public XmlDocument EndpointMapSamlRequest(Endpoint endpoint) { AuthnRequestType request = new AuthnRequestType { ID = Helper.GuidAsIdString(endpoint.Id), Version = Saml.Names.SAMLVersion, ProviderName = endpoint.Description, Destination = endpoint.Login, IssueInstant = DateTime.UtcNow, Issuer = new NameIDType { Value = endpoint.Requestor }, AssertionConsumerServiceURL = endpoint.Requestor, ProtocolBinding = Saml.Names.SAMLNamesProtocolBindingPOST, ForceAuthn = false, ForceAuthnSpecified = true, //When ForceAuthn true, user will be forced to re-authenticate, even if valid session IsPassive = false, IsPassiveSpecified = true, //When IsPassive true, authenticate user silently, without user interaction, using the session cookie if one exists Subject = new SubjectType { Items = new object[] { new NameIDType { Value = endpoint.Id, Format = Saml.Names.SAMLNamesFormatIssuerEntity }, new SubjectConfirmationType { Method = Saml.Names.SAMLNamesSubjectConfirmationBaerer, SubjectConfirmationData = new SubjectConfirmationDataType { NotOnOrAfter = DateTime.UtcNow.AddMinutes(Saml.Names.SAMLAssertionExpirationMinutes), Recipient = endpoint.Requestor } } } }, Conditions = new ConditionsType { NotBefore = DateTime.UtcNow, NotBeforeSpecified = true, NotOnOrAfter = DateTime.UtcNow.AddMinutes(Saml.Names.SAMLAssertionExpirationMinutes), NotOnOrAfterSpecified = true, Items = new ConditionAbstractType[] { new AudienceRestrictionType { Audience = new string[] { endpoint.Referrer } } } } }; XmlDocument xmlRequest = Saml.Helper.SerializeAndSignSAMLType <AuthnRequestType>(request, request.ID); return(xmlRequest); }
public XmlDocument EndpointMapSamlResponseError(string statusMessage) { ResponseType response = new ResponseType { ID = Helper.GuidAsIdString(), Version = Saml.Names.SAMLVersion, IssueInstant = DateTime.UtcNow, Issuer = new NameIDType { Value = Saml.Names.SAMLMessageDefaultIssuer, Format = Saml.Names.SAMLNamesFormatBasic }, Status = new StatusType { StatusCode = new StatusCodeType { Value = Saml.Names.SAMLNamesStatusFailed }, StatusMessage = statusMessage } }; XmlDocument xmlResponse = Saml.Helper.SerializeAndSignSAMLType <ResponseType>(response, response.ID); return(xmlResponse); }
public XmlDocument EndpointMapSamlResponse(Endpoint endpoint, AttributeType[] claims) { string subjectId = claims.FirstOrDefault(c => c.FriendlyName == Names.MapCredentialUniqueId)?.AttributeValue[Names.DataSingleValue]?.ToString() ?? string.Empty; AssertionType assertion = new AssertionType { ID = Helper.GuidAsIdString(endpoint.Id), Version = Saml.Names.SAMLVersion, IssueInstant = DateTime.UtcNow, Issuer = new NameIDType { Value = endpoint.Id, Format = Saml.Names.SAMLNamesFormatIssuerEntity }, Conditions = new ConditionsType { NotBefore = DateTime.UtcNow, NotBeforeSpecified = true, NotOnOrAfter = DateTime.UtcNow.AddMinutes(Saml.Names.SAMLAssertionExpirationMinutes), NotOnOrAfterSpecified = true, Items = new ConditionAbstractType[] { new AudienceRestrictionType { Audience = new[] { endpoint.Requestor } }, new OneTimeUseType { } } }, Subject = new SubjectType { Items = new object[] { new NameIDType { Value = subjectId, Format = Saml.Names.SAMLNamesFormatIssuerEntity }, new SubjectConfirmationType { Method = Saml.Names.SAMLNamesSubjectConfirmationBaerer, SubjectConfirmationData = new SubjectConfirmationDataType { NotOnOrAfter = DateTime.UtcNow.AddMinutes(Saml.Names.SAMLAssertionExpirationMinutes), Recipient = endpoint.Requestor } } } }, Items = new StatementAbstractType[] { new AttributeStatementType { Items = claims }, new AuthnStatementType { AuthnInstant = DateTime.UtcNow, SessionIndex = endpoint.Id, AuthnContext = new AuthnContextType { Items = new object[] { Saml.Names.SAMLNamesContextClassPassword }, ItemsElementName = new[] { ItemsChoiceAuthnContext.AuthnContextClassRef } } } } }; ResponseType response = new ResponseType { ID = Helper.GuidAsIdString(), Version = Saml.Names.SAMLVersion, IssueInstant = DateTime.UtcNow, Destination = endpoint.Requestor, Issuer = new NameIDType { Value = endpoint.Responder, Format = Saml.Names.SAMLNamesFormatIssuerEntity }, Status = new StatusType { StatusCode = new StatusCodeType { Value = Saml.Names.SAMLNamesStatusSuccess } }, Items = new[] { assertion } }; XmlDocument xmlResponse = Saml.Helper.SerializeAndSignSAMLType <ResponseType>(response, response.ID); return(xmlResponse); }