public ActionResult Logout()
{
SamlPocTraceListener.Log("SAML", $"SamlController.Logout: Request for SLO received.");
// Logout locally.
FormsAuthentication.SignOut();
SamlPocTraceListener.Log("SAML", $"SamlController.Logout: User was logged out locally.");
if (SAMLServiceProvider.CanSLO())
{
// Request logout at the identity provider.
string partnerIdP = Session["IdentityProvider"].ToString();
SamlPocTraceListener.Log("SAML", $"SamlController.Logout: Initiating SLO with IdP {partnerIdP}.");
SAMLServiceProvider.InitiateSLO(Response, null, null, partnerIdP);
return(new EmptyResult());
}
SamlPocTraceListener.Log("SAML", $"SamlController.Logout: Identity Provider doesn't support SLO.");
return(RedirectToAction("Index", "Home"));
}
public ActionResult Signout()
{
var userData = Request.GetUserData <CookieUserData>();
Session.Abandon();
FormsAuthentication.SignOut();
Response.RemoveCookie("ASP.NET_SessionId");
Response.RemoveCookie(CookieHelper.UserDataCookieName);
Response.RemoveCookie(CookieHelper.AssistedUserCookieName);
if (!string.IsNullOrEmpty(userData.IdpPartner))
{
var idpPartnerConfig = SAMLConfiguration.Current.GetPartnerIdentityProvider(userData.IdpPartner);
if (idpPartnerConfig != null && !string.IsNullOrEmpty(idpPartnerConfig.SingleLogoutServiceUrl))
{
try
{
SAMLServiceProvider.InitiateSLO(Response, null, userData.IdpPartner);
return(new EmptyResult());
}
catch (Exception ex)
{
_logger.Log(ex);
}
}
}
return(new RedirectResult(FormsAuthentication.LoginUrl));
}
public ActionResult SingleLogoutService()
{
// Receive the single logout request or response.
// If a request is received then single logout is being initiated by the identity provider.
// If a response is received then this is in response to single logout having been initiated by the service provider.
SAMLServiceProvider.ReceiveSLO(
Request,
out var isRequest,
out var logoutReason,
out var partnerName,
out var relayState);
if (isRequest)
{
// Logout locally.
HttpContext.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
// Respond to the IdP-initiated SLO request indicating successful logout.
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
// SP-initiated SLO has completed.
if (!string.IsNullOrEmpty(relayState) && Url.IsLocalUrl(relayState))
{
return(Redirect(relayState));
}
return(RedirectToAction("Index", "Home"));
}
return(new EmptyResult());
}
public ActionResult SLOService()
{
// Receive the single logout request or response.
// If a request is received then single logout is being initiated by the identity provider.
// If a response is received then this is in response to single logout having been initiated by the service provider.
bool isRequest = false;
string logoutReason = null;
string partnerIdP = null;
string relayState = null;
SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerIdP, out relayState);
if (isRequest)
{
// Logout locally.
FormsAuthentication.SignOut();
// Respond to the IdP-initiated SLO request indicating successful logout.
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
// SP-initiated SLO has completed.
FormsAuthentication.RedirectToLoginPage();
}
string targetUrl = "~/Account/LogOff";
return(RedirectToLocal(targetUrl));
//return new EmptyResult();
}
protected void Page_Load(object sender, EventArgs e)
{
bool isInResponseTo = false;
string partnerIdP = null;
string authnContext = null;
string userName = null;
IDictionary <string, string> attributes = null;
string targetUrl = null;
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
SAMLServiceProvider.ReceiveSSO(Request, out isInResponseTo, out partnerIdP, out authnContext, out userName, out attributes, out targetUrl);
// If no target URL is provided, provide a default.
if (targetUrl == null)
{
targetUrl = "~/UserInfo";
}
// Login automatically using the asserted identity.
// This example uses forms authentication. Your application can use any authentication method you choose.
// There are no restrictions on the method of authentication.
FormsAuthentication.SetAuthCookie(userName, false);
// Save the attributes.
Session[AttributesSessionKey] = attributes;
// Redirect to the target URL.
Response.Redirect(targetUrl, false);
}
public ActionResult AssertionConsumerService()
{
bool isInResponseTo = false;
string partnerIdP = null;
string authnContext = null;
string userName = null;
IDictionary <string, string> attributes = null;
string targetUrl = null;
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
SAMLServiceProvider.ReceiveSSO(Request, out isInResponseTo, out partnerIdP, out authnContext, out userName, out attributes, out targetUrl);
// If no target URL is provided, provide a default.
if (targetUrl == null)
{
targetUrl = "~/Account/SMALLogin?userName=" + userName;
}
// Login automatically using the asserted identity.
// This example uses forms authentication. Your application can use any authentication method you choose.
// There are no restrictions on the method of authentication.
//FormsAuthentication.SetAuthCookie(userName, false);
// Save the attributes.
Session[AttributesSessionKey] = attributes;
// Redirect to the target URL.
return(RedirectToLocal(targetUrl));
}
public ActionResult AssertionConsumerService()
{
var isInResponseTo = false;
var partnerIdP = default(string);
var userName = default(string);
var attributes = default(IDictionary <string, string>);
var targetUrl = default(string);
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
SAMLServiceProvider.ReceiveSSO(
Request,
out isInResponseTo,
out partnerIdP,
out userName,
out attributes,
out targetUrl);
// If no target URL is provided, provide a default.
if (targetUrl == null)
{
targetUrl = "~/";
}
var userId = attributes["UserId"];
var user = Database.Find <UserDoc>(u => u.Id == userId);
Response.SaveUserIdentity(user.NewUser());
// Save the attributes.
Session[AttributesSessionKey] = attributes;
// Redirect to the target URL.
return(RedirectToLocal(targetUrl));
}
public ActionResult SLOService()
{
// Receive the single logout request or response.
// If a request is received then single logout is being initiated by the identity provider.
// If a response is received then this is in response to single logout having been initiated by the service provider.
var isRequest = false;
var logoutReason = default(string);
var partnerIdP = default(string);
SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerIdP);
if (isRequest)
{
// Logout locally.
Response.ForgetUserIdentity();
// Respond to the IdP-initiated SLO request indicating successful logout.
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
// SP-initiated SLO has completed.
Response.ForgetUserIdentity();
}
return(RedirectToAction("Index", "Home", null));
}
protected void ssoLinkButton_Click(object sender, EventArgs e)
{
// To login at the service provider, initiate single sign-on to the identity provider (SP-initiated SSO).
string partnerIdP = WebConfigurationManager.AppSettings[AppSettings.PartnerIdP];
SAMLServiceProvider.InitiateSSO(Response, null, partnerIdP);
}
//[RequireHttps]
public ActionResult Login()
{
// Read application's creads from the header.
var appName = default(string);
var password = default(string);
HttpBasicAuthentication.GetAuthorizationHeader(Request, out appName, out password);
if (string.IsNullOrEmpty(appName) || string.IsNullOrEmpty(password))
{
return(new HttpUnauthorizedResult("Invalid username or password."));
}
var app = Database.FindUnique <ExternalAppDoc>(a =>
(a.Name == appName) && (a.Password == password));
if (app == null)
{
return(new HttpUnauthorizedResult("Invalid username or password."));
}
PartnerSSOData.PartnerApp = app;
// Request the user info from the IdP.
SAMLServiceProvider.InitiateSSO(Response, null, app.IdP);
return(new EmptyResult());
//return RedirectToAction("Index", "Home");
}
public object Get(Login request)
{
/*
* // Create the authentication request.
* XmlElement authnRequestXml = CreateAuthnRequest();
*
* // Create and cache the relay state so we remember which SP resource the user wishes to access after SSO.
* string spResourceURL = "~/";
* string relayState = RelayStateCache.Add(new RelayState(spResourceURL, null));
*
* // Send the authentication request to the identity provider over the configured binding.
*
* X509Certificate2 x509Certificate = new X509Certificate2(@"C:\Program Files (x86)\ComponentSpace SAML v2.0 for .NET\Examples\SSO\HighLevelAPI\MVC\MvcExampleServiceProvider\Certificates\MVCTest.cer");
*
* ServiceProvider.SendAuthnRequestByHTTPRedirect(HttpContext.Current.Response, "https://login.microsoftonline.com/021af3dc-d776-4348-8539-7eab9f6ce3fb/saml2", authnRequestXml, relayState, x509Certificate.PrivateKey);
*
*
* HttpContext.Current.Response.End();
*/
//HttpContext.Current.Session["ff"] = "test";
//object tss = HttpContext.Current.Session["ff"];
string partnerIdP = WebConfigurationManager.AppSettings["PartnerIdP"];
SAMLServiceProvider.InitiateSSO(HttpContext.Current.Response, null, partnerIdP);
return(new LoginResponse());
}
private static void ReceiveSAMLResponse(XmlElement xmlElement)
{
SAML.HttpContext = new SAMLHttpContext();
SAMLHttpRequest samlHttpRequest = new SAMLHttpRequest(xmlElement, null, null, null);
bool isInResponseTo = false;
string partnerIdP = null;
string authnContext = null;
string userName = null;
IDictionary <string, string> attributes = null;
string targetUrl = null;
SAMLServiceProvider.ReceiveSSO(samlHttpRequest, out isInResponseTo, out partnerIdP, out authnContext, out userName, out attributes, out targetUrl);
Console.WriteLine("SP-Initiated SSO: {0}", isInResponseTo);
Console.WriteLine("Partner IdP: {0}", partnerIdP);
Console.WriteLine("User name: {0}", userName);
if (attributes != null)
{
foreach (string attributeName in attributes.Keys)
{
Console.WriteLine("{0}: {1}", attributeName, attributes[attributeName]);
}
}
Console.WriteLine("Target URL: {0}", targetUrl);
}
protected void Page_Load(object sender, EventArgs e)
{
// Receive the single logout request or response.
// If a request is received then single logout is being initiated by the identity provider.
// If a response is received then this is in response to single logout having been initiated by the service provider.
bool isRequest = false;
string logoutReason = null;
string partnerIdP = null;
string relayState = null;
SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerIdP, out relayState);
if (isRequest)
{
// Logout locally.
FormsAuthentication.SignOut();
// Respond to the IdP-initiated SLO request indicating successful logout.
SAMLServiceProvider.SendSLO(Response, null);
}
else
{
// SP-initiated SLO has completed.
Response.Redirect("~/");
}
}
public ActionResult Login()
{
var idp = WebConfigurationManager.AppSettings["PartnerIdP"];
SAMLServiceProvider.InitiateSSO(Response, null, idp);
return(new EmptyResult());
}
public ActionResult SingleSignOn()
{
// To login at the service provider, initiate single sign-on to the identity provider (SP-initiated SSO).
string partnerIdP = WebConfigurationManager.AppSettings[AppSettings.PartnerIdP];
SAMLServiceProvider.InitiateSSO(Response, null, partnerIdP);
return(new EmptyResult());
}
protected void ssoLinkButton_Click(object sender, EventArgs e)
{
// Remember the return URL.
string returnUrl = Request.QueryString["ReturnUrl"];
// To login at the service provider, initiate single sign-on to the identity provider (SP-initiated SSO).
string partnerIdP = WebConfigurationManager.AppSettings[AppSettings.PartnerIdP];
SAMLServiceProvider.InitiateSSO(Response, returnUrl, partnerIdP);
}
protected void logoutButton_Click(object sender, EventArgs e)
{
// Logout locally.
FormsAuthentication.SignOut();
// Request logout at the identity provider.
string partnerIdP = WebConfigurationManager.AppSettings[AppSettings.PartnerIdP];
SAMLServiceProvider.InitiateSLO(Response, null, partnerIdP);
}
public ActionResult InitiateSingleSignOn(string returnUrl = null)
{
var partnerName = WebConfigurationManager.AppSettings["PartnerName"];
// To login automatically at the service provider,
// initiate single sign-on to the identity provider (SP-initiated SSO).
// The return URL is remembered as SAML relay state.
SAMLServiceProvider.InitiateSSO(Response, partnerName, returnUrl);
return(new EmptyResult());
}
public ActionResult AssertionConsumerService()
{
var ssoReceived = PartnerSSOData.SSOReceived;
var partnerUsername = default(string);
var user = default(UserDoc);
// This is the first time through, retrieve the user info from the IdP.
if (!ssoReceived)
{
var isInResponseTo = false;
var partnerIdP = default(string);
var attributes = default(IDictionary <string, string>);
var targetUrl = default(string);
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
SAMLServiceProvider.ReceiveSSO(
Request,
out isInResponseTo,
out partnerIdP,
out partnerUsername,
out attributes,
out targetUrl);
PartnerSSOData.SSOReceived = true;
PartnerSSOData.PartnerUsername = partnerUsername;
// Try to find a single OneCare user that is associated the partner's user.
var partnerAppId = PartnerSSOData.PartnerApp.Id;
user = Database.FindUnique <UserDoc>(u =>
(u.ExternalAccounts != null) &&
u.ExternalAccounts.SingleOrDefault(a =>
(a.AppId == partnerAppId) &&
(a.Username == partnerUsername)) != null);
if (user == null)
{
// Redirect to the partner-based OneCare login page and wait for it to return.
return(RedirectToAction("Associate", "PartnerSSO", new { returnUrl = Request.Url.AbsolutePath }));
}
}
else
{
// We had to associate a OneCare user with the partner's user so we
// are here after returning from partner-based OneCare login page.
user = PartnerSSOData.AssociatedUser;
}
// We have an associated user -- make sure they are logged in.
Response.ForgetUserIdentity();
Response.SaveUserIdentity(user.NewUser());
PartnerSSOData.Clear();
return(RedirectToAction("Index", "Home"));
}
public ActionResult Logout()
{
// Logout locally.
FormsAuthentication.SignOut();
// Request logout at the identity provider.
string partnerIdP = WebConfigurationManager.AppSettings[AppSettings.PartnerIdP];
SAMLServiceProvider.InitiateSLO(Response, null, partnerIdP);
return(new EmptyResult());
}
//private string CreateAbsoluteURL(string relativeURL)
//{
// return new Uri(Request.Url.AbsoluteUri, ResolveUrl(relativeURL));
//}
//private void RequestLoginAtIdentityProvider()
//{
// XmlElement authnRequestXml = CreateAuthnRequest();
// string spResourceURL = CreateAbsoluteURL(FormsAuthentication.GetRedirectUrl("", false));
// string relayState = RelayStateCache.Add(new RelayState(spResourceURL, null));
// // Send the authentication request to the identity provider over the selected binding.
// string idpURL = CreateSSOServiceURL();
// switch (spToIdPBindingRadioButtonList.SelectedValue)
// {
// case SAMLIdentifiers.BindingURIs.HTTPRedirect:
// X509Certificate2 x509Certificate = (X509Certificate2)Application[Global.SPX509Certificate];
// ServiceProvider.SendAuthnRequestByHTTPRedirect(Response, idpURL, authnRequestXml, relayState, x509Certificate.PrivateKey);
// break;
// case SAMLIdentifiers.BindingURIs.HTTPPost:
// ServiceProvider.SendAuthnRequestByHTTPPost(Response, idpURL, authnRequestXml, relayState);
// // Don't send this form.
// Response.End();
// break;
// case SAMLIdentifiers.BindingURIs.HTTPArtifact:
// // Create the artifact.
// string identificationURL = CreateAbsoluteURL("~/");
// HTTPArtifactType4 httpArtifact = new HTTPArtifactType4(HTTPArtifactType4.CreateSourceId(identificationURL), HTTPArtifactType4.CreateMessageHandle());
// // Cache the authentication request for subsequent sending using the artifact resolution protocol.
// HTTPArtifactState httpArtifactState = new HTTPArtifactState(authnRequestXml, null);
// HTTPArtifactStateCache.Add(httpArtifact, httpArtifactState);
// // Send the artifact.
// ServiceProvider.SendArtifactByHTTPArtifact(Response, idpURL, httpArtifact, relayState, false);
// break;
// }
//}
//private XmlElement CreateAuthnRequest()
//{
// // Create some URLs to identify the service provider to the identity provider.
// // As we're using the same endpoint for the different bindings, add a query string parameter
// // to identify the binding.
// string issuerURL = CreateAbsoluteURL("~/");
// string assertionConsumerServiceURL = CreateAssertionConsumerServiceURL();
// // Create the authentication request.
// AuthnRequest authnRequest = new AuthnRequest();
// authnRequest.Destination = WebConfigurationManager.AppSettings["idpssoURL"];
// authnRequest.Issuer = new Issuer(issuerURL);
// authnRequest.ForceAuthn = true;
// authnRequest.NameIDPolicy = new NameIDPolicy(null, null, true);
// authnRequest.ProtocolBinding = idpToSPBindingRadioButtonList.SelectedValue;
// authnRequest.AssertionConsumerServiceURL = assertionConsumerServiceURL;
// // Serialize the authentication request to XML for transmission.
// XmlElement authnRequestXml = authnRequest.ToXml();
// // Don't sign if using HTTP redirect as the generated query string is too long for most browsers.
// if (spToIdPBindingRadioButtonList.SelectedValue != SAMLIdentifiers.BindingURIs.HTTPRedirect)
// {
// // Sign the authentication request.
// X509Certificate2 x509Certificate = (X509Certificate2)Application[Global.SPX509Certificate];
// SAMLMessageSignature.Generate(authnRequestXml, x509Certificate.PrivateKey, x509Certificate);
// }
// return authnRequestXml;
//}
public ActionResult InitiateSingleLogout(string relayState = null)
{
try
{
var serviceId = "";
var partnerName = "";
if (Request.QueryString.ToString().Length > 0)
{
relayState = Request.UrlReferrer.GetLeftPart(UriPartial.Authority);
serviceId = Request.QueryString["samlConfigurationId"];
}
if (serviceId == "")
{
partnerName = WebConfigurationManager.AppSettings["ActivantsSAMLSP1IDPName"];
SAMLController.ConfigurationID = "ActivantsSAMLSP1";
bool value = SamlAuthorizedDomains.IsAutorizedUrl(Request.Url.GetLeftPart(UriPartial.Authority));
if (value)
{
SAMLServiceProvider.InitiateSLO(Response, null, relayState, partnerName);
}
}
else
{
var partnerId = serviceId + "IDPName";
partnerName = WebConfigurationManager.AppSettings[partnerId];
SAMLController.ConfigurationID = serviceId;
bool value = SamlAuthorizedDomains.IsAutorizedUrl(Request.UrlReferrer.GetLeftPart(UriPartial.Authority));
if (value)
{
SAMLServiceProvider.InitiateSLO(Response, null, relayState, partnerName);
}
}
return(new EmptyResult());
}
catch (Exception e)
{
if (Request.QueryString.ToString().Length > 0)
{
var ReturnUrl = Request.UrlReferrer.GetLeftPart(UriPartial.Authority);
TempData["error"] = e;
TempData["ReturnURL"] = ReturnUrl;
return(RedirectToAction("error", "Home"));
}
else
{
TempData["err"] = e;
return(RedirectToAction("index", "Home"));
}
}
}
public ActionResult SingleSignOn(string idpName)
{
SamlPocTraceListener.Log("SAML", $"SamlController.SingleSignOn: Request for SSO with IdP {idpName} received.");
// To login at the service provider, initiate single sign-on to the identity provider (SP-initiated SSO).
//string partnerIdP = WebConfigurationManager.AppSettings[idpName];
SAMLServiceProvider.InitiateSSO(Response, null, idpName);
SamlPocTraceListener.Log("SAML", $"SamlController.SingleSignOn: SSO with IdP {idpName} initiated.");
Session["IdentityProvider"] = idpName;
return(new EmptyResult());
}
public ActionResult SingleSignOn(string idp, string sourceDomain, string returnUrl)
{
// HACK: for idp affiliate testing, use the returnUrl to auto-select affiliate on idp login
if (SAMLConfiguration.Current.IdentityProviderConfiguration != null &&
idp == SAMLConfiguration.Current.IdentityProviderConfiguration.Name)
{
returnUrl = sourceDomain;
}
// idp maps to the name attribute of the PartnerIdentityProvider in saml.config
SAMLServiceProvider.InitiateSSO(Response, returnUrl, idp);
return(new EmptyResult());
}
public ActionResult LogOff()
{
try
{
var idp = WebConfigurationManager.AppSettings["PartnerIdP"];
SAMLServiceProvider.InitiateSLO(Response, null, idp);
}
catch
{
Response.ForgetUserIdentity();
return(RedirectToAction("Index", "Home"));
}
return(new EmptyResult());
}
public ActionResult LogOff()
{
// Logout locally.
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
if (SAMLServiceProvider.CanSLO())
{
// Request logout at the identity provider.
SAMLServiceProvider.InitiateSLO(Response, null, null);
return(new EmptyResult());
}
return(RedirectToAction("Index", "Home"));
}
protected void logoutButton_Click(object sender, EventArgs e)
{
FormsAuthentication.SignOut();
if (SAMLServiceProvider.CanSLO(WebConfigurationManager.AppSettings[AppSettings.PartnerIdP]))
{
// Request logout at the identity provider.
string partnerIdP = WebConfigurationManager.AppSettings[AppSettings.PartnerIdP];
SAMLServiceProvider.InitiateSLO(Response, null, null, partnerIdP);
}
else
{
FormsAuthentication.RedirectToLoginPage();
}
}
private static void ReceiveLogoutMessageFromIdentityProvider(XmlElement xmlElement)
{
SAML.HttpContext = new SAMLHttpContext();
SAMLHttpRequest samlHttpRequest = new SAMLHttpRequest(xmlElement, null, null, null);
bool isRequest = false;
string logoutReason = null;
string partnerSP = null;
string relayState = null;
SAMLServiceProvider.ReceiveSLO(samlHttpRequest, out isRequest, out logoutReason, out partnerSP, out relayState);
Console.WriteLine("Logout request: {0}", isRequest);
Console.WriteLine("Logout reason: {0}", logoutReason);
Console.WriteLine("Partner SP: {0}", partnerSP);
}
public override object Logout(IServiceBase service, Authenticate request)
{
if (SAMLServiceProvider.CanSLO())
{
// Request logout at the identity provider.
string partnerIdP = WebConfigurationManager.AppSettings[PartnerIdP];
SAMLServiceProvider.InitiateSLO(HttpContext.Current.Response, null, null, partnerIdP);
}
base.Logout(service, request);
(HttpContext.Current.ToResponse() as AspNetResponse).End();
return(null);
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
if (authService.Request is IHttpRequest && (authService.Request as IHttpRequest).HttpMethod == "GET")
{
session.ReferrerUrl = authService.Request.QueryString["redirect"];
authService.SaveSession(session, this.SessionExpiry);
string partnerIdP = WebConfigurationManager.AppSettings[PartnerIdP];
SAMLServiceProvider.InitiateSSO(HttpContext.Current.Response, null, partnerIdP);
(HttpContext.Current.ToResponse() as AspNetResponse).End();
return(null);
}
else
{
var tokens = this.Init(authService, ref session, request);
bool isInResponseTo = false;
string partnerIdP = null;
string authnContext = null;
string userName = null;
IDictionary <string, string> attributes = null;
string targetUrl = null;
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
SAMLServiceProvider.ReceiveSSO(HttpContext.Current.Request, out isInResponseTo, out partnerIdP, out authnContext, out userName, out attributes, out targetUrl);
// If no target URL is provided, provide a default.
if (targetUrl == null)
{
targetUrl = session.ReferrerUrl;
}
var authInfo = new Dictionary <string, string>
{
{ "username", userName },
{ "user_id", userName }
};
session.IsAuthenticated = true;
return(OnAuthenticated(authService, session, tokens, authInfo) ??
authService.Redirect(SuccessRedirectUrlFilter(this, targetUrl)));
}
}
public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
{
var tokens = this.Init(authService, ref session, request);
if (authService.Request.Verb == "POST")
{
bool isInResponseTo = false;
string partnerIdP = null;
string authnContext = null;
string userName = null;
IDictionary <string, string> attributes = null;
string targetUrl = null;
// Receive and process the SAML assertion contained in the SAML response.
// The SAML response is received either as part of IdP-initiated or SP-initiated SSO.
SAMLServiceProvider.ReceiveSSO(HttpContext.Current.Request, out isInResponseTo, out partnerIdP, out authnContext, out userName, out attributes, out targetUrl);
// If no target URL is provided, provide a default.
if (targetUrl == null)
{
targetUrl = "~/";
}
var authInfo = new Dictionary <string, string>
{
{ "username", userName }
};
session.IsAuthenticated = true;
return(OnAuthenticated(authService, session, tokens, authInfo) ??
authService.Redirect(SuccessRedirectUrlFilter(this, session.ReferrerUrl)));
}
else
{
string partnerIdP = WebConfigurationManager.AppSettings["PartnerIdP"];
SAMLServiceProvider.InitiateSSO(HttpContext.Current.Response, null, partnerIdP);
return(new ServiceStack.HttpResult());
}
}
