protected virtual SAMLValidatorResult <ResponseType> CheckSamlResponse(SAMLResponseDto samlResponse)
{
var response = SAMLValidator.CheckSaml <ResponseType>(samlResponse.SAMLResponse, samlResponse.RelayState);
var assertion = response.Content.Items.FirstOrDefault(i => i is AssertionType) as AssertionType;
if (assertion == null)
{
throw new SamlException(System.Net.HttpStatusCode.BadRequest, Saml.Constants.StatusCodes.Responder, Global.MissingAssertion);
}
return(response);
}
protected virtual AuthnRequestType CheckParameter(SAMLRequestDto parameter)
{
var authnRequest = SAMLValidator.CheckSaml <AuthnRequestType>(parameter.SAMLRequest, parameter.RelayState);
if (authnRequest.Content.Issuer == null || string.IsNullOrWhiteSpace(authnRequest.Content.Issuer.Value))
{
throw new SamlException(HttpStatusCode.BadRequest, Saml.Constants.StatusCodes.Requester, string.Format(Global.MissingParameter, nameof(authnRequest.Content.Issuer)));
}
if (!string.IsNullOrWhiteSpace(authnRequest.Content.Issuer.Format) && authnRequest.Content.Issuer.Format != Saml.Constants.NameIdentifierFormats.EntityIdentifier)
{
throw new SamlException(HttpStatusCode.BadRequest, Saml.Constants.StatusCodes.Requester, string.Format(Global.UnsupportNameIdFormat, nameof(authnRequest.Content.Issuer.Format)));
}
if (!string.IsNullOrWhiteSpace(authnRequest.Content.ProtocolBinding) && authnRequest.Content.ProtocolBinding != Saml.Constants.Bindings.HttpRedirect)
{
throw new SamlException(HttpStatusCode.BadRequest, Saml.Constants.StatusCodes.UnsupportedBinding, string.Format(Global.UnsupportBinding, authnRequest.Content.ProtocolBinding));
}
return(authnRequest.Content);
}