public static SPSSODescriptorConfiguration BuildSPSSODescriptorConfiguration()
{
var sPSSODescriptorConfiguration = new SPSSODescriptorConfiguration
{
WantAssertionsSigned = true,
ValidUntil = new DateTimeOffset(DateTime.Now.AddDays(100)),
Organisation = MetadataHelper.BuikdOrganisationConfiguration(),
AuthenticationRequestsSigned = true,
CacheDuration = TimeSpan.FromDays(100),
RoleDescriptorType = typeof(ServiceProviderSingleSignOnDescriptor)
};
//supported protocols
sPSSODescriptorConfiguration.ProtocolSupported.Add(new Uri("urn:oasis:names:tc:SAML:2.0:protocol"));
//key descriptors
var keyDescriptorConfiguration = MetadataHelper.BuildKeyDescriptorConfiguration();
sPSSODescriptorConfiguration.KeyDescriptors.Add(keyDescriptorConfiguration);
//assertinon service
var indexedEndPointConfiguration = new IndexedEndPointConfiguration
{
Index = 0,
IsDefault = true,
Binding = new Uri("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"),
Location = new Uri("http://localhost:60879/api/Account/SSOLogon")
};
sPSSODescriptorConfiguration.AssertionConsumerServices.Add(indexedEndPointConfiguration);
return(sPSSODescriptorConfiguration);
}
private static SPSSODescriptorConfiguration BuildSPSSODescriptorConfiguration(SPDescriptorSettings sPDescriptor, OrganisationConfiguration organisation)
{
var sPSSODescriptorConfiguration = new SPSSODescriptorConfiguration
{
WantAssertionsSigned = sPDescriptor.WantAssertionsSigned,
ValidUntil = sPDescriptor.ValidUntil,
Organisation = organisation,
AuthenticationRequestsSigned = sPDescriptor.RequestSigned,
CacheDuration = MetadataHelper.TimeSpanFromDatapartEntry(sPDescriptor.CacheDuration),
RoleDescriptorType = typeof(ServiceProviderSingleSignOnDescriptor),
ErrorUrl = new Uri(sPDescriptor.ErrorUrl)
};
//sort this out missing in the models
sPSSODescriptorConfiguration.NameIdentifierFormats.Add(new Uri("urn:oasis:names:tc:SAML:2.0:nameid-format:transient"));
sPSSODescriptorConfiguration.NameIdentifierFormats.Add(new Uri("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"));
//logout services
sPDescriptor.LogoutServices.Aggregate(sPSSODescriptorConfiguration.SingleLogoutServices, (t, next) =>
{
t.Add(new EndPointConfiguration
{
Binding = new Uri(next.Binding.Uri),
Location = new Uri(next.Url)
});
return(t);
});
//supported protocols
sPDescriptor.Protocols.Aggregate(sPSSODescriptorConfiguration.ProtocolSupported, (t, next) =>
{
t.Add(new Uri(next.Uri));
return(t);
});
//key descriptors
sPDescriptor.Certificates.Aggregate(sPSSODescriptorConfiguration.KeyDescriptors, (t, next) =>
{
var keyDescriptorConfiguration = MetadataHelper.BuildKeyDescriptorConfiguration(next);
t.Add(keyDescriptorConfiguration);
return(t);
});
//assertinon service
sPDescriptor.AssertionServices.Aggregate(sPSSODescriptorConfiguration.AssertionConsumerServices, (t, next) =>
{
var indexedEndPointConfiguration = new IndexedEndPointConfiguration
{
Index = next.Index,
IsDefault = next.IsDefault,
Binding = new Uri(next.Binding.Uri),
Location = new Uri(next.Url)
};
t.Add(indexedEndPointConfiguration);
return(t);
});
return(sPSSODescriptorConfiguration);
}
