private static void CreateIdentityProviderMetadata(SamlSpData samlSpData, string fileName, Encoding encoding) { Constants.NameIdType nidFmt = samlSpData.NameIdType; MetadataSerializer serializer = new MetadataSerializer(); ServiceProviderSingleSignOnDescriptor item = new ServiceProviderSingleSignOnDescriptor(); EntityDescriptor metadata = new EntityDescriptor(); metadata.EntityId = new EntityId(samlSpData.EntityId); //using 2.0 if (Constants.NameIdType.Saml20 == nidFmt) { item.NameIdentifierFormats.Add(Saml2Constants.NameIdentifierFormats.Transient); } //using 1.1 if (Constants.NameIdType.Saml11 == nidFmt) { item.NameIdentifierFormats.Add(Saml2Constants.NameIdentifierFormats.Unspecified); } item.ProtocolsSupported.Add(new Uri(Constants.Saml20Protocol)); IndexedProtocolEndpoint ipEndpoint = new IndexedProtocolEndpoint() { IsDefault = true, Binding = new Uri(samlSpData.BindingType), Location = new Uri(samlSpData.BindingLocation) }; item.AssertionConsumerService.Add(0, ipEndpoint); metadata.RoleDescriptors.Add(item); metadata.Contacts.Add(new ContactPerson(ContactType.Technical) { Company = samlSpData.MainContact.Company, GivenName = samlSpData.MainContact.GivenName, Surname = samlSpData.MainContact.SurName, EmailAddresses = { samlSpData.MainContact.Email }, TelephoneNumbers = { samlSpData.MainContact.Phone } }); XmlTextWriter writer = new XmlTextWriter(fileName, encoding); serializer.WriteMetadata(writer, metadata); writer.Close(); }
private static void CreateIdentityProviderMetadata(SamlIdpData idpData, string fileName, Encoding encoding) { if (string.IsNullOrEmpty(idpData.SigninCertificateCn)) { throw new ApplicationException("no CN for a Certificate supplied"); } string signingCertificateSubjectName = idpData.SigninCertificateCn; Constants.NameIdType nidFmt = idpData.NameIdType; MetadataSerializer serializer = new MetadataSerializer(); IdentityProviderSingleSignOnDescriptor item = new IdentityProviderSingleSignOnDescriptor(); EntityDescriptor metadata = new EntityDescriptor(); metadata.EntityId = new EntityId(idpData.EntityId); X509Certificate2 certificate = CertificateHelper.RetrieveCertificate(signingCertificateSubjectName); KeyDescriptor descriptor = new KeyDescriptor( new SecurityKeyIdentifier( new SecurityKeyIdentifierClause[] { new X509SecurityToken(certificate).CreateKeyIdentifierClause <X509RawDataKeyIdentifierClause>() })); descriptor.Use = KeyType.Signing; item.Keys.Add(descriptor); //using 2.0 if (Constants.NameIdType.Saml20 == nidFmt) { item.NameIdentifierFormats.Add(Saml2Constants.NameIdentifierFormats.Transient); } //using 1.1 if (Constants.NameIdType.Saml11 == nidFmt) { item.NameIdentifierFormats.Add(Saml2Constants.NameIdentifierFormats.Unspecified); } foreach (var attributeName in idpData.AttributeNames) { Saml2Attribute at1 = new Saml2Attribute(attributeName.Name) { NameFormat = new Uri(Constants.Saml20AttributeNameFormat) }; item.SupportedAttributes.Add(at1); } item.ProtocolsSupported.Add(new Uri(Constants.Saml20Protocol)); item.SingleSignOnServices.Add(new ProtocolEndpoint(new Uri(idpData.BindingType), new Uri(idpData.BindingLocation))); metadata.RoleDescriptors.Add(item); metadata.Contacts.Add(new ContactPerson(ContactType.Technical) { Company = idpData.MainContact.Company, GivenName = idpData.MainContact.GivenName, Surname = idpData.MainContact.SurName, EmailAddresses = { idpData.MainContact.Email }, TelephoneNumbers = { idpData.MainContact.Phone } }); XmlTextWriter writer = new XmlTextWriter(fileName, encoding); serializer.WriteMetadata(writer, metadata); writer.Close(); }