如何从Azure功能发出IdP SAML请求

我有一个简单的C#web应用程序，它被实现为一系列Azure函数。我希望能够将用户重定向到外部网站，当他们单击我的应用程序中的按钮时，使用SSO登录。外部网站是Absorb的一个实例。Absorb提供了使用商业产品ComponentSpace库通过SSO实现这一点的指南。

我想使用ITfoxtec SAML 2.0库，因为它是免费和开源的(尽管任何免费/开源库都可以(。

我的问题如下：

1. 如何将Saml2Assertion添加到Saml2AuthnResponse
2. 如何使用重定向绑定返回HttpResponseMessage

这是我迄今为止所拥有的：

[FunctionName("GoToAbsorb")]
public static async Task<HttpResponseMessage> Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = null)]HttpRequestMessage request, TraceWriter log)
{
//  User is authenticated and here.

//  SAML part starts here.
Saml2Configuration configuration = new Saml2Configuration();
configuration.SigningCertificate = GetCertificate(); // Returns an X509 Certificate
configuration.AllowedAudienceUris.Add(configuration.Issuer);
Saml2AuthnResponse samlResponse = new Saml2AuthnResponse(configuration);
samlResponse.Destination = new Uri("https://sample.myabsorb.com/account/saml");
samlResponse.Issuer = Environment.GetEnvironmentVariable("WEBSITE_SITE_NAME");
samlResponse.Status = ITfoxtec.Identity.Saml2.Schemas.Saml2StatusCodes.Success;
Saml2Subject subject = new Saml2Subject(new Saml2NameIdentifier("Id"));
subject.SubjectConfirmations.Add(new Saml2SubjectConfirmation(new Uri("https://sample.myabsorb.com/account/saml")));
var assertion = new Saml2Assertion(new Saml2NameIdentifier(Environment.GetEnvironmentVariable("WEBSITE_SITE_NAME")));
assertion.Conditions = new Saml2Conditions()
{
NotBefore = DateTime.Now,
NotOnOrAfter = DateTime.Now.AddMinutes(3),
};
assertion.Statements.Add(new Saml2AuthenticationStatement(new Saml2AuthenticationContext()
{
//  There does not appear to be an equivalent to the following line
//  AuthnContextClassRef = new AuthnContextClassRef(SAMLIdentifiers.AuthnContextClasses.Password)
}));

//  How do I add the assertion to the response?

Saml2RedirectBinding redirectBinding = new Saml2RedirectBinding();
redirectBinding.Bind(samlResponse);

//  What do I return as the response message?
return new HttpResponseMessage(...);
}