private static CommandResult ProcessResponse(IOptions options, Saml2Response samlResponse)
{
var principal = new ClaimsPrincipal(samlResponse.GetClaims(options));
principal = options.SPOptions.SystemIdentityModelIdentityConfiguration
.ClaimsAuthenticationManager.Authenticate(null, principal);
var requestState = samlResponse.GetRequestState(options);
if(requestState == null && options.SPOptions.ReturnUrl == null)
{
throw new ConfigurationErrorsException(MissingReturnUrlMessage);
}
return new CommandResult()
{
HttpStatusCode = HttpStatusCode.SeeOther,
Location = requestState?.ReturnUrl ?? options.SPOptions.ReturnUrl,
Principal = principal,
RelayData =
requestState == null
? null
: requestState.RelayData
};
}
private static CommandResult ProcessResponse(IOptions options, Saml2Response samlResponse, string returnURL)
{
var principal = new ClaimsPrincipal(samlResponse.GetClaims(options));
principal = options.SPOptions.SystemIdentityModelIdentityConfiguration
.ClaimsAuthenticationManager.Authenticate(null, principal);
var requestState = samlResponse.GetRequestState(options);
UriBuilder builder = new UriBuilder(requestState != null && requestState.ReturnUrl != null ? requestState.ReturnUrl : options.SPOptions.ReturnUrl);
if (!string.IsNullOrEmpty(returnURL) && builder.Path.ToString().IndexOf(returnURL, StringComparison.OrdinalIgnoreCase) < 0)
{
builder = new UriBuilder(returnURL);
}
return new CommandResult()
{
HttpStatusCode = HttpStatusCode.SeeOther,
Location = builder.Uri,
Principal = principal,
RelayData =
requestState == null
? null
: requestState.RelayData
};
}
public void Saml2Response_Ctor_FromData()
{
var issuer = new EntityId("http://idp.example.com");
var identity = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, "JohnDoe")
});
var response = new Saml2Response(issuer, null, null, null, identity);
response.Issuer.Should().Be(issuer);
response.GetClaims(Options.FromConfiguration)
.Single()
.ShouldBeEquivalentTo(identity);
}
private static CommandResult ProcessResponse(IOptions options, Saml2Response samlResponse)
{
var principal = new ClaimsPrincipal(samlResponse.GetClaims(options));
principal = options.SPOptions.SystemIdentityModelIdentityConfiguration
.ClaimsAuthenticationManager.Authenticate(null, principal);
var requestState = samlResponse.GetRequestState(options);
return new CommandResult()
{
HttpStatusCode = HttpStatusCode.SeeOther,
Location =
requestState != null && requestState.ReturnUrl != null
? requestState.ReturnUrl
: options.SPOptions.ReturnUrl,
Principal = principal,
RelayData =
requestState == null
? null
: requestState.RelayData
};
}
private static CommandResult ProcessResponse(
IOptions options,
Saml2Response samlResponse,
StoredRequestState storedRequestState)
{
var principal = new ClaimsPrincipal(samlResponse.GetClaims(options));
principal = options.SPOptions.SystemIdentityModelIdentityConfiguration
.ClaimsAuthenticationManager.Authenticate(null, principal);
if(options.SPOptions.ReturnUrl == null)
{
if (storedRequestState == null)
{
throw new ConfigurationErrorsException(UnsolicitedMissingReturnUrlMessage);
}
if(storedRequestState.ReturnUrl == null)
{
throw new ConfigurationErrorsException(SpInitiatedMissingReturnUrl);
}
}
return new CommandResult()
{
HttpStatusCode = HttpStatusCode.SeeOther,
Location = storedRequestState?.ReturnUrl ?? options.SPOptions.ReturnUrl,
Principal = principal,
RelayData = storedRequestState?.RelayData,
SessionNotOnOrAfter = samlResponse.SessionNotOnOrAfter
};
}