public IPrincipal ProcessResponse(string samlResponse, IFederatedAuthenticationSettings settings) { ThrowIf.ArgumentNull(samlResponse, nameof(samlResponse)); ThrowIf.ArgumentNull(settings, nameof(settings)); var token = ReadSecurityToken(samlResponse, settings); if (token == null) { // TODO add logging // Log.DebugFormat("[SAMLHandler] Cannot read non SAML2 token.\n {0}", tokenString); throw new FederatedAuthenticationException("Cannot read token", FederatedAuthenticationErrorCode.WrongFormat); } var samlSecurityTokenRequirement = new SamlSecurityTokenRequirement { NameClaimType = settings.NameClaimType, // "Username", MapToWindows = false }; var handler = new BpSaml2SecurityTokenHandler(samlResponse, samlSecurityTokenRequirement) { Configuration = new SecurityTokenHandlerConfiguration() }; ConfigureHandler(handler.Configuration, settings); ReadOnlyCollection <ClaimsIdentity> validateToken; try { validateToken = handler.ValidateToken(token); } catch (FederatedAuthenticationException faEx) { if (faEx.ErrorCode != FederatedAuthenticationErrorCode.WrongFormat) { throw; } token = (Saml2SecurityToken)handler.ReadToken(samlResponse); validateToken = handler.ValidateToken(token); } return(new ClaimsPrincipal(validateToken)); }
public WrappedSerializer(BpSaml2SecurityTokenHandler parent, Saml2Assertion assertion) { _assertion = assertion; _parent = parent; }