public void ShouldCreateSignedMessage() { var privateCert = new X509Certificate2(File.ReadAllBytes("PrivateTestCert.pfx"), "test"); var options = new SamlOptions { SignOutgoingMessages = true, ServiceProviderCertificate = privateCert }; var authnRequestMessage = new SamlLogoutRequestMessage { NameId = "test" }; var xmlDocument = _logoutRequestFactory.CreateMessage(options, authnRequestMessage); var mgr = new XmlNamespaceManager(xmlDocument.NameTable); mgr.AddNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol"); mgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion"); var logoutResponseNode = xmlDocument.SelectSingleNode("/samlp:LogoutRequest", mgr); var issuerNode = xmlDocument.SelectSingleNode("/samlp:LogoutRequest/saml:Issuer", mgr); var nameIDNode = xmlDocument.SelectSingleNode("/samlp:LogoutRequest/saml:NameID", mgr); var sessionIndexNode = xmlDocument.SelectSingleNode("/samlp:LogoutRequest/samlp:SessionIndex", mgr); Assert.NotNull(logoutResponseNode); Assert.NotNull(issuerNode); Assert.NotNull(nameIDNode); Assert.NotNull(sessionIndexNode); Assert.Equal("", logoutResponseNode.Attributes["Destination"].Value); Assert.Equal("2.0", logoutResponseNode.Attributes["Version"].Value); Assert.Equal("test", nameIDNode.InnerText); }
/// <inheritdoc /> public Task SignOutAsync(AuthenticationProperties properties) { //SP-initiated Signout var logoutRequestMessage = new SamlLogoutRequestMessage { Issuer = Options.ServiceProviderEntityId, Destination = Options.IdentityProviderLogOutUrl, NameId = Context.User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value, SessionIndex = Context.User.Claims.FirstOrDefault(c => c.Type == SamlAuthenticationDefaults.SessionIndexClaimType)?.Value }; _spInitiatedLogoutRequestHandler.Handle(Options, Context, logoutRequestMessage, Options.IdentityProviderLogOutUrl, Options.LogoutRequestBinding, properties?.RedirectUri ?? Request.Path); return(Task.CompletedTask); }