예제 #1
0
        // This method demonstrates loading configuration programmatically.
        // This is useful if you wish to store configuration in a custom database, for example.
        // Alternatively, configuration is loaded automatically from the saml.config file in the application's directory.
        private static void LoadSAMLConfigurationProgrammatically()
        {
            SAMLConfiguration samlConfiguration = new SAMLConfiguration();

            samlConfiguration.IdentityProviderConfiguration =
                new IdentityProviderConfiguration() {
                    Name = "urn:componentspace:ExampleIdentityProvider",
                    CertificateFile = "idp.pfx",
                    CertificatePassword = "******"
                };

            samlConfiguration.AddPartnerServiceProvider(
                new PartnerServiceProviderConfiguration() {
                    Name = "urn:componentspace:ExampleServiceProvider",
                    WantAuthnRequestSigned = false,
                    SignSAMLResponse = true,
                    SignAssertion = false,
                    EncryptAssertion = false,
                    AssertionConsumerServiceUrl = "http://localhost/ExampleServiceProvider/SAML/AssertionConsumerService.aspx",
                    SingleLogoutServiceUrl = "http://localhost/ExampleServiceProvider/SAML/SLOService.aspx",
                    CertificateFile = "sp.cer"
                });

            SAMLConfiguration.Current = samlConfiguration;
        }
예제 #2
0
        static void Main(string[] args)
        {
            try {
                ParseArguments(args);

                EntitiesDescriptor entitiesDescriptor = LoadMetadata();

                SAMLConfiguration        samlConfiguration = LoadSAMLConfiguration();
                IList <X509Certificate2> x509Certificates  = new List <X509Certificate2>();

                MetadataImporter.Import(entitiesDescriptor, samlConfiguration, x509Certificates);
                AddLocalProviders(samlConfiguration);
                UpdatePartnerProviders(samlConfiguration);

                SaveSAMLConfiguration(samlConfiguration);
                SaveCertificates(x509Certificates);
            }

            catch (Exception exception) {
                Console.Error.WriteLine(exception.ToString());

                if (exception is ArgumentException)
                {
                    ShowUsage();
                }
            }
        }
예제 #3
0
        private static void ConfigureIdentityProvidersUsingRepository(
            SAMLConfiguration samlConfiguration,
            SamlIdentityProvidersRepository repository)
        {
            SamlPocTraceListener.Log("SAML", "SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: Loading Identity Providers");

            var providers = repository.GetRegisteredIdentityProviders();

            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: {providers.Count()} Identity Providers loaded:");

            var providersConfig = Utils.SerializeToJson(providers);

            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureIdentityProvidersUsingRepository: Identity Providers configuration:\r\n{providersConfig}");

            foreach (var provider in providers)
            {
                samlConfiguration.AddPartnerIdentityProvider(
                    new PartnerIdentityProviderConfiguration()
                {
                    Name                   = provider.Name,
                    Description            = provider.Description,
                    SignAuthnRequest       = provider.SignAuthnRequest,
                    SingleSignOnServiceUrl = provider.SingleSignOnUrl,
                    SingleLogoutServiceUrl = provider.SingleLogoutUrl,
                    PartnerCertificateFile = provider.CertificateFile,
                    UseEmbeddedCertificate = provider.UseEmbeddedCertificate,
                    DisableInboundLogout   = !provider.SingleLogoutSupported,
                    DisableOutboundLogout  = !provider.SingleLogoutSupported
                });
            }
        }
예제 #4
0
        static void Main(string[] args)
        {
            try
            {
                SAMLConfiguration samlConfiguration = LoadSAMLConfiguration();

                EntityDescriptor entityDescriptor = null;

                if (samlConfiguration.LocalIdentityProviderConfiguration != null)
                {
                    entityDescriptor = ExportIdentityProviderMetadata(samlConfiguration);
                }
                else if (samlConfiguration.LocalServiceProviderConfiguration != null)
                {
                    entityDescriptor = ExportServiceProviderMetadata(samlConfiguration);
                }

                SaveMetadata(entityDescriptor);
            }

            catch (Exception exception)
            {
                Console.Error.WriteLine(exception.ToString());
            }
        }
예제 #5
0
        public static void GuideSSO(HttpResponseBase httpResponse, string partnerSp, string subject, Dictionary <string, string> samlAttributes)
        {
            Trace.TraceInformation("Initiation of SSO to the partner service provider " + partnerSp + " has completed successfully.");

            SAMLConfiguration.Load();
            var issuer  = SAMLConfiguration.Current.IdentityProviderConfiguration.Name;
            var partner = SAMLConfiguration.Current.GetPartnerServiceProvider(partnerSp);

            Trace.TraceInformation(DateTime.Now.ToShortTimeString() + ": Initiating SSO to the partner service provider " + partnerSp);

            var saml = CreateSAML20ResponseAsBase64(issuer, 5, partnerSp,
                                                    subject,
                                                    partner.AssertionConsumerServiceUrl,
                                                    samlAttributes,
                                                    partnerSp);

            var responseContent = String.Format("<html xmlns=\"http://www.w3.org/1999/xhtml\">"
                                                + "<body onload=\"document.forms.samlform.submit()\">"
                                                + "<noscript><p><strong>Note:</strong> Since your browser does not support Javascript, you must press the Continue button once to proceed.</p></noscript>"
                                                + "<form id=\"samlform\" action=\"{0}\" method=\"post\">"
                                                + "<div>"
                                                + "<input type=\"hidden\" name=\"SAMLResponse\" value=\"{1}\" />"
                                                + "<input type=\"hidden\" name=\"clientId\" value=\"900D3C06-C63C-4F49-B3D2-54A91C771A43\" />"
//          + "<input type=\"hidden\" name=\"RelayState\" value=\"\" />"
                                                + "</div><noscript><div><input type=\"submit\" value=\"Continue\" /></div></noscript>"
                                                + "</form>"
                                                + "</body>"
                                                + "</html>", partner.AssertionConsumerServiceUrl, saml);

            Trace.TraceInformation(DateTime.Now.ToShortTimeString() + ": Sending SAML form: " + responseContent);

            httpResponse.Write(responseContent);
        }
예제 #6
0
        // This method demonstrates loading configuration programmatically.
        // This is useful if you wish to store configuration in a custom database, for example.
        // Alternatively, configuration is loaded automatically from the saml.config file in the application's directory.
        private static void LoadSAMLConfigurationProgrammatically()
        {
            SAMLConfiguration samlConfiguration = new SAMLConfiguration();

            samlConfiguration.IdentityProviderConfiguration =
                new IdentityProviderConfiguration()
            {
                Name                = "urn:componentspace:ExampleIdentityProvider",
                CertificateFile     = "idp.pfx",
                CertificatePassword = "******"
            };

            samlConfiguration.AddPartnerServiceProvider(
                new PartnerServiceProviderConfiguration()
            {
                Name = "urn:componentspace:ExampleServiceProvider",
                WantAuthnRequestSigned      = false,
                SignSAMLResponse            = true,
                SignAssertion               = false,
                EncryptAssertion            = false,
                AssertionConsumerServiceUrl = "http://localhost/ExampleServiceProvider/SAML/AssertionConsumerService.aspx",
                SingleLogoutServiceUrl      = "http://localhost/ExampleServiceProvider/SAML/SLOService.aspx",
                CertificateFile             = "sp.cer"
            });

            SAMLConfiguration.Current = samlConfiguration;
        }
예제 #7
0
        private static EntityDescriptor ExportServiceProviderMetadata(SAMLConfiguration samlConfiguration)
        {
            Console.Write("X.509 signature certificate .CER file [None]: ");
            string           fileName             = Console.ReadLine();
            X509Certificate2 signatureCertificate = LoadCertificate(fileName);

            Console.Write("X.509 encryption certificate .CER file [None]: ");
            fileName = Console.ReadLine();
            X509Certificate2 encryptionCertificate = LoadCertificate(fileName);

            Console.Write("Assertion Consumer Service URL: ");
            string assertionConsumerServiceURL = Console.ReadLine();

            if (string.IsNullOrEmpty(assertionConsumerServiceURL))
            {
                throw new ArgumentException("An assertion consumer service URL must be specified.");
            }

            Console.Write("Single Logout Service URL [None]: ");
            string singleLogoutServiceURL = Console.ReadLine();

            Console.Write("Partner Identity Provider Name [None]: ");
            string partnerName = Console.ReadLine();

            return(MetadataExporter.Export(samlConfiguration, signatureCertificate, encryptionCertificate, assertionConsumerServiceURL, singleLogoutServiceURL, partnerName));
        }
예제 #8
0
        static void Main(string[] args)
        {
            try
            {
                var samlConfiguration = new SAMLConfiguration();

                switch (GetProviderType().ToLower())
                {
                case "idp":
                    samlConfiguration.LocalIdentityProviderConfiguration = CreateIdentityProviderConfiguration();
                    break;

                case "sp":
                    samlConfiguration.LocalServiceProviderConfiguration = CreateServiceProviderConfiguration();
                    break;

                default:
                    throw new ArgumentException("The provider type must either be \"IdP\" or \"SP\".");
                }

                SaveConfiguration(samlConfiguration);
            }

            catch (Exception exception)
            {
                Console.WriteLine(exception.ToString());
            }
        }
예제 #9
0
        public static void GuideSSO(HttpResponseBase httpResponse, string partnerSp, string subject, Dictionary <string, string> samlAttributes)
        {
            SAMLConfiguration.Load();
            var issuer  = SAMLConfiguration.Current.IdentityProviderConfiguration.Name;
            var partner = SAMLConfiguration.Current.GetPartnerServiceProvider(partnerSp);

            var saml = CreateSAML20Response(issuer, 5, partnerSp,
                                            subject,
                                            partner.AssertionConsumerServiceUrl,
                                            samlAttributes,
                                            partnerSp);

            var responseContent = String.Format("<html xmlns=\"http://www.w3.org/1999/xhtml\">"
                                                + "<body onload=\"document.forms.samlform.submit()\">"
                                                + "<noscript><p><strong>Note:</strong> Since your browser does not support Javascript, you must press the Continue button once to proceed.</p></noscript>"
                                                + "<form id=\"samlform\" action=\"{0}\" method=\"post\">"
                                                + "<div>"
                                                + "<input type=\"hidden\" name=\"SAMLResponse\" value=\"{1}\" />"
                                                + "<input type=\"hidden\" name=\"RelayState\" value=\"\" />"
                                                + "</div><noscript><div><input type=\"submit\" value=\"Continue\" /></div></noscript>"
                                                + "</form>"
                                                + "</body>"
                                                + "</html>", partner.AssertionConsumerServiceUrl, saml);

            httpResponse.Write(responseContent);
        }
예제 #10
0
        static void Main(string[] args)
        {
            try {
                ParseArguments(args);

                SAMLConfiguration samlConfiguration = LoadSAMLConfiguration();
                X509Certificate2  x509Certificate   = null;

                if (!string.IsNullOrEmpty(certificateFileName))
                {
                    x509Certificate = LoadCertificate();
                }

                EntityDescriptor entityDescriptor = MetadataExporter.Export(samlConfiguration, x509Certificate, partnerName);

                SaveMetadata(entityDescriptor);
            }

            catch (Exception exception) {
                Console.Error.WriteLine(exception.ToString());

                if (exception is ArgumentException)
                {
                    ShowUsage();
                }
            }
        }
예제 #11
0
        static void Main(string[] args)
        {
            try
            {
                EntityDescriptor entityDescriptor = LoadMetadata();

                SAMLConfiguration samlConfiguration = LoadSAMLConfiguration();

                Console.Write("Certificate folder for saving certificates [Certificates]: ");
                string certificateFolder = Console.ReadLine();

                if (string.IsNullOrEmpty(certificateFolder))
                {
                    certificateFolder = "Certificates";
                }

                if (samlConfiguration.LocalIdentityProviderConfiguration != null)
                {
                    MetadataImporter.ImportServiceProviders(entityDescriptor, samlConfiguration, certificateFolder);
                }

                if (samlConfiguration.LocalServiceProviderConfiguration != null)
                {
                    MetadataImporter.ImportIdentityProviders(entityDescriptor, samlConfiguration, certificateFolder);
                }

                SaveSAMLConfiguration(samlConfiguration);
            }

            catch (Exception exception)
            {
                Console.Error.WriteLine(exception.ToString());
            }
        }
예제 #12
0
        // This method demonstrates loading configuration programmatically by calling the SAML configuration API.
        // Alternatively, configuration may be loaded programmatically by implementing the ISAMLConfigurationResolver interface.
        // Either of these approaches may be used if you wish to store configuration in a custom database, for example.
        // If not configured programmatically, configuration is loaded automatically from the saml.config file
        // in the application's directory.
        private static void LoadSAMLConfigurationProgrammatically()
        {
            SAMLConfiguration samlConfiguration = new SAMLConfiguration()
            {
                LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration()
                {
                    Name = "http://ExampleServiceProvider",
                    AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx",
                    LocalCertificateFile        = @"certificates\sp.pfx",
                    LocalCertificatePassword    = "******"
                }
            };

            samlConfiguration.AddPartnerIdentityProvider(
                new PartnerIdentityProviderConfiguration()
            {
                Name                   = "http://ExampleIdentityProvider",
                SignAuthnRequest       = true,
                SingleSignOnServiceUrl = "http://*****:*****@"certificates\idp.cer"
            });

            SAMLController.Configuration = samlConfiguration;
        }
예제 #13
0
        // This method demonstrates loading multi-tenanted configuration programmatically by calling the SAML configuration API.
        // Alternatively, configuration is loaded automatically from the multi-tenanted saml.config file in the application's directory.
        private static void LoadMultiTenantedSAMLConfigurationProgrammatically()
        {
            SAMLConfigurations samlConfigurations = new SAMLConfigurations();

            SAMLConfiguration samlConfiguration = new SAMLConfiguration()
            {
                ID = "tenant1",

                LocalIdentityProviderConfiguration = new LocalIdentityProviderConfiguration()
                {
                    Name = "http://ExampleIdentityProvider",
                    LocalCertificateFile     = @"certificates\idp.pfx",
                    LocalCertificatePassword = "******"
                }
            };

            samlConfiguration.AddPartnerServiceProvider(
                new PartnerServiceProviderConfiguration()
            {
                Name = "http://ExampleServiceProvider",
                WantAuthnRequestSigned      = true,
                SignSAMLResponse            = true,
                AssertionConsumerServiceUrl = "http://*****:*****@"certificates\sp.cer"
            });

            samlConfigurations.AddConfiguration(samlConfiguration);

            samlConfiguration = new SAMLConfiguration()
            {
                ID = "tenant2",

                LocalIdentityProviderConfiguration = new LocalIdentityProviderConfiguration()
                {
                    Name = "http://ExampleIdentityProvider2",
                    LocalCertificateFile     = @"certificates\idp2.pfx",
                    LocalCertificatePassword = "******"
                }
            };

            samlConfiguration.AddPartnerServiceProvider(
                new PartnerServiceProviderConfiguration()
            {
                Name = "http://ExampleServiceProvider2",
                WantAuthnRequestSigned      = true,
                SignSAMLResponse            = true,
                AssertionConsumerServiceUrl = "http://*****:*****@"certificates\sp2.cer"
            });

            samlConfigurations.AddConfiguration(samlConfiguration);

            SAMLController.Configurations = samlConfigurations;
        }
예제 #14
0
        protected void Application_Start()
        {
            AreaRegistration.RegisterAllAreas();

            WebApiConfig.Register(GlobalConfiguration.Configuration);
            FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
            RouteConfig.RegisterRoutes(RouteTable.Routes);
            BundleConfig.RegisterBundles(BundleTable.Bundles);

            SAMLConfiguration.Load();
        }
예제 #15
0
        private static void SaveSAMLConfiguration(SAMLConfiguration samlConfiguration)
        {
            Console.WriteLine("Saving SAML configuration to {0}.", configurationFileName);

            XmlDocument xmlDocument = samlConfiguration.ToXml().OwnerDocument;

            using (XmlTextWriter xmlTextWriter = new XmlTextWriter(configurationFileName, null)) {
                xmlTextWriter.Formatting = Formatting.Indented;
                xmlDocument.Save(xmlTextWriter);
            }
        }
예제 #16
0
        private static void UpdatePartnerProviders(SAMLConfiguration samlConfiguration)
        {
            foreach (PartnerIdentityProviderConfiguration partnerIdentityProviderConfiguration in samlConfiguration.PartnerIdentityProviderConfigurations.Values)
            {
                partnerIdentityProviderConfiguration.CertificateFile = promptMessage;
            }

            foreach (PartnerServiceProviderConfiguration partnerServiceProviderConfiguration in samlConfiguration.PartnerServiceProviderConfigurations.Values)
            {
                partnerServiceProviderConfiguration.CertificateFile = promptMessage;
            }
        }
예제 #17
0
        private static void AddLocalProviders(SAMLConfiguration samlConfiguration)
        {
            if (samlConfiguration.PartnerIdentityProviderConfigurations.Count == 0 || samlConfiguration.PartnerServiceProviderConfigurations.Count > 0) {
                samlConfiguration.IdentityProviderConfiguration = new IdentityProviderConfiguration();
                samlConfiguration.IdentityProviderConfiguration.Name = promptMessage;
                samlConfiguration.IdentityProviderConfiguration.CertificateFile = promptMessage;
            }

            if (samlConfiguration.PartnerServiceProviderConfigurations.Count == 0 || samlConfiguration.PartnerIdentityProviderConfigurations.Count > 0) {
                samlConfiguration.ServiceProviderConfiguration = new ServiceProviderConfiguration();
                samlConfiguration.ServiceProviderConfiguration.Name = promptMessage;
                samlConfiguration.ServiceProviderConfiguration.CertificateFile = promptMessage;
                samlConfiguration.ServiceProviderConfiguration.AssertionConsumerServiceUrl = promptMessage;
            }
        }
예제 #18
0
        public static void Configure(SamlIdentityProvidersRepository repository)
        {
            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.Configure: Starting configuration of SAML environment.");

            SAMLConfiguration samlConfiguration = new SAMLConfiguration();

            ConfigureServiceProvider(samlConfiguration);

            ConfigureIdentityProvidersUsingRepository(samlConfiguration, repository);
            // ConfigureIdentityProvidersUsingHardCodedConfiguration(samlConfiguration);

            SAMLController.Configuration = samlConfiguration;

            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.Configure: Ended configuration of SAML environment.");
        }
예제 #19
0
        private static void ConfigureServiceProvider(SAMLConfiguration samlConfiguration)
        {
            samlConfiguration.LocalServiceProviderConfiguration = new
                                                                  LocalServiceProviderConfiguration()
            {
                Name        = ConfigurationManager.AppSettings[ServiceProviderName],
                Description = ConfigurationManager.AppSettings[ServiceProviderDescription],
                AssertionConsumerServiceUrl = ConfigurationManager.AppSettings[ServiceProviderAssertionConsumerServiceUrl],
                LocalCertificateFile        = ConfigurationManager.AppSettings[ServiceProviderLocalCertificateFile],
                LocalCertificatePassword    = ConfigurationManager.AppSettings[ServiceProviderLocalCertificatePassword]
            };

            var spConfig = Utils.SerializeToJson(samlConfiguration.LocalServiceProviderConfiguration);

            SamlPocTraceListener.Log("SAML", $"SamlConfigurationManager.ConfigureServiceProvider: Service Provider configuration:\r\n{spConfig}");
        }
예제 #20
0
        private static void AddLocalProviders(SAMLConfiguration samlConfiguration)
        {
            if (samlConfiguration.PartnerIdentityProviderConfigurations.Count == 0 || samlConfiguration.PartnerServiceProviderConfigurations.Count > 0)
            {
                samlConfiguration.IdentityProviderConfiguration                 = new IdentityProviderConfiguration();
                samlConfiguration.IdentityProviderConfiguration.Name            = promptMessage;
                samlConfiguration.IdentityProviderConfiguration.CertificateFile = promptMessage;
            }

            if (samlConfiguration.PartnerServiceProviderConfigurations.Count == 0 || samlConfiguration.PartnerIdentityProviderConfigurations.Count > 0)
            {
                samlConfiguration.ServiceProviderConfiguration                             = new ServiceProviderConfiguration();
                samlConfiguration.ServiceProviderConfiguration.Name                        = promptMessage;
                samlConfiguration.ServiceProviderConfiguration.CertificateFile             = promptMessage;
                samlConfiguration.ServiceProviderConfiguration.AssertionConsumerServiceUrl = promptMessage;
            }
        }
예제 #21
0
        protected void Application_Start()
        {
            MvcHandler.DisableMvcResponseHeader         = true;
            AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.Upn;

            FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
            RouteConfig.RegisterRoutes(RouteTable.Routes);
            BundleConfig.RegisterBundles(BundleTable.Bundles);
            CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");

            var samlConfigLocation = Settings.Get <string>("Saml.Configuration.FileLocation");

            if (!string.IsNullOrEmpty(samlConfigLocation))
            {
                SAMLConfiguration.Load(samlConfigLocation);
            }
        }
예제 #22
0
        private static void SaveConfiguration(SAMLConfiguration samlConfiguration)
        {
            Console.Write("SAML configuration file [saml.config]: ");

            var fileName = ReadLine();

            if (string.IsNullOrEmpty(fileName))
            {
                fileName = "saml.config";
            }

            using (XmlTextWriter xmlTextWriter = new XmlTextWriter(fileName, null))
            {
                xmlTextWriter.Formatting = Formatting.Indented;
                samlConfiguration.ToXml().OwnerDocument.Save(xmlTextWriter);
            }
        }
예제 #23
0
        private static void SaveSAMLConfiguration(SAMLConfiguration samlConfiguration)
        {
            Console.Write("Save SAML configuration to [{0}]: ", configurationFileName);
            string fileName = Console.ReadLine();

            if (string.IsNullOrEmpty(fileName))
            {
                fileName = configurationFileName;
            }

            XmlDocument xmlDocument = samlConfiguration.ToXml().OwnerDocument;

            using (XmlTextWriter xmlTextWriter = new XmlTextWriter(fileName, null))
            {
                xmlTextWriter.Formatting = Formatting.Indented;
                xmlDocument.Save(xmlTextWriter);
            }
        }
예제 #24
0
        static void Main(string[] args)
        {
            try {
                ParseArguments(args);

                Console.Error.WriteLine("Validating {0}.", fileName);
                SAMLConfiguration.Validate(fileName);
            }

            catch (Exception exception) {
                Console.Error.WriteLine(exception.ToString());

                if (exception is ArgumentException)
                {
                    ShowUsage();
                }
            }
        }
예제 #25
0
        private static SAMLConfiguration LoadSAMLConfiguration()
        {
            SAMLConfiguration samlConfiguration = null;

            if (File.Exists(configurationFileName))
            {
                Console.WriteLine("Loading SAML configuration file {0}.", configurationFileName);

                XmlDocument xmlDocument = new XmlDocument();
                xmlDocument.PreserveWhitespace = true;
                xmlDocument.Load(configurationFileName);

                samlConfiguration = new SAMLConfiguration(xmlDocument.DocumentElement);
            }
            else
            {
                samlConfiguration = new SAMLConfiguration();
            }

            return(samlConfiguration);
        }
예제 #26
0
        private static EntityDescriptor ExportIdentityProviderMetadata(SAMLConfiguration samlConfiguration)
        {
            Console.Write("X.509 certificate .CER file [None]: ");
            string           fileName        = Console.ReadLine();
            X509Certificate2 x509Certificate = LoadCertificate(fileName);

            Console.Write("Single Sign-On Service URL: ");
            string singleSignOnServiceURL = Console.ReadLine();

            if (string.IsNullOrEmpty(singleSignOnServiceURL))
            {
                throw new ArgumentException("A single sign-on service URL must be specified.");
            }

            Console.Write("Single Logout Service URL [None]: ");
            string singleLogoutServiceURL = Console.ReadLine();

            Console.Write("Partner Service Provider Name [None]: ");
            string partnerName = Console.ReadLine();

            return(MetadataExporter.Export(samlConfiguration, x509Certificate, singleSignOnServiceURL, singleLogoutServiceURL, partnerName));
        }
예제 #27
0
        // This method demonstrates loading configuration programmatically by calling the SAML configuration API.
        // Alternatively, configuration may be loaded programmatically by implementing the ISAMLConfigurationResolver interface.
        // Either of these approaches may be used if you wish to store configuration in a custom database, for example.
        // If not configured programmatically, configuration is loaded automatically from the saml.config file
        // in the application's directory.
        private static void LoadSAMLConfigurationProgrammatically()
        {
            SAMLConfiguration samlConfiguration = new SAMLConfiguration()
            {
                LocalIdentityProviderConfiguration = new LocalIdentityProviderConfiguration()
                {
                    Name = "http://ExampleIdentityProvider",
                    LocalCertificates = new List <CertificateConfiguration>()
                    {
                        new CertificateConfiguration()
                        {
                            FileName = @"certificates\idp.pfx",
                            Password = "******"
                        }
                    }
                }
            };

            samlConfiguration.AddPartnerServiceProvider(
                new PartnerServiceProviderConfiguration()
            {
                Name = "http://ExampleServiceProvider",
                WantAuthnRequestSigned      = true,
                SignSAMLResponse            = true,
                AssertionConsumerServiceUrl = "http://*****:*****@"certificates\sp.cer"
                    }
                }
            });

            SAMLController.Configuration = samlConfiguration;
        }
예제 #28
0
        private static void ConfigureIdentityProvidersUsingHardcodedConfiguration(SAMLConfiguration samlConfiguration)
        {
            samlConfiguration.AddPartnerIdentityProvider(
                new PartnerIdentityProviderConfiguration()
            {
                Name                   = "http://cone-idp",
                Description            = "Cone Identity Provider",
                SignAuthnRequest       = true,
                SingleSignOnServiceUrl = "http://cone-idp/SAML/SSOService",
                SingleLogoutServiceUrl = "http://cone-idp/SAML/SLOService",
                PartnerCertificateFile = "Certificates\\idp.cer"
            });

            samlConfiguration.AddPartnerIdentityProvider(
                new PartnerIdentityProviderConfiguration()
            {
                Name                   = "https://shib-idp/",
                Description            = "Shibboleth Identity Provider",
                SignAuthnRequest       = true,
                SingleSignOnServiceUrl = "https://shib-idp/SAML/SSOService.aspx?binding=redirect",
                PartnerCertificateFile = "Certificates\\idp.cer",
                DisableInboundLogout   = true,
                DisableOutboundLogout  = true
            });

            samlConfiguration.AddPartnerIdentityProvider(
                new PartnerIdentityProviderConfiguration()
            {
                Name                   = "http://kentor-idp/Metadata",
                Description            = "Kentor Identity Provider",
                SignAuthnRequest       = true,
                SingleSignOnServiceUrl = "http://kentor-idp/",
                SingleLogoutServiceUrl = "http://kentor-idp/Logout",
                UseEmbeddedCertificate = true
            });
        }
예제 #29
0
        private static SAMLConfiguration LoadSAMLConfiguration()
        {
            SAMLConfiguration samlConfiguration = null;

            if (File.Exists(configurationFileName)) {
                Console.WriteLine("Loading SAML configuration file {0}.", configurationFileName);

                XmlDocument xmlDocument = new XmlDocument();
                xmlDocument.PreserveWhitespace = true;
                xmlDocument.Load(configurationFileName);

                samlConfiguration = new SAMLConfiguration(xmlDocument.DocumentElement);
            } else {
                samlConfiguration = new SAMLConfiguration();
            }

            return samlConfiguration;
        }
예제 #30
0
        private static void UpdatePartnerProviders(SAMLConfiguration samlConfiguration)
        {
            foreach (PartnerIdentityProviderConfiguration partnerIdentityProviderConfiguration in samlConfiguration.PartnerIdentityProviderConfigurations.Values) {
                partnerIdentityProviderConfiguration.CertificateFile = promptMessage;
            }

            foreach (PartnerServiceProviderConfiguration partnerServiceProviderConfiguration in samlConfiguration.PartnerServiceProviderConfigurations.Values) {
                partnerServiceProviderConfiguration.CertificateFile = promptMessage;
            }
        }
예제 #31
0
        private static void SaveSAMLConfiguration(SAMLConfiguration samlConfiguration)
        {
            Console.WriteLine("Saving SAML configuration to {0}.", configurationFileName);

            XmlDocument xmlDocument = samlConfiguration.ToXml().OwnerDocument;

            using (XmlTextWriter xmlTextWriter = new XmlTextWriter(configurationFileName, null)) {
                xmlTextWriter.Formatting = Formatting.Indented;
                xmlDocument.Save(xmlTextWriter);
            }
        }
예제 #32
0
        // This method demonstrates loading multi-tenanted configuration programmatically by calling the SAML configuration API.
        // Alternatively, configuration is loaded automatically from the multi-tenanted saml.config file in the application's directory.
        private static void LoadMultiTenantedSAMLConfigurationProgrammatically()
        {
            SAMLConfigurations samlConfigurations = new SAMLConfigurations();

            SAMLConfiguration samlConfiguration = new SAMLConfiguration()
            {
                ID = "tenant1",

                LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration()
                {
                    Name = "http://ExampleServiceProvider",
                    AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx",
                    LocalCertificates           = new List <CertificateConfiguration>()
                    {
                        new CertificateConfiguration()
                        {
                            FileName = @"certificates\sp.pfx",
                            Password = "******"
                        }
                    }
                }
            };

            samlConfiguration.AddPartnerIdentityProvider(
                new PartnerIdentityProviderConfiguration()
            {
                Name                   = "http://ExampleIdentityProvider",
                SignAuthnRequest       = true,
                SingleSignOnServiceUrl = "http://*****:*****@"certificates\idp.cer",
                    }
                }
            });

            samlConfigurations.AddConfiguration(samlConfiguration);

            samlConfiguration = new SAMLConfiguration()
            {
                ID = "tenant2",

                LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration()
                {
                    Name = "http://ExampleServiceProvider2",
                    AssertionConsumerServiceUrl = "~/SAML/AssertionConsumerService.aspx",
                    LocalCertificates           = new List <CertificateConfiguration>()
                    {
                        new CertificateConfiguration()
                        {
                            FileName = @"certificates\sp2.pfx",
                            Password = "******"
                        }
                    }
                }
            };

            samlConfiguration.AddPartnerIdentityProvider(
                new PartnerIdentityProviderConfiguration()
            {
                Name                   = "http://ExampleIdentityProvider2",
                SignAuthnRequest       = true,
                SingleSignOnServiceUrl = "http://*****:*****@"certificates\idp2.cer",
                    }
                }
            });

            samlConfigurations.AddConfiguration(samlConfiguration);

            SAMLController.Configurations = samlConfigurations;
        }