static void CreatePassiveStsMetadata(StsData data, string fileName, Encoding encoding)
{
MetadataSerializer serializer = new MetadataSerializer();
SecurityTokenServiceDescriptor item = new SecurityTokenServiceDescriptor();
EntityDescriptor metadata = new EntityDescriptor();
metadata.EntityId = new EntityId(data.EntityId);
X509Certificate2 certificate = CertificateHelper.RetrieveCertificate(data.SigninCertificateCn);
metadata.SigningCredentials = new X509SigningCredentials(certificate);
KeyDescriptor descriptor3 = new KeyDescriptor(new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { new X509SecurityToken(certificate).CreateKeyIdentifierClause <X509RawDataKeyIdentifierClause>() }));
descriptor3.Use = KeyType.Signing;
item.Keys.Add(descriptor3);
if (data.Claims != null)
{
foreach (var claim in data.Claims)
{
DisplayClaim dc = new DisplayClaim(claim.ClaimType, claim.DisplayTag, claim.Description)
{
Optional = claim.Optional
};
item.ClaimTypesOffered.Add(dc);
}
}
item.PassiveRequestorEndpoints.Add(new EndpointAddress(new Uri(data.PassiveRequestorEndpoint).AbsoluteUri));
if (data.Protocols != null)
{
foreach (Protocol protocol in data.Protocols)
{
item.ProtocolsSupported.Add(new Uri(protocol.ProtocolNamespace));
}
}
item.SecurityTokenServiceEndpoints.Add(new EndpointAddress(new Uri(data.ActiveStsEndpoint).AbsoluteUri));
item.Contacts.Add(new ContactPerson(ContactType.Technical)
{
Company = data.MainContact.Company,
GivenName = data.MainContact.GivenName,
Surname = data.MainContact.SurName,
EmailAddresses = { data.MainContact.Email },
TelephoneNumbers = { data.MainContact.Phone }
});
metadata.RoleDescriptors.Add(item);
XmlTextWriter writer = new XmlTextWriter(fileName, Encoding.UTF8);
serializer.WriteMetadata(writer, metadata);
writer.Close();
}
private static DisplayClaim CreateDisplayClaim(string claimType, bool optional, string displayTag, string description)
{
var claim = new DisplayClaim(claimType);
claim.Optional = optional;
claim.DisplayTag = displayTag;
claim.Description = (string.IsNullOrEmpty(description)) ? displayTag : description;
return claim;
}
private static DisplayClaim CreateDisplayClaim(string claimType, bool optional, string displayTag, string description)
{
var claim = new DisplayClaim(claimType);
claim.Optional = optional;
claim.DisplayTag = displayTag;
claim.Description = (string.IsNullOrEmpty(description)) ? displayTag : description;
return(claim);
}
/// <summary>
/// Gets the DisplayToken.
/// </summary>
/// <param name="requestedDisplayTokenLanguage">The requested DisplayToken language. This is an optional parameter and may be null.</param>
/// <param name="subject">The IClaimsIdentity representing the collection of claims that will be placed in the issued security token.</param>
/// <returns>The DisplayToken to be included in the response.</returns>
/// <remarks>
/// This operation might expose information about the user. The code below is intended for illustrative purposes only.
/// </remarks>
protected override DisplayToken GetDisplayToken(string requestedDisplayTokenLanguage, IClaimsIdentity subject)
{
string localizedDisplayTag;
// Try looking up the localized DisplayClaim table for the requestedDisplayTokenLanguage
if (!localizedDisplayClaimTable.TryGetValue(requestedDisplayTokenLanguage, out localizedDisplayTag))
{
localizedDisplayTag = "Given Name"; // default to English
}
DisplayClaimCollection collection = new DisplayClaimCollection();
DisplayClaim claim = new DisplayClaim(ClaimTypes.GivenName);
claim.DisplayTag = localizedDisplayTag; // The input subject can be used to further qualify the DisplayClaim being generated, such as including an optional DisplayValue.
collection.Add(claim);
DisplayToken token = new DisplayToken(requestedDisplayTokenLanguage, collection);
return(token);
}
static void CreatePassiveStsMetadata(StsData data, string fileName, Encoding encoding)
{
MetadataSerializer serializer = new MetadataSerializer();
SecurityTokenServiceDescriptor item = new SecurityTokenServiceDescriptor();
EntityDescriptor metadata = new EntityDescriptor();
metadata.EntityId = new EntityId(data.EntityId);
X509Certificate2 certificate = CertificateHelper.RetrieveCertificate(data.SigninCertificateCn);
metadata.SigningCredentials = new X509SigningCredentials(certificate);
KeyDescriptor descriptor3 = new KeyDescriptor(new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { new X509SecurityToken(certificate).CreateKeyIdentifierClause<X509RawDataKeyIdentifierClause>() }));
descriptor3.Use = KeyType.Signing;
item.Keys.Add(descriptor3);
if (data.Claims != null)
{
foreach (var claim in data.Claims)
{
DisplayClaim dc = new DisplayClaim(claim.ClaimType, claim.DisplayTag, claim.Description)
{
Optional = claim.Optional
};
item.ClaimTypesOffered.Add(dc);
}
}
item.PassiveRequestorEndpoints.Add(new EndpointAddress( new Uri(data.PassiveRequestorEndpoint).AbsoluteUri));
if (data.Protocols != null)
{
foreach (Protocol protocol in data.Protocols)
{
item.ProtocolsSupported.Add(new Uri(protocol.ProtocolNamespace));
}
}
item.SecurityTokenServiceEndpoints.Add(new EndpointAddress( new Uri(data.ActiveStsEndpoint).AbsoluteUri));
item.Contacts.Add(new ContactPerson(ContactType.Technical)
{
Company = data.MainContact.Company,
GivenName = data.MainContact.GivenName,
Surname = data.MainContact.SurName,
EmailAddresses = { data.MainContact.Email },
TelephoneNumbers = { data.MainContact.Phone }
});
metadata.RoleDescriptors.Add(item);
XmlTextWriter writer = new XmlTextWriter(fileName, Encoding.UTF8);
serializer.WriteMetadata(writer, metadata);
writer.Close();
}
public DisplayClaimWrapper(DisplayClaim displayClaim)
{
this.DisplayClaim = displayClaim ?? throw new ArgumentNullException(nameof(displayClaim));
}
