protected override async Task <HandleRequestResult> HandleRemoteAuthenticateAsync() { AuthenticationProperties properties = new AuthenticationProperties(); properties.Load(Request, Options.StateDataFormat); var(id, message) = await ExtractInfoFromAuthenticationResponse(); try { var idpName = properties.GetIdentityProviderName(); var request = properties.GetAuthenticationRequest(); var validationMessageResult = await ValidateAuthenticationResponse(message, request, properties, idpName); if (validationMessageResult != null) { return(validationMessageResult); } var responseMessageReceivedResult = await _eventsHandler.HandleAuthenticationResponseMessageReceived(Context, Scheme, Options, properties, message); if (responseMessageReceivedResult.Result != null) { return(responseMessageReceivedResult.Result); } message = responseMessageReceivedResult.ProtocolMessage; properties = responseMessageReceivedResult.Properties; var correlationValidationResult = ValidateCorrelation(properties); if (correlationValidationResult != null) { return(correlationValidationResult); } var(principal, validFrom, validTo) = CreatePrincipal(message); AdjustAuthenticationPropertiesDates(properties, validFrom, validTo); properties.SetSubjectNameId(message.GetAssertion().Subject?.GetNameID()?.Value); properties.SetSessionIndex(message.GetAssertion().GetAuthnStatement().SessionIndex); properties.Save(Response, Options.StateDataFormat); var ticket = new AuthenticationTicket(principal, properties, Scheme.Name); await _eventsHandler.HandleAuthenticationSuccess(Context, Scheme, Options, id, ticket); return(HandleRequestResult.Success(ticket)); } catch (Exception exception) { Logger.ExceptionProcessingMessage(exception); var authenticationFailedResult = await _eventsHandler.HandleAuthenticationFailed(Context, Scheme, Options, message, exception); return(authenticationFailedResult.Result ?? HandleRequestResult.Fail(exception, properties)); } }
public async virtual Task SignOutAsync(AuthenticationProperties properties) { var target = ResolveTarget(Options.ForwardSignOut); if (target != null) { await Context.SignOutAsync(target, properties); return; } string authenticationRequestId = Guid.NewGuid().ToString(); var requestProperties = new AuthenticationProperties(); requestProperties.Load(Request, Options.StateDataFormat); // Extract the user state from properties and reset. var idpName = requestProperties.GetIdentityProviderName(); var subjectNameId = requestProperties.GetSubjectNameId(); var sessionIndex = requestProperties.GetSessionIndex(); var idp = Options.IdentityProviders.FirstOrDefault(i => i.Name == idpName); var securityTokenCreatingContext = await _eventsHandler.HandleSecurityTokenCreatingContext(Context, Scheme, Options, properties, authenticationRequestId); var message = SamlHandler.GetLogoutRequest( authenticationRequestId, securityTokenCreatingContext.TokenOptions.EntityId, securityTokenCreatingContext.TokenOptions.Certificate, idp, subjectNameId, sessionIndex); var(redirectHandled, afterRedirectMessage) = await _eventsHandler.HandleRedirectToIdentityProviderForSignOut(Context, Scheme, Options, properties, message); if (redirectHandled) { return; } message = afterRedirectMessage; properties.SetLogoutRequest(message); properties.Save(Response, Options.StateDataFormat); await _requestGenerator.HandleRequest(message, message.ID, securityTokenCreatingContext.TokenOptions.Certificate, idp.SingleSignOutServiceUrl, idp.Method); }