public GenericXmlSecurityToken Authenticate(ClaimsIdentity identity, string appliesTo) { var encryptingCert = _configuration.AdfsIntegration.EncryptionCertificate; // create new token var proof = CreateProofDescriptor(encryptingCert); var outputToken = CreateOutputSamlToken(identity, proof, encryptingCert); // turn token into a generic xml security token var outputTokenString = outputToken.ToTokenXmlString(); // create attached and unattached references var handler = new SamlSecurityTokenHandler(); var ar = handler.CreateSecurityTokenReference(outputToken, true); var uar = handler.CreateSecurityTokenReference(outputToken, false); var xmlToken = new GenericXmlSecurityToken( GetElement(outputTokenString), new BinarySecretSecurityToken(proof.GetKeyBytes()), DateTime.UtcNow, DateTime.UtcNow.AddHours(1), ar, uar, new ReadOnlyCollection<IAuthorizationPolicy>(new List<IAuthorizationPolicy>())); // send to ADFS federation endpoint return RequestFederationToken(xmlToken, appliesTo) as GenericXmlSecurityToken; }