We are IdP, and support SP-init SAML SSO.
We need your help to find a way to apply Mapping Rules onto Attributes , that we can supply when we send SAML Response with assertions.
We specifically needs this to our Office 365 integration as it needs Immutable ID
==== currently we have this static block , programmed at Office 365 SP config block , but perhaps due to this we are not able have more than 1 user. so need a to dynamically set this per user in the code handling while sending response
====
MappingRules = new List<SamlMappingRule>()
{
new SamlMappingRule()
{
Rule = "Clear",
}, new SamlMappingRule()
{
Rule = "Constant",
//The below ID is ImmutbaleID required by Office365.
// its nothing but sha256-value of user's subject name ID : in thsi example '
[email protected]'
Value = "3A0FB9244C536E981167610B175AC061458EE594D4C5C3BD8F19FAA699FE9251",
},
new SamlMappingRule()
{
Rule = "Constant",
Name = "IDPEmail",
Value = "
[email protected]",
}
},
============
// this function sends out SAML-assertion ( in response to SP-initiated SAML SSO)
// samlUserSubjectName is the federated users email id ( subject nameID string), and 'spName' is passed here
// to do some special handling for Immutable ID
private Task CompleteSsoAsync(string samlUserSubjectName, string spName)
{
// include some claims.
var attributes = new List<SamlAttribute>()
{
// How can I apply the attributes corresponding to the mapping rules ,
// that are statically set in ServiceProvider block as mentioned above
// and perhaps this is dynamic, the setup of attributes differ user to user
// the ImmutableID value , I can generate one based on 'userNAme' as string
// I just need a way to apply the mapping rules programmatically, dynamically
};
// The user is logged in at the identity provider.
// Respond to the authn request by sending a SAML response containing a SAML assertion to the SP.
return _samlIdentityProvider.SendSsoAsync(samlUserSubjectName, attributes);
}