Warning: file_get_contents(/data/phpspider/zhask/data//catemap/6/multithreading/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
C# SAML请求示例_C#_Asp.net_Saml_Saml 2.0 - Fatal编程技术网
Fatal编程技术网

C# SAML请求示例

c# asp.net

C# SAML请求示例,c#,asp.net,saml,saml-2.0,C#,Asp.net,Saml,Saml 2.0,我正在尝试使用以下格式的xml代码将SAML请求发送到URL <?xml version="1.0" encoding="UTF-8"?> <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="https://tawtheeq.sa/mybank1/ReceiveSAMLResponse" Destination="https://t

我正在尝试使用以下格式的xml代码将SAML请求发送到URL

<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="https://tawtheeq.sa/mybank1/ReceiveSAMLResponse" Destination="https://tawtheeq.sa/identity-gateway/ReceiveSAMLRequest" ForceAuthn="false" ID="_964484d741502e19a0b148d478a64050" IsPassive="false" IssueInstant="2018-06-04T12:46:07.860Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Version="2.0">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">MyBank1
</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
  <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#_964484d741502e19a0b148d478a64050">
    <ds:Transforms>
      <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
      <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml samlp"/></ds:Transform>
    </ds:Transforms>
    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <ds:DigestValue>B99CKUkHBSVelX86anIYMPaktnw=</ds:DigestValue>
  </ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
  G99wkwUJfBUAV06ll6xATNWdf+JnAzdr2RZcJ2+l5DWY6sboj5+hh93qFO6QQjnd+hN/Wqzb6yAwyt8qnGUaJRHAf/LWClTcTsAGKbB1UpIAVLK11hjaeRnlQLBTBQXhzcASdWTwOH9CpgRwJLyKK8C7
</ds:SignatureValue>
<ds:KeyInfo>
   <ds:X509Data>
    <ds:X509Certificate>
      MIIDaTCCAlGgAwIBAgIEB/lEIzANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQGEwJzYTEPMA0GA1UECBMGcml5YWRoMQ8wDQYDVQQHEwZyaXlhZGgxETAPBgNVBAoTCG15LWJhbmsxMQ0wCwYDVQQLEwRlcnNzMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTgwMjA1MTQzNzI0WhcNMTkwMTMxMTQzNzI0WjBlMQswCQYDVQQGEwJzYTEPMA0GA1UECBMGcml5YWRoMQ8wDQYDVQQHEwZyaXlhZGgxETAPBgNVBAoTCG15LWJhbmsxMQ0wCwYDVQQLEwRlcnNzMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3
    </ds:X509Certificate>
  </ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
<samlp:RequestedAuthnContext Comparison="exact">
<saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
</samlp:RequestedAuthnContext>
</samlp:AuthnRequest>
如果任何人都有SAML的经验,我只需要知道如何达到这种格式。如果您能与我分享有关此主题的文章,我将不胜感激。

一般来说(因为我不熟悉所提到的库):当您要向所谓的“SingleSignOn”端点发送SAML AuthnRequest时,必须创建SAMLRequest而不是SAMLResponse。您需要使用这样一个较低级别的SAML库有什么特殊原因吗?如果要构建符合SAMLv2的服务提供者,还必须实现所有SAMLReponse检查。这是相当大的努力。FWIW,请参阅checked.by.safabyte.net,其中显示Component Pro可能代表被盗SAML软件的最新版本。泰 
    private void SendTawtheeqRequest()
    {
        string ConsumerServiceUrl = "https://tawtheeq.sa:8443/identity-gateway-test/ReceiveSAMLRequest";

        // Create a SAML response object.
        var samlResponse = new Response();

        // Assign the consumer service url.
        //samlResponse.Id = "_" + Guid.NewGuid().ToString();
        samlResponse.Destination = ConsumerServiceUrl;
        //samlResponse.IssueInstant = DateTime.UtcNow;
        var issuer = new Issuer(GetAbsoluteUrl("~/"));
        samlResponse.Issuer = issuer;
        samlResponse.Status = new Status(SamlPrimaryStatusCode.Success, null);
        var samlAssertion = new Assertion();
        samlAssertion.Issuer = issuer;

        // Use the local user's local identity.
        var subject = new Subject(new NameId(User.Identity.Name));
        var subjectConfirmation = new SubjectConfirmation(SamlSubjectConfirmationMethod.Bearer);
        var subjectConfirmationData = new SubjectConfirmationData();
        subjectConfirmationData.Recipient = ConsumerServiceUrl;
        subjectConfirmation.SubjectConfirmationData = subjectConfirmationData;
        subject.SubjectConfirmations.Add(subjectConfirmation);
        samlAssertion.Subject = subject;

        // Create a new authentication statement.
        var authnStatement = new AuthnStatement();
        authnStatement.AuthnContext = new AuthnContext();
        authnStatement.AuthnContext.AuthnContextClassRef = new AuthnContextClassRef(SamlAuthenticationContext.Password);
        samlAssertion.Statements.Add(authnStatement);
        samlResponse.Assertions.Add(samlAssertion);


        //Signing created xml document
        var encryptingCert = new X509Certificate2(@"my_bank1_signed.p12");


        var Key = (RSACryptoServiceProvider)encryptingCert.PrivateKey;

        // Sign the SAML response with the certificate.
        samlResponse.Sign(Key, encryptingCert);
        // Send the SAML response to the service provider.

        Request.ContentType = "application/x-www-form-urlencoded";
        samlResponse.SendHttpPost(Response.OutputStream, ConsumerServiceUrl, "10");
    }