private void ValidateLogoutViaPost(System.Collections.Specialized.NameValueCollection requestParams, out string message, out LogoutResponse response) { var parser = new HttpPostBindingParser(requestParams); logger.DebugFormat(TraceMessages.LogoutResponsePostBindingParse, parser.Message); response = Serialization.DeserializeFromXmlString<LogoutResponse>(parser.Message); var idp = IdpSelectionUtil.RetrieveIDPConfiguration(response.Issuer.Value, config); if (idp.Metadata == null) { logger.ErrorFormat(ErrorMessages.UnknownIdentityProvider, idp.Id); throw new Saml20Exception(string.Format(ErrorMessages.UnknownIdentityProvider, idp.Id)); } if (!parser.IsSigned) { logger.Error(ErrorMessages.ResponseSignatureMissing); throw new Saml20Exception(ErrorMessages.ResponseSignatureMissing); } // signature on final message in logout if (!parser.CheckSignature(idp.Metadata.Keys)) { logger.Error(ErrorMessages.ResponseSignatureInvalid); throw new Saml20Exception(ErrorMessages.ResponseSignatureInvalid); } message = parser.Message; }
/// <summary> /// Initializes a new instance of the <see cref="Saml20LogoutResponse"/> class. /// </summary> public Saml20LogoutResponse() { Response = new LogoutResponse { Version = Saml20Constants.Version, ID = "id" + Guid.NewGuid().ToString("N"), Issuer = new NameId(), IssueInstant = DateTime.Now, Status = new Status { StatusCode = new StatusCode() } }; }
private void ValidateLogoutViaGet(Uri requestUrl, out string message, out LogoutResponse response) { var parser = new HttpRedirectBindingParser(requestUrl); response = Serialization.DeserializeFromXmlString<LogoutResponse>(parser.Message); logger.DebugFormat(TraceMessages.LogoutResponseRedirectBindingParse, parser.Message, parser.SignatureAlgorithm, parser.Signature); var idp = IdpSelectionUtil.RetrieveIDPConfiguration(response.Issuer.Value, config); if (idp.Metadata == null) { logger.ErrorFormat(ErrorMessages.UnknownIdentityProvider, idp.Id); throw new Saml20Exception(string.Format(ErrorMessages.UnknownIdentityProvider, idp.Id)); } if (!parser.VerifySignature(idp.Metadata.Keys)) { logger.Error(ErrorMessages.ResponseSignatureInvalid); throw new Saml20Exception(ErrorMessages.ResponseSignatureInvalid); } message = parser.Message; }