private static void CreateRelyingParty(ManagementService client, string relyingPartyName, string ruleGroupName, string realmAddress, string replyAddress, TokenType tokenType, int tokenLifetime, bool asymmetricTokenEncryptionRequired, out RelyingParty relyingParty)
{
// Create Relying Party
relyingParty = new RelyingParty
{
Name = relyingPartyName,
DisplayName = relyingPartyName,
Description = relyingPartyName,
TokenType = tokenType.ToString(),
TokenLifetime = tokenLifetime,
AsymmetricTokenEncryptionRequired = asymmetricTokenEncryptionRequired
};
client.AddObject("RelyingParties", relyingParty);
client.SaveChanges();
if (!string.IsNullOrWhiteSpace(ruleGroupName))
{
RuleGroup ruleGroup = client.RuleGroups.Where(rg => rg.Name.Equals(ruleGroupName, StringComparison.OrdinalIgnoreCase)).FirstOrDefault();
if (ruleGroup == null)
{
ruleGroup = new RuleGroup
{
Name = ruleGroupName
};
client.AddToRuleGroups(ruleGroup);
client.SaveChanges();
}
var relyingPartyRuleGroup = new RelyingPartyRuleGroup
{
RuleGroupId = ruleGroup.Id,
RelyingParty = relyingParty
};
client.AddRelatedObject(relyingParty, "RelyingPartyRuleGroups", relyingPartyRuleGroup);
}
// Create the Realm for Relying Party
var realm = new RelyingPartyAddress
{
Address = realmAddress,
EndpointType = RelyingPartyAddressEndpointType.Realm.ToString(),
RelyingParty = relyingParty
};
client.AddRelatedObject(relyingParty, "RelyingPartyAddresses", realm);
if (!string.IsNullOrEmpty(replyAddress))
{
var reply = new RelyingPartyAddress
{
Address = replyAddress,
EndpointType = RelyingPartyAddressEndpointType.Reply.ToString(),
RelyingParty = relyingParty
};
client.AddRelatedObject(relyingParty, "RelyingPartyAddresses", reply);
}
client.SaveChanges(SaveChangesOptions.Batch);
}
public void AddRelyingPartyWithKey(string relyingPartyName, string realmAddress, string replyAddress, byte[] symmetricKey,
TokenType tokenType, int tokenLifetime,
byte[] signingCert, string signingCertPassword, DateTime? signingStartDate, DateTime? signingEndDate,
byte[] encryptionCert, string ruleGroupName, string[] allowedIdentityProviders)
{
try
{
var client = this.CreateManagementServiceClient();
var defaultStartDate = DateTime.UtcNow;
var defaultEndDate = defaultStartDate.AddYears(1);
var asymmetricTokenEncryptionRequired = encryptionCert != null;
RelyingParty relyingParty;
CreateRelyingParty(client, relyingPartyName, ruleGroupName, realmAddress, string.Empty, tokenType, tokenLifetime,
asymmetricTokenEncryptionRequired, out relyingParty);
// Create the Reply for Relying Party
var reply = new RelyingPartyAddress
{
Address = replyAddress,
EndpointType = RelyingPartyAddressEndpointType.Reply.ToString(),
RelyingParty = relyingParty
};
client.AddRelatedObject(relyingParty, "RelyingPartyAddresses", reply);
client.SaveChanges();
if (signingCert != null)
{
AddSigningKeyToRelyingParty(client, relyingPartyName, signingCert, signingCertPassword, signingStartDate.Value, signingEndDate.Value, relyingParty);
}
if (symmetricKey != null)
{
AddSigningKeyToRelyingParty(client, relyingPartyName, symmetricKey, defaultStartDate, defaultEndDate, relyingParty);
}
if (asymmetricTokenEncryptionRequired)
{
AddEncryptionKeyToRelyingParty(client, relyingPartyName, encryptionCert, defaultStartDate, defaultEndDate, relyingParty);
}
client.SaveChanges();
AddIdentityProviderToRelyingParty(client, allowedIdentityProviders, relyingParty);
}
catch (Exception ex)
{
throw TryGetExceptionDetails(ex);
}
}
