用于SAML2断言的Net Framework库。我能够使用.net库创建SAML2xml。但我现在的需求是生成SAML2断言的元数据,以便提供给客户端进行开发。是否有任何.net框架方法可以从SAML断言对象生成SAML2元数据?
我已将System.IdentityModel.Tokens Saml2Assertion((类用于SAML断言。我知道有一个.net库可以创建metdata,即System.IdentityModel.Metadata,并从该库创建EntityDescriptor。但我也不想手动创建元数据。根据我的理解,理想情况下,SAML2元数据应该从SAML断言xml/对象生成,而无需任何手动干预。我只是想看看有没有办法用任何.net库来实现这一点,因为我在任何地方都无法对其进行罚款。
我使用的是.net Framework-4.8断言代码:
private static Saml2Assertion createSamlAssertion()
{
// Here we create some SAML assertion with ID and Issuer name.
Saml2NameIdentifier nameidentifier = new Saml2NameIdentifier("XXX");
Saml2Assertion assertion = new Saml2Assertion(nameidentifier);
assertionid = "SamlAssertion-" + Guid.NewGuid().ToString();
assertion.Id = new Saml2Id(assertionid);
assertion.Issuer = new Saml2NameIdentifier("XXXX");
assertion.IssueInstant = Framework.ApplicationTime.GetCurrentTime();
// Create some SAML subject.
Saml2SubjectConfirmation subcon = new Saml2SubjectConfirmation(new Uri("urn:oasis:names:tc:SAML:2.0:cm:bearer"));
subcon.Method = new Uri("urn:oasis:names:tc:SAML:2.0:cm:bearer");
subcon.NameIdentifier = new Saml2NameIdentifier("XXXX");
Saml2SubjectConfirmationData subcondata = new Saml2SubjectConfirmationData();
subcondata.NotBefore = GetCurrentTime();
subcondata.NotOnOrAfter = GetCurrentTime().AddMinutes(60);
subcon.SubjectConfirmationData = subcondata;
Saml2Subject samlSubject = new Saml2Subject(subcon);
samlSubject.NameId = new Saml2NameIdentifier("XXXX");
assertion.Subject = samlSubject;
//
// Create one SAML attribute with few values.
// Now create the SAML statement containing one attribute and one subject.
Saml2AttributeStatement samlAttributeStatement = new Saml2AttributeStatement();
samlAttributeStatement.Attributes.Add(attr);
attr = new Saml2Attribute("First Name");
attr.Values.Add("JOHN");
attr.Name = "First Name";
attr.NameFormat = new Uri("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
samlAttributeStatement.Attributes.Add(attr);
attr = new Saml2Attribute("Name");
attr.Values.Add("");
attr.Name = "Name";
attr.NameFormat = new Uri("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
samlAttributeStatement.Attributes.Add(attr);
attr = new Saml2Attribute("Street Name 1");
attr.Values.Add("35 MAIN ST");
attr.Name = "Street Name 1";
attr.NameFormat = new Uri("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
samlAttributeStatement.Attributes.Add(attr);
attr = new Saml2Attribute("Street Name 2");
attr.Values.Add("APT 204");
attr.Name = "Street Name 2";
attr.NameFormat = new Uri("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
samlAttributeStatement.Attributes.Add(attr);
attr = new Saml2Attribute("City Name");
attr.Values.Add("LEXINGTON");
attr.Name = "City Name";
attr.NameFormat = new Uri("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
samlAttributeStatement.Attributes.Add(attr);
attr = new Saml2Attribute("Zip Code");
attr.Values.Add("405117883");
attr.Name = "Zip Code";
attr.NameFormat = new Uri("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
samlAttributeStatement.Attributes.Add(attr);
attr = new Saml2Attribute("Contact Email Address");
attr.Values.Add("john.doe@email.com");
attr.Name = "Contact Email Address";
attr.NameFormat = new Uri("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
samlAttributeStatement.Attributes.Add(attr);
attributes = samlAttributeStatement.Attributes;
// Append the statement to the SAML assertion.
assertion.Statements.Add(samlAttributeStatement);
Saml2AuthenticationContext authcon = new Saml2AuthenticationContext();
authcon.ClassReference = new Uri("urn:oasis:names:tc:SAML:2.0:ac:classes:Password");
Saml2AuthenticationStatement auth = new Saml2AuthenticationStatement(authcon);
auth.AuthenticationInstant = GetCurrentTime();
assertion.Statements.Add(auth);
return assertion;
}
一些SAML客户端库可以做到这一点。
我已经使用Sustainsys和ComponentSpace来生成元数据。