gpt4 book ai didi

c# - 格式化 Saml2SecurityToken xml 以在标签中包含 saml

转载 作者:太空宇宙 更新时间:2023-11-03 13:13:55 27 4
gpt4 key购买 nike

我是 SAML 方面的新手。我写了一个代码来获取 XML 格式文件中的 Saml2SecurityToken。但是我得到的 xml 标签中不包含 SAML。

实际:

    <?xml version="1.0" encoding="utf-8"?>
<Assertion ID="_750e2198-2802-43ed-a6a8-3c991cdd1531" IssueInstant="2014-12-05T13:13:22.822Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
.....
</Assertion>

预期:

    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" ID="_7cfb8b12d1b08367d163fea9c81d8e98" IssueInstant="2014-03-20T17:54:10.107Z" Version="2.0">
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">THE_ISSUER_ID (Typically a URL)</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_23dcb09d50ddf580e2186836c0ffddff" IssueInstant="2014-03-20T17:54:10.099Z" Version="2.0">
.......
</saml2:Assertion>
</saml2p:Response>

这是我编写的用于生成安全 token 并写入文件的代码:

 public static void SsoRequest(string content, string arguments)
{
try
{
string identifier = Guid.NewGuid().ToString();
string _privateCertificatepath = Engine.ConfigFiles[SSO.SAMLConfigurationName]["PrivateCertificatePath"].Value;
byte[] _certificateByte = System.IO.File.ReadAllBytes(_privateCertificatepath);
string password = Engine.ConfigFiles[SSO.SAMLConfigurationName]["CertificatePassword"].Value; ;
string opfilepath = @"C:\test.xml";

Saml2SecurityToken token = GetSamlAssertionSignedWithCertificate(identifier, password, _certificateByte);
FileStream fs = new FileStream(opfilepath, FileMode.Create, FileAccess.Write);
XmlWriter xmlwriter = XmlWriter.Create(HttpContext.Current.Response.Output);
Saml2SecurityTokenHandler tokenHandler = new Saml2SecurityTokenHandler();
tokenHandler.WriteToken(xmlwriter, token);
xmlwriter.Flush();
xmlwriter.Close();
fs.Dispose();
}
catch (Exception ex)
{

}
HttpContext.Current.Response.Redirect("index.aspx", true);
}



public static Saml2SecurityToken GetSamlAssertionSignedWithCertificate(String nameIdentifierClaim, String password, Byte[] _certificateByte)
{
Saml2Assertion assertion = new Saml2Assertion(new Saml2NameIdentifier("http://www.example.com/"));
Saml2Conditions conditions = new Saml2Conditions();
conditions.NotBefore = DateTime.UtcNow;
conditions.NotOnOrAfter = DateTime.MaxValue;
assertion.Conditions = conditions;

Saml2Subject subject = new Saml2Subject();
subject.SubjectConfirmations.Add(new Saml2SubjectConfirmation(Saml2Constants.ConfirmationMethods.Bearer));
subject.NameId = new Saml2NameIdentifier(nameIdentifierClaim);
assertion.Subject = subject;

X509Certificate2 _cert = new X509Certificate2(_certificateByte, password, X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);
X509SigningCredentials clientSigningCredentials = new X509SigningCredentials(_cert);
assertion.SigningCredentials = clientSigningCredentials;
return new Saml2SecurityToken(assertion);
}

我是不是漏掉了什么?提前致谢。

最佳答案

至少从 XML 的角度来看,您不需要它。只要 xmlns 指向正确的 URI,就可以使用方便的任何别名(包括空/默认别名)指定 XML 命名空间。 URI(在本例中为 Oasis SAML URN)是唯一重要的东西。

所以这四个元素是 XML 等价的,大多数 XML 库甚至不提供区分它们的方法:

<Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" …

<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" …

<fnord:Assertion xmlns:fnord="urn:oasis:names:tc:SAML:2.0:assertion" …

<!-- by convention & convenience aliases are usually lowercase,
but don't have to be -->
<ZB:Assertion xmlns:ZB="urn:oasis:names:tc:SAML:2.0:assertion" …

任何需要特定命名空间别名的东西都可能是有人在进行他们自己的(错误的)XML 解析而不是使用标准库,这使得他们的整个 SOAP 和 SAML 堆栈受到怀疑。

关于c# - 格式化 Saml2SecurityToken xml 以在标签中包含 saml,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27317088/

27 4 0