protected override async Task <HandleRequestResult> HandleRemoteAuthenticateAsync()
{
AuthenticationProperties properties = new AuthenticationProperties();
properties.Load(Request, Options.StateDataFormat);
var(id, message) = await ExtractInfoFromAuthenticationResponse();
try
{
var idpName = properties.GetIdentityProviderName();
var request = properties.GetAuthenticationRequest();
var validationMessageResult = await ValidateAuthenticationResponse(message, request, properties, idpName);
if (validationMessageResult != null)
{
return(validationMessageResult);
}
var responseMessageReceivedResult = await _eventsHandler.HandleAuthenticationResponseMessageReceived(Context, Scheme, Options, properties, message);
if (responseMessageReceivedResult.Result != null)
{
return(responseMessageReceivedResult.Result);
}
message = responseMessageReceivedResult.ProtocolMessage;
properties = responseMessageReceivedResult.Properties;
var correlationValidationResult = ValidateCorrelation(properties);
if (correlationValidationResult != null)
{
return(correlationValidationResult);
}
var(principal, validFrom, validTo) = CreatePrincipal(message);
AdjustAuthenticationPropertiesDates(properties, validFrom, validTo);
properties.SetSubjectNameId(message.GetAssertion().Subject?.GetNameID()?.Value);
properties.SetSessionIndex(message.GetAssertion().GetAuthnStatement().SessionIndex);
properties.Save(Response, Options.StateDataFormat);
var ticket = new AuthenticationTicket(principal, properties, Scheme.Name);
await _eventsHandler.HandleAuthenticationSuccess(Context, Scheme, Options, id, ticket);
return(HandleRequestResult.Success(ticket));
}
catch (Exception exception)
{
Logger.ExceptionProcessingMessage(exception);
var authenticationFailedResult = await _eventsHandler.HandleAuthenticationFailed(Context, Scheme, Options, message, exception);
return(authenticationFailedResult.Result ?? HandleRequestResult.Fail(exception, properties));
}
}
public async virtual Task SignOutAsync(AuthenticationProperties properties)
{
var target = ResolveTarget(Options.ForwardSignOut);
if (target != null)
{
await Context.SignOutAsync(target, properties);
return;
}
string authenticationRequestId = Guid.NewGuid().ToString();
var requestProperties = new AuthenticationProperties();
requestProperties.Load(Request, Options.StateDataFormat);
// Extract the user state from properties and reset.
var idpName = requestProperties.GetIdentityProviderName();
var subjectNameId = requestProperties.GetSubjectNameId();
var sessionIndex = requestProperties.GetSessionIndex();
var idp = Options.IdentityProviders.FirstOrDefault(i => i.Name == idpName);
var securityTokenCreatingContext = await _eventsHandler.HandleSecurityTokenCreatingContext(Context, Scheme, Options, properties, authenticationRequestId);
var message = SamlHandler.GetLogoutRequest(
authenticationRequestId,
securityTokenCreatingContext.TokenOptions.EntityId,
securityTokenCreatingContext.TokenOptions.Certificate,
idp,
subjectNameId,
sessionIndex);
var(redirectHandled, afterRedirectMessage) = await _eventsHandler.HandleRedirectToIdentityProviderForSignOut(Context, Scheme, Options, properties, message);
if (redirectHandled)
{
return;
}
message = afterRedirectMessage;
properties.SetLogoutRequest(message);
properties.Save(Response, Options.StateDataFormat);
await _requestGenerator.HandleRequest(message,
message.ID,
securityTokenCreatingContext.TokenOptions.Certificate,
idp.SingleSignOutServiceUrl,
idp.Method);
}
