C# (CSharp) Saml20LogoutRequest примеры использования

Пример #1

Файл: HttpArtifactBindingBuilder.cs Проект: jbparker/SAML2

 /// <summary>
 /// Creates an artifact for the LogoutRequest and redirects the user to the IdP.
 /// </summary>
 /// <param name="destination">The destination of the request.</param>
 /// <param name="request">The logout request.</param>
 /// <param name="relayState">The query string relay state value (relayState) to add to the communication</param>
 public void RedirectFromLogout(IdentityProviderEndpoint destination, Saml20LogoutRequest request, string relayState, Action<string, object> cacheInsert)
 {
     var index = (short)config.ServiceProvider.Endpoints.DefaultLogoutEndpoint.Index;
     var doc = request.GetXml();
     XmlSignatureUtils.SignDocument(doc, request.Request.Id, config.ServiceProvider.SigningCertificate);
     ArtifactRedirect(destination, index, doc, relayState, cacheInsert);
 }

Пример #2

        /// <summary>
        /// Build a LogoutRequest and send it to the Federation Partner with the given entity ID.
        /// </summary>
        /// <param name="entityID"></param>
        private static void CreateLogoutRequest(string entityID)
        {
            User user = UserSessionsHandler.CurrentUser;

            Saml20LogoutRequest request = new Saml20LogoutRequest();

            request.Issuer       = IDPConfig.ServerBaseUrl;
            request.SessionIndex = Guid.NewGuid().ToString("N");

            request.SubjectToLogOut        = new NameID();
            request.SubjectToLogOut.Format = Saml20Constants.NameIdentifierFormats.Unspecified;
            request.SubjectToLogOut.Value  = user.Username;

            Saml20MetadataDocument metadata = GetMetadata(entityID);

            // HTTPRedirect(SAMLAction.SAMLRequest, metadata.SLOEndpoint(SAMLBinding.REDIRECT), request.GetXml());


            HttpPostBindingBuilder builder = new HttpPostBindingBuilder(metadata.SLOEndpoint(SAMLBinding.POST));

            builder.Action = SAMLAction.SAMLRequest;
            //builder.Response = assertionDoc.OuterXml;

            string xmloutput = request.GetXml().OuterXml;

            TextWriter tw = new StreamWriter("C:\\temp\\idp.txt", true);

            tw.WriteLine(xmloutput);
            tw.Close();

            builder.Response = xmloutput;

            builder.GetPage().ProcessRequest(HttpContext.Current);
            HttpContext.Current.Response.End();
        }

Пример #3

        private string LogoutRequestForIdp(IdentityProvider identityProvider, Saml20LogoutRequest request, IOwinContext context, Saml2Configuration config)
        {
            var logger = SAML2.Logging.LoggerProvider.LoggerFor(typeof(SamlMessage));

            var destination = IdpSelectionUtil.DetermineEndpointConfiguration(BindingType.Redirect, identityProvider.Endpoints.DefaultLogoutEndpoint, identityProvider.Metadata.IDPSLOEndpoints);

            request.Destination = destination.Url;

            if (destination.Binding == BindingType.Redirect)
            {
                // do not set the Reason for DigiD
                //request.Reason = Saml20Constants.Reasons.User;
                context.Set(IdpTempSessionKey, identityProvider.Id);

                var identity = context.Request.User.Identity as ClaimsIdentity;
                var nameId   = identity.Claims.Single(c => c.Type == ClaimTypes.NameID).Value;
                request.SubjectToLogOut.Value = nameId;

                var builder = new HttpRedirectBindingBuilder
                {
                    Request    = request.GetXml().OuterXml,
                    SigningKey = config.ServiceProvider.SigningCertificate.PrivateKey
                };

                var redirectUrl = destination.Url + (destination.Url.Contains("?") ? "&" : "?") + builder.ToQuery();
                logger.DebugFormat(TraceMessages.LogoutRequestSent, identityProvider.Id, "REDIRECT", redirectUrl);

                return(redirectUrl);
            }

            throw new NotImplementedException();
        }

Пример #4

Файл: HttpArtifactBindingBuilder.cs Проект: joel-anderson/SAML2

        /// <summary>
        /// Creates an artifact for the LogoutRequest and redirects the user to the IdP.
        /// </summary>
        /// <param name="destination">The destination of the request.</param>
        /// <param name="request">The logout request.</param>
        /// <param name="relayState">The query string relay state value to add to the communication</param>
        public void RedirectFromLogout(IdentityProviderEndpoint destination, Saml20LogoutRequest request, string relayState)
        {
            var index = (short)config.ServiceProvider.Endpoints.DefaultLogoutEndpoint.Index;
            var doc   = request.GetXml();

            XmlSignatureUtils.SignDocument(doc, request.Request.Id, config.ServiceProvider.SigningCertificate);
            ArtifactRedirect(destination, index, doc, relayState);
        }

Пример #5

Файл: HttpArtifactBindingBuilder.cs Проект: Xipas/Symplified.Auth

 /// <summary>
 /// Creates an artifact for the LogoutRequest and redirects the user to the IdP.
 /// </summary>
 /// <param name="destination">The destination of the request.</param>
 /// <param name="request">The logout request.</param>
 /// <param name="relayState">The query string relay state value to add to the communication</param>
 public void RedirectFromLogout(IDPEndPointElement destination, Saml20LogoutRequest request, string relayState)
 {
     SAML20FederationConfig config = SAML20FederationConfig.GetConfig();
     Int16 index = (Int16)config.ServiceProvider.LogoutEndpoint.endPointIndex;
     XmlDocument doc = request.GetXml();
     XmlSignatureUtils.SignDocument(doc, request.Request.ID);
     ArtifactRedirect(destination, index, doc, relayState);
 }

Пример #6

 /// <summary>
 /// Creates an artifact for the LogoutRequest and redirects the user to the IdP.
 /// </summary>
 /// <param name="destination">The destination of the request.</param>
 /// <param name="request">The logout request.</param>
 /// <param name="relayState">The query string relay state value to add to the communication</param>
 public void RedirectFromLogout(IDPEndPointElement destination, Saml20LogoutRequest request, string relayState)
 {
     SAML20FederationConfig config = SAML20FederationConfig.GetConfig();
     Int16 index = (Int16)config.ServiceProvider.LogoutEndpoint.endPointIndex;
     XmlDocument doc = request.GetXml();
     XmlSignatureUtils.SignDocument(doc, request.Request.ID);
     ArtifactRedirect(destination, index, doc, relayState);
 }

Пример #7

Файл: HttpArtifactBindingBuilder.cs Проект: jonathankarsh/saml2

 /// <summary>
 /// Creates an artifact for the LogoutRequest and redirects the user to the IdP.
 /// </summary>
 /// <param name="destination">The destination of the request.</param>
 /// <param name="request">The logout request.</param>
 /// <param name="relayState">The query string relay state value to add to the communication</param>
 public void RedirectFromLogout(IdentityProviderEndpointElement destination, Saml20LogoutRequest request, string relayState)
 {
     var config = Saml2Config.GetConfig();
     var index = (short)config.ServiceProvider.Endpoints.LogoutEndpoint.Index;
     var doc = request.GetXml();
     XmlSignatureUtils.SignDocument(doc, request.Request.Id);
     ArtifactRedirect(destination, index, doc, relayState);
 }

Пример #8

        public string BuildSignOutRedirectUrl()
        {
            string rc            = null;
            var    logger        = SAML2.Logging.LoggerProvider.LoggerFor(typeof(SamlMessage));
            var    selectionUtil = new IdpSelectionUtil(logger);
            var    allparams     = BuildParams(form, context.Request.Query);
            var    idp           = selectionUtil.RetrieveIDP(allparams, BuildParams(context.Request.Query), config, s => rc = s);

            if (rc != null)
            {
                return(rc);            // IDP selection screen
            }
            if (idp == null)
            {
                logger.DebugFormat(TraceMessages.IdentityProviderRedirect);
                throw new NotImplementedException("Selection of IDP not yet done (probably need a map call on middleware extension method)");
            }

            var logoutRequest = Saml20LogoutRequest.GetDefault(config);

            return(LogoutRequestForIdp(idp, logoutRequest, context, config));
        }

Пример #9

Файл: HttpArtifactBindingBuilder.cs Проект: joel-anderson/SAML2

 /// <summary>
 /// Creates an artifact for the LogoutRequest and redirects the user to the IdP.
 /// </summary>
 /// <param name="destination">The destination of the request.</param>
 /// <param name="request">The logout request.</param>
 public void RedirectFromLogout(IdentityProviderEndpoint destination, Saml20LogoutRequest request)
 {
     RedirectFromLogout(destination, request, Context.Request.Params["relayState"]);
 }

Пример #10

        private void TransferClient(IDPEndPoint endpoint, HttpContext context)
        {
            Trace.TraceMethodCalled(GetType(), "TransferClient()");
            
            Saml20LogoutRequest request = Saml20LogoutRequest.GetDefault();
            
            AuditLogging.AssertionId = request.ID;
            AuditLogging.IdpId = endpoint.Id;
            
            // Determine which endpoint to use from the configuration file or the endpoint metadata.
            IDPEndPointElement destination =
                DetermineEndpointConfiguration(SAMLBinding.REDIRECT, endpoint.SLOEndpoint, endpoint.metadata.SLOEndpoints());
            
            request.Destination = destination.Url;

            string nameIdFormat = context.Session[IDPNameIdFormat].ToString();
            request.SubjectToLogOut.Format = nameIdFormat;
            
            if (destination.Binding == SAMLBinding.POST)
            {
                HttpPostBindingBuilder builder = new HttpPostBindingBuilder(destination);
                request.Destination = destination.Url;
                request.Reason = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = context.Session[IDPNameId].ToString();
                 request.SessionIndex = context.Session[IDPSessionIdKey].ToString();
                XmlDocument requestDocument = request.GetXml();
                XmlSignatureUtils.SignDocument(requestDocument, request.ID);
                builder.Request = requestDocument.OuterXml;

                if(Trace.ShouldTrace(TraceEventType.Information))
                    Trace.TraceData(TraceEventType.Information, string.Format(Tracing.SendLogoutRequest, "POST", endpoint.Id, requestDocument.OuterXml));

                AuditLogging.logEntry(Direction.OUT, Operation.LOGOUTREQUEST, "Binding: POST");
                builder.GetPage().ProcessRequest(context);
                context.Response.End();
                return;
            }

            if(destination.Binding == SAMLBinding.REDIRECT)
            {
                HttpRedirectBindingBuilder builder = new HttpRedirectBindingBuilder();
                builder.signingKey = FederationConfig.GetConfig().SigningCertificate.GetCertificate().PrivateKey;
                request.Destination = destination.Url;
                request.Reason = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = context.Session[IDPNameId].ToString();
                request.SessionIndex = context.Session[IDPSessionIdKey].ToString();
                builder.Request = request.GetXml().OuterXml;
                
                string redirectUrl = destination.Url + "?" + builder.ToQuery();

                if (Trace.ShouldTrace(TraceEventType.Information))
                    Trace.TraceData(TraceEventType.Information, string.Format(Tracing.SendLogoutRequest, "REDIRECT", endpoint.Id, redirectUrl));

                AuditLogging.logEntry(Direction.OUT, Operation.LOGOUTREQUEST, "Binding: Redirect");
                context.Response.Redirect(redirectUrl, true);
                return;
            }

            if(destination.Binding == SAMLBinding.ARTIFACT)
            {
                if (Trace.ShouldTrace(TraceEventType.Information))
                    Trace.TraceData(TraceEventType.Information, string.Format(Tracing.SendLogoutRequest, "ARTIFACT", endpoint.Id, string.Empty));

                request.Destination = destination.Url;
                request.Reason = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = context.Session[IDPNameId].ToString();
                request.SessionIndex = context.Session[IDPSessionIdKey].ToString();

                HttpArtifactBindingBuilder builder = new HttpArtifactBindingBuilder(context);
                AuditLogging.logEntry(Direction.OUT, Operation.LOGOUTREQUEST, "Method: Artifact");
                builder.RedirectFromLogout(destination, request, Guid.NewGuid().ToString("N"));
            }

            HandleError(context, Resources.BindingError);
        }

Пример #11

Файл: Saml20LogoutHandler.cs Проект: eByte23/SAMLSilly

        /// <summary>
        /// Transfers the client.
        /// </summary>
        /// <param name="idp">The identity provider.</param>
        /// <param name="context">The context.</param>
        private void TransferClient(IdentityProvider idp, HttpContext context, Saml2Configuration config)
        {
            var request = Saml20LogoutRequest.GetDefault(config);

            // Determine which endpoint to use from the configuration file or the endpoint metadata.
            var destination = IdpSelectionUtil.DetermineEndpointConfiguration(BindingType.Redirect, idp.Endpoints.DefaultLogoutEndpoint, idp.Metadata.IDPSLOEndpoints);

            request.Destination = destination.Url;

            var nameIdFormat = (string)context.Session[IdpNameIdFormat];

            request.SubjectToLogOut.Format = nameIdFormat;

            // Handle POST binding
            if (destination.Binding == BindingType.Post)
            {
                var builder = new HttpPostBindingBuilder(destination);
                request.Destination           = destination.Url;
                request.Reason                = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = (string)context.Session[IdpNameId];
                request.SessionIndex          = (string)context.Session[IdpSessionIdKey];

                var requestDocument = request.GetXml();
                XmlSignatureUtils.SignDocument(requestDocument, request.Id, config);
                builder.Request = requestDocument.OuterXml;

                Logger.DebugFormat(TraceMessages.LogoutRequestSent, idp.Id, "POST", builder.Request);

                context.Response.Write(builder.GetPage());
                context.Response.End();
                return;
            }

            // Handle Redirect binding
            if (destination.Binding == BindingType.Redirect)
            {
                request.Destination           = destination.Url;
                request.Reason                = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = (string)context.Session[IdpNameId];
                request.SessionIndex          = (string)context.Session[IdpSessionIdKey];

                var builder = new HttpRedirectBindingBuilder
                {
                    Request    = request.GetXml().OuterXml,
                    SigningKey = config.ServiceProvider.SigningCertificate.PrivateKey
                };

                var redirectUrl = destination.Url + "?" + builder.ToQuery();
                Logger.DebugFormat(TraceMessages.LogoutRequestSent, idp.Id, "REDIRECT", redirectUrl);

                context.Response.Redirect(redirectUrl, true);
                return;
            }

            // Handle Artifact binding
            if (destination.Binding == BindingType.Artifact)
            {
                request.Destination           = destination.Url;
                request.Reason                = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = (string)context.Session[IdpNameId];
                request.SessionIndex          = (string)context.Session[IdpSessionIdKey];

                Logger.DebugFormat(TraceMessages.LogoutRequestSent, idp.Id, "ARTIFACT", request.GetXml().OuterXml);

                var builder = GetBuilder(context);
                builder.RedirectFromLogout(destination, request, Guid.NewGuid().ToString("N"), (s, o) => context.Cache.Insert(s, o, null, DateTime.Now.AddMinutes(1), Cache.NoSlidingExpiration));
            }

            Logger.Error(ErrorMessages.EndpointBindingInvalid);
            throw new Saml20Exception(ErrorMessages.EndpointBindingInvalid);
        }

Пример #12

        /// <summary>
        /// Transfers the client.
        /// </summary>
        /// <param name="idp">The identity provider.</param>
        /// <param name="context">The context.</param>
        private void TransferClient(IdentityProviderElement idp, HttpContext context)
        {
            var request = Saml20LogoutRequest.GetDefault();

            // Determine which endpoint to use from the configuration file or the endpoint metadata.
            var destination = DetermineEndpointConfiguration(BindingType.Redirect, idp.Endpoints.LogoutEndpoint, idp.Metadata.IDPSLOEndpoints);

            request.Destination = destination.Url;

            var nameIdFormat = StateService.Get <string>(IdpNameIdFormat);

            request.SubjectToLogOut.Format = nameIdFormat;

            // Handle POST binding
            if (destination.Binding == BindingType.Post)
            {
                var builder = new HttpPostBindingBuilder(destination);
                request.Destination           = destination.Url;
                request.Reason                = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = StateService.Get <string>(IdpNameId);
                request.SessionIndex          = StateService.Get <string>(IdpSessionIdKey);

                var requestDocument = request.GetXml();
                XmlSignatureUtils.SignDocument(requestDocument, request.Id);
                builder.Request = requestDocument.OuterXml;

                Logger.DebugFormat(TraceMessages.LogoutRequestSent, idp.Id, "POST", builder.Request);

                builder.GetPage().ProcessRequest(context);
                context.Response.End();
                return;
            }

            // Handle Redirect binding
            if (destination.Binding == BindingType.Redirect)
            {
                request.Destination           = destination.Url;
                request.Reason                = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = StateService.Get <string>(IdpNameId);
                request.SessionIndex          = StateService.Get <string>(IdpSessionIdKey);

                var builder = new HttpRedirectBindingBuilder
                {
                    Request    = request.GetXml().OuterXml,
                    SigningKey = Saml2Config.GetConfig().ServiceProvider.SigningCertificate.GetCertificate().PrivateKey
                };

                var redirectUrl = destination.Url + "?" + builder.ToQuery();
                Logger.DebugFormat(TraceMessages.LogoutRequestSent, idp.Id, "REDIRECT", redirectUrl);

                context.Response.Redirect(redirectUrl, true);
                return;
            }

            // Handle Artifact binding
            if (destination.Binding == BindingType.Artifact)
            {
                request.Destination           = destination.Url;
                request.Reason                = Saml20Constants.Reasons.User;
                request.SubjectToLogOut.Value = StateService.Get <string>(IdpNameId);
                request.SessionIndex          = StateService.Get <string>(IdpSessionIdKey);

                Logger.DebugFormat(TraceMessages.LogoutRequestSent, idp.Id, "ARTIFACT", request.GetXml().OuterXml);

                var builder = new HttpArtifactBindingBuilder(context);
                builder.RedirectFromLogout(destination, request, Guid.NewGuid().ToString("N"));
            }

            Logger.Error(ErrorMessages.EndpointBindingInvalid);
            throw new Saml20Exception(ErrorMessages.EndpointBindingInvalid);
        }

Пример #13

        /// <summary>
        /// Creates an artifact for the LogoutRequest and redirects the user to the IdP.
        /// </summary>
        /// <param name="idpEndPoint">The IdP endpoint</param>
        /// <param name="destination">The destination of the request.</param>
        /// <param name="request">The logout request.</param>
        /// <param name="relayState">The query string relay state value to add to the communication</param>
        public void RedirectFromLogout(IDPEndPoint idpEndPoint, IDPEndPointElement destination, Saml20LogoutRequest request, string relayState)
        {
            SAML20FederationConfig config = SAML20FederationConfig.GetConfig();
            Int16       index             = (Int16)config.ServiceProvider.LogoutEndpoint.endPointIndex;
            XmlDocument doc = request.GetXml();
            var         signingCertificate  = FederationConfig.GetConfig().GetFirstValidCertificate();
            var         shaHashingAlgorithm = SignatureProviderFactory.ValidateShaHashingAlgorithm(idpEndPoint.ShaHashingAlgorithm);
            var         signatureProvider   = SignatureProviderFactory.CreateFromShaHashingAlgorithmName(shaHashingAlgorithm);

            signatureProvider.SignAssertion(doc, request.Request.ID, signingCertificate);
            ArtifactRedirect(destination, index, doc, relayState);
        }

Пример #14

Файл: HttpArtifactBindingBuilder.cs Проект: jonathankarsh/saml2

 /// <summary>
 /// Creates an artifact for the LogoutRequest and redirects the user to the IdP.
 /// </summary>
 /// <param name="destination">The destination of the request.</param>
 /// <param name="request">The logout request.</param>
 public void RedirectFromLogout(IdentityProviderEndpointElement destination, Saml20LogoutRequest request)
 {
     RedirectFromLogout(destination, request, Context.Request.Params["relayState"]);
 }