使用ComponentSpace SAML签名和发布请求

时间:2018-09-10 13:47:31

标签: saml-2.0 component-space

我正在使用组件空间库创建SAML请求并对其进行签名,然后将其发布到URL,但是由于我需要使用RSA算法密钥,因此请求未成功发布,但是到目前为止,我发现它不可用在SamlKeyAlgorithm中,我还需要将“密钥大小”更改为2048,以下是我用来发送请求的方法。

    private void SendTawtheeqRequest()
    {
        string ConsumerServiceUrl = "https://tawtheeq.sa:8443/identity-gateway-test/ReceiveSAMLRequest";

        // Create a SAML response object.
        Response samlResponse = new Response();
        // Assign the consumer service url.
        samlResponse.Destination = ConsumerServiceUrl;
        Issuer issuer = new Issuer(GetAbsoluteUrl("~/"));
        samlResponse.Issuer = issuer;
        samlResponse.Status = new Status(SamlPrimaryStatusCode.Success, null);
        Assertion samlAssertion = new Assertion();
        samlAssertion.Issuer = issuer;
        // Use the local user's local identity.
        Subject subject = new Subject(new NameId(User.Identity.Name));
        SubjectConfirmation subjectConfirmation = new SubjectConfirmation(SamlSubjectConfirmationMethod.Bearer);
        SubjectConfirmationData subjectConfirmationData = new SubjectConfirmationData();
        subjectConfirmationData.Recipient = ConsumerServiceUrl;
        subjectConfirmation.SubjectConfirmationData = subjectConfirmationData;
        subject.SubjectConfirmations.Add(subjectConfirmation);
        samlAssertion.Subject = subject;
        // Create a new authentication statement.
        AuthnStatement authnStatement = new AuthnStatement();
        authnStatement.AuthnContext = new AuthnContext();
        authnStatement.AuthnContext.AuthnContextClassRef = new AuthnContextClassRef(SamlAuthenticationContext.Password);
        samlAssertion.Statements.Add(authnStatement);

        X509Certificate2 encryptingCert = new X509Certificate2(Path.Combine(HttpRuntime.AppDomainAppPath, "my-bank1-public.cer"));
        EncryptedAssertion encryptedSamlAssertion = new EncryptedAssertion(samlAssertion, encryptingCert, new EncryptionMethod(SamlKeyAlgorithm.TripleDesCbc));



        samlResponse.Assertions.Add(encryptedSamlAssertion);
        samlResponse.Assertions.Add(samlAssertion);
        samlResponse.SendHttpPost(Response.OutputStream, ConsumerServiceUrl, "10");
    }

0 个答案:

没有答案