在C＃.NET 4.5与SAML 2.0工作 [英] Working with SAML 2.0 in C# .NET 4.5

问题描述

EDIT3，被撞TOP：我还没有发现我的解决方案100％，但相当该死接近。自回答以下

EDIT3, BUMPED TO TOP: I have not found my solution 100%, but pretty damn close. Self Answer below.

编辑：我发现我可以使用Saml2Assertion。但是，我无法找到一个办法让现在写XML的SAML消息

I have found I can use Saml2Assertion. However, I am unable to find a way to get the SAML message written to xml now.

EDIT2：我已经找到了如何写Saml2Assersion对象到XML。可悲的是，它不留SAML的语法，它在写入纯XML没有标签。

I have found how to write the Saml2Assersion object to xml. Sadly, it does not keep the SAML syntax, it writes in pure XML without tags.

我试图用纯.NET（无外部类，控制，佣工）创建一个SAML消息。我发现在interwebs一些代码;这是我有：

I am trying to use pure .NET (no external classes, controls, helpers) to create a SAML message. I found some code on the interwebs; this is what I have:

private static SamlAssertion createSamlAssertion()
{
    // Here we create some SAML assertion with ID and Issuer name. 
    SamlAssertion assertion = new SamlAssertion();
    assertion.AssertionId = "AssertionID";
    assertion.Issuer = "ISSUER";
    // Create some SAML subject. 
   SamlSubject samlSubject = new SamlSubject();
    samlSubject.Name = "My Subject";

    // 
    // Create one SAML attribute with few values. 
    SamlAttribute attr = new SamlAttribute();
    attr.Namespace = "http://daenet.eu/saml";
    attr.AttributeValues.Add("Some Value 1");
    //attr.AttributeValues.Add("Some Value 2");

    attr.Name = "My ATTR Value";

    // 
    // Now create the SAML statement containing one attribute and one subject. 
    SamlAttributeStatement samlAttributeStatement = new SamlAttributeStatement();
    samlAttributeStatement.Attributes.Add(attr);
    samlAttributeStatement.SamlSubject = samlSubject;

    // Append the statement to the SAML assertion. 
    assertion.Statements.Add(samlAttributeStatement);

    //return assertion
    return assertion;

}

和这里是我使用来获取XML代码

and here is the code I am using to get the XML:

var sb = new StringBuilder();
var settings = new XmlWriterSettings
{
    OmitXmlDeclaration = true,
    Encoding = Encoding.UTF8
};
using (var stringWriter = new StringWriter(sb))
using (var xmlWriter = XmlWriter.Create(stringWriter, settings))
using (var dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter))
{
    var samlAssertSerializer = new SamlSerializer();
    var secTokenSerializer = new WSSecurityTokenSerializer();
    assertion.WriteXml(
        dictionaryWriter,
        samlAssertSerializer,
        secTokenSerializer
    );
}

这看起来就像是去上班。然而，该消息产生的是SAML 1.0版 - 我需要2.0工作

This seemed like it was going to work. However, the message is produces is SAML version 1.0 - I need to work with 2.0.

我知道我可以做一些马虎的工作，在这里和那里替换一些值，这系统将正常工作。有消息中很少差异，版本是最重要的。
我有一个很难找到的SAML 2.0 .NET信息。我知道SAML 2.0是落实到.NET最近。我使用的框架4.5，所以我应该有机会获得它。对于SamlAssertion的MSDN页说，majorVersion是一个常数，始终设置为1。

I know I can do some sloppy work and replace some values here and there and this system would work fine. There are very little differences in the message, version being the most important. I am having a hard time finding information on SAML 2.0 for .NET. I do know SAML 2.0 was implemented into .NET recently. I am using Framework 4.5 so I should have access to it. The MSDN page for SamlAssertion says the "majorVersion" is a constant, always set to '1'.

我猜还有另外一个名字空间，我可以与合作，但我还没有找到它。
我的要求是刚刚拿到XML SAML消息。我不需要用X509签，我不需要令牌。就在SAML XML消息。

I'm guessing there is another namespace I could be working with, but I haven't found it. My requirement is just to get the XML SAML message. I don't need to sign with X509, I don't need the token. Just the SAML XML message.

再次，这是试图找出如何在本地.NET这样做的问题。我已经发现了几个帮手SAML和大量的关于如何建立manually-我试图找到正确的解决方案，如果它存在的消息代码。

Again, this is a question trying to find out how to do this in native .NET. I have found several SAML helpers and lots of code on how to build the message manually- I'm trying to find the CORRECT solution, if it exists.

推荐答案

.NET 4.5已经WIF（Windows标识基金会）内置到它。这现在支持SAML 2.0。
为了使SAML 2.0的使用，只要使用.NET 4.5。类名是Saml2XXXX（XXXX为令牌，断言，串行等）下面是SAML 2.0断言的链接： http://msdn.microsoft.com/en-us/library/microsoft.identitymodel.tokens.saml2.saml2assertion.aspx

.NET 4.5 has WIF (Windows Identity Foundation) built into it. This now supports SAML 2.0. To make use of SAML 2.0, just use .NET 4.5. The class name is Saml2XXXX (where XXXX is the token, assertion, serializer etc) Here is a link to SAML 2.0 Assertion: http://msdn.microsoft.com/en-us/library/microsoft.identitymodel.tokens.saml2.saml2assertion.aspx

这将创建一个SAML断言2.0对象。
要获得XML，这是我使用的代码：

This will create a SAML 2.0 Assertion object. To get the XML, this is the code I used:

using System.Xml;
using System.IdentityModel.Tokens;

namespace YOUR.SPACE
{
    public class Saml2Serializer : Saml2SecurityTokenHandler
    {
        public Saml2Serializer()
        {
            Configuration = new SecurityTokenHandlerConfiguration()
                {

                };
        }

        public void WriteSaml2Assertion(XmlWriter writer, Saml2Assertion data)
        {
            base.WriteAssertion(writer, data);
        }
    }
}

这将序列化断言对象为XML。这是我碰到的问题。 XML是将创建不包含SAML名称空间（例如< SAML：断言> ）。我是不是能够找到一个解决方案，所以替换（<，< SAML：）。必须用

This will serialize your assertion object into XML. This is where I ran into problems. The XML is will create does NOT contain the saml namespace (e.g. <saml:Assertion>). I was not able to find a solution for this, so a Replace("<", "<saml:") had to be used.

这篇关于在C＃.NET 4.5与SAML 2.0工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！