Exemplo n.º 1
0
        public void InvokeSingleSignOn(HttpContext context)
        {
            try
            {
                // Extract SAMLRequest information from httpRequest
                string strRequestId = string.Format("id-{0}", Guid.NewGuid());

                SAMLAuthnRequest request = GetSignedSamlAuthnRequest(strRequestId, "2.0", "https://www.google.com/", "");

                // Read SingleSignOn Cookie => return value might be null => checked by SAMLIdentityProvider
                UserContext.Current = SingleSignOnCookie.GetSingleSignOnUserInfo(context);

                // Read additional attributes from Cookie, which were added via extender
                IEnumerable <SAMLAssertionAttribute> additionalAttributes = SingleSignOnCookie.GetAttributes(context);

                // Process SAMLAuthnRequest and Signature and create SAMLAuthnResponse
                SAMLIdentityProvider identityProvider = new SAMLIdentityProvider();
                SAMLAuthnResponse    response         = identityProvider.CreateResponse(request, additionalAttributes == null ? null : additionalAttributes.ToArray());

                // Render self-submitting HTMl-Form to respond to the SAMLAuthnRequest
                RenderSAMLResponse(context, request, response);
            }
            catch (Exception ex)
            {
                AdeNetSingleSignOn.Log.Error(ex);
                context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
            }
        }
Exemplo n.º 2
0
        public void ProcessRequest(HttpContext context)
        {
            try
            {
                // Extract SAMLRequest information from httpRequest
                SAMLAuthnRequest request = GetSAMLAuthnRequestFromContext(context);
                AdeNetSingleSignOn.Log.Info("A new SAMLAuthnRequest is being processed.", request);

                // Read SingleSignOn Cookie => return value might be null => checked by SAMLIdentityProvider
                UserContext.Current = SingleSignOnCookie.GetSingleSignOnUserInfo(context);

                // Read additional attributes from Cookie, which were added via extender
                IEnumerable <SAMLAssertionAttribute> additionalAttributes = SingleSignOnCookie.GetAttributes(context);

                // Process SAMLAuthnRequest and Signature and create SAMLAuthnResponse
                SAMLIdentityProvider identityProvider = new SAMLIdentityProvider();
                SAMLAuthnResponse    response         = identityProvider.CreateResponse(request, additionalAttributes == null ? null : additionalAttributes.ToArray());

                // Render self-submitting HTMl-Form to respond to the SAMLAuthnRequest
                RenderSAMLResponse(context, request, response);
            }
            catch (Exception ex)
            {
                AdeNetSingleSignOn.Log.Error(ex);
                context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
            }
        }
Exemplo n.º 3
0
        private SAMLAuthnResponse CreateFailureResponse(SAMLAuthnRequest request, string strRequestId, string strIssuerURN, string strTopLevelSamlTopLevelStatusCode, string strStatusMessage,
                                                        params string[] strSecondLevelSAMLStatusCodes)
        {
            // Response - Root-Element
            XElement elementResponse = CreateResponseElement(strRequestId, strIssuerURN);

            // Issuer Element
            elementResponse.Add(
                new XElement(SAML_ASSERTION_NAMESPACE + "Issuer", SystemSettings <SingleSignOnSystemSettings> .Current.SamlServiceEntityId,
                             new XAttribute(XNamespace.Xmlns + SAML_ASSERTION_NAMESPACE_PREFIX, SAML_ASSERTION_NAMESPACE)));

            // Status Element
            elementResponse.Add(CreateStatusElement(strTopLevelSamlTopLevelStatusCode, strStatusMessage, strSecondLevelSAMLStatusCodes));

            // Create Response
            XDocument samlResponseXml = new XDocument(elementResponse);

            // Sign Assertion Element
            string            strSignedXmlResponseString = CreateSignedDocumentString(samlResponseXml, STATUS_ELEMENT_NAME, SAML_PROTOCOL_NAMESPACE_PREFIX, SAML_PROTOCOL_NAMESPACE.NamespaceName, "");
            SAMLAuthnResponse response = CreateAuthnResponse(strIssuerURN, strSignedXmlResponseString, request.RelayState);

            // Log the Error
            AdeNetSingleSignOn.Log.Error(strStatusMessage, strRequestId, request, response);

            return(response);
        }
Exemplo n.º 4
0
        private void RenderSAMLResponse(HttpContext context, SAMLAuthnRequest request, SAMLAuthnResponse response)
        {
            if (context == null)
            {
                throw new ArgumentNullException("context");
            }
            if (response == null)
            {
                throw new ArgumentNullException("response");
            }
            if (string.IsNullOrWhiteSpace(response.SAMLAssertionConsumerServiceURL))
            {
                throw new Exception("SAMLAssertionConsumerServiceURL cannot be empty.");
            }

            AdeNetSingleSignOn.Log.Info("SAMLAuthnResponse corresponding to the previously processed SAMLAuthnRequest.", request, response);

            string strHtmlForm =
                string.Format(@"
								<html xmlns='http://www.w3.org/1999/xhtml'>
									<body onLoad='document.forms.formSAMLResponse.submit();'>
										<form id='formSAMLResponse' method='POST' action='{0}'>
											<input name='{1}' type='hidden' value='{2}' />
											<input name='{3}' type='hidden' value='{4}' />
										</form>
									</body>
								</html>"                                ,
                              response.SAMLAssertionConsumerServiceURL,
                              SAML_RESPONSE_FORM_ELEMENT_ID,
                              Convert.ToBase64String(Encoding.UTF8.GetBytes(response.SAMLResponse)),
                              SAML_RELAYSTATE_FORM_ELEMENT_ID,
                              response.RelayState);

            context.Response.StatusCode = (int)HttpStatusCode.OK;
            context.Response.Write(strHtmlForm);
        }