public static string GetAssertion( string issuer, string subject, string certLocation, string certPassword, Dictionary <string, string> attributes) { // Create certificate from file. It must contain private key! X509Certificate2 cert = new X509Certificate2(certLocation, certPassword); // The private key contained in the certificate will be used to sign the token. X509AsymmetricSecurityKey signingKey = new X509AsymmetricSecurityKey(cert); SecurityKeyIdentifier ski = new SecurityKeyIdentifier(new X509ThumbprintKeyIdentifierClause(cert)); SamlAssertion assertion = SamlHelper.CreateSamlAssertion(issuer, subject, subject, attributes); assertion.SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.RsaSha1Signature, SecurityAlgorithms.Sha1Digest, ski); return(SamlHelper.SerializeToken(assertion)); }
public static string GetAssertion( string issuer, string subject, Dictionary <string, string> attributes) { return(SamlHelper.SerializeToken( SamlHelper.CreateSamlAssertion(issuer, subject, subject, attributes))); }
/// <summary> /// Returns a Base64 Encoded String with the SamlResponse in it. /// </summary> /// <param name="recipient">Recipient</param> /// <param name="issuer">Issuer</param> /// <param name="subject">Subject</param> /// <param name="certLocation">Certificate Location</param> /// <param name="certPassword">Certificate Password</param> /// <param name="attributes">A list of attributes to pass</param> /// <returns></returns> public static string GetPostSamlResponse(string recipient, string issuer, string domain, string subject, StoreLocation storeLocation, StoreName storeName, X509FindType findType, string certFile, string certPassword, object findValue, Dictionary <string, string> attributes, SigningHelper.SignatureType signatureType) { ResponseType response = new ResponseType(); // Create Response response.ResponseID = "_" + Guid.NewGuid().ToString(); response.MajorVersion = "1"; response.MinorVersion = "1"; response.IssueInstant = System.DateTime.UtcNow; response.Recipient = recipient; StatusType status = new StatusType(); status.StatusCode = new StatusCodeType(); status.StatusCode.Value = new XmlQualifiedName("Success", "urn:oasis:names:tc:SAML:1.0:protocol"); response.Status = status; // Create Assertion AssertionType assertionType = SamlHelper.CreateSaml11Assertion( issuer.Trim(), domain.Trim(), subject.Trim(), attributes); response.Assertion = new AssertionType[] { assertionType }; //Serialize XmlSerializerNamespaces ns = new XmlSerializerNamespaces(); ns.Add("samlp", "urn:oasis:names:tc:SAML:1.0:protocol"); ns.Add("saml", "urn:oasis:names:tc:SAML:1.0:assertion"); XmlSerializer responseSerializer = new XmlSerializer(response.GetType()); StringWriter stringWriter = new StringWriter(); XmlWriterSettings settings = new XmlWriterSettings(); settings.OmitXmlDeclaration = true; settings.Indent = true; settings.Encoding = Encoding.UTF8; XmlWriter responseWriter = XmlTextWriter.Create(stringWriter, settings); responseSerializer.Serialize(responseWriter, response, ns); responseWriter.Close(); string samlString = stringWriter.ToString(); stringWriter.Close(); // Sign the document XmlDocument doc = new XmlDocument(); doc.LoadXml(samlString); X509Certificate2 cert = null; if (System.IO.File.Exists(certFile)) { cert = new X509Certificate2(certFile, certPassword); } else { X509Store store = new X509Store(storeName, storeLocation); store.Open(OpenFlags.ReadOnly); X509Certificate2Collection coll = store.Certificates.Find(findType, findValue, true); if (coll.Count < 1) { throw new ArgumentException("Unable to locate certificate"); } cert = coll[0]; store.Close(); } XmlElement signature = SigningHelper.SignDoc( doc, cert, "ResponseID", response.ResponseID); doc.DocumentElement.InsertBefore(signature, doc.DocumentElement.ChildNodes[0]); if (SamlHelper.Logger.IsDebugEnabled) { SamlHelper.Logger.DebugFormat( "Saml Assertion before encoding = {0}", doc.OuterXml.ToString()); } // Base64Encode and URL Encode byte[] base64EncodedBytes = Encoding.UTF8.GetBytes(doc.OuterXml); string returnValue = System.Convert.ToBase64String( base64EncodedBytes); return(returnValue); }