Class SAMLServiceProvider

Provides Service Provider (SP) support for web browser single sign-on.

Inheritance

object

SAMLServiceProvider

Inherited Members

object.ToString()

object.Equals(object)

object.Equals(object, object)

object.ReferenceEquals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

Namespace: ComponentSpace.SAML2

Assembly: ComponentSpace.Saml2.dll

Syntax

public static class SAMLServiceProvider

Methods

CanSLO()

Indicates whether the service provider can single logout to one or more identity providers.

To single logout, one or more identity providers must have successfully completed SSO and also support SLO.

Declaration

public static bool CanSLO()

Returns

Type	Description
bool	`true` if single logout can occur; otherwise `false`.

CanSLO(string)

Indicates whether the service provider can single logout to an indentity provider.

To single logout, the indentity provider must have successfully completed SSO and also support SLO.

Declaration

public static bool CanSLO(string partnerIdP)

Parameters

Type	Name	Description
string	partnerIdP	The partner indentity provider name.

Returns

Type	Description
bool	`true` if single logout can occur; otherwise `false`.

GetPartnersPendingResponse()

Gets the names of the partner identity providers to which a sign-on or logout response is pending.

Declaration

public static string[] GetPartnersPendingResponse()

Returns

Type	Description
string[]	The names of the partner identity providers or `null` if none.

InitiateSLO(HttpResponse, string, string)

Initiates single logout from the service provider to the identity provider (ie. SP-initiated SLO).

A logout request is sent to the identity provider.

Declaration

public static void InitiateSLO(HttpResponse httpResponse, string logoutReason, string relayState)

Parameters

Type	Name	Description
HttpResponse	httpResponse	The HTTP response.
string	logoutReason	The logout reason or `null` if none.
string	relayState	The relay state or `null` if none.

Exceptions

Type	Condition
SAMLException	Thrown when the single logout fails.

InitiateSLO(HttpResponse, string, string, string)

Initiates single logout from the service provider to the identity provider (ie. SP-initiated SLO).

An logout request is sent to the identity provider.

Declaration

public static void InitiateSLO(HttpResponse httpResponse, string logoutReason, string relayState, string partnerIdP)

Parameters

Type	Name	Description
HttpResponse	httpResponse	The HTTP response.
string	logoutReason	The logout reason or `null` if none.
string	relayState	The relay state or `null` if none.
string	partnerIdP	The partner identity provider name or `null`.

Exceptions

Type	Condition
SAMLException	Thrown when the single logout fails.

InitiateSLO(HttpResponseBase, string, string)

Initiates single logout from the service provider to the identity provider (ie. SP-initiated SLO).

A logout request is sent to the identity provider.

Declaration

public static void InitiateSLO(HttpResponseBase httpResponse, string logoutReason, string relayState)

Parameters

Type	Name	Description
HttpResponseBase	httpResponse	The HTTP response.
string	logoutReason	The logout reason or `null` if none.
string	relayState	The relay state or `null` if none.

Exceptions

Type	Condition
SAMLException	Thrown when the single logout fails.

InitiateSLO(HttpResponseBase, string, string, string)

Initiates single logout from the service provider to the identity provider (ie. SP-initiated SLO).

An logout request is sent to the identity provider.

Declaration

public static void InitiateSLO(HttpResponseBase httpResponse, string logoutReason, string relayState, string partnerIdP)

Parameters

Type	Name	Description
HttpResponseBase	httpResponse	The HTTP response.
string	logoutReason	The logout reason or `null` if none.
string	relayState	The relay state or `null` if none.
string	partnerIdP	The partner identity provider name or `null`.

Exceptions

Type	Condition
SAMLException	Thrown when the single logout fails.

InitiateSSO(HttpResponse)

Initiates single sign-on from the service provider to the identity provider (ie. SP-initiated SSO).

An authn request is sent to the identity provider.

Declaration

public static void InitiateSSO(HttpResponse httpResponse)

Parameters

Type	Name	Description
HttpResponse	httpResponse	The HTTP response.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

InitiateSSO(HttpResponse, string, string)

Initiates single sign-on from the service provider to the identity provider (ie. SP-initiated SSO).

An authn request is sent to the identity provider.

Declaration

public static void InitiateSSO(HttpResponse httpResponse, string relayState, string partnerIdP)

Parameters

Type	Name	Description
HttpResponse	httpResponse	The HTTP response.
string	relayState	The relay state or `null` if none.
string	partnerIdP	The partner identity provider name or `null`.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

InitiateSSO(HttpResponse, string, string, SSOOptions)

Initiates single sign-on from the service provider to the identity provider (ie. SP-initiated SSO).

An authn request is sent to the identity provider.

Declaration

public static void InitiateSSO(HttpResponse httpResponse, string relayState, string partnerIdP, SSOOptions ssoOptions)

Parameters

Type	Name	Description
HttpResponse	httpResponse	The HTTP response.
string	relayState	The relay state or `null` if none.
string	partnerIdP	The partner identity provider name or `null`.
SSOOptions	ssoOptions	The SSO options or `null`.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

InitiateSSO(HttpResponse, string, string, SSOOptions, string, string)

Initiates single sign-on from the service provider to the identity provider (ie. SP-initiated SSO).

An authn request is sent to the identity provider.

Declaration

public static void InitiateSSO(HttpResponse httpResponse, string relayState, string partnerIdP, SSOOptions ssoOptions, string assertionConsumerServiceUrl, string singleSignOnServiceUrl)

Parameters

Type	Name	Description
HttpResponse	httpResponse	The HTTP response.
string	relayState	The relay state or `null` if none.
string	partnerIdP	The partner identity provider name or `null`.
SSOOptions	ssoOptions	The SSO options or `null`.
string	assertionConsumerServiceUrl	The assertion consumer service URL or `null` if the configured URL is to be used.
string	singleSignOnServiceUrl	The single sign-on service URL or `null` if the configured URL is to be used.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

InitiateSSO(HttpResponseBase)

Initiates single sign-on from the service provider to the identity provider (ie. SP-initiated SSO).

An authn request is sent to the identity provider.

Declaration

public static void InitiateSSO(HttpResponseBase httpResponse)

Parameters

Type	Name	Description
HttpResponseBase	httpResponse	The HTTP response.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

InitiateSSO(HttpResponseBase, string, string)

Initiates single sign-on from the service provider to the identity provider (ie. SP-initiated SSO).

An authn request is sent to the identity provider.

Declaration

public static void InitiateSSO(HttpResponseBase httpResponse, string relayState, string partnerIdP)

Parameters

Type	Name	Description
HttpResponseBase	httpResponse	The HTTP response.
string	relayState	The relay state or `null` if none.
string	partnerIdP	The partner identity provider name or `null`.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

InitiateSSO(HttpResponseBase, string, string, SSOOptions)

Initiates single sign-on from the service provider to the identity provider (ie. SP-initiated SSO).

An authn request is sent to the identity provider.

Declaration

public static void InitiateSSO(HttpResponseBase httpResponse, string relayState, string partnerIdP, SSOOptions ssoOptions)

Parameters

Type	Name	Description
HttpResponseBase	httpResponse	The HTTP response.
string	relayState	The relay state or `null` if none.
string	partnerIdP	The partner identity provider name or `null`.
SSOOptions	ssoOptions	The SSO options or `null`.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

InitiateSSO(HttpResponseBase, string, string, SSOOptions, string, string)

Initiates single sign-on from the service provider to the identity provider (ie. SP-initiated SSO).

An authn request is sent to the identity provider.

Declaration

public static void InitiateSSO(HttpResponseBase httpResponse, string relayState, string partnerIdP, SSOOptions ssoOptions, string assertionConsumerServiceUrl, string singleSignOnServiceUrl)

Parameters

Type	Name	Description
HttpResponseBase	httpResponse	The HTTP response.
string	relayState	The relay state or `null` if none.
string	partnerIdP	The partner identity provider name or `null`.
SSOOptions	ssoOptions	The SSO options or `null`.
string	assertionConsumerServiceUrl	The assertion consumer service URL or `null` if the configured URL is to be used.
string	singleSignOnServiceUrl	The single sign-on service URL or `null` if the configured URL is to be used.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

IsSLOCompletionPending()

Indicates whether a single logout response to an identity provider is pending.

Single logout is pending if a logout request has been received from an identity provider and a logout response is pending or a logout request has been sent to an identity provider and a logout response is pending.

Declaration

public static bool IsSLOCompletionPending()

Returns

Type	Description
bool	`true` if single logout is pending; otherwise `false`.

IsSLOCompletionPending(string)

Indicates whether a single logout response to an identity provider is pending.

Single logout is pending if a logout request has been received from an identity provider and a logout response is pending a logout request has been sent to an identity provider and a logout response is pending.

Declaration

public static bool IsSLOCompletionPending(string partnerIdP)

Parameters

Type	Name	Description
string	partnerIdP	The partner identity provider name.

Returns

Type	Description
bool	`true` if single logout is pending; otherwise `false`.

IsSSO()

Indicates whether the service provider is currently single signed-on to an identity provider.

Declaration

public static bool IsSSO()

Returns

Type	Description
bool	`true` if currently single signed-on; otherwise `false`.

IsSSO(string)

Indicates whether the service provider is currently single signed-on to an identity provider.

Declaration

public static bool IsSSO(string partnerIdP)

Parameters

Type	Name	Description
string	partnerIdP	The partner identity provider name.

Returns

Type	Description
bool	`true` if currently single signed-on; otherwise `false`.

IsSSOCompletionPending()

Indicates whether single sign-on to an identity provider is pending.

Single sign-on is pending if an authn request has been sent to an identity provider and a SAML response is pending.

Declaration

public static bool IsSSOCompletionPending()

Returns

Type	Description
bool	`true` if single sign-on is pending; otherwise `false`.

IsSSOCompletionPending(string)

Indicates whether single sign-on to an identity provider is pending.

Single sign-on is pending if an authn request has been sent to an identity provider and a SAML response is pending.

Declaration

public static bool IsSSOCompletionPending(string partnerIdP)

Parameters

Type	Name	Description
string	partnerIdP	The partner identity provider name.

Returns

Type	Description
bool	`true` if single sign-on is pending; otherwise `false`.

ReceiveSLO(HttpRequest, out bool, out string, out string, out string)

Receives a single logout request (ie. IdP-initiated SLO) or single logout response (ie. SP-initiated SLO) from an identity provider.

Declaration

public static void ReceiveSLO(HttpRequest httpRequest, out bool isRequest, out string logoutReason, out string partnerIdP, out string relayState)

Parameters

Type	Name	Description
HttpRequest	httpRequest	The HTTP request.
bool	isRequest	`true` if a logout request has been received; otherwise `false` if a logout response has been received.
string	logoutReason	The reason associated with the logout request or `null` if none.
string	partnerIdP	The partner identity provider name.
string	relayState	The relay state or `null` if none.

Exceptions

Type	Condition
SAMLException	Thrown when the single logout fails.

ReceiveSLO(HttpRequestBase, out bool, out string, out string, out string)

Receives a single logout request (ie. IdP-initiated SLO) or single logout response (ie. SP-initiated SLO) from an identity provider.

Declaration

public static void ReceiveSLO(HttpRequestBase httpRequest, out bool isRequest, out string logoutReason, out string partnerIdP, out string relayState)

Parameters

Type	Name	Description
HttpRequestBase	httpRequest	The HTTP request.
bool	isRequest	`true` if a logout request has been received; otherwise `false` if a logout response has been received.
string	logoutReason	The reason associated with the logout request or `null` if none.
string	partnerIdP	The partner identity provider name.
string	relayState	The relay state or `null` if none.

Exceptions

Type	Condition
SAMLException	Thrown when the single logout fails.

ReceiveSSO(HttpRequest, out bool, out string, out string, out string, out SAMLAttribute[], out string)

Receives a single sign-on response from the identity provider (ie. IdP-initiated or SP-initiated SSO).

Declaration

public static void ReceiveSSO(HttpRequest httpRequest, out bool isInResponseTo, out string partnerIdP, out string authnContext, out string userName, out SAMLAttribute[] attributes, out string relayState)

Parameters

Type	Name	Description
HttpRequest	httpRequest	The HTTP request.
bool	isInResponseTo	`true` if the SAML response is in response to an authn request; otherwise `false`.
string	partnerIdP	The partner identity provider name.
string	authnContext	The authentication context identifying how the user was authenticated.
string	userName	The user name in the SAML assertion.
SAMLAttribute[]	attributes	The attributes in the SAML assertion or `null` if none.
string	relayState	The relay state or `null` if none.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

ReceiveSSO(HttpRequest, out bool, out string, out string, out string, out IDictionary<string, string>, out string)

Receives a single sign-on response from the identity provider (ie. IdP-initiated or SP-initiated SSO).

Declaration

public static void ReceiveSSO(HttpRequest httpRequest, out bool isInResponseTo, out string partnerIdP, out string authnContext, out string userName, out IDictionary<string, string> attributes, out string relayState)

Parameters

Type	Name	Description
HttpRequest	httpRequest	The HTTP request.
bool	isInResponseTo	`true` if the SAML response is in response to an authn request; otherwise `false`.
string	partnerIdP	The partner identity provider name.
string	authnContext	The authentication context identifying how the user was authenticated.
string	userName	The user name in the SAML assertion.
IDictionary<string, string>	attributes	The attributes in the SAML assertion or `null` if none.
string	relayState	The relay state or `null` if none.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

ReceiveSSO(HttpRequestBase, out bool, out string, out string, out string, out SAMLAttribute[], out string)

Receives a single sign-on response from the identity provider (ie. IdP-initiated or SP-initiated SSO).

Declaration

public static void ReceiveSSO(HttpRequestBase httpRequest, out bool isInResponseTo, out string partnerIdP, out string authnContext, out string userName, out SAMLAttribute[] attributes, out string relayState)

Parameters

Type	Name	Description
HttpRequestBase	httpRequest	The HTTP request.
bool	isInResponseTo	`true` if the SAML response is in response to an authn request; otherwise `false`.
string	partnerIdP	The partner identity provider name.
string	authnContext	The authentication context identifying how the user was authenticated.
string	userName	The user name in the SAML assertion.
SAMLAttribute[]	attributes	The attributes in the SAML assertion or `null` if none.
string	relayState	The relay state or `null` if none.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

ReceiveSSO(HttpRequestBase, out bool, out string, out string, out string, out IDictionary<string, string>, out string)

Receives a single sign-on response from the identity provider (ie. IdP-initiated or SP-initiated SSO).

Declaration

public static void ReceiveSSO(HttpRequestBase httpRequest, out bool isInResponseTo, out string partnerIdP, out string authnContext, out string userName, out IDictionary<string, string> attributes, out string relayState)

Parameters

Type	Name	Description
HttpRequestBase	httpRequest	The HTTP request.
bool	isInResponseTo	`true` if the SAML response is in response to an authn request; otherwise `false`.
string	partnerIdP	The partner identity provider name.
string	authnContext	The authentication context identifying how the user was authenticated.
string	userName	The user name in the SAML assertion.
IDictionary<string, string>	attributes	The attributes in the SAML assertion or `null` if none.
string	relayState	The relay state or `null` if none.

Exceptions

Type	Condition
SAMLException	Thrown when the single sign-on fails.

SendSLO(HttpResponse, string)

Sends a single logout response to the identity provider (ie IdP-initiated SLO).

Declaration

public static void SendSLO(HttpResponse httpResponse, string errorMessage)

Parameters

Type	Name	Description
HttpResponse	httpResponse	The HTTP response.
string	errorMessage	The error message or `null` if logout was successful.

SendSLO(HttpResponseBase, string)

Sends a single logout response to the identity provider (ie IdP-initiated SLO).

Declaration

public static void SendSLO(HttpResponseBase httpResponse, string errorMessage)

Parameters

Type	Name	Description
HttpResponseBase	httpResponse	The HTTP response.
string	errorMessage	The error message or `null` if logout was successful.