예제 #1
0
        /// <summary>
        /// Get and validate claims for the system user from the SuperID web service
        /// </summary>
        /// <param name="userToken">System user token, not yet signed</param>
        /// <param name="contextIdentifier">Context identifier of the customer</param>
        /// <returns>Token with claims</returns>
        private static SuperIdToken GetSystemUserToken(string userToken, string contextIdentifier)
        {
            var systemToken = new SystemToken(userToken);

            // Get certificate
            var certificatePath = CertificatePath;

            // sign the system user token
            var signedSystemToken = systemToken.Sign(privateKey: File.ReadAllText(certificatePath));

            // Call the web service to exchange signed system user token with claims for the system user
            var federationGateway = ConfigurationManager.AppSettings["SoFederationGateway"];
            var returnedToken     = systemToken.AuthenticateWithSignedSystemToken(federationGateway, signedSystemToken,
                                                                                  ConfigFile.Services.ApplicationToken, contextIdentifier, TokenType.Saml);

            // Validate and return SuperId token for the system user
            var tokenHandler = new SuperIdTokenHandler();

            tokenHandler.IssuerTokenResolver =
                new SuperOffice.SuperID.Client.Tokens.CertificateFileCertificateStoreTokenResolver(
                    System.Web.HttpContext.Current.Server.MapPath("~/App_Data")
                    );

            tokenHandler.CertificateValidator = System.IdentityModel.Selectors.X509CertificateValidator.None;

            return(tokenHandler.ValidateToken(returnedToken, TokenType.Saml));
        }
예제 #2
0
        private static SuperIdToken GetSystemUserToken(string systemTokenString, string contextIdentifier)
        {
            // Grab hold of the system user token
            var systemToken = new SystemToken(systemTokenString);

            // Get certificate
            var certificatePath = ConfigManager.ApplicationKeyFile;

            if (!Path.IsPathRooted(certificatePath))
            {
                certificatePath = Path.Combine(HostingEnvironment.MapPath(@"~"), certificatePath);
            }

            // sign the system user token
            var signedSystemToken = systemToken.Sign(privateKey: File.ReadAllText(certificatePath));

            // Call the web service to exchange signed system user token with claims for the system user
            var federationGateway = ConfigManager.SoFederationGateway;
            var returnedToken     = systemToken.AuthenticateWithSignedSystemToken(federationGateway, signedSystemToken,
                                                                                  ConfigFile.Services.ApplicationToken, contextIdentifier, TokenType.Jwt);

            // Validate SuperId token for the system user
            var systemUserTokenHandler = new SuperIdTokenHandler();
            var systemUserToken        = systemUserTokenHandler.ValidateToken(returnedToken, TokenType.Jwt);

            return(systemUserToken);
        }
예제 #3
0
        public static SuperIdToken GetSystemUserToken(string userToken, string contextIdentifier,
                                                      string privateKey, string federationGateway, string applicationToken, string certificateString)
        {
            var tokenType = SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Jwt;

            var systemToken = new SystemToken(userToken);

            // Get certificate

            // sign the system user ticket
            var signedSystemToken = systemToken.Sign(privateKey);

            // Call the web service to exchange signed system user ticket with claims for the system user
            var returnedToken = systemToken.AuthenticateWithSignedSystemToken(federationGateway, signedSystemToken,
                                                                              applicationToken, contextIdentifier, tokenType);

            if (returnedToken != null)
            {
                // Validate and return SuperId ticket for the system user
                var tokenHandler = new SuperIdTokenHandler();

                var certificateResolverPath = AppDomain.CurrentDomain.BaseDirectory + "Certificates";

                if (tokenType == SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Saml)
                {
                    tokenHandler.CertificateValidator = System.IdentityModel.Selectors.X509CertificateValidator.None;
                    tokenHandler.IssuerTokenResolver  = new CertificateFileCertificateStoreTokenResolver(certificateResolverPath);
                }
                else
                {
                    // byte[] bytes = System.Convert.FromBase64String(certificateString);
                    byte[] bytes = Encoding.ASCII.GetBytes(certificateString);
                    tokenHandler.JwtIssuerSigningCertificate =
                        new System.Security.Cryptography.X509Certificates.X509Certificate2(bytes);
                }

                tokenHandler.ValidateAudience = false;

                SuperIdToken superToken = null;

                try
                {
                    superToken = tokenHandler.ValidateToken(returnedToken, tokenType);
                }
                catch (Exception e)
                {
                    Console.WriteLine(e);
                }

                return(superToken);
            }

            return(null);
        }
예제 #4
0
        /// <summary>
        /// Get and validate claims for the system user from the SuperID web service
        /// </summary>
        /// <param name="userToken">System user token, not yet signed</param>
        /// <param name="contextIdentifier">Context identifier of the customer</param>
        /// <returns>Token with claims</returns>
        private static SuperIdToken GetSystemUserToken(string userToken, string contextIdentifier)
        {
            var tokenType = SuperOffice.SuperID.Contracts.SystemUser.V1.TokenType.Jwt;

            var systemToken = new SystemToken(userToken);

            // Get certificate
            var certificatePath = ConfigurationManager.AppSettings["SystemTokenCertificatePath"];

            // sign the system user token
            var signedSystemToken = systemToken.Sign(File.ReadAllText(certificatePath));

            // Call the web service to exchange signed system user token with claims for the system user
            var federationGateway = ConfigurationManager.AppSettings["SoFederationGateway"];
            var returnedToken     = systemToken.AuthenticateWithSignedSystemToken(federationGateway, signedSystemToken,
                                                                                  ConfigFile.Services.ApplicationToken, contextIdentifier, tokenType);

            if (returnedToken != null)
            {
                // Validate and return SuperId token for the system user
                var tokenHandler = new SuperIdTokenHandler();

                var certificateResolverPath = AppDomain.CurrentDomain.BaseDirectory + "Certificates";

                if (tokenType == SuperID.Contracts.SystemUser.V1.TokenType.Saml)
                {
                    tokenHandler.CertificateValidator = System.IdentityModel.Selectors.X509CertificateValidator.None;
                    tokenHandler.IssuerTokenResolver  = new SuperOffice.SuperID.Client.Tokens.CertificateFileCertificateStoreTokenResolver(certificateResolverPath);
                }
                else
                {
                    tokenHandler.JwtIssuerSigningCertificate =
                        new System.Security.Cryptography.X509Certificates.X509Certificate2(
                            certificateResolverPath + "\\SODSuperOfficeFederatedLogin.crt");
                }

                tokenHandler.ValidateAudience = false;

                return(tokenHandler.ValidateToken(returnedToken, tokenType));
            }

            return(null);
        }