private IActionResult LoginResponse(Saml2Id inResponseTo, Saml2StatusCodes status, string relayState, RelyingParty relyingParty, string sessionIndex = null, IEnumerable <Claim> claims = null)
{
var responsebinding = new Saml2PostBinding();
responsebinding.RelayState = relayState;
var saml2AuthnResponse = new Saml2AuthnResponse(GetLoginSaml2Config(relyingParty))
{
InResponseTo = inResponseTo,
Status = status,
Destination = relyingParty.SingleSignOnDestination,
};
if (status == Saml2StatusCodes.Success && claims != null)
{
saml2AuthnResponse.SessionIndex = sessionIndex;
var claimsIdentity = new ClaimsIdentity(claims);
saml2AuthnResponse.NameId = new Saml2NameIdentifier(claimsIdentity.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).Select(c => c.Value).Single(), NameIdentifierFormats.Persistent);
//saml2AuthnResponse.NameId = new Saml2NameIdentifier(claimsIdentity.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).Select(c => c.Value).Single());
saml2AuthnResponse.ClaimsIdentity = claimsIdentity;
_ = saml2AuthnResponse.CreateSecurityToken(relyingParty.Issuer);
}
return(responsebinding.Bind(saml2AuthnResponse).ToActionResult());
}
private ActionResult LoginResponse(Saml2AuthnRequest saml2AuthnRequest, Saml2StatusCodes status, string relayState, RelyingParty relyingParty, string sessionIndex = null, IEnumerable <Claim> claims = null)
{
var responsebinding = new Saml2RedirectBinding();
responsebinding.RelayState = relayState;
var saml2AuthnResponse = new Saml2AuthnResponse(config)
{
InResponseTo = saml2AuthnRequest.Id,
Status = status,
Destination = relyingParty.SingleSignOnDestination,
Extensions = saml2AuthnRequest.Extensions
};
if (status == Saml2StatusCodes.Success && claims != null)
{
saml2AuthnResponse.SessionIndex = sessionIndex;
var claimsIdentity = new ClaimsIdentity(claims);
saml2AuthnResponse.NameId = new Saml2NameIdentifier(claimsIdentity.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).Select(c => c.Value).Single(), NameIdentifierFormats.Persistent);
saml2AuthnResponse.ClaimsIdentity = claimsIdentity;
var token = saml2AuthnResponse.CreateSecurityToken(SettingManager.GetInstance().Configuration.Issuer);
}
return(responsebinding.Bind(saml2AuthnResponse).ToActionResult());
}
public ActionResult Initiate()
{
var serviceProviderRealm = "https://claimstest.mylogbuy.com";
var binding = new Saml2PostBinding();
binding.RelayState = $"RPID={Uri.EscapeDataString(serviceProviderRealm)}";
var config = new Saml2Configuration
{
Issuer = "http://some-domain.com/this-application",
SingleSignOnDestination = new Uri("https://adfs.mylogbuy.com/adfs/ls/"),
SigningCertificate =
CertificateUtil.Load(
HttpContext.Server.MapPath("~/App_Data/itfoxtec.identity.saml2.testwebapp_Certificate.pfx"),
"!QAZ2wsx"),
SignatureAlgorithm = Saml2SecurityAlgorithms.RsaSha256Signature
};
var appliesToAddress = "http://adfs.mylogbuy.com/adfs/services/trust";
var response = new Saml2AuthnResponse(config);
response.Status = Saml2StatusCodes.Success;
var claimsIdentity = new ClaimsIdentity(CreateClaims());
response.NameId = new Saml2NameIdentifier(claimsIdentity.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).Select(c => c.Value).Single(), NameIdentifierFormats.Persistent);
response.ClaimsIdentity = claimsIdentity;
var token = response.CreateSecurityToken(appliesToAddress);
return(binding.Bind(response).ToActionResult());
}
public IActionResult Initiate()
{
var serviceProviderRealm = "https://some-domain.com/some-service-provider";
var binding = new Saml2PostBinding();
binding.RelayState = $"RPID={Uri.EscapeDataString(serviceProviderRealm)}";
var config = new Saml2Configuration();
config.Issuer = new Uri("http://some-domain.com/this-application");
config.SingleSignOnDestination = new Uri("https://test-adfs.itfoxtec.com/adfs/ls/");
config.SigningCertificate = CertificateUtil.Load(Startup.AppEnvironment.MapToPhysicalFilePath("itfoxtec.identity.saml2.testwebappcore_Certificate.pfx"));
config.SignatureAlgorithm = SecurityAlgorithms.RsaSha256Signature;
var appliesToAddress = new Uri("https://test-adfs.itfoxtec.com/adfs/services/trust");
var response = new Saml2AuthnResponse(config);
response.Status = Saml2StatusCodes.Success;
var claimsIdentity = new ClaimsIdentity(CreateClaims());
response.NameId = new Saml2NameIdentifier(claimsIdentity.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).Select(c => c.Value).Single(), NameIdentifierFormats.Persistent);
response.ClaimsIdentity = claimsIdentity;
var token = response.CreateSecurityToken(appliesToAddress);
return(binding.Bind(response).ToActionResult());
}
private IActionResult LoginResponse(Saml2Id inResponseTo, Saml2StatusCodes status, string relayState, App app, string sessionIndex = null, IEnumerable <Claim> claims = null)
{
var responseBinding = new Saml2PostBinding();
responseBinding.RelayState = relayState;
var saml2AuthnResponse = new Saml2AuthnResponse(_samlConfig)
{
InResponseTo = inResponseTo,
Status = status,
Destination = app.SingleSignOnDestination
};
if (status == Saml2StatusCodes.Success && claims != null)
{
saml2AuthnResponse.SessionIndex = sessionIndex;
var claimsIdentity = new ClaimsIdentity(claims);
saml2AuthnResponse.NameId = new Saml2NameIdentifier(claimsIdentity.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).Select(c => c.Value).Single(), NameIdentifierFormats.Persistent);
saml2AuthnResponse.ClaimsIdentity = claimsIdentity;
saml2AuthnResponse.CreateSecurityToken(app.Issuer, subjectConfirmationLifetime: 5, issuedTokenLifetime: 60);
}
return(responseBinding.Bind(saml2AuthnResponse).ToActionResult());
}
public ActionResult InitiateLogin(User user)
{
var serviceProviderRealm = ConfigurationManager.AppSettings["serviceProviderRealm"];
var binding = new Saml2PostBinding();
binding.RelayState = $"RPID={Uri.EscapeDataString(serviceProviderRealm)}";
var config = new Saml2Configuration();
config.Issuer = new Uri(ConfigurationManager.AppSettings["issuer"]);
config.SingleSignOnDestination = new Uri(ConfigurationManager.AppSettings["SingleSignOnDestination"]);
//config.SigningCertificate = CertificateUtil.Load(HttpContext.Server.MapPath("~/App_Data/LnT.sso.saml2.testwebapp_Certificate.pfx"));
//config.SignatureAlgorithm = SecurityAlgorithms.RsaSha256Signature;
var entityDescriptor = new EntityDescriptor();
string metadataPath = System.Web.HttpContext.Current.Server.MapPath(ConfigurationManager.AppSettings["metadataPath"]);
entityDescriptor.ReadIdPSsoDescriptorFromFile(metadataPath);
if (entityDescriptor.IdPSsoDescriptor != null)
{
config.SignatureValidationCertificates.AddRange(entityDescriptor.IdPSsoDescriptor.SigningCertificates);
}
var appliesToAddress = new Uri(ConfigurationManager.AppSettings["appliesToAddress"]);
var response = new Saml2AuthnResponse(config);
response.Status = Saml2StatusCodes.Success;
var claimsIdentity = new ClaimsIdentity(CreateClaims());
response.NameId = new Saml2NameIdentifier(claimsIdentity.Claims.Where(c => c.Type == ClaimTypes.NameIdentifier).Select(c => c.Value).Single(), NameIdentifierFormats.Persistent);
response.ClaimsIdentity = claimsIdentity;
var token = response.CreateSecurityToken(appliesToAddress);
return(binding.Bind(response).ToActionResult());
}
