SAML SSO Library - Google as an IDP

0
Hi, I need some guidance on how to integrate my C# WebForms (SP) with Google as an IDP. The sample provided it the SAML SSO Library only show C# Web App (IDP) calling Google Apps (SP). Thanks, James
 
asked 6/1/2021 4:46:27 PM
add a comment

1 Answers

0
Hi, can use example here to connect to Google IdP private AuthnRequest BuildAuthenticationRequest(HttpContext context, LoginViewModel model) { string issuerUrl = Util.GetAbsoluteUrl(context, "~/"); // Construct the assertion Consumer Service Url. string assertionConsumerServiceUrl = string.Format("{0}?{1}={2}", Util.GetAbsoluteUrl(context, "~/AssertionService"), Util.BindingVarName, HttpUtility.UrlEncode(model.IdpToSPBindingList)); // Create the authentication request. AuthnRequest authnRequest = new AuthnRequest(); authnRequest.Destination = Global.SingleSignonIdProviderUrl; authnRequest.Issuer = new Issuer(issuerUrl); authnRequest.ForceAuthn = false; authnRequest.NameIdPolicy = new NameIdPolicy(null, null, true); authnRequest.ProtocolBinding = model.IdpToSPBindingList; authnRequest.AssertionConsumerServiceUrl = assertionConsumerServiceUrl; if (model.SpToIdPBinding != SamlBindingUri.HttpRedirect) { // Get the certificate X509Certificate2 x509Certificate = Global.SpCert; // Sign the authentication request. authnRequest.Sign(x509Certificate); } return authnRequest; } protected void IdPLogin(HttpContext context, LoginViewModel model) { // Create the authentication request. AuthnRequest authnRequest = BuildAuthenticationRequest(context, model); // Create and cache the relay state so we remember which SP resource the user wishes // to access after SSO. string spResourceUrl = Util.GetAbsoluteUrl(context, "/"); string relayState = Guid.NewGuid().ToString(); SamlSettings.CacheProvider.Insert(relayState, spResourceUrl, new TimeSpan(1, 0, 0)); // Send the authentication request to the identity provider over the selected binding. string idpUrl = string.Format("{0}?{1}={2}", Global.SingleSignonIdProviderUrl, Util.BindingVarName, HttpUtility.UrlEncode(model.SpToIdPBinding)); switch (model.SpToIdPBinding) { case SamlBindingUri.HttpRedirect: X509Certificate2 x509Certificate = Global.SpCert; authnRequest.Redirect(Response, idpUrl, relayState, x509Certificate.PrivateKey); break; case SamlBindingUri.HttpPost: authnRequest.SendHttpPost(Response, idpUrl, relayState); break; case SamlBindingUri.HttpArtifact: // Create the artifact. string identificationUrl = Util.GetAbsoluteUrl(context, "~/"); Saml2ArtifactType0004 httpArtifact = new Saml2ArtifactType0004(SamlArtifact.GetSourceId(identificationUrl), SamlArtifact.GetHandle()); // Cache the authentication request for subsequent sending using the artifact resolution protocol. SamlSettings.CacheProvider.Insert(httpArtifact.ToString(), authnRequest.GetXml(), new TimeSpan(1, 0, 0)); // Send the artifact. httpArtifact.Redirect(Response, idpUrl, relayState); break; } }
 
answered 6/15/2021 9:00:52 AM
add a comment

Your Answer

Not the answer you're looking for? Browse other questions tagged saml or ask your own question.