RetrieveCertificate() public static method

public static RetrieveCertificate ( string subjectName ) : X509Certificate2
subjectName string
return System.Security.Cryptography.X509Certificates.X509Certificate2
Exemplo n.º 1
0
        static void CreatePassiveStsMetadata(StsData data, string fileName, Encoding encoding)
        {
            MetadataSerializer             serializer = new MetadataSerializer();
            SecurityTokenServiceDescriptor item       = new SecurityTokenServiceDescriptor();
            EntityDescriptor metadata = new EntityDescriptor();

            metadata.EntityId = new EntityId(data.EntityId);

            X509Certificate2 certificate = CertificateHelper.RetrieveCertificate(data.SigninCertificateCn);

            metadata.SigningCredentials = new X509SigningCredentials(certificate);
            KeyDescriptor descriptor3 = new KeyDescriptor(new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { new X509SecurityToken(certificate).CreateKeyIdentifierClause <X509RawDataKeyIdentifierClause>() }));

            descriptor3.Use = KeyType.Signing;
            item.Keys.Add(descriptor3);

            if (data.Claims != null)
            {
                foreach (var claim in data.Claims)
                {
                    DisplayClaim dc = new DisplayClaim(claim.ClaimType, claim.DisplayTag, claim.Description)
                    {
                        Optional = claim.Optional
                    };

                    item.ClaimTypesOffered.Add(dc);
                }
            }

            item.PassiveRequestorEndpoints.Add(new EndpointAddress(new Uri(data.PassiveRequestorEndpoint).AbsoluteUri));

            if (data.Protocols != null)
            {
                foreach (Protocol protocol in data.Protocols)
                {
                    item.ProtocolsSupported.Add(new Uri(protocol.ProtocolNamespace));
                }
            }


            item.SecurityTokenServiceEndpoints.Add(new EndpointAddress(new Uri(data.ActiveStsEndpoint).AbsoluteUri));
            item.Contacts.Add(new ContactPerson(ContactType.Technical)
            {
                Company          = data.MainContact.Company,
                GivenName        = data.MainContact.GivenName,
                Surname          = data.MainContact.SurName,
                EmailAddresses   = { data.MainContact.Email },
                TelephoneNumbers = { data.MainContact.Phone }
            });

            metadata.RoleDescriptors.Add(item);



            XmlTextWriter writer = new XmlTextWriter(fileName, Encoding.UTF8);

            serializer.WriteMetadata(writer, metadata);
            writer.Close();
        }
Exemplo n.º 2
0
        private static void CreateIdentityProviderMetadata(SamlIdpData idpData, string fileName, Encoding encoding)
        {
            if (string.IsNullOrEmpty(idpData.SigninCertificateCn))
            {
                throw new ApplicationException("no CN for a Certificate supplied");
            }

            string signingCertificateSubjectName = idpData.SigninCertificateCn;

            Constants.NameIdType nidFmt = idpData.NameIdType;

            MetadataSerializer serializer = new MetadataSerializer();
            IdentityProviderSingleSignOnDescriptor item = new IdentityProviderSingleSignOnDescriptor();

            EntityDescriptor metadata = new EntityDescriptor();

            metadata.EntityId = new EntityId(idpData.EntityId);

            X509Certificate2 certificate = CertificateHelper.RetrieveCertificate(signingCertificateSubjectName);
            KeyDescriptor    descriptor  = new KeyDescriptor(
                new SecurityKeyIdentifier(
                    new SecurityKeyIdentifierClause[]
            {
                new X509SecurityToken(certificate).CreateKeyIdentifierClause <X509RawDataKeyIdentifierClause>()
            }));

            descriptor.Use = KeyType.Signing;
            item.Keys.Add(descriptor);

            //using 2.0
            if (Constants.NameIdType.Saml20 == nidFmt)
            {
                item.NameIdentifierFormats.Add(Saml2Constants.NameIdentifierFormats.Transient);
            }

            //using 1.1
            if (Constants.NameIdType.Saml11 == nidFmt)
            {
                item.NameIdentifierFormats.Add(Saml2Constants.NameIdentifierFormats.Unspecified);
            }

            foreach (var attributeName in idpData.AttributeNames)
            {
                Saml2Attribute at1 = new Saml2Attribute(attributeName.Name)
                {
                    NameFormat = new Uri(Constants.Saml20AttributeNameFormat)
                };
                item.SupportedAttributes.Add(at1);
            }

            item.ProtocolsSupported.Add(new Uri(Constants.Saml20Protocol));
            item.SingleSignOnServices.Add(new ProtocolEndpoint(new Uri(idpData.BindingType), new Uri(idpData.BindingLocation)));

            metadata.RoleDescriptors.Add(item);

            metadata.Contacts.Add(new ContactPerson(ContactType.Technical)
            {
                Company          = idpData.MainContact.Company,
                GivenName        = idpData.MainContact.GivenName,
                Surname          = idpData.MainContact.SurName,
                EmailAddresses   = { idpData.MainContact.Email },
                TelephoneNumbers = { idpData.MainContact.Phone }
            });

            XmlTextWriter writer = new XmlTextWriter(fileName, encoding);

            serializer.WriteMetadata(writer, metadata);
            writer.Close();
        }