Exemplo n.º 1
0
        public async Task <TokenHandlingResponse> HandleToken(HandleTokenContext context)
        {
            var            partnerId        = context._federationPartyId;
            ClaimsIdentity identity         = null;
            var            reader           = XmlReader.Create(new StringReader(context.Token.OuterXml));
            var            token            = this._tokenSerialiser.DeserialiseToken(reader, partnerId);
            var            validationResult = new List <ValidationResult>();
            var            isValid          = this._tokenValidator.Validate(token, validationResult, partnerId);

            if (isValid)
            {
                var identities = await this._identityProvider.GenerateUserIdentitiesAsync(new Tuple <Saml2SecurityToken, HandleTokenContext>((Saml2SecurityToken)token, context), new[] { context.AuthenticationMethod });

                identity = identities[context.AuthenticationMethod];
            }

            return(new TokenHandlingResponse(token, identity, context.RelayState, validationResult));
        }
Exemplo n.º 2
0
        public async Task Handle(HttpPostResponseInboundContext context)
        {
            try
            {
                if (context == null)
                {
                    throw new ArgumentNullException("context");
                }

                var responseStatus = await this._responseParser.Parse(context);

                var samlResponse = responseStatus.StatusResponse as TokenResponse;

                var hasToken = (samlResponse != null && samlResponse.Assertions != null && samlResponse.Assertions.Length == 1);
                context.HasSecurityToken = hasToken;
                this._logProvider.LogMessage(String.Format("Response is{0} a security token carrier.", hasToken ? String.Empty : " not"));
                if (hasToken)
                {
                    var token          = samlResponse.Assertions[0];
                    var handlerContext = new HandleTokenContext(token, responseStatus.FederationPartyId, context.AuthenticationMethod, responseStatus.SamlInboundMessage.RelayState);
                    var response       = await this._tokenHandler.HandleToken(handlerContext);

                    if (!response.IsValid)
                    {
                        throw new Exception(EnumerableExtensions.Aggregate(response.ValidationResults.Select(x => x.ErrorMessage)));
                    }
                    context.Identity = response.Identity;
                    if (response.Token != null)
                    {
                        context.Properties.Add("ValidFrom", response.Token.ValidFrom);
                        context.Properties.Add("ValidTo", response.Token.ValidTo);
                    }
                }
            }
            catch (Exception ex)
            {
                Exception innerEx;
                this._logProvider.TryLogException(ex, out innerEx);
                if (innerEx != null)
                {
                    throw innerEx;
                }
            }
        }
Exemplo n.º 3
0
        public async Task <ClaimsIdentity> Handle(HttpPostResponseContext context)
        {
            try
            {
                //ToDo handle this properly, response handling, token validation, claims generation etc
                var elements       = context.Form;
                var responseBase64 = elements[HttpRedirectBindingConstants.SamlResponse];
                var responseBytes  = Convert.FromBase64String(responseBase64);
                var responseText   = Encoding.UTF8.GetString(responseBytes);

                var relayState = await this._relayStateHandler.GetRelayStateFromFormData(elements);

                this._logProvider.LogMessage(String.Format("Response recieved:\r\n {0}", responseText));
                var responseStatus = ResponseHelper.ParseResponseStatus(responseText, this._logProvider);
                ResponseHelper.EnsureSuccessAndThrow(responseStatus);

                using (var reader = new StringReader(responseText))
                {
                    using (var xmlReader = XmlReader.Create(reader))
                    {
                        var handlerContext = new HandleTokenContext(xmlReader, relayState, context.AuthenticationMethod);
                        var response       = await this._tokenHandler.HandleToken(handlerContext);

                        if (!response.IsValid)
                        {
                            throw new Exception(EnumerableExtensions.Aggregate(response.ValidationResults.Select(x => x.ErrorMessage)));
                        }
                        return(response.Identity);
                    }
                }
            }
            catch (Exception ex)
            {
                Exception innerEx;
                this._logProvider.TryLogException(ex, out innerEx);
                if (innerEx != null)
                {
                    throw innerEx;
                }
            }
            return(null);
        }
Exemplo n.º 4
0
        public async Task <TokenHandlingResponse> HandleToken(HandleTokenContext context)
        {
            var relayState = context.RelayState as IDictionary <string, object>;

            if (relayState == null)
            {
                throw new InvalidOperationException(String.Format("Expected relay state type of: {0}, but it was: {1}", typeof(IDictionary <string, object>).Name, context.RelayState.GetType().Name));
            }
            var            partnerId        = relayState["federationPartyId"].ToString();
            ClaimsIdentity identity         = null;
            var            token            = this._tokenSerialiser.DeserialiseToken(context.Token, partnerId);
            var            validationResult = new List <ValidationResult>();
            var            isValid          = this._tokenValidator.Validate(token, validationResult, partnerId);

            if (isValid)
            {
                var identities = await this._identityProvider.GenerateUserIdentitiesAsync((Saml2SecurityToken)token, new[] { context.AuthenticationMethod });

                identity = identities[context.AuthenticationMethod];
            }

            return(new TokenHandlingResponse(token, identity, validationResult));
        }
Exemplo n.º 5
0
        public bool CanHandleToken(HandleTokenContext context)
        {
            var reader = XmlReader.Create(new StringReader(context.Token.OuterXml));

            return(this._tokenSerialiser.CanReadToken(reader));
        }