public override ClaimsPrincipal ValidateToken(XmlReader reader, TokenValidationParameters validationParameters, out SecurityToken validatedToken)
{
var inner = null as XmlReader;
var token = null as SecurityToken;
if (IsEncryptedAssertion(reader))
{
reader.Read();
using (var sub = reader.ReadSubtree())
{
sub.MoveToContent();
using (var decrypting = new DecryptingXmlDictionaryReader(sub, validationParameters))
{
var saml2 = base.ReadSaml2Token(decrypting);
token = new Saml2EncryptedSecurityToken(saml2, decrypting.EncryptedData);
inner = XmlReader.Create(new MemoryStream(decrypting.PlainText), reader.Settings);
reader = inner;
}
}
}
var user = base.ValidateToken(reader, validationParameters, out var t);
validatedToken = token ?? t;
inner?.Dispose();
return(user);
}
public virtual Saml2SecurityToken ReadSaml2Token(XmlReader reader, TokenValidationParameters validationParameters)
{
if (IsEncryptedAssertion(reader))
{
using (var decrypting = new DecryptingXmlDictionaryReader(reader, validationParameters))
{
decrypting.Read();
var token = base.ReadSaml2Token(decrypting);
return(new Saml2EncryptedSecurityToken(token, decrypting.EncryptedData));
}
}
return(base.ReadSaml2Token(reader));
}
