private async Task <bool> HandleHttpArtifact()
{
if (!Request.Path.Value.EndsWith(Options.AssertionConsumerServiceUrl, StringComparison.OrdinalIgnoreCase) ||
!_httpArtifactBinding.IsValid(Context.Request))
{
return(false);
}
_logger.LogDebug($"Entering {nameof(HandleHttpArtifact)}");
var properties = await _sessionStore.LoadAsync <AuthenticationProperties>() ?? new AuthenticationProperties();
properties.Items.TryGetValue(AuthnRequestIdKey, out string initialAuthnRequestId);
var assertion = _samlService.HandleHttpArtifactResponse(Context.Request, initialAuthnRequestId);
await SignIn(assertion, properties);
await _sessionStore.RemoveAsync <AuthenticationProperties>();
var redirectUrl = GetRedirectUrl(properties);
_logger.LogDebug(
$"Method={nameof(HandleHttpArtifact)}. Received and handled SSO artifact response. Redirecting to {redirectUrl}");
Context.Response.Redirect(redirectUrl, true);
return(true);
}
private async Task <bool> HandleHttpArtifact()
{
if (!Request.Path.Value.EndsWith(Options.AssertionConsumerServiceUrl, StringComparison.OrdinalIgnoreCase))
{
return(false);
}
_logger.LogDebug($"Entering {nameof(HandleHttpArtifact)}");
if (!_httpArtifactBinding.IsValid(Context.Request))
{
return(false);
}
var initialAuthnRequestId = GetRequestId(); //TODO validate inResponseTo
var assertion = _samlService.HandleHttpArtifactResponse(Context.Request);
var relayState = _httpArtifactBinding.GetRelayState(Context.Request);
var authenticationProperties =
Options.StateDataFormat.Unprotect(relayState) ?? new AuthenticationProperties();
await SignIn(assertion, authenticationProperties);
var cookieOptions = Options.RequestIdCookie.Build(Context, Clock.UtcNow);
Response.DeleteAllRequestIdCookies(Context.Request, cookieOptions);
var redirectUrl = GetRedirectUrl(authenticationProperties);
_logger.LogDebug(
$"Method={nameof(HandleHttpArtifact)}. Received and handled SSO artifact response. Redirecting to {redirectUrl}");
Context.Response.Redirect(redirectUrl, true);
return(true);
}
