Exemplo n.º 1
0
 protected override Task <bool> ValidateInternal(SamlResponseValidationContext context)
 {
     base._logProvider.LogMessage("ResponseSuccessRule running.");
     ResponseHelper.EnsureSuccessAndThrow(context.ResponseContext);
     base._logProvider.LogMessage("ResponseSuccessRule success.");
     return(Task.FromResult(true));
 }
Exemplo n.º 2
0
 protected override Task <bool> ValidateInternal(SamlResponseValidationContext context)
 {
     base._logProvider.LogMessage("RelayState In Response Rule running.");
     if (!context.ResponseContext.SamlInboundMessage.HasRelaySate)
     {
         throw new InvalidOperationException("Relay state is missing.");
     }
     return(Task.FromResult(true));
 }
Exemplo n.º 3
0
 protected override Task <bool> ValidateInternal(SamlResponseValidationContext context)
 {
     base._logProvider.LogMessage("In Response To Rule running.");
     if (context.ResponseContext.SamlInboundMessage.RelayState == null)
     {
         throw new InvalidOperationException("Relay state is missing.");
     }
     ResponseHelper.EnsureRequestIdMatch(context.ResponseContext.SamlInboundMessage.RelayState, context.ResponseContext.StatusResponse.InResponseTo);
     return(Task.FromResult(true));
 }
Exemplo n.º 4
0
        protected override Task <bool> ValidateInternal(SamlResponseValidationContext context)
        {
            base._logProvider.LogMessage("Issuer Known Rule running.");
            var federationParnerId = this._service.ResolveParnerId(context.ResponseContext);

            if (String.IsNullOrWhiteSpace(federationParnerId))
            {
                throw new InvalidOperationException(String.Format("Unsolicited Web SSO initiated by unknow issuer. Issuer: {0}", context.ResponseContext.StatusResponse.Issuer.Value));
            }

            context.ResponseContext.SamlInboundMessage.Elements[HttpRedirectBindingConstants.RelayState] = new Dictionary <string, object> {
                { RelayStateContstants.FederationPartyId, federationParnerId }
            };

            return(Task.FromResult(true));
        }
Exemplo n.º 5
0
        protected override Task <bool> ValidateInternal(SamlResponseValidationContext context)
        {
            base._logProvider.LogMessage("TokenInResponseRule In Response Rule running.");
            var tokenResponse = context.ResponseContext.StatusResponse as Shared.Federtion.Response.TokenResponse;

            if (tokenResponse == null)
            {
                return(Task.FromResult(true));
            }

            var hasToken = (tokenResponse != null && tokenResponse.Assertions != null && tokenResponse.Assertions.Length == 1);

            if (context.ResponseContext.IsSuccess && !hasToken)
            {
                throw new InvalidOperationException("Security token is missing.");
            }
            return(Task.FromResult(true));
        }
Exemplo n.º 6
0
        protected override Task <bool> ValidateInternal(SamlResponseValidationContext context)
        {
            var inboundContext = context.ResponseContext;
            var validated      = false;

            if (inboundContext.SamlInboundMessage.Binding == new Uri(Kernel.Federation.Constants.ProtocolBindings.HttpRedirect))
            {
                validated = Helper.ValidateRedirectSignature(inboundContext, this._certificateManager);
            }
            else
            {
                validated = Helper.ValidateMessageSignature(inboundContext, this._signatureManager);
            }

            base._logProvider.LogMessage(String.Format("ResponseSignatureRule{0}.", validated ? " success" : "failure"));
            if (!validated)
            {
                throw new InvalidOperationException("Invalid response signature.");
            }

            return(Task.FromResult(validated));
        }
Exemplo n.º 7
0
 protected abstract Task <bool> ValidateInternal(SamlResponseValidationContext context);