获取 SamlSecurityToken 的发行者 [英] Get the issuer of a SamlSecurityToken
问题描述
我有一个 WIF RP,配置了多个受信任的颁发者,例如:
<add thumbprint="..." name="Issuer1"/><add thumbprint="..." name="Issuer2"/></trustedIssuers> 我正在尝试了解令牌来自哪个特定发行者.我希望 IssuerNameRegistry.GetIssuerName(...) 会做技巧,但它似乎返回 null,除非提供的令牌是 X509SecurityToken.
在 WSFederationAuthenticationModule 的 SecurityTokenReceived 事件中,我观察到以下内容;
收到的 SamlSecurityToken 公开了一个 SamlAssertion,它有一个私有字段 _issuerToken,类型为 X509SecurityToken.>
所以,信息似乎就在那里,我只是无法掌握.
简而言之,我如何确定哪个受信任的发行者发行了令牌?任何帮助表示赞赏.
附上!我知道令牌尚未在 SecurityTokenReceived 事件中得到验证.我最好在验证令牌后获取此信息.
谢谢 Eugenio,你为我指明了正确的方向.结果证明发行人包含在声明中,在 Claim.Issuer Property,仔细想想这很有意义——您可能会收到来自不同发行人的索赔.
使用示例配置:
<add thumbprint="..." name="Issuer1"/><add thumbprint="..." name="Issuer2"/></trustedIssuers> 如果声明来自Issuer1",Claim.Issuer 属性返回Issuer1".
谢谢各位.
I have a WIF RP, with multiple trusted issuers configured, e.g:
<trustedIssuers>
<add thumbprint="..." name="Issuer1" />
<add thumbprint="..." name="Issuer2" />
</trustedIssuers>
I'm trying to get hold of which particular issuer a token came from. I was hoping the IssuerNameRegistry.GetIssuerName(...) would do the trick, but it seems to return null unless the supplied token is a an X509SecurityToken.
In the WSFederationAuthenticationModule's SecurityTokenReceived event I observe the following;
The received SamlSecurityToken exposes a SamlAssertion which has a private field _issuerToken, of type X509SecurityToken.
So, the information is there it seems, I'm just not able to get hold of it.
In short, how do I figure out which trusted issuer issued the token? Any help appreciated.
PS! I'm aware that the token has not yet been validated in the SecurityTokenReceived event. I would preferably get this information after the token has been validated.
Thanks Eugenio, you pointed me in the right direction. Turns out the issuer is included in the claim, in the Claim.Issuer Property, which makes perfect sense when you think about it — you might have claims from different issuers.
So with the example config:
<trustedIssuers>
<add thumbprint="..." name="Issuer1" />
<add thumbprint="..." name="Issuer2" />
</trustedIssuers>
The Claim.Issuer property returns "Issuer1" if the claim came from "Issuer1".
Thanks guys.
这篇关于获取 SamlSecurityToken 的发行者的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
