private static SPSSODescriptorConfiguration BuildSPSSODescriptorConfiguration(SPDescriptorSettings sPDescriptor, OrganisationConfiguration organisation)
{
var sPSSODescriptorConfiguration = new SPSSODescriptorConfiguration
{
WantAssertionsSigned = sPDescriptor.WantAssertionsSigned,
ValidUntil = sPDescriptor.ValidUntil,
Organisation = organisation,
AuthenticationRequestsSigned = sPDescriptor.RequestSigned,
CacheDuration = MetadataHelper.TimeSpanFromDatapartEntry(sPDescriptor.CacheDuration),
RoleDescriptorType = typeof(ServiceProviderSingleSignOnDescriptor),
ErrorUrl = new Uri(sPDescriptor.ErrorUrl)
};
//sort this out missing in the models
sPSSODescriptorConfiguration.NameIdentifierFormats.Add(new Uri("urn:oasis:names:tc:SAML:2.0:nameid-format:transient"));
sPSSODescriptorConfiguration.NameIdentifierFormats.Add(new Uri("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"));
//logout services
sPDescriptor.LogoutServices.Aggregate(sPSSODescriptorConfiguration.SingleLogoutServices, (t, next) =>
{
t.Add(new EndPointConfiguration
{
Binding = new Uri(next.Binding.Uri),
Location = new Uri(next.Url)
});
return(t);
});
//supported protocols
sPDescriptor.Protocols.Aggregate(sPSSODescriptorConfiguration.ProtocolSupported, (t, next) =>
{
t.Add(new Uri(next.Uri));
return(t);
});
//key descriptors
sPDescriptor.Certificates.Aggregate(sPSSODescriptorConfiguration.KeyDescriptors, (t, next) =>
{
var keyDescriptorConfiguration = MetadataHelper.BuildKeyDescriptorConfiguration(next);
t.Add(keyDescriptorConfiguration);
return(t);
});
//assertinon service
sPDescriptor.AssertionServices.Aggregate(sPSSODescriptorConfiguration.AssertionConsumerServices, (t, next) =>
{
var indexedEndPointConfiguration = new IndexedEndPointConfiguration
{
Index = next.Index,
IsDefault = next.IsDefault,
Binding = new Uri(next.Binding.Uri),
Location = new Uri(next.Url)
};
t.Add(indexedEndPointConfiguration);
return(t);
});
return(sPSSODescriptorConfiguration);
}
public MetadataContext BuildContext()
{
var entityDescriptor = this._dbContext.Set <EntityDescriptorSettings>()
.First();
var entityDescriptorConfiguration = MetadataHelper.BuildEntityDesriptorConfiguration(entityDescriptor);
var signing = this._dbContext.Set <SigningCredential>()
.First();
var signingContext = new MetadataSigningContext(signing.SignatureAlgorithm, signing.DigestAlgorithm);
signingContext.KeyDescriptors.Add(MetadataHelper.BuildKeyDescriptorConfiguration(signing.Certificates.First(x => x.Use == KeyUsage.Signing && x.IsDefault)));
return(new MetadataContext
{
EntityDesriptorConfiguration = entityDescriptorConfiguration,
MetadataSigningContext = signingContext
});
}
internal MetadataContext BuildFromDbSettings(MetadataSettings metadataSettings)
{
if (metadataSettings == null)
{
throw new ArgumentNullException("metadataSettings");
}
var entityDescriptor = metadataSettings.SPDescriptorSettings;
var entityDescriptorConfiguration = MetadataHelper.BuildEntityDesriptorConfiguration(entityDescriptor);
var signing = metadataSettings.SigningCredential;
var signingContext = new MetadataSigningContext(signing.SignatureAlgorithm, signing.DigestAlgorithm);
signingContext.KeyDescriptors.Add(MetadataHelper.BuildKeyDescriptorConfiguration(signing.Certificates.First(x => x.Use == KeyUsage.Signing && x.IsDefault)));
var metadataContext = new MetadataContext
{
EntityDesriptorConfiguration = entityDescriptorConfiguration,
MetadataSigningContext = signingContext
};
return(metadataContext);
}
