/// <summary>
/// Configures the ACS service namespace with the proper objects for this sample.
/// </summary>
/// <remarks>
/// Existing objects that are needed for this sample will be deleted and recreated.
/// </remarks>
static void Main(string[] args)
{
const string rpName = "ASPNET Simple MVC Sample";
const string rpRealm = "http://localhost:63000/";
const string rpErrorUrl = "http://localhost:63000/Error";
const string ruleGroupName = "Default rule group for ASPNET Simple MVC Sample";
const string googleIdpName = "Google";
const string yahooIdpName = "Yahoo!";
ManagementService svc = ManagementServiceHelper.CreateManagementServiceClient();
svc.DeleteRelyingPartyByRealmIfExists(rpRealm);
svc.DeleteRuleGroupByNameIfExists(ruleGroupName);
svc.DeleteIdentityProviderIfExists(googleIdpName);
svc.DeleteIdentityProviderIfExists(yahooIdpName);
svc.SaveChangesBatch();
IdentityProvider live = svc.GetIdentityProviderByName("uri:WindowsLiveID");
IdentityProvider google = svc.CreateOpenIdIdentityProvider(googleIdpName, "https://www.google.com/accounts/o8/ud");
IdentityProvider yahoo = svc.CreateOpenIdIdentityProvider(yahooIdpName, "https://open.login.yahooapis.com/openid/op/auth");
IdentityProvider[] associatedProviders = new[] { live, google, yahoo };
//
// Create the relying party. In this case, the Realm and the ReplyTo are the same address.
//
RelyingParty relyingParty = svc.CreateRelyingParty(rpName, rpRealm, rpRealm, RelyingPartyTokenType.SAML_2_0, false);
svc.AssociateIdentityProvidersWithRelyingParties(associatedProviders, new[] { relyingParty });
//
// Configure the error URL.
//
RelyingPartyAddress errorUrl = new RelyingPartyAddress()
{
Address = rpErrorUrl,
EndpointType = RelyingPartyAddressType.Error.ToString()
};
svc.AddRelatedObject(relyingParty, "RelyingPartyAddresses", errorUrl);
RuleGroup ruleGroup = svc.CreateRuleGroup(ruleGroupName);
svc.AssignRuleGroupToRelyingParty(ruleGroup, relyingParty);
//
// Create simple rules to pass through all claims from each issuer.
//
foreach (IdentityProvider identityProvider in associatedProviders)
{
string ruleDescription = String.Format(CultureInfo.InvariantCulture, "Pass through all claims from '{0}'", identityProvider.Issuer.Name);
svc.CreateRule(identityProvider.Issuer, null, null, null, null, ruleGroup, ruleDescription);
}
svc.SaveChangesBatch();
Console.WriteLine("Sample successfully configured. Press ENTER to continue ...");
Console.ReadLine();
}
static void Main(string[] args)
{
const string RPRealm = "http://ContosoContacts/";
const string RPName = "ContosoContacts";
const string RuleGroupName = "Default rule group for ContosoContacts";
const string googleIdpName = "Google";
const string yahooIdpName = "Yahoo!";
ManagementService svc = ManagementServiceHelper.CreateManagementServiceClient();
svc.DeleteRelyingPartyByRealmIfExists(RPRealm);
svc.DeleteRuleGroupByNameIfExists(RuleGroupName);
svc.DeleteIdentityProviderIfExists(googleIdpName);
svc.DeleteIdentityProviderIfExists(yahooIdpName);
svc.SaveChangesBatch();
//
// Create Google and Yahoo! as identity providers. LiveID is already configured.
//
IdentityProvider live = svc.GetIdentityProviderByName("uri:WindowsLiveID");
IdentityProvider google = svc.CreateOpenIdIdentityProvider(googleIdpName, "https://www.google.com/accounts/o8/ud");
IdentityProvider yahoo = svc.CreateOpenIdIdentityProvider(yahooIdpName, "https://open.login.yahooapis.com/openid/op/auth");
IdentityProvider[] associatedProviders = new[] { live, google, yahoo };
//
// Create the relying party and its associated key.
//
RelyingParty relyingParty = svc.CreateRelyingParty(RPName, RPRealm, null, RelyingPartyTokenType.SWT, false);
svc.AssociateIdentityProvidersWithRelyingParties(associatedProviders, new[] { relyingParty });
RelyingPartyKey relyingPartyKey = svc.GenerateRelyingPartySymmetricKey(relyingParty, DateTime.UtcNow, DateTime.MaxValue, true);
Console.WriteLine("Generated symmetric key: {0}", Convert.ToBase64String(relyingPartyKey.Value));
RuleGroup ruleGroup = svc.CreateRuleGroup(RuleGroupName);
svc.AssignRuleGroupToRelyingParty(ruleGroup, relyingParty);
//
// Create simple rules to pass through all claims from each issuer.
//
foreach (IdentityProvider identityProvider in associatedProviders)
{
string ruleDescription = String.Format(CultureInfo.InvariantCulture, "Pass through all claims from '{0}'", identityProvider.Issuer.Name);
svc.CreateRule(identityProvider.Issuer, null, null, null, null, ruleGroup, ruleDescription);
}
svc.SaveChangesBatch();
Console.WriteLine("Sample configured successfully. Press <ENTER> to exit...");
Console.ReadLine();
}
/// <summary>
/// Configures the ACS service namespace with the proper objects for this sample.
/// </summary>
/// <remarks>
/// Existing objects that are needed for this sample will be deleted and recreated.
/// </remarks>
static void Main(string[] args)
{
const string rpName = "ASPNET MVC3 Custom Sign-In Page Sample";
const string rpRealm = "http://localhost:64000/";
const string rpReplyTo = "http://localhost:64000/Account/SignIn";
const string facebookName = "Facebook";
const string yahooName = "Yahoo!";
const string defaultRuleGroupName = "Default rule group for ASPNET MVC3 Custom Sign-In Page Sample";
// Please update these with your own Facebook application information
const string applicationId = "applicationid";
const string applicationSecret = "applicationsecret";
string facebookIdpName = String.Format(CultureInfo.InvariantCulture, "Facebook-{0}", applicationId);
ManagementService svc = ManagementServiceHelper.CreateManagementServiceClient();
//
// Clean up pre-existing configuration
//
svc.DeleteRelyingPartyByRealmIfExists(rpRealm);
svc.DeleteRuleGroupByNameIfExists(defaultRuleGroupName);
svc.DeleteIdentityProviderIfExists(facebookIdpName);
svc.DeleteIdentityProviderIfExists(yahooName);
svc.SaveChangesBatch();
//
// Create Identity Providers
//
IdentityProvider live = svc.GetIdentityProviderByName("uri:WindowsLiveID");;
IdentityProvider facebook = svc.CreateFacebookIdentityProvider(applicationId, applicationSecret, "email,user_events");
SetSignInInformation(svc, facebook, facebookName);
IdentityProvider yahoo = svc.CreateOpenIdIdentityProvider(yahooName, "https://open.login.yahooapis.com/openid/op/auth");
SetSignInInformation(svc, yahoo, yahooName);
IdentityProvider[] associatedProviders = new[] { live, facebook, yahoo };
//
// Create Relying Party
//
RelyingParty relyingParty = svc.CreateRelyingParty(rpName, rpRealm, rpReplyTo, RelyingPartyTokenType.SAML_2_0, false);
svc.AssociateIdentityProvidersWithRelyingParties(associatedProviders, new[] { relyingParty });
RuleGroup ruleGroup = svc.CreateRuleGroup(defaultRuleGroupName);
svc.AssignRuleGroupToRelyingParty(ruleGroup, relyingParty);
//
// Create simple rules to pass through all claims from each issuer.
//
foreach (IdentityProvider identityProvider in associatedProviders)
{
string ruleDescription = string.Format(CultureInfo.InvariantCulture, "Pass through all claims from '{0}'", identityProvider.Issuer.Name);
svc.CreateRule(identityProvider.Issuer, null, null, null, null, ruleGroup, ruleDescription);
}
svc.SaveChangesBatch();
Console.WriteLine("Sample successfully configured. Press ENTER to continue ...");
Console.ReadLine();
}
static void Main(string[] args)
{
//
// This is the OpenID identifier of the identity provider.
// This could be changed to be any OpenID provider.
//
const string siteIdentifier = "myopenid.com";
const string providerName = "MyOpenID";
Console.WriteLine("Attempting OpenID discovery for identifier '{0}'", siteIdentifier);
try
{
IdentityProviderYadisDocument discoveryDocument = OpenIdDiscovery.DiscoverIdentityProvider(siteIdentifier);
if (discoveryDocument != null && !string.IsNullOrEmpty(discoveryDocument.OpenIdEndpoint))
{
Console.WriteLine("Successfully discovered OpenID sign-in address: '{0}'.", discoveryDocument.OpenIdEndpoint);
Console.WriteLine("Provider supports attribute exchange? {0}", discoveryDocument.SupportsAttributeExchange);
//
// OpenID discovery was successful. Add the discovered IdentityProvider to ACS.
//
ManagementService svc = ManagementServiceHelper.CreateManagementServiceClient();
svc.DeleteIdentityProviderIfExists(providerName);
svc.SaveChangesBatch();
IdentityProvider idp = svc.CreateOpenIdIdentityProvider(providerName, discoveryDocument.OpenIdEndpoint);
//
// Associate this identity provider with all relying parties.
//
svc.AssociateIdentityProvidersWithRelyingParties(new[] { idp }, svc.RelyingParties.Where(rp => rp.Name != "AccessControlManagement"));
svc.SaveChangesBatch();
Console.WriteLine("\nSuccessfully added identity provider '{0}' to ACS.", providerName);
Console.WriteLine("Press ENTER to continue....\n");
Console.ReadLine();
//
// Deleting the issuer also causes the identity provider and any associated objects to be deleted.
//
svc.DeleteObject(idp.Issuer);
svc.SaveChanges();
Console.WriteLine("\nSuccessfully deleted identity provider.");
}
else
{
Console.WriteLine("OpenID discovery failed. Ensure that the identifier is valid.");
}
}
catch (Exception e)
{
Console.WriteLine("Exception was thrown: " + e.ToString());
}
Console.WriteLine("Done. Press ENTER to continue....\n");
Console.ReadLine();
}
