public SSOSamlResponse(AuthnRequest authReq) { ID = "_" + System.Guid.NewGuid().ToString(); InResponseTo = authReq.ID; Version = authReq.Version; IssueInstant = DateTime.Now.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ"); Destination = authReq.AssertionConsumerServiceURL; Issuer = (string.IsNullOrEmpty(ConfigurationManager.AppSettings["IDPIssuer"])) ? "Microchip" : ConfigurationManager.AppSettings["IDPIssuer"]; status = "urn:oasis:names:tc:SAML:2.0:status:Success"; }
public SSOSamlResponse(AuthnRequest authReq) { ID = "_" + System.Guid.NewGuid().ToString(); InResponseTo = authReq.ID; Version = authReq.Version; IssueInstant = DateTime.Now.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ"); Destination = authReq.AssertionConsumerServiceURL; Issuer = (string.IsNullOrEmpty(ConfigurationManager.AppSettings["IDPIssuer"])) ? "Microchip" : ConfigurationManager.AppSettings["IDPIssuer"]; status = "urn:oasis:names:tc:SAML:2.0:status:Success"; }
public AuthnRequest RecieveSSO(HttpRequest request) { XmlElement authnRequestElement = (XmlElement)null; if (request.RequestType == "GET") { RecieveRequest(request, out authnRequestElement); } AuthnRequest authRequest = new AuthnRequest(authnRequestElement); return authRequest; }
public AuthnRequest RecieveSSO(HttpRequest request) { XmlElement authnRequestElement = (XmlElement)null; if (request.RequestType == "GET") { RecieveRequest(request, out authnRequestElement); } AuthnRequest authRequest = new AuthnRequest(authnRequestElement); return(authRequest); }
private string CreateSAMLResponse(string userName, IDictionary <string, string> attributes, AuthnRequest authnRequest) { SSOSamlResponse SAMLResponse = new SSOSamlResponse(authnRequest); using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "Response", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", SAMLResponse.ID); xw.WriteAttributeString("Version", SAMLResponse.Version); xw.WriteAttributeString("IssueInstant", SAMLResponse.IssueInstant); xw.WriteAttributeString("Destination", SAMLResponse.Destination); xw.WriteAttributeString("InResponseTo", SAMLResponse.InResponseTo); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(SAMLResponse.Issuer); xw.WriteEndElement(); //assertion xw.WriteStartElement("saml", "Assertion", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Version", SAMLResponse.Version); xw.WriteAttributeString("ID", SAMLResponse.ID); xw.WriteAttributeString("IssueInstant", SAMLResponse.IssueInstant); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(SAMLResponse.Issuer); xw.WriteEndElement(); xw.WriteStartElement("saml", "Subject", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteStartElement("saml", "NameID", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"); xw.WriteString(userName); xw.WriteEndElement(); xw.WriteStartElement("saml", "SubjectConfirmation", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Method", "urn:oasis:names:tc:SAML:2.0:cm:bearer"); xw.WriteStartElement("saml", "SubjectConfirmationData", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Recipient", authnRequest.AssertionConsumerServiceURL); xw.WriteAttributeString("InResponseTo", SAMLResponse.InResponseTo); xw.WriteEndElement(); //subjectconfiramationdata xw.WriteEndElement(); //subjectconfiramation xw.WriteEndElement(); //subject xw.WriteStartElement("saml", "AuthnStatement", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("AuthnInstant", authnRequest.IssueInstant); // xw.WriteAttributeString("SessionIndex", authnRequest.IssueInstant); //what to do? xw.WriteStartElement("saml", "AuthnContext", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified"); xw.WriteEndElement(); //AuthnContextClassRef xw.WriteEndElement(); //AuthnContext xw.WriteEndElement(); //AuthnStatement xw.WriteStartElement("saml", "AttributeStatement", "urn:oasis:names:tc:SAML:2.0:assertion"); foreach (KeyValuePair <string, string> kvp in attributes) { xw.WriteStartElement("saml", "Attribute", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Name", kvp.Key); xw.WriteStartElement("saml", "AttributeValue", "urn:oasis:names:tc:SAML:2.0:assertion"); //xw.WriteAttributeString("xsi:type", "xs:string"); xw.WriteString(kvp.Value); xw.WriteEndElement(); //AttributeValue xw.WriteEndElement(); //Attribute } xw.WriteEndElement(); //AttributeStatement xw.WriteEndElement(); //assertion xw.WriteStartElement("samlp", "Status", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteStartElement("samlp", "StatusCode", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Value", SAMLResponse.status); xw.WriteEndElement(); xw.WriteEndElement(); xw.WriteEndElement(); } XmlDocument xmldoc = new XmlDocument(); xmldoc.LoadXml(sw.ToString()); X509Certificate2 xcert = new X509Certificate2(HttpRuntime.AppDomainAppPath + "\\" + "idp.pfx", "password"); AppendSignatureToXMLDocument(ref xmldoc, "", xcert); byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(xmldoc.OuterXml.ToString()); return(System.Convert.ToBase64String(toEncodeAsBytes)); } return(null); }
public void SendSSO(HttpResponse httpResponse, string userName, IDictionary <string, string> attributes, AuthnRequest authnRequest) { string samlResponse = CreateSAMLResponse(userName, attributes, authnRequest); SendResponse(httpResponse, authnRequest.AssertionConsumerServiceURL, "SAMLResponse", samlResponse); }
private string CreateSAMLResponse(string userName, IDictionary<string, string> attributes, AuthnRequest authnRequest) { SSOSamlResponse SAMLResponse = new SSOSamlResponse(authnRequest); using (StringWriter sw = new StringWriter()) { XmlWriterSettings xws = new XmlWriterSettings(); xws.OmitXmlDeclaration = true; using (XmlWriter xw = XmlWriter.Create(sw, xws)) { xw.WriteStartElement("samlp", "Response", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("ID", SAMLResponse.ID); xw.WriteAttributeString("Version", SAMLResponse.Version); xw.WriteAttributeString("IssueInstant", SAMLResponse.IssueInstant); xw.WriteAttributeString("Destination", SAMLResponse.Destination); xw.WriteAttributeString("InResponseTo", SAMLResponse.InResponseTo); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(SAMLResponse.Issuer); xw.WriteEndElement(); //assertion xw.WriteStartElement("saml", "Assertion", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Version", SAMLResponse.Version); xw.WriteAttributeString("ID", SAMLResponse.ID); xw.WriteAttributeString("IssueInstant", SAMLResponse.IssueInstant); xw.WriteStartElement("saml", "Issuer", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString(SAMLResponse.Issuer); xw.WriteEndElement(); xw.WriteStartElement("saml", "Subject", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteStartElement("saml", "NameID", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"); xw.WriteString(userName); xw.WriteEndElement(); xw.WriteStartElement("saml", "SubjectConfirmation", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Method", "urn:oasis:names:tc:SAML:2.0:cm:bearer"); xw.WriteStartElement("saml", "SubjectConfirmationData", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Recipient", authnRequest.AssertionConsumerServiceURL); xw.WriteAttributeString("InResponseTo", SAMLResponse.InResponseTo); xw.WriteEndElement();//subjectconfiramationdata xw.WriteEndElement();//subjectconfiramation xw.WriteEndElement();//subject xw.WriteStartElement("saml", "AuthnStatement", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("AuthnInstant", authnRequest.IssueInstant); // xw.WriteAttributeString("SessionIndex", authnRequest.IssueInstant); //what to do? xw.WriteStartElement("saml", "AuthnContext", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteStartElement("saml", "AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteString("urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified"); xw.WriteEndElement();//AuthnContextClassRef xw.WriteEndElement();//AuthnContext xw.WriteEndElement();//AuthnStatement xw.WriteStartElement("saml", "AttributeStatement", "urn:oasis:names:tc:SAML:2.0:assertion"); foreach (KeyValuePair<string, string> kvp in attributes) { xw.WriteStartElement("saml", "Attribute", "urn:oasis:names:tc:SAML:2.0:assertion"); xw.WriteAttributeString("Name", kvp.Key); xw.WriteStartElement("saml", "AttributeValue", "urn:oasis:names:tc:SAML:2.0:assertion"); //xw.WriteAttributeString("xsi:type", "xs:string"); xw.WriteString(kvp.Value); xw.WriteEndElement();//AttributeValue xw.WriteEndElement();//Attribute } xw.WriteEndElement();//AttributeStatement xw.WriteEndElement();//assertion xw.WriteStartElement("samlp", "Status", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteStartElement("samlp", "StatusCode", "urn:oasis:names:tc:SAML:2.0:protocol"); xw.WriteAttributeString("Value", SAMLResponse.status); xw.WriteEndElement(); xw.WriteEndElement(); xw.WriteEndElement(); } XmlDocument xmldoc = new XmlDocument(); xmldoc.LoadXml(sw.ToString()); X509Certificate2 xcert = new X509Certificate2(HttpRuntime.AppDomainAppPath + "\\" + "idp.pfx", "password"); AppendSignatureToXMLDocument(ref xmldoc, "", xcert); byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(xmldoc.OuterXml.ToString()); return System.Convert.ToBase64String(toEncodeAsBytes); } return null; }
public void SendSSO(HttpResponse httpResponse, string userName, IDictionary<string, string> attributes, AuthnRequest authnRequest) { string samlResponse = CreateSAMLResponse(userName, attributes, authnRequest); SendResponse(httpResponse, authnRequest.AssertionConsumerServiceURL, "SAMLResponse", samlResponse); }