我们正在尝试使用Web服务连接到外部HIE(健康信息交换)。他们正在使用SAML令牌和证书进行验证。 HIE已安装了我们的证书,我们正在使用以下代码来调用HIE的服务端点。 。每当我尝试下面的代码段时,都会收到授权错误或400错误的请求?如果需要其他帮助吗?
string endPoint = @"https://www.test.com";
string key2 = @"Cert.pfx";
string filepath = @"SOAPrequest.xml";
TextReader xmlRead = new StreamReader(filepath);
string payLoad = xmlRead.ReadToEnd();
xmlRead.Close();
// Cert Issues by Our Organization
X509Certificate2 cert2 = new X509Certificate2(key2, @"Password");
var assert = new Saml2Assertion(new Saml2NameIdentifier(@"ourOrg.com"));
assert.SigningCredentials = new X509SigningCredentials(cert2);
assert.Subject = new Saml2Subject();
assert.Subject.NameId = new Saml2NameIdentifier(@"Our Organization") { Value = "ourorg" };
assert.Id = new Saml2Id();
assert.IssueInstant = DateTime.Now;
Saml2Attribute org = new Saml2Attribute("urn:oasis:names:tc:xspa:1.0:subject:organization");
// Adding atrribute values
var item = new Saml2AttributeStatement();
item.Attributes.Add(org);
assert.Statements
.Add(item);
// Write the token to XML
Saml2SecurityToken saml2 = new Saml2SecurityToken(assert);
StringBuilder bld = new StringBuilder();
XmlWriter wr = XmlWriter.Create(bld);
WSSecurityTokenSerializer serializer = new System.ServiceModel.Security.WSSecurityTokenSerializer();
Saml2SecurityTokenHandler hdlr = new Saml2SecurityTokenHandler();
hdlr.WriteToken(wr, saml2);
// Add the PFX Certificate
ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(endPoint);
req.AllowAutoRedirect = true;
req.ClientCertificates.Add(cert2);
// Add SAML
req.Headers[HttpRequestHeader.Authorization] = bld.ToString();
req.Method = "POST";
req.ContentType = "text/xml;encoding='utf-8'";
WebResponse resp = req.GetResponse();
TIA 问候 尚卡拉