/// <summary> /// Raised when the SAML 2.0 response parameter has been detected. /// </summary> /// <param name="url">URL of the page.</param> /// <param name="query">The parsed query of the URL.</param> /// <param name="fragment">The parsed fragment of the URL.</param> /// <param name="formParams">Form parameters, including the 'SAMLResponse'.</param> protected override void OnRedirectPageLoaded(Uri url, System.Collections.Generic.IDictionary <string, string> query, System.Collections.Generic.IDictionary <string, string> fragment, IDictionary <string, string> formParams) { string base64SamlAssertion = formParams.ContainsKey("SAMLResponse") ? formParams ["SAMLResponse"] : string.Empty; byte[] xmlSamlAssertionBytes = Convert.FromBase64String(base64SamlAssertion); string xmlSamlAssertion = System.Text.UTF8Encoding.Default.GetString(xmlSamlAssertionBytes); XmlDocument xDoc = new XmlDocument(); xDoc.PreserveWhitespace = true; xDoc.LoadXml(xmlSamlAssertion); XmlElement responseElement = (XmlElement)xDoc.SelectSingleNode("//*[local-name()='Response']"); #if DEBUG Console.WriteLine("{0}", responseElement.OuterXml); #endif XmlElement assertionElement = (XmlElement)xDoc.SelectSingleNode("//*[local-name()='Assertion']"); if (assertionElement != null) { #if DEBUG Console.WriteLine("{0}", assertionElement.OuterXml); #endif Saml20Assertion samlAssertion = new Saml20Assertion(assertionElement, null, AssertionProfile.Core, false, false); List <AsymmetricAlgorithm> trustedIssuers = new List <AsymmetricAlgorithm>(1); foreach (KeyDescriptor key in _idpMetadata.Keys) { System.Security.Cryptography.Xml.KeyInfo ki = (System.Security.Cryptography.Xml.KeyInfo)key.KeyInfo; foreach (KeyInfoClause clause in ki) { AsymmetricAlgorithm aa = XmlSignatureUtils.ExtractKey(clause); trustedIssuers.Add(aa); } } try { samlAssertion.CheckValid(trustedIssuers); SamlAccount sa = new SamlAccount(samlAssertion, responseElement); OnSucceeded(sa); } catch (Saml20Exception samlEx) { Console.WriteLine(samlEx); OnError(samlEx.Message); } catch (Exception ex) { Console.WriteLine(ex); OnError(ex.Message); } } else { OnError("No SAML Assertion Found");; } }
/// <summary> /// Gets the bearer assertion authorization grant parameters. This is typically /// used to request an OAuth access token. /// </summary> /// <returns>The URL-encoded assertion parameters.</returns> public string GetBearerAssertionAuthorizationGrantParams() { StringBuilder args = new StringBuilder(); args.AppendFormat("grant_type={0}", HttpUtility.UrlEncode(AUTHORIZATION_GRANT_TYPE)); string base64Assertion = SamlAccount.ToBase64ForUrlString( Encoding.UTF8.GetBytes(_saml20Assertion.XmlAssertion.OuterXml) ); args.AppendFormat("&assertion={0}", base64Assertion); return(args.ToString()); }
/// <summary> /// Gets the bearer assertion client authentication parameters. /// </summary> /// <returns>The URL-encoded client assertion parameters.</returns> public string GetBearerAssertionClientAuthenticationParams() { StringBuilder args = new StringBuilder(); args.AppendFormat("client_assertion_type={0}", HttpUtility.UrlEncode(CLIENT_ASSERTION_TYPE)); string base64Assertion = SamlAccount.ToBase64ForUrlString( Encoding.UTF8.GetBytes(_saml20Assertion.XmlAssertion.OuterXml) ); args.AppendFormat("&client_assertion={0}", base64Assertion); return(args.ToString()); }
/// <summary> /// Initializes a new instance of the <see cref="Symplified.Auth.Saml20Authenticator"/> class. /// </summary> /// <param name="spName">Service Provider name.</param> /// <param name="idpMetadata">Identity Provider metadata.</param> public Saml20Authenticator(string spName, Saml20MetadataDocument idpMetadata) : base(PLACEHOLDER_URI, PLACEHOLDER_URI) { _spName = (string.IsNullOrEmpty(spName)) ? "symplified-mobile-sp" : spName; _idpMetadata = idpMetadata; Saml20AuthnRequest authnRequest = Saml20AuthnRequest.GetDefault(_spName); byte[] xmlBytes = UTF8Encoding.Default.GetBytes(authnRequest.GetXml().OuterXml); string base64XmlString = SamlAccount.ToBase64ForUrlString(xmlBytes); initialUrl = new Uri( String.Format( "{0}&SAMLRequest={1}", _idpMetadata.SSOEndpoint(SAMLBinding.POST).Url, base64XmlString ) ); }
/// <summary> /// Raised when the SAML 2.0 response parameter has been detected. /// </summary> /// <param name="url">URL of the page.</param> /// <param name="query">The parsed query of the URL.</param> /// <param name="fragment">The parsed fragment of the URL.</param> /// <param name="formParams">Form parameters, including the 'SAMLResponse'.</param> protected override void OnRedirectPageLoaded (Uri url, System.Collections.Generic.IDictionary<string, string> query, System.Collections.Generic.IDictionary<string, string> fragment, IDictionary<string, string> formParams) { string base64SamlAssertion = formParams.ContainsKey ("SAMLResponse") ? formParams ["SAMLResponse"] : string.Empty; byte[] xmlSamlAssertionBytes = Convert.FromBase64String (base64SamlAssertion); string xmlSamlAssertion = System.Text.UTF8Encoding.Default.GetString (xmlSamlAssertionBytes); XmlDocument xDoc = new XmlDocument (); xDoc.PreserveWhitespace = true; xDoc.LoadXml (xmlSamlAssertion); XmlElement responseElement = (XmlElement)xDoc.SelectSingleNode ("//*[local-name()='Response']"); #if DEBUG Console.WriteLine ("{0}", responseElement.OuterXml); #endif XmlElement assertionElement = (XmlElement)xDoc.SelectSingleNode ("//*[local-name()='Assertion']"); if (assertionElement != null) { #if DEBUG Console.WriteLine ("{0}", assertionElement.OuterXml); #endif Saml20Assertion samlAssertion = new Saml20Assertion (assertionElement, null, AssertionProfile.Core, false, false); List<AsymmetricAlgorithm> trustedIssuers = new List<AsymmetricAlgorithm>(1); foreach (KeyDescriptor key in _idpMetadata.Keys) { System.Security.Cryptography.Xml.KeyInfo ki = (System.Security.Cryptography.Xml.KeyInfo) key.KeyInfo; foreach (KeyInfoClause clause in ki) { AsymmetricAlgorithm aa = XmlSignatureUtils.ExtractKey(clause); trustedIssuers.Add(aa); } } try { samlAssertion.CheckValid (trustedIssuers); SamlAccount sa = new SamlAccount (samlAssertion, responseElement); OnSucceeded (sa); } catch (Saml20Exception samlEx) { Console.WriteLine (samlEx); OnError (samlEx.Message); } catch (Exception ex) { Console.WriteLine (ex); OnError (ex.Message); } } else { OnError ("No SAML Assertion Found"); ; } }