private static void Serialize(SoapSecurity soapSecurity, XmlDocument document, XmlNode root)
{
if (soapSecurity == null)
{
throw new ArgumentNullException(nameof(soapSecurity));
}
if (document == null)
{
throw new ArgumentNullException(nameof(document));
}
if (root == null)
{
throw new ArgumentNullException(nameof(root));
}
var soapSecurityNode = document.CreateElement(Constants.XmlPrefixes.Wsse, Constants.XmlRootNames.Security, Constants.XmlNamespaces.Wsse);
if (soapSecurity.Assertion == null)
{
var timeStampNode = document.CreateElement(Constants.XmlPrefixes.Wsu, Constants.XmlRootNames.Timestamp, Constants.XmlNamespaces.Wsu);
var createdNode = document.CreateElement(Constants.XmlPrefixes.Wsu, Constants.XmlRootNames.Created, Constants.XmlNamespaces.Wsu);
var expiresNode = document.CreateElement(Constants.XmlPrefixes.Wsu, Constants.XmlRootNames.Expires, Constants.XmlNamespaces.Wsu);
var binarySecurityTokenNode = document.CreateElement(Constants.XmlPrefixes.Wsse, Constants.XmlRootNames.BinarySecurityToken, Constants.XmlNamespaces.Wsse);
soapSecurityNode.SetAttribute($"xmlns:{Constants.XmlPrefixes.Wsu}", Constants.XmlNamespaces.Wsu);
soapSecurityNode.SetAttribute("SOAP-ENV:mustUnderstand", "1");
timeStampNode.SetAttribute("wsu:Id", soapSecurity.Timestamp.Id);
createdNode.InnerText = ConvertToUtcTime(soapSecurity.Timestamp.Created);
expiresNode.InnerText = ConvertToUtcTime(soapSecurity.Timestamp.Expires);
binarySecurityTokenNode.SetAttribute(Constants.XmlAttributeNames.EncodingType, Constants.XmlNamespaces.EncodingType);
binarySecurityTokenNode.SetAttribute(Constants.XmlAttributeNames.ValueType, Constants.XmlNamespaces.ValueType);
binarySecurityTokenNode.SetAttribute("wsu:Id", soapSecurity.IdBinarySecurityToken);
var b64Cert = Convert.ToBase64String(soapSecurity.Certificate.Export(System.Security.Cryptography.X509Certificates.X509ContentType.Cert));
binarySecurityTokenNode.InnerText = b64Cert;
timeStampNode.AppendChild(createdNode);
timeStampNode.AppendChild(expiresNode);
soapSecurityNode.AppendChild(timeStampNode);
soapSecurityNode.AppendChild(binarySecurityTokenNode);
if (soapSecurity.Signature != null)
{
Serialize(soapSecurity.Signature, document, soapSecurityNode);
}
}
else
{
var nodeCopy = document.ImportNode(soapSecurity.Assertion, true);
soapSecurityNode.AppendChild(nodeCopy);
}
root.AppendChild(soapSecurityNode);
}
public SoapEnvelope Build()
{
CheckInit();
var samlAssertionId = GenerateId("assertion");
var requestId = GenerateId("request");
var bodyId = GenerateId("id");
var timeStampId = GenerateId("TS");
var x509Id = GenerateId("X509");
var ssin = GetSsin(_x509Certificate.Subject);
if (string.IsNullOrWhiteSpace(ssin))
{
throw new EhealthException(Constants.ErrorCodes.NoSerialNumber);
}
var identitySubject = ParseSubject(_x509Certificate.Subject);
var issuerSubject = ParseSubject(_x509Certificate.Issuer);
_samlAttributes.Add(new SamlAttribute(Constants.EhealthStsNames.SsinCertHolderAttributeName, Constants.EhealthStsNames.SsinAttributeNamespace, ssin));
_samlAttributes.Add(new SamlAttribute(Constants.EhealthStsNames.SsinAttributeName, Constants.EhealthStsNames.SsinAttributeNamespace, ssin));
_samlAttributeDesignators.Add(new SamlAttributeDesignator(Constants.EhealthStsNames.SsinCertHolderAttributeName, Constants.EhealthStsNames.SsinAttributeNamespace));
_samlAttributeDesignators.Add(new SamlAttributeDesignator(Constants.EhealthStsNames.SsinAttributeName, Constants.EhealthStsNames.SsinAttributeNamespace));
var issueInstant = DateTime.Now;
var samlNameIdentifier = new SamlNameIdentifier(
Constants.EhealthStsNames.NameIdentifierFormat,
issuerSubject,
identitySubject);
var samlSubject = new SamlSubject(samlNameIdentifier);
var samlConditions = new SamlConditions(issueInstant);
var samlAttributeStatement = new SamlAttributeStatement(samlSubject, _samlAttributes);
var samlAssertion = new SamlAssertion(samlAssertionId, issueInstant, identitySubject, samlConditions, samlAttributeStatement);
var subjectConfirmationData = new SamlSubjectConfirmationData(samlAssertion);
var subjectConfirmation = new SamlSubjectConfirmation(Constants.EhealthStsNames.SubjectConfirmationMethod, _x509Certificate, subjectConfirmationData);
var samlSubjectO = new SamlSubject(samlNameIdentifier, subjectConfirmation);
var samlAttributeQuery = new SamlAttributeQuery(samlSubjectO, _samlAttributeDesignators);
var samlRequest = new SamlRequest(requestId, samlAttributeQuery);
var body = new SoapBody(samlRequest, bodyId);
var soapSecurity = new SoapSecurity(DateTime.UtcNow, timeStampId, x509Id, _x509Certificate);
var header = new SoapHeader(soapSecurity);
var soapEnvelope = new SoapEnvelope(header, body);
return(soapEnvelope);
}
public XmlDocument Serialize <T>(T request, XmlElement assertionNode) where T : RequestType
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var serialzer = new XmlSerializer(typeof(T));
string xml;
using (var strW = new StringWriter())
{
using (var writer = XmlWriter.Create(strW))
{
serialzer.Serialize(writer, request);
xml = strW.ToString();
}
}
var doc = new XmlDocument();
doc.LoadXml(xml);
var soapBody = new SoapBody(doc.DocumentElement);
SoapSecurity soapSecurity = null;
if (assertionNode != null)
{
soapSecurity = new SoapSecurity(assertionNode);
}
var soapHeader = new SoapHeader(soapSecurity);
var soapEnvelope = new SoapEnvelope(soapHeader, soapBody);
var serializer = new SoapMessageSerializer();
return(serializer.Serialize(soapEnvelope));
}
public SoapHeader(SoapSecurity security)
{
Security = security;
}
