ComponentSpace

Forums



Saml Response with Signature - AzuHello I am building an API on top of Component space. My api...


Saml Response with Signature - AzuHello I am building an API on top of...

Author
Message
sap_vr
sap_vr
New Member
New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)

Group: Forum Members
Posts: 4, Visits: 8
Hello, I am building an API on top of  Component space. My api should return Complete SAML Response. I am using SamlIdentityProvider OnSamlResponseCreated event to capture response. I am able to see the response, but it is missing a signature tag in the response. Could anyone guide me on how to get a complete response including a signature?
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
OnSamlResponseCreated provides access to the SAML response object prior to any signing.

The OnSendMessage event provides access to the SAML response XML including any XML signature.


_samlIdentityProvider.Events.OnSendMessage += (httpContext, xmlElement) =>
{
  // Access the SAML response XML.
  return xmlElement;
};

 

Regards
ComponentSpace Development
sap_vr
sap_vr
New Member
New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)

Group: Forum Members
Posts: 4, Visits: 8
Thank you for your quick response. One more question, I am using  ComponentSpace inside an API to generate SAML Response.  I used SamlIdentityProvider.InitiateSsoAsync(userID: , relayState: ); to generate SAML Response.  The first error I got with the session store.  Since my API is stateless, it doesn't have any cookie or session To store. for a quick dirty fix is I override the session store and injected it into my dependency injection. Is there any inbuild store that I can use for API's that are state less?

public class IdentityDistributedSsoSessionStore : DistributedSsoSessionStore
  {
   private readonly IOptionsSnapshot<DistributedSsoSessionStoreOptions> _distributedSsoSessionStoreOptions;

   public IdentityDistributedSsoSessionStore(IOptionsSnapshot<DistributedSsoSessionStoreOptions> distributedSsoSessionStoreOptions,
    IDistributedCache distributedCache, IHttpRequest request, IHttpResponse response, ILoggerFactory loggerFactory)
    : base(distributedSsoSessionStoreOptions, distributedCache, request, response, loggerFactory)
   {
    _distributedSsoSessionStoreOptions = distributedSsoSessionStoreOptions;
   }

   public override string SessionID
   {
    get
    {

      string cookieValue = Guid.NewGuid().ToString();
//commented lines
      //AddCookie(_distributedSsoSessionStoreOptions.CookieName, cookieValue, _distributedSsoSessionStoreOptions.CookieOptions);
     // sessionID = cookieValue;
      return cookieValue;
    }
   }
  }


Dependency injection

services.AddScoped<ISsoSessionStore, IdentityDistributedSsoSessionStore>();

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
We don't include a stateless store.

We use a saml-session cookie and store state in the ISsoSessionStore in support of the SAML protocol.

If acting as the identity provider and supporting IdP-initiated SSO only, state information isn't required.

However, if you were to support SP-initiated SSO or SAML logout, state information is required. 

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search