从C#代码使用SAML2.0的CustomBinding
我有一个由政府机构提供的wsdl,我用它来使用服务。 我使用以下程序: 我创建了一个CustomBinding,其中包含用于身份验证的必要证书。代码如下:从C#代码使用SAML2.0的CustomBinding,c#,soap,saml-2.0,C#,Soap,Saml 2.0,我有一个由政府机构提供的wsdl,我用它来使用服务。 我使用以下程序: 我创建了一个CustomBinding,其中包含用于身份验证的必要证书。代码如下: var sec = new AsymmetricSecurityBindingElement( new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.Never), n
var sec = new AsymmetricSecurityBindingElement(
new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.Never),
new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.AlwaysToRecipient));
sec.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
sec.SecurityHeaderLayout = SecurityHeaderLayout.Strict;
sec.IncludeTimestamp = true;
sec.SetKeyDerivation(false);
sec.KeyEntropyMode = System.ServiceModel.Security.SecurityKeyEntropyMode.ServerEntropy;
sec.EnableUnsecuredResponse = true;
CustomBinding myBinding = new CustomBinding();
myBinding.Elements.Add(sec);
myBinding.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8));
myBinding.Elements.Add(new HttpsTransportBindingElement());
这段代码创建了一个带有标题的Soap,但只正确插入了安全标签。在这个标记之前,我必须插入一个Action标记,然后插入一个断言。Action标记我不知道如何插入它,我创建了一个SAML 2.0断言,如下所示:
Saml2Assertion oAssertion = new Saml2Assertion(new Saml2NameIdentifier("MY"));
oAssertion.Subject = new Saml2Subject(new Saml2NameIdentifier("ident"));
Saml2Conditions asCondition = new Saml2Conditions();
asCondition.NotBefore = DateTime.Now;
asCondition.NotOnOrAfter = DateTime.Now.AddMinutes(15);
oAssertion.Conditions = asCondition;
Saml2AuthenticationStatement asAuthnStatement = new Saml2AuthenticationStatement(new Saml2AuthenticationContext());
oAssertion.Statements.Add(asAuthnStatement);
如果可能的话,我希望仅使用C#代码获得一个Soap,其组成如下:
带有标记ACTION、ASSERTION和Security(我已经有了)的头,如下面的示例(Body标记由Wsdl正确生成):
http://www.webdoc.com/Schemas/aDoc
我的公司
mycompany.domain.com
//+/+/+rrgZ/+/dUqjOTh1Y5/aa6aghnv4gbtpibbu3rt5ab43h9/iA9R5Ww==
2020-11-12T16:15:27Z
2020-11-12T16:52:27Z
C7gJl6wyxhpGZ4aCIbFnBPtOj+o=
dgs6uIJ++/h//==
SDFSFS45%%A==
mydoc.xml.p7m
经核准的
有可能得到我想要的吗?我的推理错了吗?感谢所有想帮助我的人。您可以删除此问题,因为您提出了相同的问题:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://www.webdoc.com/Schemas/aDoc</Action>
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" saml:ID="authorization-assertion" saml:IssueInstant="2020-11-12T09:10:27Z" saml:Version="2.0" wsu:Id="authorization-assertion" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:assertion saml-schema-assertion-2.0.xsd">
<saml:Issuer>MY COMPANY</saml:Issuer>
<saml:Subject>
<saml:nameID>mycompany.domain.com</saml:nameID>
</saml:Subject>
<saml:AuthzDecisionStatement Decision="Permit" Resource="IDocument">
<saml:Action Namespace="http://webservice:8080/REC/DocService"/>
</saml:AuthzDecisionStatement>
<saml:AttributeStatement/>
</saml:Assertion>
<wsse:Security s:mustUnderstand="1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="cert">//+/+/+rrgZ/+/dUqjOTh1Y5/Aa6aghNVv4gbtpiBbu3RT5aB43h9/iA9R5Ww==</wsse:BinarySecurityToken>
<wsu:Timestamp wsu:Id="timestamp">
<wsu:Created>2020-11-12T16:15:27Z</wsu:Created>
<wsu:Expires>2020-11-12T16:52:27Z</wsu:Expires>
</wsu:Timestamp>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="s" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</CanonicalizationMethod>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#timestamp">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="wsse s" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>C7gJl6wyxhpGZ4aCIbFnBPtOj+o=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>dgs6uIJ+++/h//==</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#cert"/>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</s:Header>
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<addDocument xmlns="http://www.sist.puglia.it/Schemas/PDD_SIST/SCATEL/FSE/">
<document>
<document>sdsdfsfsferr45%%A==</document>
<documentName>mydoc.xml.p7m</documentName>
<status>Approved</status>
</document>
</addDocument>
</s:Body>
</s:Envelope>