public Issuer AddFacebookIdentityProvider(string displayName, string facebookAppId, string facebookAppSecret, string[] loginParameters) { try { var client = this.CreateManagementServiceClient(); var issuer = new Issuer { Name = string.Format(CultureInfo.InvariantCulture, "{0}-{1}", "Facebook", facebookAppId) }; client.AddToIssuers(issuer); client.SaveChanges(SaveChangesOptions.Batch); var facebook = new IdentityProvider { DisplayName = displayName, LoginLinkName = "Facebook", LoginParameters = String.Join(",", loginParameters), WebSSOProtocolType = WebSSOProtocolType.Facebook.ToString(), IssuerId = issuer.Id }; client.AddObject("IdentityProviders", facebook); var facebookKeys = new[] { new IdentityProviderKey { IdentityProvider = facebook, StartDate = DateTime.UtcNow, EndDate = DateTime.UtcNow.AddYears(1), Type = KeyType.ApplicationKey.ToString(), Usage = KeyUsage.ApplicationId.ToString(), Value = Encoding.Default.GetBytes(facebookAppId) }, new IdentityProviderKey { IdentityProvider = facebook, StartDate = DateTime.UtcNow, EndDate = DateTime.UtcNow.AddYears(1), Type = KeyType.ApplicationKey.ToString(), Usage = KeyUsage.ApplicationSecret.ToString(), Value = Encoding.Default.GetBytes(facebookAppSecret) } }; foreach (var key in facebookKeys) { client.AddRelatedObject(facebook, "IdentityProviderKeys", key); } client.SaveChanges(SaveChangesOptions.Batch); return issuer; } catch (Exception ex) { throw TryGetExceptionDetails(ex); } }
public Issuer AddIdentityProviderManually(string displayName, string federationUrl, WebSSOProtocolType protocolType, byte[] signingValidationCert = null, string[] allowedRelyingParties = null) { try { var client = this.CreateManagementServiceClient(); var defaultStartDate = DateTime.UtcNow; var defaultEndDate = defaultStartDate.AddYears(1); var issuer = new Issuer { Name = displayName }; var oldIssuer = client.Issuers.Where(ip => ip.Name == issuer.Name).FirstOrDefault(); if (oldIssuer != null) { client.DeleteObject(oldIssuer); } client.AddToIssuers(issuer); client.SaveChanges(SaveChangesOptions.Batch); var identityProvider = new IdentityProvider { DisplayName = displayName, WebSSOProtocolType = protocolType.ToString(), LoginLinkName = displayName, IssuerId = issuer.Id }; var oldIdentityProvider = client.IdentityProviders.Where(ip => ip.DisplayName.Equals(identityProvider.DisplayName, StringComparison.OrdinalIgnoreCase)) .FirstOrDefault(); if (oldIdentityProvider != null) { client.DeleteObject(oldIdentityProvider); client.SaveChanges(); } client.AddToIdentityProviders(identityProvider); client.SaveChanges(SaveChangesOptions.Batch); // Identity provider public key to verify the signature if (signingValidationCert != null) { var key = new IdentityProviderKey { IdentityProviderId = identityProvider.Id, DisplayName = "Signing Key for " + displayName, StartDate = defaultStartDate, EndDate = defaultEndDate, Type = KeyType.X509Certificate.ToString(), Usage = KeyUsage.Signing.ToString(), Value = signingValidationCert }; client.AddToIdentityProviderKeys(key); client.SaveChanges(SaveChangesOptions.Batch); } // WS-Federation sign-in URL var federationSignInAddress = new IdentityProviderAddress { IdentityProviderId = identityProvider.Id, EndpointType = EndpointType.SignIn.ToString(), Address = federationUrl }; client.AddToIdentityProviderAddresses(federationSignInAddress); client.SaveChanges(SaveChangesOptions.Batch); return issuer; } catch (Exception ex) { throw TryGetExceptionDetails(ex); } }
public void AddPassThroughRuleToRuleGroup(string ruleGroupName, Issuer issuer, string inputClaimType = null, string outputClaimType = null) { try { var rule = new Rule { InputClaimType = inputClaimType, OutputClaimType = outputClaimType }; this.AddRuleToRuleGroup(ruleGroupName, issuer, rule); } catch (Exception ex) { throw TryGetExceptionDetails(ex); } }
private void AddRuleToRuleGroup(string ruleGroupName, Issuer issuer, Rule rule) { var client = this.CreateManagementServiceClient(); RuleGroup ruleGroup = client.RuleGroups.AddQueryOption("$filter", "Name eq '" + ruleGroupName + "'").FirstOrDefault(); if (ruleGroup == null) { throw new InvalidOperationException("Rule Group: " + ruleGroupName + " does not exist"); } rule.IssuerId = issuer.Id; rule.RuleGroup = ruleGroup; client.AddRelatedObject(ruleGroup, "Rules", rule); client.SaveChanges(); }