;
            addRelyingPartyTrustCommand.SignatureAlgorithm = signatureAlgorithm;
            addRelyingPartyTrustCommand.EncryptClaims = encryptClaims;
            addRelyingPartyTrustCommand.EncryptedNameIdRequired = encryptedNameIdRequired;
            addRelyingPartyTrustCommand.EncryptionCertificate = encryptionCertificate;
            addRelyingPartyTrustCommand.EncryptionCertificateRevocationCheck = encryptionCertificateRevocationCheck;
            addRelyingPartyTrustCommand.NotBeforeSkew = notBeforeSkew;
            addRelyingPartyTrustCommand.Notes = notes;
            addRelyingPartyTrustCommand.ProtocolProfile = protocolProfile;
            addRelyingPartyTrustCommand.SamlResponseSignature = samlResponseSignature;
            addRelyingPartyTrustCommand.SignedSamlRequestsRequired = signedSamlRequestsRequired;
            addRelyingPartyTrustCommand.SigningCertificateRevocationCheck = signingCertificateRevocationCheck;
            addRelyingPartyTrustCommand.TokenLifetime = tokenLifetime;

            IEnumerable result = addRelyingPartyTrustCommand.Invoke();

            try
            {
                result.GetEnumerator().MoveNext();
            }
            catch (Exception ex)
            {
                Console.WriteLine("Relying party cannot be created.");
                Console.WriteLine(ex.Message);
                Console.WriteLine(ex.StackTrace);
            }
        }
예제 #4
0
        static void Main(string[] args)
        {
            if (args.Length != 1)
            {
                Console.WriteLine("Usage: AddRelyingParty filename");
                return;
            }

            XElement relyingPartyTrustXml = XElement.Load(args[0]);

            string name = relyingPartyTrustXml.Element("Name").Value;

            string[] identifiers = null;
            foreach (XElement identifiersXml in relyingPartyTrustXml.Elements("Identifiers"))
            {
                int i = 0;
                identifiers = new string[identifiersXml.Elements("Identifier").Count()];
                foreach (XElement identifierXml in identifiersXml.Elements("Identifier"))
                {
                    identifiers[i++] = identifierXml.Value;
                }
            }

            SamlEndpoint[] samlEndpoints = null;
            foreach (XElement samlEndpointsXml in relyingPartyTrustXml.Elements("SamlEndpoints"))
            {
                int i = 0;
                samlEndpoints = new SamlEndpoint[samlEndpointsXml.Elements("SamlEndpoint").Count()];
                foreach (XElement samlEndpointXml in samlEndpointsXml.Elements("SamlEndpoint"))
                {
                    NewSamlEndpointCommand newSamlEndpointCommand = new NewSamlEndpointCommand();
                    newSamlEndpointCommand.Binding     = samlEndpointXml.Element("Binding").Value;
                    newSamlEndpointCommand.Uri         = new Uri(samlEndpointXml.Element("Location").Value);
                    newSamlEndpointCommand.IsDefault   = bool.Parse(samlEndpointXml.Element("IsDefault").Value);
                    newSamlEndpointCommand.Index       = int.Parse(samlEndpointXml.Element("Index").Value);
                    newSamlEndpointCommand.Protocol    = samlEndpointXml.Element("Protocol").Value;
                    newSamlEndpointCommand.ResponseUri = String.IsNullOrEmpty(samlEndpointXml.Element("ResponseLocation").Value) ? null : new Uri(samlEndpointXml.Element("ResponseLocation").Value);
                    IEnumerable  commandResults = newSamlEndpointCommand.Invoke();
                    SamlEndpoint samlEndpoint   = null;
                    foreach (SamlEndpoint commandResult in commandResults)
                    {
                        samlEndpoint = commandResult;
                    }
                    samlEndpoints[i++] = samlEndpoint;
                }
            }

            Uri wsFedEndpoint = String.IsNullOrEmpty(relyingPartyTrustXml.Element("WsFedEndpoint").Value) ? null : new Uri(relyingPartyTrustXml.Element("WsFedEndpoint").Value);

            X509Certificate2[] requestSigningCertificates = null;
            foreach (XElement requestSigningCertificatesXml in relyingPartyTrustXml.Elements("RequestSigningCertificates"))
            {
                int i = 0;
                requestSigningCertificates = new X509Certificate2[requestSigningCertificatesXml.Elements("RequestSigningCertificate").Count()];
                foreach (XElement requestSigningCertificateXml in requestSigningCertificatesXml.Elements("RequestSigningCertificate"))
                {
                    requestSigningCertificates[i++] = new X509Certificate2(Convert.FromBase64String(requestSigningCertificateXml.Value));
                }
            }

            X509Certificate2 encryptionCertificate = null;

            if (!String.IsNullOrEmpty(relyingPartyTrustXml.Element("EncryptionCertificate").Value))
            {
                encryptionCertificate = new X509Certificate2(Convert.FromBase64String(relyingPartyTrustXml.Element("EncryptionCertificate").Value));
            }

            string issuanceTransformRules       = relyingPartyTrustXml.Element("IssuanceTransformRules").Value;
            string issuanceAuthorizationRules   = relyingPartyTrustXml.Element("IssuanceAuthorizationRules").Value;
            string delegationAuthorizationRules = relyingPartyTrustXml.Element("DelegationAuthorizationRules").Value;
            bool   autoUpdateEnabled            = bool.Parse(relyingPartyTrustXml.Element("AutoUpdateEnabled").Value);
            bool   monitoringEnabled            = bool.Parse(relyingPartyTrustXml.Element("MonitoringEnabled").Value);
            Uri    metadataUrl             = String.IsNullOrEmpty(relyingPartyTrustXml.Element("MetadataUrl").Value) ? null : new Uri(relyingPartyTrustXml.Element("MetadataUrl").Value);
            string signatureAlgorithm      = relyingPartyTrustXml.Element("SignatureAlgorithm").Value;
            bool   encryptClaims           = bool.Parse(relyingPartyTrustXml.Element("EncryptClaims").Value);
            bool   encryptedNameIdRequired = bool.Parse(relyingPartyTrustXml.Element("EncryptedNameIdRequired").Value);
            string encryptionCertificateRevocationCheck = relyingPartyTrustXml.Element("EncryptionCertificateRevocationCheck").Value;
            int    notBeforeSkew                     = int.Parse(relyingPartyTrustXml.Element("NotBeforeSkew").Value);
            string notes                             = relyingPartyTrustXml.Element("Notes").Value;
            string protocolProfile                   = relyingPartyTrustXml.Element("ProtocolProfile").Value;
            string samlResponseSignature             = relyingPartyTrustXml.Element("SamlResponseSignature").Value;
            bool   signedSamlRequestsRequired        = bool.Parse(relyingPartyTrustXml.Element("SignedSamlRequestsRequired").Value);
            string signingCertificateRevocationCheck = relyingPartyTrustXml.Element("SigningCertificateRevocationCheck").Value;
            int    tokenLifetime                     = int.Parse(relyingPartyTrustXml.Element("TokenLifetime").Value);

            AddRelyingPartyTrustCommand addRelyingPartyTrustCommand = new AddRelyingPartyTrustCommand();

            addRelyingPartyTrustCommand.Name                                 = name;
            addRelyingPartyTrustCommand.Identifier                           = identifiers;
            addRelyingPartyTrustCommand.SamlEndpoint                         = samlEndpoints;
            addRelyingPartyTrustCommand.WSFedEndpoint                        = wsFedEndpoint;
            addRelyingPartyTrustCommand.RequestSigningCertificate            = requestSigningCertificates;
            addRelyingPartyTrustCommand.IssuanceTransformRules               = issuanceTransformRules;
            addRelyingPartyTrustCommand.IssuanceAuthorizationRules           = issuanceAuthorizationRules;
            addRelyingPartyTrustCommand.DelegationAuthorizationRules         = delegationAuthorizationRules;
            addRelyingPartyTrustCommand.AutoUpdateEnabled                    = autoUpdateEnabled;
            addRelyingPartyTrustCommand.MonitoringEnabled                    = monitoringEnabled;
            addRelyingPartyTrustCommand.MetadataUrl                          = metadataUrl;
            addRelyingPartyTrustCommand.SignatureAlgorithm                   = signatureAlgorithm;
            addRelyingPartyTrustCommand.EncryptClaims                        = encryptClaims;
            addRelyingPartyTrustCommand.EncryptedNameIdRequired              = encryptedNameIdRequired;
            addRelyingPartyTrustCommand.EncryptionCertificate                = encryptionCertificate;
            addRelyingPartyTrustCommand.EncryptionCertificateRevocationCheck = encryptionCertificateRevocationCheck;
            addRelyingPartyTrustCommand.NotBeforeSkew                        = notBeforeSkew;
            addRelyingPartyTrustCommand.Notes                                = notes;
            addRelyingPartyTrustCommand.ProtocolProfile                      = protocolProfile;
            addRelyingPartyTrustCommand.SamlResponseSignature                = samlResponseSignature;
            addRelyingPartyTrustCommand.SignedSamlRequestsRequired           = signedSamlRequestsRequired;
            addRelyingPartyTrustCommand.SigningCertificateRevocationCheck    = signingCertificateRevocationCheck;
            addRelyingPartyTrustCommand.TokenLifetime                        = tokenLifetime;

            IEnumerable result = addRelyingPartyTrustCommand.Invoke();

            try
            {
                result.GetEnumerator().MoveNext();
            }
            catch (Exception ex)
            {
                Console.WriteLine("Relying party cannot be created.");
                Console.WriteLine(ex.Message);
                Console.WriteLine(ex.StackTrace);
            }
        }