private async Task <string> GetPartnerTicketFromAdfsAsync(string adfsUrl, string username, string password) { string body = string.Format( CultureInfo.InvariantCulture, /* * "<?xml version=\"1.0\" encoding=\"UTF-8\"?><s:Envelope xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\" xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:wssc=\"http://schemas.xmlsoap.org/ws/2005/02/sc\" xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\"><s:Header><wsa:Action s:mustUnderstand=\"1\">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action><wsa:To s:mustUnderstand=\"1\">{0}</wsa:To><wsa:MessageID>{1}</wsa:MessageID><ps:AuthInfo xmlns:ps=\"http://schemas.microsoft.com/Passport/SoapServices/PPCRL\" Id=\"PPAuthInfo\"><ps:HostingApp>Managed IDCRL</ps:HostingApp><ps:BinaryVersion>6</ps:BinaryVersion><ps:UIVersion>1</ps:UIVersion><ps:Cookies></ps:Cookies><ps:RequestParams>AQAAAAIAAABsYwQAAAAxMDMz</ps:RequestParams></ps:AuthInfo><wsse:Security><wsse:UsernameToken wsu:Id=\"user\"><wsse:Username>{2}</wsse:Username><wsse:Password>{3}</wsse:Password></wsse:UsernameToken><wsu:Timestamp Id=\"Timestamp\"><wsu:Created>{4}</wsu:Created><wsu:Expires>{5}</wsu:Expires></wsu:Timestamp></wsse:Security></s:Header><s:Body><wst:RequestSecurityToken Id=\"RST0\"><wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType><wsp:AppliesTo><wsa:EndpointReference><wsa:Address>{6}</wsa:Address></wsa:EndpointReference></wsp:AppliesTo><wst:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</wst:KeyType></wst:RequestSecurityToken></s:Body></s:Envelope>", */ IdcrlMessageConstants.AdfsAuthMessage, IdcrlUtility.XmlValueEncode(adfsUrl), Guid.NewGuid().ToString(), IdcrlUtility.XmlValueEncode(username), IdcrlUtility.XmlValueEncode(password), DateTime.UtcNow.ToString("o", CultureInfo.InvariantCulture), DateTime.UtcNow.AddMinutes(10.0).ToString("o", CultureInfo.InvariantCulture), this.FederationTokenIssuer); XDocument xDocument = await this.DoPostAsync(adfsUrl, IdcrlMessageConstants.SoapContentType, body, this.HandleWebException); Exception soapException = this.GetSoapException(xDocument); if (soapException != null) { this._Logger?.LogError("SOAP error from {0}. Exception={1}", adfsUrl, soapException); throw soapException; } XElement elementAtPath = IdcrlUtility.GetElementAtPath(xDocument.Root, "{http://www.w3.org/2003/05/soap-envelope}Body", "{http://schemas.xmlsoap.org/ws/2005/02/trust}RequestSecurityTokenResponse", "{http://schemas.xmlsoap.org/ws/2005/02/trust}RequestedSecurityToken", "{urn:oasis:names:tc:SAML:1.0:assertion}Assertion"); if (elementAtPath == null) { this._Logger?.LogError("Cannot get security assertion for user {0} from {1}", username, adfsUrl); throw CreateIdcrlException(-2147186451); } return(elementAtPath.ToString(SaveOptions.DisableFormatting | SaveOptions.OmitDuplicateNamespaces)); }
private string BuildWsSecurityUsingUsernamePassword(string username, string password) { DateTime utcNow = DateTime.UtcNow; return(string.Format( CultureInfo.InvariantCulture, "<wsse:UsernameToken wsu:Id=\"user\"><wsse:Username>{0}</wsse:Username><wsse:Password>{1}</wsse:Password></wsse:UsernameToken><wsu:Timestamp Id=\"Timestamp\"><wsu:Created>{2}</wsu:Created><wsu:Expires>{3}</wsu:Expires></wsu:Timestamp>\r\n", IdcrlUtility.XmlValueEncode(username), IdcrlUtility.XmlValueEncode(password), utcNow.ToString("o", CultureInfo.InvariantCulture), utcNow.AddDays(1.0).ToString("o", CultureInfo.InvariantCulture))); }
private async Task <string> GetServiceTokenAsync(string securityXml, string serviceTarget, string servicePolicy) { string serviceTokenUrl = this.ServiceTokenUrl; string text = string.Empty; if (!string.IsNullOrEmpty(servicePolicy)) { text = string.Format(CultureInfo.InvariantCulture, "<wsp:PolicyReference URI=\"{0}\"></wsp:PolicyReference>", new object[1] { servicePolicy }); } string body = string.Format( CultureInfo.InvariantCulture, /* * "<?xml version=\"1.0\" encoding=\"UTF-8\"?><S:Envelope xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\"><S:Header><wsa:Action S:mustUnderstand=\"1\">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action><wsa:To S:mustUnderstand=\"1\">{0}</wsa:To><ps:AuthInfo xmlns:ps=\"http://schemas.microsoft.com/LiveID/SoapServices/v1\" Id=\"PPAuthInfo\"><ps:BinaryVersion>5</ps:BinaryVersion><ps:HostingApp>Managed IDCRL</ps:HostingApp></ps:AuthInfo><wsse:Security>{1}</wsse:Security></S:Header><S:Body><wst:RequestSecurityToken xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\" Id=\"RST0\"><wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType><wsp:AppliesTo><wsa:EndpointReference><wsa:Address>{2}</wsa:Address></wsa:EndpointReference></wsp:AppliesTo>{3}</wst:RequestSecurityToken></S:Body></S:Envelope>\r\n", */ IdcrlMessageConstants.AuthMessage, IdcrlUtility.XmlValueEncode(serviceTokenUrl), securityXml, IdcrlUtility.XmlValueEncode(serviceTarget), text); XDocument xDocument = await this.DoPostAsync(serviceTokenUrl, IdcrlMessageConstants.SoapContentType, body, this.HandleWebException); Exception soapException = GetSoapException(xDocument); if (soapException != null) { this._Logger?.LogError("Soap error from {0}. Exception={1}", serviceTokenUrl, soapException); throw soapException; } XElement elementAtPath = IdcrlUtility.GetElementAtPath(xDocument.Root, "{http://www.w3.org/2003/05/soap-envelope}Body", "{http://schemas.xmlsoap.org/ws/2005/02/trust}RequestSecurityTokenResponse", "{http://schemas.xmlsoap.org/ws/2005/02/trust}RequestedSecurityToken", "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken"); if (elementAtPath == null) { this._Logger?.LogError("Cannot get binary security token for from {0}", serviceTokenUrl); throw IdcrlAuth.CreateIdcrlException(-2147186656); } return(elementAtPath.Value); }