/// <summary>
/// Raised when the SAML 2.0 response parameter has been detected.
/// </summary>
/// <param name="url">URL of the page.</param>
/// <param name="query">The parsed query of the URL.</param>
/// <param name="fragment">The parsed fragment of the URL.</param>
/// <param name="formParams">Form parameters, including the 'SAMLResponse'.</param>
protected override void OnRedirectPageLoaded(Uri url, System.Collections.Generic.IDictionary <string, string> query, System.Collections.Generic.IDictionary <string, string> fragment, IDictionary <string, string> formParams)
{
string base64SamlAssertion = formParams.ContainsKey("SAMLResponse") ? formParams ["SAMLResponse"] : string.Empty;
byte[] xmlSamlAssertionBytes = Convert.FromBase64String(base64SamlAssertion);
string xmlSamlAssertion = System.Text.UTF8Encoding.Default.GetString(xmlSamlAssertionBytes);
XmlDocument xDoc = new XmlDocument();
xDoc.PreserveWhitespace = true;
xDoc.LoadXml(xmlSamlAssertion);
XmlElement responseElement = (XmlElement)xDoc.SelectSingleNode("//*[local-name()='Response']");
#if DEBUG
Console.WriteLine("{0}", responseElement.OuterXml);
#endif
XmlElement assertionElement = (XmlElement)xDoc.SelectSingleNode("//*[local-name()='Assertion']");
if (assertionElement != null)
{
#if DEBUG
Console.WriteLine("{0}", assertionElement.OuterXml);
#endif
Saml20Assertion samlAssertion = new Saml20Assertion(assertionElement, null, AssertionProfile.Core, false, false);
List <AsymmetricAlgorithm> trustedIssuers = new List <AsymmetricAlgorithm>(1);
foreach (KeyDescriptor key in _idpMetadata.Keys)
{
System.Security.Cryptography.Xml.KeyInfo ki =
(System.Security.Cryptography.Xml.KeyInfo)key.KeyInfo;
foreach (KeyInfoClause clause in ki)
{
AsymmetricAlgorithm aa = XmlSignatureUtils.ExtractKey(clause);
trustedIssuers.Add(aa);
}
}
try {
samlAssertion.CheckValid(trustedIssuers);
SamlAccount sa = new SamlAccount(samlAssertion, responseElement);
OnSucceeded(sa);
}
catch (Saml20Exception samlEx) {
Console.WriteLine(samlEx);
OnError(samlEx.Message);
}
catch (Exception ex) {
Console.WriteLine(ex);
OnError(ex.Message);
}
}
else
{
OnError("No SAML Assertion Found");;
}
}
/// <summary>
/// Gets the bearer assertion authorization grant parameters. This is typically
/// used to request an OAuth access token.
/// </summary>
/// <returns>The URL-encoded assertion parameters.</returns>
public string GetBearerAssertionAuthorizationGrantParams()
{
StringBuilder args = new StringBuilder();
args.AppendFormat("grant_type={0}", HttpUtility.UrlEncode(AUTHORIZATION_GRANT_TYPE));
string base64Assertion = SamlAccount.ToBase64ForUrlString(
Encoding.UTF8.GetBytes(_saml20Assertion.XmlAssertion.OuterXml)
);
args.AppendFormat("&assertion={0}", base64Assertion);
return(args.ToString());
}
/// <summary>
/// Gets the bearer assertion client authentication parameters.
/// </summary>
/// <returns>The URL-encoded client assertion parameters.</returns>
public string GetBearerAssertionClientAuthenticationParams()
{
StringBuilder args = new StringBuilder();
args.AppendFormat("client_assertion_type={0}", HttpUtility.UrlEncode(CLIENT_ASSERTION_TYPE));
string base64Assertion = SamlAccount.ToBase64ForUrlString(
Encoding.UTF8.GetBytes(_saml20Assertion.XmlAssertion.OuterXml)
);
args.AppendFormat("&client_assertion={0}", base64Assertion);
return(args.ToString());
}
/// <summary>
/// Initializes a new instance of the <see cref="Symplified.Auth.Saml20Authenticator"/> class.
/// </summary>
/// <param name="spName">Service Provider name.</param>
/// <param name="idpMetadata">Identity Provider metadata.</param>
public Saml20Authenticator(string spName, Saml20MetadataDocument idpMetadata) :
base(PLACEHOLDER_URI, PLACEHOLDER_URI)
{
_spName = (string.IsNullOrEmpty(spName)) ? "symplified-mobile-sp" : spName;
_idpMetadata = idpMetadata;
Saml20AuthnRequest authnRequest = Saml20AuthnRequest.GetDefault(_spName);
byte[] xmlBytes = UTF8Encoding.Default.GetBytes(authnRequest.GetXml().OuterXml);
string base64XmlString = SamlAccount.ToBase64ForUrlString(xmlBytes);
initialUrl = new Uri(
String.Format(
"{0}&SAMLRequest={1}", _idpMetadata.SSOEndpoint(SAMLBinding.POST).Url, base64XmlString
)
);
}
/// <summary>
/// Raised when the SAML 2.0 response parameter has been detected.
/// </summary>
/// <param name="url">URL of the page.</param>
/// <param name="query">The parsed query of the URL.</param>
/// <param name="fragment">The parsed fragment of the URL.</param>
/// <param name="formParams">Form parameters, including the 'SAMLResponse'.</param>
protected override void OnRedirectPageLoaded (Uri url, System.Collections.Generic.IDictionary<string, string> query, System.Collections.Generic.IDictionary<string, string> fragment, IDictionary<string, string> formParams)
{
string base64SamlAssertion = formParams.ContainsKey ("SAMLResponse") ? formParams ["SAMLResponse"] : string.Empty;
byte[] xmlSamlAssertionBytes = Convert.FromBase64String (base64SamlAssertion);
string xmlSamlAssertion = System.Text.UTF8Encoding.Default.GetString (xmlSamlAssertionBytes);
XmlDocument xDoc = new XmlDocument ();
xDoc.PreserveWhitespace = true;
xDoc.LoadXml (xmlSamlAssertion);
XmlElement responseElement = (XmlElement)xDoc.SelectSingleNode ("//*[local-name()='Response']");
#if DEBUG
Console.WriteLine ("{0}", responseElement.OuterXml);
#endif
XmlElement assertionElement = (XmlElement)xDoc.SelectSingleNode ("//*[local-name()='Assertion']");
if (assertionElement != null) {
#if DEBUG
Console.WriteLine ("{0}", assertionElement.OuterXml);
#endif
Saml20Assertion samlAssertion = new Saml20Assertion (assertionElement, null, AssertionProfile.Core, false, false);
List<AsymmetricAlgorithm> trustedIssuers = new List<AsymmetricAlgorithm>(1);
foreach (KeyDescriptor key in _idpMetadata.Keys)
{
System.Security.Cryptography.Xml.KeyInfo ki =
(System.Security.Cryptography.Xml.KeyInfo) key.KeyInfo;
foreach (KeyInfoClause clause in ki)
{
AsymmetricAlgorithm aa = XmlSignatureUtils.ExtractKey(clause);
trustedIssuers.Add(aa);
}
}
try {
samlAssertion.CheckValid (trustedIssuers);
SamlAccount sa = new SamlAccount (samlAssertion, responseElement);
OnSucceeded (sa);
}
catch (Saml20Exception samlEx) {
Console.WriteLine (samlEx);
OnError (samlEx.Message);
}
catch (Exception ex) {
Console.WriteLine (ex);
OnError (ex.Message);
}
}
else {
OnError ("No SAML Assertion Found"); ;
}
}