ComponentSpace

Forums



how to get SP name in IDP controller functions, during SSO flow


how to get SP name in IDP controller functions, during SSO flow

Author
Message
raju
raju
New Member
New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)

Group: Awaiting Activation
Posts: 10, Visits: 41
Hi,
   We use ComponentSpace IDP to interop with SAML SPs, and in our logic we need to extract out SP name , for each SSO flow, in each of the below functions :


SingleSignOnServiceCompletion()

CompleteSsoAsync()

Please note that I was able to extract the SP name in other function: SingleSignOnService()  ==> these two lines work for me
                           IdpSsoResult result = await _samlIdentityProvider.ReceiveSsoAsync();

                           string sp = result.PartnerName;

Can you please advise how I can get the same in the top two functions

The above functions refer to the  following code:
======================
using ComponentSpace.Saml2;
using ComponentSpace.Saml2.Assertions;
using ExampleIdentityProvider.Data;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using System.Collections.Generic;
using System.Security.Claims;
using System.Threading.Tasks;

namespace ExampleIdentityProvider.Controllers
{
  public class SamlController : Controller
  {
   private readonly ISamlIdentityProvider _samlIdentityProvider;
   private readonly SignInManager<ApplicationUser> _signInManager;

   public SamlController(ISamlIdentityProvider samlIdentityProvider, SignInManager<ApplicationUser> signInManager)
   {
    _samlIdentityProvider = samlIdentityProvider;
    _signInManager = signInManager;
   }

   public async Task<ActionResult> SingleSignOnService()
   {
    // Receive the authn request from the service provider (SP-initiated SSO).
    await _samlIdentityProvider.ReceiveSsoAsync();

    // If the user is logged in at the identity provider, complete SSO immediately.
    // Otherwise have the user login before completing SSO.
    if (User.Identity.IsAuthenticated)
    {
      await CompleteSsoAsync();

      return new EmptyResult();
    }
    else
    {
      return RedirectToAction("SingleSignOnServiceCompletion");
    }
   }

   [Authorize]
   public async Task<ActionResult> SingleSignOnServiceCompletion()
   {
    await CompleteSsoAsync();

    return new EmptyResult();
   }

   public async Task<ActionResult> SingleLogoutService()
   {
    // Receive the single logout request or response.
    // If a request is received then single logout is being initiated by a partner service provider.
    // If a response is received then this is in response to single logout having been initiated by the identity provider.
    var sloResult = await _samlIdentityProvider.ReceiveSloAsync();

    if (sloResult.IsResponse)
    {
      if (sloResult.HasCompleted)
      {
       // IdP-initiated SLO has completed.
       return RedirectToPage("/Index");
      }
    }
    else
    {
      // Logout locally.
      await _signInManager.SignOutAsync();

      // Respond to the SP-initiated SLO request indicating successful logout.
      await _samlIdentityProvider.SendSloAsync();
    }

    return new EmptyResult();
   }

   public async Task<ActionResult> ArtifactResolutionService()
   {
    // Resolve the HTTP artifact.
    // This is only required if supporting the HTTP-Artifact binding.
    await _samlIdentityProvider.ResolveArtifactAsync();

    return new EmptyResult();
   }

   private Task CompleteSsoAsync()
   {
    // Get the name of the logged in user.
    var userName = User.Identity.Name;

    // For demonstration purposes, include some claims.
    var attributes = new List<SamlAttribute>()
    {
      //new SamlAttribute(ClaimTypes.GivenName, ((ClaimsIdentity)User.Identity).FindFirst(ClaimTypes.GivenName).Value),
      //new SamlAttribute(ClaimTypes.Surname, ((ClaimsIdentity)User.Identity).FindFirst(ClaimTypes.Surname).Value)
      new SamlAttribute(ClaimTypes.GivenName, "user"),
      new SamlAttribute(ClaimTypes.Surname, "user")
    };

    // The user is logged in at the identity provider.
    // Respond to the authn request by sending a SAML response containing a SAML assertion to the SP.
    return _samlIdentityProvider.SendSsoAsync(userName, attributes);
   }
  }
}

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)

Group: Administrators
Posts: 2.8K, Visits: 8.8K
The best option is to save the SP name in your application so you can retrieve it in those methods.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Social Logins

Select a Forum....









Forums, Documentation & Knowledge Base - ComponentSpace


Search