public SAMLResponse HandleResponse(XmlDocument xmlResponse) { _logger.Trace("Start;"); try { int errorCode; SAMLResponse response; if ((errorCode = Verify(xmlResponse, null)) < 0) { response = new SAMLResponse(errorCode); _logger.Warn("Verify failure: {0}", errorCode); } else { response = ExtractResponseValues(xmlResponse); } return(response); } catch (Exception ex) { throw new SAMLException("EXCEPTION HandleResponse", ex); } }
private SAMLResponse ExtractResponseValues(XmlDocument doc) { _logger.Trace("Start;"); SAMLResponse context = new SAMLResponse(SAMLConstants.ErrorCodes.VALID); XmlReader reader = new XmlTextReader(new StringReader(doc.OuterXml)); ResponseType response = Deserialize <ResponseType>(reader); context.InResponseTo = response.InResponseTo; context.Idp = response.Issuer.Value; int statusCode = SAMLConstants.StatusCode.GetStatusCodeFromDesc(response.Status.StatusCode.Value); if (statusCode < 0 && response.Status.StatusCode.StatusCode != null) { context.StatusCode = SAMLConstants.StatusCode.GetStatusCodeFromDesc(response.Status.StatusCode.StatusCode.Value); } else { context.StatusCode = statusCode; } if (Math.Abs(response.IssueInstant.Subtract(DateTime.UtcNow).TotalMinutes) > validTimeframe) { context.ErrorCode = SAMLConstants.ErrorCodes.EXPIRED; return(context); } if (statusCode != SAMLConstants.StatusCode.SUCCESS) { int subStatusCode = SAMLConstants.StatusCode.GetStatusCodeFromDesc(response.Status.StatusCode.StatusCode.Value); if (subStatusCode != -1) { context.SubStatusCode = subStatusCode; context.StatusMessage = response.Status.StatusMessage; } return(context); } int i; for (i = 0; i < response.Items.Length; i++) { if (response.Items[i].GetType() == typeof(AssertionType)) { break; } } AssertionType assertion = (AssertionType)response.Items[i]; DateTime now = DateTime.UtcNow; TimeSpan tSpan = new TimeSpan(0, 0, skewClock); if (now < assertion.Conditions.NotBefore.Subtract(tSpan) || now >= assertion.Conditions.NotOnOrAfter.Add(tSpan)) { context.ErrorCode = SAMLConstants.ErrorCodes.EXPIRED_ASSERTION; return(context); } for (i = 0; i < assertion.Items.Length; i++) { if (assertion.Items[i].GetType() == typeof(AttributeStatementType)) { break; } } AttributeStatementType attrStatement = (AttributeStatementType)assertion.Items[i]; foreach (object o in attrStatement.Items) { AttributeType attr = (AttributeType)o; if (!citizenAttributes.Exists(attr.Name)) { context.ErrorCode = SAMLConstants.ErrorCodes.INVALID_ATTRIBUTES; return(context); } int attrStatus = SAMLConstants.AttributeStatus.AVAILABLE; if (attr.AnyAttr != null) { for (i = 0; i < attr.AnyAttr.Length; i++) { if (attr.AnyAttr[i].LocalName == SAMLConstants.ATTRIBUTE_STATUS_STR) { attrStatus = SAMLConstants.AttributeStatus.GetAttrStatusFromDesc(attr.AnyAttr[i].Value); break; } } } string attrValue = null; if (attr.AttributeValue != null && attr.AttributeValue.Length > 0) { if (attr.AttributeValue[0] is System.Xml.XmlNode[]) { System.Xml.XmlNode[] nodeValues = ((System.Xml.XmlNode[])attr.AttributeValue[0]); int size = nodeValues.Length; Dictionary <string, string> values = new Dictionary <string, string>(size); for (int j = 0; j < size; j++) { if (nodeValues[j].NodeType.Equals(System.Xml.XmlNodeType.Text)) { values.Add((string)nodeValues[j].LocalName, (string)nodeValues[j].InnerText); } } context.AddAttribute(attr.Name, values, attrStatus); } else { attrValue = (string)attr.AttributeValue[0]; context.AddAttribute(attr.Name, attrValue, attrStatus); } } else { context.AddAttribute(attr.Name, attrValue, attrStatus); } } if (context.GetAttributeNames().Count == 0) { context.ErrorCode = SAMLConstants.ErrorCodes.INVALID_ATTRIBUTES; } _logger.Trace("SAMLResponse {0}, {1}, {2}", context.StatusCode, context.StatusMessage, context.ErrorCode); _logger.Trace("SAMLResponse {0}, {1}", context.GetAttributeNames().Count, context.StatusMessage); return(context); }
public SAMLResponse ProcessSamlLoginResponse(string b64response) { try { byte[] reqDataB64 = Convert.FromBase64String(b64response); string reqData = Encoding.UTF8.GetString(reqDataB64); XmlDocument xml = new XmlDocument(); xml.PreserveWhitespace = true; xml.LoadXml(reqData); _logger.Trace("Respuesta de cl@ve: {0}", xml.InnerXml); SAMLEngine.Instance.Init(); SAMLResponse sr = SAMLEngine.Instance.HandleResponse(xml); return sr; } catch (Exception e) { _logger.Error(e); SAMLResponse sr = new SAMLResponse(); sr.ErrorCode = -11; sr.StatusCode = SAMLConstants.StatusCode.AUTHN_FAILED; sr.StatusMessage = e.Message; return sr; } }