private bool VerifySignature(string request, X509Certificate2 certificate, ICertificateManager certificateManager) { var i = request.IndexOf("Signature"); var data = request.Substring(0, i - 1); var sgn = Uri.UnescapeDataString(request.Substring(i + 10)); var validated = certificateManager.VerifySignatureFromBase64(data, sgn, certificate); return(validated); }
internal static bool VerifyRedirectSignature(Uri request, X509Certificate2 certificate, SamlInboundMessage message, ICertificateManager certificateManager) { var queryString = request.Query.TrimStart('?'); var i = queryString.IndexOf("Signature"); if (i == -1) { throw new InvalidOperationException("No signature found."); } var data = queryString.Substring(0, i - 1); var sgn = message.Signature.Signature; var validated = certificateManager.VerifySignatureFromBase64(data, sgn, certificate); return(validated); }