예제 #1
0
        /// <summary>
        /// Refreshes the configuration section, so that next time it is read it is retrieved from the configuration file.
        /// </summary>
        public static void Refresh()
        {
            _config = null;
            ConfigurationManager.RefreshSection(Saml2Section.Name);
            _config = GetConfigElement();

            _config.IdentityProviders.Refresh();
        }
예제 #2
0
        /// <summary>
        /// Reads configuration from app.config or web.config.
        /// </summary>
        public static void InitFromConfigFile()
        {
            var config = Saml2Section.GetConfig();

            config.Validate();

            _config = config;
            _config.IdentityProviders.Refresh();
        }
예제 #3
0
        /// <summary>
        /// Refreshes the configuration section, so that next time it is read it is retrieved from the configuration file.
        /// </summary>
        public static void Refresh()
        {
            _config = null;
            ConfigurationManager.RefreshSection(Saml2Section.Name);
            _config = ConfigurationManager.GetSection(Saml2Section.Name) as Saml2Section;

            if (_config == null)
            {
                throw new ConfigurationErrorsException(string.Format("Configuration section \"{0}\" not found", typeof(Saml2Section).Name));
            }

            _config.IdentityProviders.Refresh();
        }
예제 #4
0
        /// <summary>
        /// Refreshes the configuration section, so that next time it is read it is retrieved from the configuration file.
        /// </summary>
        public static void Refresh()
        {
            _config = null;
            ConfigurationManager.RefreshSection(Saml2Section.Name);
            _config = ConfigurationManager.GetSection(Saml2Section.Name) as Saml2Section;

            if (_config == null)
            {
                throw new ConfigurationErrorsException(string.Format("Configuration section \"{0}\" not found", typeof(Saml2Section).Name));
            }

            _config.IdentityProviders.Refresh();
        }
예제 #5
0
        /// <summary>
        /// Reads configuration from app.config or web.config.
        /// </summary>
        public static void InitFromConfigFile()
        {
            var config = Saml2Section.GetConfig();

            Init(config);
        }
예제 #6
0
        /// <summary>
        /// Takes the configuration class and converts it to a SAML2.0 metadata document.
        /// </summary>
        /// <param name="config">The config.</param>
        /// <param name="keyInfo">The keyInfo.</param>
        private void ConvertToMetadata(Saml2Section config, KeyInfo keyInfo)
        {
            var entity = CreateDefaultEntity();
            entity.EntityID = config.ServiceProvider.Id;
            entity.ValidUntil = DateTime.Now + config.Metadata.Lifetime;

            var serviceProviderDescriptor = new SpSsoDescriptor
                                   {
                                       ProtocolSupportEnumeration = new[] { Saml20Constants.Protocol },
                                       AuthnRequestsSigned = XmlConvert.ToString(true),
                                       WantAssertionsSigned = XmlConvert.ToString(true)
                                   };

            if (config.ServiceProvider.NameIdFormats.Count > 0)
            {
                serviceProviderDescriptor.NameIdFormat = new string[config.ServiceProvider.NameIdFormats.Count];
                var count = 0;
                foreach (var elem in config.ServiceProvider.NameIdFormats)
                {
                    serviceProviderDescriptor.NameIdFormat[count++] = elem.Format;
                }
            }

            var baseUrl = new Uri(config.ServiceProvider.Server);
            var logoutServiceEndpoints = new List<Endpoint>();
            var signonServiceEndpoints = new List<IndexedEndpoint>();

            var artifactResolutionEndpoints = new List<IndexedEndpoint>(2);

            // Include endpoints.
            foreach (var endpoint in config.ServiceProvider.Endpoints)
            {
                if (endpoint.Type == EndpointType.SignOn)
                {
                    var loginEndpoint = new IndexedEndpoint
                                            {
                                                Index = endpoint.Index,
                                                IsDefault = true,
                                                Location = new Uri(baseUrl, endpoint.LocalPath).ToString(),
                                                Binding = GetBinding(endpoint.Binding, Saml20Constants.ProtocolBindings.HttpPost)
                                            };
                    signonServiceEndpoints.Add(loginEndpoint);

                    var artifactSignonEndpoint = new IndexedEndpoint
                                                     {
                                                         Binding = Saml20Constants.ProtocolBindings.HttpSoap,
                                                         Index = loginEndpoint.Index,
                                                         Location = loginEndpoint.Location
                                                     };
                    artifactResolutionEndpoints.Add(artifactSignonEndpoint);

                    continue;
                }

                if (endpoint.Type == EndpointType.Logout)
                {
                    var logoutEndpoint = new Endpoint
                                             {
                                                 Location = new Uri(baseUrl, endpoint.LocalPath).ToString()
                                             };
                    logoutEndpoint.ResponseLocation = logoutEndpoint.Location;
                    logoutEndpoint.Binding = GetBinding(endpoint.Binding, Saml20Constants.ProtocolBindings.HttpPost);
                    logoutServiceEndpoints.Add(logoutEndpoint);

                    // TODO: Look at this...
                    logoutEndpoint = new Endpoint
                                         {
                                             Location = new Uri(baseUrl, endpoint.LocalPath).ToString()
                                         };
                    logoutEndpoint.ResponseLocation = logoutEndpoint.Location;
                    logoutEndpoint.Binding = GetBinding(endpoint.Binding, Saml20Constants.ProtocolBindings.HttpRedirect);
                    logoutServiceEndpoints.Add(logoutEndpoint);

                    var artifactLogoutEndpoint = new IndexedEndpoint
                                                     {
                                                         Binding = Saml20Constants.ProtocolBindings.HttpSoap,
                                                         Index = endpoint.Index,
                                                         Location = logoutEndpoint.Location
                                                     };
                    artifactResolutionEndpoints.Add(artifactLogoutEndpoint);

                    continue;
                }
            }

            serviceProviderDescriptor.SingleLogoutService = logoutServiceEndpoints.ToArray();
            serviceProviderDescriptor.AssertionConsumerService = signonServiceEndpoints.ToArray();

            // Attribute consuming service.
            if (config.Metadata.RequestedAttributes.Count > 0)
            {
                var attConsumingService = new AttributeConsumingService();
                serviceProviderDescriptor.AttributeConsumingService = new[] { attConsumingService };
                attConsumingService.Index = signonServiceEndpoints[0].Index;
                attConsumingService.IsDefault = true;
                attConsumingService.ServiceName = new[] { new LocalizedName("SP", "en") };

                attConsumingService.RequestedAttribute = new RequestedAttribute[config.Metadata.RequestedAttributes.Count];

                for (var i = 0; i < config.Metadata.RequestedAttributes.Count; i++)
                {
                    attConsumingService.RequestedAttribute[i] = new RequestedAttribute
                                                                    {
                                                                        Name = config.Metadata.RequestedAttributes[i].Name
                                                                    };
                    if (config.Metadata.RequestedAttributes[i].IsRequired)
                    {
                        attConsumingService.RequestedAttribute[i].IsRequired = true;
                    }

                    attConsumingService.RequestedAttribute[i].NameFormat = SamlAttribute.NameformatBasic;
                }
            }
            else
            {
                serviceProviderDescriptor.AttributeConsumingService = new AttributeConsumingService[0];
            }

            if (config.Metadata == null || !config.Metadata.ExcludeArtifactEndpoints)
            {
                serviceProviderDescriptor.ArtifactResolutionService = artifactResolutionEndpoints.ToArray();
            }

            entity.Items = new object[] { serviceProviderDescriptor };

            // Keyinfo
            var keySigning = new KeyDescriptor();
            var keyEncryption = new KeyDescriptor();
            serviceProviderDescriptor.KeyDescriptor = new[] { keySigning, keyEncryption };

            keySigning.Use = KeyTypes.Signing;
            keySigning.UseSpecified = true;

            keyEncryption.Use = KeyTypes.Encryption;
            keyEncryption.UseSpecified = true;

            // Ugly conversion between the .Net framework classes and our classes ... avert your eyes!!
            keySigning.KeyInfo = Serialization.DeserializeFromXmlString<Schema.XmlDSig.KeyInfo>(keyInfo.GetXml().OuterXml);
            keyEncryption.KeyInfo = keySigning.KeyInfo;

            // apply the <Organization> element
            if (config.Metadata.Organization.ElementInformation.IsPresent)
            {
                entity.Organization = new Organization
                                          {
                                              OrganizationName = new[] { new LocalizedName { Value = config.Metadata.Organization.Name } },
                                              OrganizationDisplayName = new[] { new LocalizedName { Value = config.Metadata.Organization.DisplayName } },
                                              OrganizationURL = new[] { new LocalizedURI { Value = config.Metadata.Organization.Url } }
                                          };
            }

            if (config.Metadata.Contacts != null && config.Metadata.Contacts.Count > 0)
            {
                entity.ContactPerson = config.Metadata.Contacts.Select(x => new Contact
                                                                                {
                                                                                    ContactType =
                                                                                        (Schema.Metadata.ContactType)
                                                                                        ((int)x.Type),
                                                                                    Company = x.Company,
                                                                                    GivenName = x.GivenName,
                                                                                    SurName = x.SurName,
                                                                                    EmailAddress = new[] { x.Email },
                                                                                    TelephoneNumber = new[] { x.Phone }
                                                                                }).ToArray();
            }
        }
예제 #7
0
 /// <summary>
 /// Initializes a new instance of the <see cref="Saml20MetadataDocument"/> class.
 /// </summary>
 /// <param name="config">The config.</param>
 /// <param name="keyinfo">key information for the service provider certificate.</param>
 /// <param name="sign">if set to <c>true</c> the metadata document will be signed.</param>
 public Saml20MetadataDocument(Saml2Section config, KeyInfo keyinfo, bool sign)
     : this(sign)
 {
     ConvertToMetadata(config, keyinfo);
 }