private static XmlElement ResolveArtifact( string artifact, string relayState, IOptions options) { var binaryArtifact = Convert.FromBase64String(artifact); var idp = GetIdp(binaryArtifact, relayState, options); var arsIndex = (binaryArtifact[2] << 8) | binaryArtifact[3]; var arsUri = idp.ArtifactResolutionServiceUrls[arsIndex]; var payload = new Saml2ArtifactResolve() { Artifact = artifact, Issuer = options.SPOptions.EntityId }.ToXml(); if (options.SPOptions.SigningServiceCertificate != null) { var xmlDoc = new XmlDocument() { PreserveWhitespace = true }; xmlDoc.LoadXml(payload); xmlDoc.Sign(options.SPOptions.SigningServiceCertificate, true); payload = xmlDoc.OuterXml; } var response = Saml2SoapBinding.SendSoapRequest(payload, arsUri); return(new Saml2ArtifactResponse(response).Message); }
private static XmlElement ResolveArtifact( string artifact, StoredRequestState storedRequestState, IOptions options) { var binaryArtifact = Convert.FromBase64String(artifact); var idp = GetIdp(binaryArtifact, storedRequestState, options); var arsIndex = (binaryArtifact[2] << 8) | binaryArtifact[3]; var arsUri = idp.ArtifactResolutionServiceUrls[arsIndex]; var payload = new Saml2ArtifactResolve { Artifact = artifact, Issuer = options.SPOptions.EntityId }.ToXml(); var signingServiceCertificate = options.SPOptions.SigningServiceCertificate; var resolver = options.SPOptions.ArtifactResolver; options.SPOptions.Logger.WriteVerbose("Calling idp " + idp.EntityId.Id + " to resolve artifact\n" + artifact); var response = Saml2SoapBinding.SendSoapRequest(payload, arsUri, signingServiceCertificate, resolver); options.SPOptions.Logger.WriteVerbose("Artifact resolved returned\n" + response); return(new Saml2ArtifactResponse(response).GetMessage()); }
/// <summary> /// Resolves an artifact. /// </summary> /// <returns>A stream containing the artifact response from the IdP</returns> public Stream ResolveArtifact(string artifact, string artifactResolveEndpoint, string serviceProviderId, X509Certificate2 cert) { if (artifactResolveEndpoint == null) { throw new InvalidOperationException("Received artifact from unknown IDP."); } var resolve = new Saml2ArtifactResolve { Issuer = serviceProviderId, Artifact = artifact }; var doc = resolve.GetXml(); if (doc.FirstChild is XmlDeclaration) { doc.RemoveChild(doc.FirstChild); } XmlSignatureUtils.SignDocument(doc, resolve.ID, cert); var artifactResolveString = doc.OuterXml; return(GetResponse(artifactResolveEndpoint, artifactResolveString)); }
private static XmlElement ResolveArtifact( string artifact, StoredRequestState storedRequestState, IOptions options) { var binaryArtifact = Convert.FromBase64String(artifact); var idp = GetIdp(binaryArtifact, storedRequestState, options); var arsIndex = (binaryArtifact[2] << 8) | binaryArtifact[3]; var arsUri = idp.ArtifactResolutionServiceUrls[arsIndex]; var payload = new Saml2ArtifactResolve() { Artifact = artifact, Issuer = options.SPOptions.EntityId }.ToXml(); if (options.SPOptions.SigningServiceCertificate != null) { var xmlDoc = XmlHelpers.XmlDocumentFromString(payload); xmlDoc.Sign(options.SPOptions.SigningServiceCertificate, true); payload = xmlDoc.OuterXml; } options.SPOptions.Logger.WriteVerbose("Calling idp " + idp.EntityId.Id + " to resolve artifact\n" + artifact); var clientCertificates = options.SPOptions.ServiceCertificates .Where(sc => sc.Use.HasFlag(CertificateUse.TlsClient) && sc.Status == CertificateStatus.Current) .Select(sc => sc.Certificate); var response = Saml2SoapBinding.SendSoapRequest(payload, arsUri, clientCertificates); options.SPOptions.Logger.WriteVerbose("Artifact resolved returned\n" + response); return(new Saml2ArtifactResponse(response).GetMessage()); }
public void Saml2ArtifactResolve_ToXml() { var artifact = "MyArtifact"; var subject = new Saml2ArtifactResolve() { Issuer = new EntityId("http://sp.example.com"), Artifact = artifact }; var actual = XElement.Parse(subject.ToXml()); var expected = XElement.Parse( @"<saml2p:ArtifactResolve xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml2 = ""urn:oasis:names:tc:SAML:2.0:assertion"" ID = ""_6c3a4f8b9c2d"" Version = ""2.0"" IssueInstant = ""2004-01-21T19:00:49Z"" > <saml2:Issuer>http://sp.example.com</saml2:Issuer> <saml2:Artifact>MyArtifact</saml2:Artifact> </saml2p:ArtifactResolve>"); // Set generated expected values to the actual. expected.Attribute("ID").Value = actual.Attribute("ID").Value; expected.Attribute("IssueInstant").Value = actual.Attribute("IssueInstant").Value; actual.ShouldBeEquivalentTo(expected, opt => opt.IgnoringCyclicReferences()); }
/// <summary> /// Resolves an artifact. /// </summary> /// <param name="providerName"></param> /// <returns>A stream containing the artifact response from the IdP</returns> public Stream ResolveArtifact(string providerName) { var artifactResolveEndpoint = _configurationProvider.GetIdentityProviderConfiguration(providerName).ArtifactResolveService; if (artifactResolveEndpoint == null) { throw new InvalidOperationException("Received artifact from unknown IDP."); } var serviceProviderId = _configurationProvider.ServiceProviderConfiguration.EntityId; var artifact = GetArtifact(); var resolve = new Saml2ArtifactResolve { Issuer = serviceProviderId, Artifact = artifact }; var doc = resolve.GetXml(); if (doc.FirstChild is XmlDeclaration) { doc.RemoveChild(doc.FirstChild); } var cert = _configurationProvider.ServiceProviderSigningCertificate(); XmlSignatureUtils.SignDocument(doc, resolve.ID, cert); var artifactResolveString = doc.OuterXml; return(GetResponse(artifactResolveEndpoint, artifactResolveString)); }
public void Saml2ArtifactResolve_ToXml_ToXml_PreservesCustomChanges() { var subject = new Saml2ArtifactResolve(); subject.XmlCreated += (s, e) => { e.Add(new XAttribute("CustomAttribute", "CustomValue")); }; var xml = subject.ToXml(); xml.Should().Contain("CustomAttribute=\"CustomValue\""); }