/// <summary> /// Loads the current message as an artifact response. /// </summary> private void LoadArtifactResponse() { if (_artifactResponse == null) { _artifactResponse = Serialization.Deserialize <ArtifactResponse>(new XmlNodeReader(SamlMessage)); _artifactResponse.Any = (XmlElement)SamlMessage.GetElementsByTagName(Response.ELEMENT_NAME, Saml2Constants.PROTOCOL)[0]; } }
/// <summary> /// Gets the status of the current message. /// </summary> /// <returns></returns> public Status GetStatus() { XmlElement status = (XmlElement)SamlMessage.GetElementsByTagName(Status.ELEMENT_NAME, Saml20Constants.PROTOCOL)[0]; Status result = null; if (status != null) { result = Serialization.Deserialize <Status>(new XmlNodeReader(status)); } return(result); }
internal static void PropagateStandardElements(XmlElement element, SamlMessage message) { element.SetAttribute($"xmlns:{SamlAuthenticationDefaults.SamlAssertionNsPrefix}", SamlAuthenticationDefaults.SamlAssertionNamespace); element.SetAttribute($"xmlns:{SamlAuthenticationDefaults.SamlProtocolNsPrefix}", SamlAuthenticationDefaults.SamlProtocolNamespace); element.SetAttribute("ID", $"_{Guid.NewGuid():N}"); element.SetAttribute("Version", "2.0"); //Does the Standardportal differ from SAML-Standard? element.SetAttribute("IssueInstant", DateTime.UtcNow.ToString("o", CultureInfo.InvariantCulture)); element.SetAttribute("Destination", message.Destination); var issuerElement = element.OwnerDocument.CreateElement(SamlAuthenticationDefaults.SamlAssertionNsPrefix, "Issuer", SamlAuthenticationDefaults.SamlAssertionNamespace); issuerElement.InnerText = message.Issuer; element.AppendChild(issuerElement); }
internal static void ParseStandardElements(XmlElement element, SamlMessage message) { message.Id = element.GetAttribute("ID"); var issueInstantNode = element.SelectSingleNode("@IssueInstant", NamespaceManager); if (issueInstantNode == null || string.IsNullOrEmpty(issueInstantNode.InnerText)) { throw new ParsingException("Attribute 'IssueInstant' missing"); } if (!DateTime.TryParse(issueInstantNode.InnerText, out var issueInstant)) { throw new ParsingException("Issue instant cannot be parsed"); } message.IssueInstant = issueInstant; message.Destination = element.GetAttribute("Destination"); message.Issuer = element.GetElementsByTagName("Issuer", SamlAuthenticationDefaults.SamlAssertionNamespace)[0].InnerText; }
/// <summary> /// Invokes the login procedure (2nd leg of SP-Initiated login). Analagous to Saml20SignonHandler from ASP.Net DLL /// </summary> /// <param name="context"></param> /// <returns></returns> public async Task <AuthenticationTicket> Invoke(IOwinContext context) { Logger.Debug(TraceMessages.SignOnHandlerCalled); ExceptionDispatchInfo authFailedEx = null; try { var messageReceivedNotification = new MessageReceivedNotification <SamlMessage, SamlAuthenticationOptions>(context, options) { ProtocolMessage = new SamlMessage(context, configuration, null) }; await options.Notifications.MessageReceived(messageReceivedNotification); if (messageReceivedNotification.HandledResponse) { return(null); // GetHandledResponseTicket() } if (messageReceivedNotification.Skipped) { return(null); } var requestParams = await HandleResponse(context); var assertion = context.Get <Saml20Assertion>("Saml2:assertion"); var securityTokenReceivedNotification = new SecurityTokenReceivedNotification <SamlMessage, SamlAuthenticationOptions>(context, options) { ProtocolMessage = new SamlMessage(context, configuration, assertion) }; await options.Notifications.SecurityTokenReceived(securityTokenReceivedNotification); if (securityTokenReceivedNotification.HandledResponse) { return(null); // GetHandledResponseTicket(); } if (securityTokenReceivedNotification.Skipped) { return(null); } var ticket = await GetAuthenticationTicket(context, requestParams); var securityTokenValidatedNotification = new SecurityTokenValidatedNotification <SamlMessage, SamlAuthenticationOptions>(context, options) { AuthenticationTicket = ticket, ProtocolMessage = new SamlMessage(context, configuration, assertion) }; await options.Notifications.SecurityTokenValidated(securityTokenValidatedNotification); if (securityTokenValidatedNotification.HandledResponse) { return(null); // GetHandledResponseTicket(); } if (securityTokenValidatedNotification.Skipped) { return(null); // null; } // Flow possible changes ticket = securityTokenValidatedNotification.AuthenticationTicket; context.Authentication.AuthenticationResponseGrant = new AuthenticationResponseGrant(ticket.Identity, ticket.Properties); return(ticket); } catch (Exception ex) { authFailedEx = ExceptionDispatchInfo.Capture(ex); } if (authFailedEx != null) { Logger.Error("Exception occurred while processing message: " + authFailedEx.SourceException); var message = new SamlMessage(context, configuration, context.Get <Saml20Assertion>("Saml2:assertion")); var authenticationFailedNotification = new AuthenticationFailedNotification <SamlMessage, SamlAuthenticationOptions>(context, options) { ProtocolMessage = message, Exception = authFailedEx.SourceException }; await options.Notifications.AuthenticationFailed(authenticationFailedNotification); if (authenticationFailedNotification.HandledResponse) { return(null);//GetHandledResponseTicket(); } if (authenticationFailedNotification.Skipped) { return(null); //null } authFailedEx.Throw(); } return(null); }
/// <summary> /// Gets the status of the current message. /// </summary> /// <returns>The <see cref="Status"/>.</returns> public Status GetStatus() { var status = (XmlElement)SamlMessage.GetElementsByTagName(Status.ElementName, Saml20Constants.Protocol)[0]; return(status != null?Serialization.Deserialize <Status>(new XmlNodeReader(status)) : null); }