我想通过使用SAML 2.0协议而不是WSTrust获得SAML 2.0令牌。使用了ADFS 3.0。是否有任何nuget软件包或其他库可以实现这一目标?
当前代码正在使用WSTrust和KERBEROS:
WSTrustChannelFactory trustChannelFactory = null;
var bindingElementCollection = new BindingElementCollection();
bindingElementCollection.Add(SecurityBindingElement.CreateKerberosOverTransportBindingElement());
trustChannelFactory = new WSTrustChannelFactory
(
new CustomBinding(bindingElementCollection),
new EndpointAddress(kerberosmixedendpoint)
);
trustChannelFactory.Credentials.Windows.ClientCredential = CredentialCache.DefaultNetworkCredentials;
trustChannelFactory.TrustVersion = TrustVersion.WSTrust13;
var requestSecurityToken = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = new EndpointReference(Url),
KeyType = KeyTypes.Bearer,
};
var channel = (WSTrustChannel)trustChannelFactory.CreateChannel();
var securityToken = await Task<GenericXmlSecurityToken>.Factory.FromAsync(
channel.BeginIssue, ar =>
{
GenericXmlSecurityToken token = null;
try
{
token = channel.EndIssue(ar, out RequestSecurityTokenResponse response)
as GenericXmlSecurityToken;
}
catch (Exception ex)
{
}
return token as GenericXmlSecurityToken;
},
requestSecurityToken,
null
);
result = securityToken?.TokenXml?.OuterXml;
所以我需要使用诸如securityToken?.TokenXml?.OuterXml之类的东西,但要使用SAMLP协议。我不能使用WIF,因为它不支持SAML 2.0协议。
答案 0 :(得分:0)
您可以在项目的以下位置添加可用的代码文件,以获得对构造SAML请求,解密和验证SAML响应,读取SAML断言等所需的所有基本方法调用的访问权限。
https://github.com/onelogin/dotnet-saml/tree/master/App_Code