public string GetRequest(SamlRequestFormat format, string assertionConsumerServiceUrl, string certPath, string certPassword)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", _id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", _issueInstant);
xw.WriteAttributeString("Destination", _ssoSettings.SsoEndPoint);
xw.WriteAttributeString("AssertionConsumerServiceURL", assertionConsumerServiceUrl);
// for ADFS
xw.WriteAttributeString("Consent", "urn:oasis:names:tc:SAML:2.0:consent:unspecified");
xw.WriteStartElement("Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("www.sp.com");
xw.WriteEndElement();
// for ADFS
xw.WriteStartElement("Conditions", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteStartElement("AudienceRestriction");
xw.WriteStartElement("Audience");
xw.WriteString(assertionConsumerServiceUrl);
xw.WriteEndElement();
xw.WriteEndElement();
xw.WriteEndElement();
xw.WriteEndElement();
}
_log.DebugFormat("Format: {0}, SAML Request: {1}", format, sw.ToString());
if (format == SamlRequestFormat.Base64)
{
XmlDocument xdoc = new XmlDocument();
xdoc.LoadXml(sw.ToString());
AsymmetricAlgorithm privateKey;
try
{
_log.DebugFormat("Using certificate for signing saml requests. certPath={0}", certPath);
X509Certificate2 cert = new X509Certificate2(certPath, certPassword);
privateKey = cert.PrivateKey;
}
catch (CryptographicException ex)
{
_log.DebugFormat("Using SAML requests without certificate. {0}", ex);
privateKey = null;
}
catch (Exception ex)
{
_log.ErrorFormat("Certification error. {0}", ex);
throw new Exception("Certification error");
}
return(CreateQueryString(xdoc.DocumentElement, privateKey));
}
_log.ErrorFormat("Unknown format: {0}", format);
return(null);
}
}
public string GetRequest(SamlRequestFormat format, string assertionConsumerServiceUrl, string certPath, string certPassword)
{
using (StringWriter sw = new StringWriter())
{
XmlWriterSettings xws = new XmlWriterSettings();
xws.OmitXmlDeclaration = true;
using (XmlWriter xw = XmlWriter.Create(sw, xws))
{
xw.WriteStartElement("samlp", "AuthnRequest", "urn:oasis:names:tc:SAML:2.0:protocol");
xw.WriteAttributeString("ID", _id);
xw.WriteAttributeString("Version", "2.0");
xw.WriteAttributeString("IssueInstant", _issueInstant);
xw.WriteAttributeString("Destination", _ssoSettings.SsoEndPoint);
xw.WriteAttributeString("AssertionConsumerServiceURL", assertionConsumerServiceUrl);
// for ADFS
xw.WriteAttributeString("Consent", "urn:oasis:names:tc:SAML:2.0:consent:unspecified");
xw.WriteStartElement("Issuer", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteString("www.sp.com");
xw.WriteEndElement();
// for ADFS
xw.WriteStartElement("Conditions", "urn:oasis:names:tc:SAML:2.0:assertion");
xw.WriteStartElement("AudienceRestriction");
xw.WriteStartElement("Audience");
xw.WriteString(assertionConsumerServiceUrl);
xw.WriteEndElement();
xw.WriteEndElement();
xw.WriteEndElement();
xw.WriteEndElement();
}
_log.DebugFormat("Format: {0}, SAML Request: {1}", format, sw.ToString());
if (format == SamlRequestFormat.Base64)
{
XmlDocument xdoc = new XmlDocument();
xdoc.LoadXml(sw.ToString());
AsymmetricAlgorithm privateKey;
try
{
_log.DebugFormat("Using certificate for signing saml requests. certPath={0}", certPath);
X509Certificate2 cert = new X509Certificate2(certPath, certPassword);
privateKey = cert.PrivateKey;
}
catch (CryptographicException ex)
{
_log.DebugFormat("Using SAML requests without certificate. {0}", ex);
privateKey = null;
}
catch (Exception ex)
{
_log.ErrorFormat("Certification error. {0}", ex);
throw new Exception("Certification error");
}
return CreateQueryString(xdoc.DocumentElement, privateKey);
}
_log.ErrorFormat("Unknown format: {0}", format);
return null;
}
}
