/// <summary>
/// Construct the options from the given configuration section
/// </summary>
/// <param name="configSection"></param>
public SPOptions(KentorAuthServicesSection configSection)
{
if (configSection == null)
{
throw new ArgumentNullException(nameof(configSection));
}
systemIdentityModelIdentityConfiguration = new IdentityConfiguration(true);
ReturnUrl = configSection.ReturnUrl;
MetadataCacheDuration = configSection.Metadata.CacheDuration;
MetadataValidDuration = configSection.Metadata.ValidUntil;
WantAssertionsSigned = configSection.Metadata.WantAssertionsSigned;
ValidateCertificates = configSection.ValidateCertificates;
DiscoveryServiceUrl = configSection.DiscoveryServiceUrl;
EntityId = configSection.EntityId;
ModulePath = configSection.ModulePath;
PublicOrigin = configSection.PublicOrigin;
Organization = configSection.Organization;
AuthenticateRequestSigningBehavior = configSection.AuthenticateRequestSigningBehavior;
NameIdPolicy = new Saml2NameIdPolicy(
configSection.NameIdPolicyElement.AllowCreate, configSection.NameIdPolicyElement.Format);
RequestedAuthnContext = new Saml2RequestedAuthnContext(configSection.RequestedAuthnContext);
configSection.ServiceCertificates.RegisterServiceCertificates(this);
foreach (var acs in configSection.AttributeConsumingServices)
{
AttributeConsumingServices.Add(acs);
}
foreach (var contact in configSection.Contacts)
{
Contacts.Add(contact);
}
}
private void InitializeAuthnRequestProperties(AuthenticationRequest samlRequest)
{
samlRequest.AssertionConsumerServiceUrl = new Uri(ssoAgentConfig.Saml2.ACSURL);
samlRequest.DestinationUrl = new Uri(ssoAgentConfig.Saml2.IdPURL);
samlRequest.ForceAuthentication = ssoAgentConfig.Saml2.IsForceAuthn;
samlRequest.Issuer = new EntityId(ssoAgentConfig.Saml2.SPEntityId);
samlRequest.ProtocolBinding = ssoAgentConfig.Saml2.HttpBinding;
if (Int32.TryParse(ssoAgentConfig.Saml2.AttributeConsumingServiceIndex, out int attributeConsumingServiceIndex))
{
samlRequest.AttributeConsumingServiceIndex = attributeConsumingServiceIndex;
}
Saml2NameIdPolicy nameIdPolocy = new Saml2NameIdPolicy(true, NameIdFormat.Persistent);
Saml2RequestedAuthnContext saml2RequestedAuthnContext = new Saml2RequestedAuthnContext(
new Uri("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"), AuthnContextComparisonType.Exact);
samlRequest.RequestedAuthnContext = saml2RequestedAuthnContext;
}
/// <summary>
/// Construct the options from the given configuration section
/// </summary>
/// <param name="configSection"></param>
public SPOptions(SustainsysSaml2Section configSection)
{
if (configSection == null)
{
throw new ArgumentNullException(nameof(configSection));
}
ReturnUrl = configSection.ReturnUrl;
MetadataCacheDuration = configSection.Metadata.CacheDuration;
MetadataValidDuration = configSection.Metadata.ValidUntil;
WantAssertionsSigned = configSection.Metadata.WantAssertionsSigned;
ValidateCertificates = configSection.ValidateCertificates;
DiscoveryServiceUrl = configSection.DiscoveryServiceUrl;
EntityId = configSection.EntityId;
ModulePath = configSection.ModulePath;
PublicOrigin = configSection.PublicOrigin;
Organization = configSection.Organization;
OutboundSigningAlgorithm = XmlHelpers.GetFullSigningAlgorithmName(configSection.OutboundSigningAlgorithm);
MinIncomingSigningAlgorithm =
XmlHelpers.GetFullSigningAlgorithmName(configSection.MinIncomingSigningAlgorithm);
AuthenticateRequestSigningBehavior = configSection.AuthenticateRequestSigningBehavior;
NameIdPolicy = new Saml2NameIdPolicy(
configSection.NameIdPolicyElement.AllowCreate, configSection.NameIdPolicyElement.Format);
RequestedAuthnContext = new Saml2RequestedAuthnContext(configSection.RequestedAuthnContext);
Compatibility = new Compatibility(configSection.Compatibility);
configSection.ServiceCertificates.RegisterServiceCertificates(this);
foreach (var acs in configSection.AttributeConsumingServices)
{
AttributeConsumingServices.Add(acs);
}
foreach (var contact in configSection.Contacts)
{
Contacts.Add(contact);
}
}
