/// <summary> /// Construct the options from the given configuration section /// </summary> /// <param name="configSection"></param> public SPOptions(KentorAuthServicesSection configSection) { if (configSection == null) { throw new ArgumentNullException(nameof(configSection)); } systemIdentityModelIdentityConfiguration = new IdentityConfiguration(true); ReturnUrl = configSection.ReturnUrl; MetadataCacheDuration = configSection.Metadata.CacheDuration; MetadataValidDuration = configSection.Metadata.ValidUntil; WantAssertionsSigned = configSection.Metadata.WantAssertionsSigned; ValidateCertificates = configSection.ValidateCertificates; DiscoveryServiceUrl = configSection.DiscoveryServiceUrl; EntityId = configSection.EntityId; ModulePath = configSection.ModulePath; PublicOrigin = configSection.PublicOrigin; Organization = configSection.Organization; AuthenticateRequestSigningBehavior = configSection.AuthenticateRequestSigningBehavior; NameIdPolicy = new Saml2NameIdPolicy( configSection.NameIdPolicyElement.AllowCreate, configSection.NameIdPolicyElement.Format); RequestedAuthnContext = new Saml2RequestedAuthnContext(configSection.RequestedAuthnContext); configSection.ServiceCertificates.RegisterServiceCertificates(this); foreach (var acs in configSection.AttributeConsumingServices) { AttributeConsumingServices.Add(acs); } foreach (var contact in configSection.Contacts) { Contacts.Add(contact); } }
public void Saml2ReqestedAuthnContext_Ctor() { var classRef = "http://id.sambi.se/loa2"; var subject = new Saml2RequestedAuthnContext(new Uri(classRef), AuthnContextComparisonType.Maximum); subject.ClassRef.OriginalString.Should().Be(classRef); subject.Comparison.Should().Be(AuthnContextComparisonType.Maximum); }
public void Saml2RequestedAuthnContext_Ctor_HandlesEmpty() { var config = new RequestedAuthnContextElement(); var subject = new Saml2RequestedAuthnContext(config); subject.ClassRef.Should().BeNull(); }
public void Saml2RequestedAuthnContext_Ctor_HandlesFullUri() { var config = new RequestedAuthnContextElement(); config.AllowChange = true; var classRef = "http://id.sambi.se/loa2"; config.AuthnContextClassRef = classRef; var subject = new Saml2RequestedAuthnContext(config); subject.ClassRef.Should().Be(classRef); }
private void InitializeAuthnRequestProperties(AuthenticationRequest samlRequest) { samlRequest.AssertionConsumerServiceUrl = new Uri(ssoAgentConfig.Saml2.ACSURL); samlRequest.DestinationUrl = new Uri(ssoAgentConfig.Saml2.IdPURL); samlRequest.ForceAuthentication = ssoAgentConfig.Saml2.IsForceAuthn; samlRequest.Issuer = new EntityId(ssoAgentConfig.Saml2.SPEntityId); samlRequest.ProtocolBinding = ssoAgentConfig.Saml2.HttpBinding; if (Int32.TryParse(ssoAgentConfig.Saml2.AttributeConsumingServiceIndex, out int attributeConsumingServiceIndex)) { samlRequest.AttributeConsumingServiceIndex = attributeConsumingServiceIndex; } Saml2NameIdPolicy nameIdPolocy = new Saml2NameIdPolicy(true, NameIdFormat.Persistent); Saml2RequestedAuthnContext saml2RequestedAuthnContext = new Saml2RequestedAuthnContext( new Uri("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"), AuthnContextComparisonType.Exact); samlRequest.RequestedAuthnContext = saml2RequestedAuthnContext; }
/// <summary> /// Construct the options from the given configuration section /// </summary> /// <param name="configSection"></param> public SPOptions(SustainsysSaml2Section configSection) { if (configSection == null) { throw new ArgumentNullException(nameof(configSection)); } ReturnUrl = configSection.ReturnUrl; MetadataCacheDuration = configSection.Metadata.CacheDuration; MetadataValidDuration = configSection.Metadata.ValidUntil; WantAssertionsSigned = configSection.Metadata.WantAssertionsSigned; ValidateCertificates = configSection.ValidateCertificates; DiscoveryServiceUrl = configSection.DiscoveryServiceUrl; EntityId = configSection.EntityId; ModulePath = configSection.ModulePath; PublicOrigin = configSection.PublicOrigin; Organization = configSection.Organization; OutboundSigningAlgorithm = XmlHelpers.GetFullSigningAlgorithmName(configSection.OutboundSigningAlgorithm); MinIncomingSigningAlgorithm = XmlHelpers.GetFullSigningAlgorithmName(configSection.MinIncomingSigningAlgorithm); AuthenticateRequestSigningBehavior = configSection.AuthenticateRequestSigningBehavior; NameIdPolicy = new Saml2NameIdPolicy( configSection.NameIdPolicyElement.AllowCreate, configSection.NameIdPolicyElement.Format); RequestedAuthnContext = new Saml2RequestedAuthnContext(configSection.RequestedAuthnContext); Compatibility = new Compatibility(configSection.Compatibility); configSection.ServiceCertificates.RegisterServiceCertificates(this); foreach (var acs in configSection.AttributeConsumingServices) { AttributeConsumingServices.Add(acs); } foreach (var contact in configSection.Contacts) { Contacts.Add(contact); } }