Verify SAML Conditions

0
Hello, I'm trying to figure out how to validate time conditions for inbound single sign-on to our system, ie. external system users get logged into our site. How do I check these conditions w/ a populated Response object? Eg. var response = new Response(encodedSamlResponse); // Need to validate NotBefore and NotOnOrAfter - if fails, reject the user I see documentation for SubjectConfirmationData - IsWithinTimePeriod, how do I get an instance of the subject confirmation from a given response? Thanks!
 
asked 12/6/2018 8:33:39 PM
add a comment

1 Answers

0
Hello, You can retrieve it the the `Assertion` object of the `Response` as shown in the following code snippet: Assertion assertion; ... attributeStatement.Subject.SubjectConfirmationData In case you would want to create one, check the following code: // Create a new instance of the Assertion class. Assertion assertion = new Assertion(); // Set Issuer assertion.Issuer = "urn:test"; // Set Conditions assertion.Conditions = new Conditions(new TimeSpan(1, 0, 0)); // Create an AuthenticationStatement. AuthenticationStatement authenticationStatement = new AuthenticationStatement(AuthenticationMethodIdenfifiers.Password); NameIdentifier nameIdentifier = new NameIdentifier("urn:test", NameIdentifierFormats.X509SubjectName, "uid=test,ou=People,dc=test,dc=com"); SubjectConfirmation subjectConfirmation = new SubjectConfirmation(ConfirmationMethods.Bearer); authenticationStatement.Subject = new Subject(nameIdentifier, subjectConfirmation); // Add the AuthenticationStatement to the Assertion. assertion.Statements.Add(authenticationStatement); // Add attributes to the Assertion. AttributeStatement attributeStatement = new AttributeStatement(); attributeStatement.Subject = authenticationStatement.Subject; attributeStatement.Attributes.Add(new ComponentPro.Saml1.Attribute("email", "urn:test", "john@test.com")); attributeStatement.Attributes.Add(new ComponentPro.Saml1.Attribute("FirstName", "urn:test", "John")); attributeStatement.Attributes.Add(new ComponentPro.Saml1.Attribute("LastName", "urn:test", "Vu")); assertion.Statements.Add(attributeStatement); return assertion;
 
answered 12/12/2018 4:26:42 PM
add a comment

Your Answer

Not the answer you're looking for? Browse other questions tagged saml or ask your own question.