public static void AddSaml2AndJwt(this AuthenticationConfiguration configuration, string issuerThumbprint, X509Certificate2 signingCertificate, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme, X509Certificate2 encryptionCertificate)
{
var validationParameters = new TokenValidationParameters()
{
AllowedAudience = audienceUri,
SigningToken = new X509SecurityToken(signingCertificate),
ValidIssuer = issuerName,
};
var jwtHandler = new JwtSecurityTokenHandlerWrapper(validationParameters);
var samlHandlerConfig = CreateSaml2SecurityTokenHandlerConfiguration(issuerThumbprint, issuerName, audienceUri, certificateValidator, encryptionCertificate);
var saml2Handler = new HttpSaml2SecurityTokenHandler()
{
Configuration = samlHandlerConfig
};
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
jwtHandler, saml2Handler
},
Options = options,
Scheme = scheme
});
}
public static IAppBuilder UseSaml2BearerAuthentication(this IAppBuilder app, Uri audience, string issuerThumbprint, string issuerName = null, X509CertificateValidator validator = null)
{
var handler = new HttpSaml2SecurityTokenHandler();
ConfigureHandler(handler, audience, issuerThumbprint, issuerName, validator);
return app.UseTokenHandlerAuthentication(handler);
}
public static void AddSaml2(this AuthenticationConfiguration configuration, SecurityTokenHandlerConfiguration handlerConfiguration, AuthenticationOptions options, AuthenticationScheme scheme)
{
var handler = new HttpSaml2SecurityTokenHandler();
handler.Configuration = handlerConfiguration;
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options,
Scheme = scheme
});
}
public void AddSaml2(SecurityTokenHandlerConfiguration configuration, AuthenticationOptions options)
{
var handler = new HttpSaml2SecurityTokenHandler();
handler.Configuration = configuration;
AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection {
handler
},
Options = options
});
}
public static void AddSaml2(this AuthenticationConfiguration configuration, SecurityTokenHandlerConfiguration handlerConfiguration, AuthenticationOptions options)
{
var handler = new HttpSaml2SecurityTokenHandler();
handler.Configuration = handlerConfiguration;
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { handler },
Options = options
});
}
public static void AddSaml2AndJwt(this AuthenticationConfiguration configuration, string issuerThumbprint, X509Certificate2 signingCertificate, string issuerName, string audienceUri, X509CertificateValidator certificateValidator, AuthenticationOptions options, AuthenticationScheme scheme, X509Certificate2 encryptionCertificate)
{
var validationParameters = new TokenValidationParameters()
{
AllowedAudience = audienceUri,
SigningToken = new X509SecurityToken(signingCertificate),
ValidIssuer = issuerName,
};
var jwtHandler = new JwtSecurityTokenHandlerWrapper(validationParameters);
var samlHandlerConfig = CreateSaml2SecurityTokenHandlerConfiguration(issuerThumbprint, issuerName, audienceUri, certificateValidator, encryptionCertificate);
var saml2Handler = new HttpSaml2SecurityTokenHandler() { Configuration = samlHandlerConfig };
configuration.AddMapping(new AuthenticationOptionMapping
{
TokenHandler = new SecurityTokenHandlerCollection { jwtHandler, saml2Handler },
Options = options,
Scheme = scheme
});
}
