缺少“ <ec:inclusivenamespaces ..” =“” in =“” authnrequest =“” saml =“” request =“”

时间:2018-12-24 08:30:13

标签: c# single-sign-on saml-2.0

=“”

我正在使用C#代码为服务提供商构建AuthnRequest请求。 签名SAML请求后,将生成如下消息:

.............
.............
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc- c14n#"/>
 <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
 <Reference URI="">
 <Transforms>
    <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
    <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
 </Transforms>
 <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
 <DigestValue>sivkexKCvqK7xEEjgOaMf1D98vU=</DigestValue>
 </Reference>
 </SignedInfo>
 ................

我期望:

.............
.............
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc- c14n#"/>
 <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
 <Reference URI="">
 <Transforms>
    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
        <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml samlp"/>
     </ds:Transform>
 </Transforms>
 <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
 <DigestValue>sivkexKCvqK7xEEjgOaMf1D98vU=</DigestValue>
 </Reference>
 </SignedInfo>
 ................

签名XML C#方法:

      public static string SignXml(XmlDocument Document, X509Certificate2 cert)
    {
        SignedXml signedXml = new SignedXml(Document);
        signedXml.SigningKey = cert.PrivateKey;
        Reference reference = new Reference {Uri = ""};
        XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(true);
        reference.AddTransform(env);
        var transform = new XmlDsigC14NTransform(true)
        {
            Algorithm = SignedXml.XmlDsigExcC14NTransformUrl
        };
        reference.AddTransform(transform);
        KeyInfo keyInfo = new KeyInfo();
        KeyInfoX509Data keyInfoData = new KeyInfoX509Data(cert);
        keyInfo.AddClause(keyInfoData);
        signedXml.KeyInfo = keyInfo;
        signedXml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
        signedXml.AddReference(reference);
        // Compute the signature.
        signedXml.ComputeSignature();
        // Add it to an rest XML ....
        XmlElement xmlDigitalSignature = signedXml.GetXml();
        ///////////////// END OF XML Part
        var nsmgr = new XmlNamespaceManager(Document.NameTable);
        nsmgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
        var nl = Document.SelectSingleNode("//saml:Issuer", nsmgr);
        //XmlNode xElt = Document.SelectSingleNode("//saml:Issuer");
        Document.DocumentElement.InsertAfter(Document.ImportNode(xmlDigitalSignature, true), nl);
        //Document.DocumentElement.AppendChild(Document.ImportNode(xmlDigitalSignature, true));
        return Document.InnerXml;
    }

如何实现上述预期的XML消息。 感谢您的帮助。

0 个答案:

没有答案
相关问题
最新问题