从C#代码使用SAML2.0的CustomBinding_C#_Soap_Saml 2.0

从C#代码使用SAML2.0的CustomBinding

c# soap

从C#代码使用SAML2.0的CustomBinding,c#,soap,saml-2.0,C#,Soap,Saml 2.0,我有一个由政府机构提供的wsdl，我用它来使用服务。我使用以下程序：我创建了一个CustomBinding，其中包含用于身份验证的必要证书。代码如下： var sec = new AsymmetricSecurityBindingElement( new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.Never), n

我有一个由政府机构提供的wsdl，我用它来使用服务。我使用以下程序：我创建了一个CustomBinding，其中包含用于身份验证的必要证书。代码如下：

 var sec = new AsymmetricSecurityBindingElement(
           new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.Never),
           new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Any, SecurityTokenInclusionMode.AlwaysToRecipient));
sec.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
sec.SecurityHeaderLayout = SecurityHeaderLayout.Strict;
sec.IncludeTimestamp = true;
sec.SetKeyDerivation(false);
sec.KeyEntropyMode = System.ServiceModel.Security.SecurityKeyEntropyMode.ServerEntropy;
sec.EnableUnsecuredResponse = true;              
CustomBinding myBinding = new CustomBinding();
myBinding.Elements.Add(sec);
myBinding.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8));
myBinding.Elements.Add(new HttpsTransportBindingElement());

这段代码创建了一个带有标题的Soap，但只正确插入了安全标签。在这个标记之前，我必须插入一个Action标记，然后插入一个断言。Action标记我不知道如何插入它，我创建了一个SAML 2.0断言，如下所示：

Saml2Assertion oAssertion = new Saml2Assertion(new Saml2NameIdentifier("MY"));
oAssertion.Subject = new Saml2Subject(new Saml2NameIdentifier("ident"));
Saml2Conditions asCondition = new Saml2Conditions();
asCondition.NotBefore = DateTime.Now;
asCondition.NotOnOrAfter = DateTime.Now.AddMinutes(15);
oAssertion.Conditions = asCondition;
Saml2AuthenticationStatement asAuthnStatement = new Saml2AuthenticationStatement(new Saml2AuthenticationContext());
oAssertion.Statements.Add(asAuthnStatement);

如果可能的话，我希望仅使用C#代码获得一个Soap，其组成如下：带有标记ACTION、ASSERTION和Security（我已经有了）的头，如下面的示例（Body标记由Wsdl正确生成）：


http://www.webdoc.com/Schemas/aDoc
我的公司
mycompany.domain.com
//+/+/+rrgZ/+/dUqjOTh1Y5/aa6aghnv4gbtpibbu3rt5ab43h9/iA9R5Ww==
2020-11-12T16:15:27Z
2020-11-12T16:52:27Z
C7gJl6wyxhpGZ4aCIbFnBPtOj+o=
dgs6uIJ++/h//==
SDFSFS45%%A==
mydoc.xml.p7m
经核准的

有可能得到我想要的吗？我的推理错了吗？感谢所有想帮助我的人。

您可以删除此问题，因为您提出了相同的问题：

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
    <Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://www.webdoc.com/Schemas/aDoc</Action>
    <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" saml:ID="authorization-assertion" saml:IssueInstant="2020-11-12T09:10:27Z" saml:Version="2.0" wsu:Id="authorization-assertion" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:assertion saml-schema-assertion-2.0.xsd">
        <saml:Issuer>MY COMPANY</saml:Issuer>
        <saml:Subject>
            <saml:nameID>mycompany.domain.com</saml:nameID>
        </saml:Subject>
        <saml:AuthzDecisionStatement Decision="Permit" Resource="IDocument">
            <saml:Action Namespace="http://webservice:8080/REC/DocService"/>
        </saml:AuthzDecisionStatement>
        <saml:AttributeStatement/>
    </saml:Assertion>
    <wsse:Security s:mustUnderstand="1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
        <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="cert">//+/+/+rrgZ/+/dUqjOTh1Y5/Aa6aghNVv4gbtpiBbu3RT5aB43h9/iA9R5Ww==</wsse:BinarySecurityToken>
        <wsu:Timestamp wsu:Id="timestamp">
            <wsu:Created>2020-11-12T16:15:27Z</wsu:Created>
            <wsu:Expires>2020-11-12T16:52:27Z</wsu:Expires>
        </wsu:Timestamp>
        <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
            <SignedInfo>
                <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                    <InclusiveNamespaces PrefixList="s" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </CanonicalizationMethod>
                <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                <Reference URI="#timestamp">
                    <Transforms>
                        <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                            <InclusiveNamespaces PrefixList="wsse s" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                        </Transform>
                    </Transforms>
                    <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <DigestValue>C7gJl6wyxhpGZ4aCIbFnBPtOj+o=</DigestValue>
                </Reference>
            </SignedInfo>
            <SignatureValue>dgs6uIJ+++/h//==</SignatureValue>
            <KeyInfo>
                <wsse:SecurityTokenReference>
                    <wsse:Reference URI="#cert"/>
                </wsse:SecurityTokenReference>
            </KeyInfo>
        </Signature>
    </wsse:Security>
</s:Header>
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <addDocument xmlns="http://www.sist.puglia.it/Schemas/PDD_SIST/SCATEL/FSE/">
        <document>
            <document>sdsdfsfsferr45%%A==</document>
            <documentName>mydoc.xml.p7m</documentName>
            <status>Approved</status>
        </document>
    </addDocument>
</s:Body>
</s:Envelope>