您好,我正在尝试实现一个ASP Net Core service provider,当anonymous请求时,用户会向他们授予digital certificate(一个.pfx文件)来填充然后将此证书发送到identity provider端点进行验证。
我不了解创建XML文档必须使用的方式或库。
启动
public class Startup {
public Startup(IConfiguration configuration) {
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services) {
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(o => o.LoginPath = new Microsoft.AspNetCore.Http.PathString("/api/index"));
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env) {
app.UseHttpsRedirection();
app.UseMvc();
app.UseAuthentication();
}
}
控制器
[ApiController]
public class MainController : ControllerBase {
// GET api/values
[HttpGet]
[Authorize]
[Route("api/index")]
public async Task<string> Index() {
var claims = new[] { new Claim(ClaimTypes.Name, "MyUserNameOrId"), new Claim(ClaimTypes.Role, "user") };
var identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var request = WebRequest.Create(Constants.IDP);
var requeststream=request.GetRequestStream();
var xml = "Generate the xml somehow using the pfx file";
await requeststream.WriteAsync(Encoding.UTF8.GetBytes(xml), CancellationToken.None);
var response=await request.GetRequestStreamAsync();
using(StreamReader reader=new StreamReader(response)) {
string str = await reader.ReadToEndAsync();
return str;
}
}
}
PS 到目前为止,我唯一拥有的资源是Identity Provider网址和一个.pfx文件。
我已经尝试了以下文章,但是对于像我这样的初学者来说太复杂了。
https://blog.scottlogic.com/2015/11/19/oauth2-with-saml2.html
P.S.2 :这对手头的任务有好处吗:Microsoft.IdentityModel.Tokens.Saml