private static EntitiesDescriptor LoadMetadata() { Console.WriteLine("Loading SAML metadata file {0}.", fileName); XmlDocument xmlDocument = new XmlDocument(); xmlDocument.PreserveWhitespace = true; xmlDocument.Load(fileName); EntitiesDescriptor entitiesDescriptor = null; if (EntitiesDescriptor.IsValid(xmlDocument.DocumentElement)) { Console.WriteLine("Reading SAML entities descriptor metadata."); entitiesDescriptor = new EntitiesDescriptor(xmlDocument.DocumentElement); } else if (EntityDescriptor.IsValid(xmlDocument.DocumentElement)) { Console.WriteLine("Reading SAML entity descriptor metadata."); entitiesDescriptor = new EntitiesDescriptor(); entitiesDescriptor.EntityDescriptors.Add(new EntityDescriptor(xmlDocument.DocumentElement)); } else { throw new ArgumentException("Expecting entities descriptor or entity descriptor."); } return(entitiesDescriptor); }
internal Federation(EntitiesDescriptor metadata, bool allowUnsolicitedAuthnResponse) { identityProviders = metadata.ChildEntities .Where(ed => ed.RoleDescriptors.OfType <IdentityProviderSingleSignOnDescriptor>().Any()) .Select(ed => new IdentityProvider(ed, allowUnsolicitedAuthnResponse)) .ToDictionary(idp => idp.EntityId, EntityIdEqualityComparer.Instance); }
static void Main(string[] args) { try { ParseArguments(args); EntitiesDescriptor entitiesDescriptor = LoadMetadata(); SAMLConfiguration samlConfiguration = LoadSAMLConfiguration(); IList <X509Certificate2> x509Certificates = new List <X509Certificate2>(); MetadataImporter.Import(entitiesDescriptor, samlConfiguration, x509Certificates); AddLocalProviders(samlConfiguration); UpdatePartnerProviders(samlConfiguration); SaveSAMLConfiguration(samlConfiguration); SaveCertificates(x509Certificates); } catch (Exception exception) { Console.Error.WriteLine(exception.ToString()); if (exception is ArgumentException) { ShowUsage(); } } }
// Reads an entities descriptor private static void ReadEntitiesDescriptor(EntitiesDescriptor entitiesDescriptor) { foreach (EntityDescriptor entityDescriptor in entitiesDescriptor.EntityDescriptors) { ReadEntityDescriptor(entityDescriptor); } }
public static EntitiesDescriptor GetEntitiesDescriptor() { var descriptor = new EntitiesDescriptor(); var entityDesc = EntityDescriptorProviderMock.GetEntityDescriptor(); descriptor.ChildEntities.Add(entityDesc); return(descriptor); }
public static EntitiesDescriptor CreateFederationMetadata() { var metadata = new EntitiesDescriptor { Name = "Sustainsys.Saml2.StubIdp Federation", CacheDuration = new XsdDuration(minutes: 15), ValidUntil = DateTime.UtcNow.AddDays(1) }; metadata.ChildEntities.Add(CreateIdpMetadata(false)); return(metadata); }
private static void ReadMetadata(XmlElement xmlElement) { if (EntitiesDescriptor.IsValid(xmlElement)) { Console.Error.WriteLine("Reading SAML entities descriptor metadata"); EntitiesDescriptor entitiesDescriptor = new EntitiesDescriptor(xmlElement); Console.WriteLine(entitiesDescriptor.ToXml().OuterXml); } else if (EntityDescriptor.IsValid(xmlElement)) { Console.Error.WriteLine("Reading SAML entity descriptor metadata"); EntityDescriptor entityDescriptor = new EntityDescriptor(xmlElement); Console.WriteLine(entityDescriptor.ToXml().OuterXml); } else { throw new ArgumentException("Expecting entities descriptor or entity descriptor"); } }
private SecurityTokenServiceDescriptor ReadStsDescriptor(MetadataBase metadataBase) { EntitiesDescriptor entities = metadataBase as EntitiesDescriptor; if (entities != null) { foreach (EntityDescriptor en in entities.ChildEntities) { foreach (RoleDescriptor role in en.RoleDescriptors) { SecurityTokenServiceDescriptor stsDescriptor = role as SecurityTokenServiceDescriptor; if (stsDescriptor != null) { // // If there are multiple STS descriptors, the first one listed will be used. // This mirrors the behavior of the Federation Utility tool that creates automatic trust // using the STS Federation metadata. This is provided for illustrative purposes only. // In a production system, you may choose to trust one or more STS descriptors that are // published in the STS Federation metadata. // return(stsDescriptor); } } } } EntityDescriptor entity = metadataBase as EntityDescriptor; if (entity != null) { foreach (RoleDescriptor role in entity.RoleDescriptors) { SecurityTokenServiceDescriptor stsDescriptor = role as SecurityTokenServiceDescriptor; if (stsDescriptor != null) { // // If there are multiple STS descriptors, the first one listed will be used. // This mirrors the behavior of the Federation Utility tool that creates automatic trust // using the STS Federation metadata. This is provided for illustrative purposes only. // In a production system, you may choose to trust one or more STS descriptors that are // published in the STS Federation metadata. // return(stsDescriptor); } } } throw new InvalidOperationException("The metadata does not contain a valid SecurityTokenServiceDescriptor."); }
// Reads SAML v2.0 metadata private static void ReadMetadata(XmlElement xmlElement) { if (EntitiesDescriptor.IsValid(xmlElement)) { ReadEntitiesDescriptor(new EntitiesDescriptor(xmlElement)); } else if (EntityDescriptor.IsValid(xmlElement)) { ReadEntityDescriptor(new EntityDescriptor(xmlElement)); } else { throw new ArgumentException("Expecting entities descriptor or entity descriptor"); } }
private static EntityDescriptor ExtractEntityDescriptor(string fromXml, string forEntityId = null) { // extract entity descriptor from xml if (string.IsNullOrWhiteSpace(fromXml)) { throw new ArgumentNullException("fromXml"); } // load xml into a document var xmlDocument = new XmlDocument(); xmlDocument.LoadXml(fromXml); // xml may only be a single entity descriptor if (EntityDescriptor.IsValid(xmlDocument.DocumentElement)) { // create a new entity descriptor var entityDescriptor = new EntityDescriptor(xmlDocument.DocumentElement); // entity descriptor is only valid when forEntityId argument has no value // or when the forEntityId argument has value and matches the entity descriptor if (string.IsNullOrWhiteSpace(forEntityId) || // entityID match not enforced forEntityId.Equals(entityDescriptor.EntityID.URI, // entityID match enforced StringComparison.OrdinalIgnoreCase)) { return(entityDescriptor); } // forEntityId argument has value, and does not match entity descriptor return(null); } // xml may be a n entities descriptor container if (EntitiesDescriptor.IsValid(xmlDocument.DocumentElement)) { // create a new entities descriptor var entitiesDescriptor = new EntitiesDescriptor(xmlDocument.DocumentElement); // when forEntityId is specified, return specific entity descriptor // when forEntityId is not specified, return the first entity descriptor return((!string.IsNullOrWhiteSpace(forEntityId)) ? entitiesDescriptor.GetEntityDescriptor(forEntityId) : entitiesDescriptor.EntityDescriptors.FirstOrDefault()); } return(null); }
public static EntitiesDescriptor GetEntitiesDescriptor(int idpEntities, int spEntities) { var descriptor = new EntitiesDescriptor(); for (var i = 0; i < idpEntities; i++) { var entityDesc = EntityDescriptorProviderMock.GetIdpEntityDescriptor(String.Format("IdpEntityId_{0}", i)); descriptor.ChildEntities.Add(entityDesc); } for (var i = 0; i < spEntities; i++) { var entityDesc = EntityDescriptorProviderMock.GetSpEntityDescriptor(String.Format("SPEntityId_{0}", i)); descriptor.ChildEntities.Add(entityDesc); } return(descriptor); }
private static EntityDescriptor ExtractEntityDescriptor(string fromXml, string forEntityId = null) { // extract entity descriptor from xml if (string.IsNullOrWhiteSpace(fromXml)) throw new ArgumentNullException("fromXml"); // load xml into a document var xmlDocument = new XmlDocument(); xmlDocument.LoadXml(fromXml); // xml may only be a single entity descriptor if (EntityDescriptor.IsValid(xmlDocument.DocumentElement)) { // create a new entity descriptor var entityDescriptor = new EntityDescriptor(xmlDocument.DocumentElement); // entity descriptor is only valid when forEntityId argument has no value // or when the forEntityId argument has value and matches the entity descriptor if (string.IsNullOrWhiteSpace(forEntityId) // entityID match not enforced || forEntityId.Equals(entityDescriptor.EntityID.URI, // entityID match enforced StringComparison.OrdinalIgnoreCase)) return entityDescriptor; // forEntityId argument has value, and does not match entity descriptor return null; } // xml may be a n entities descriptor container if (EntitiesDescriptor.IsValid(xmlDocument.DocumentElement)) { // create a new entities descriptor var entitiesDescriptor = new EntitiesDescriptor(xmlDocument.DocumentElement); // when forEntityId is specified, return specific entity descriptor // when forEntityId is not specified, return the first entity descriptor return (!string.IsNullOrWhiteSpace(forEntityId)) ? entitiesDescriptor.GetEntityDescriptor(forEntityId) : entitiesDescriptor.EntityDescriptors.FirstOrDefault(); } return null; }
public void ExtendedMetadataSerializer_Write_EntitiesDescriptorCacheDuration() { var metadata = new EntitiesDescriptor { Name = "Federation Name", CacheDuration = new XsdDuration(minutes: 42) }; var entity = new EntityDescriptor { EntityId = new EntityId("http://some.entity.example.com") }; var idpSsoDescriptor = new IdpSsoDescriptor(); idpSsoDescriptor.ProtocolsSupported.Add(new Uri("urn:oasis:names:tc:SAML:2.0:protocol")); idpSsoDescriptor.SingleSignOnServices.Add(new SingleSignOnService { Binding = Saml2Binding.HttpRedirectUri, Location = new Uri("http://some.entity.example.com/sso") }); entity.RoleDescriptors.Add(idpSsoDescriptor); metadata.ChildEntities.Add(entity); var stream = new MemoryStream(); ExtendedMetadataSerializer.ReaderInstance.WriteMetadata(stream, metadata); stream.Seek(0, SeekOrigin.Begin); var result = XDocument.Load(stream).Root; result.Name.Should().Be(Saml2Namespaces.Saml2Metadata + "EntitiesDescriptor"); result.Attribute("cacheDuration").Value.Should().Be("PT42M"); result.Element(Saml2Namespaces.Saml2Metadata + "EntityDescriptor").Attribute("cacheDuration") .Should().BeNull(); }
private static EntitiesDescriptor LoadMetadata() { Console.WriteLine("Loading SAML metadata file {0}.", fileName); XmlDocument xmlDocument = new XmlDocument(); xmlDocument.PreserveWhitespace = true; xmlDocument.Load(fileName); EntitiesDescriptor entitiesDescriptor = null; if (EntitiesDescriptor.IsValid(xmlDocument.DocumentElement)) { Console.WriteLine("Reading SAML entities descriptor metadata."); entitiesDescriptor = new EntitiesDescriptor(xmlDocument.DocumentElement); } else if (EntityDescriptor.IsValid(xmlDocument.DocumentElement)) { Console.WriteLine("Reading SAML entity descriptor metadata."); entitiesDescriptor = new EntitiesDescriptor(); entitiesDescriptor.EntityDescriptors.Add(new EntityDescriptor(xmlDocument.DocumentElement)); } else { throw new ArgumentException("Expecting entities descriptor or entity descriptor."); } return entitiesDescriptor; }