Skip to content

Utilities that might be used to integrate your Web App with the SAML service provider

License

Notifications You must be signed in to change notification settings

optiklab/SAML-integration-utilities

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SAML-integration-utilities

Branch Status
master Build Status

What it's all about

The aim is to show how to initialize Single Sign-On integration using SAML version 2 standard from Identity Provider to Service Providers (or your web application with authentication mechanisms) using C# .NET 5.0.

How it works and what part of SAML workflow is covered

See my full artile on dev.to to understand full context.

Components

Metadata File Generator

Small application that allows to initialize integration with Service Provider by generating and sending metadata.xml file.

How to use

  1. First of all, you have to buy X.509 certificate (or maybe you already have one) in one of the publicly known vendors. This certificate should include both Private and Public keys and allow you to sign in the documents with it. You should have thumbprint identity of this certificate (find it in the certificate information).

  2. Then, simply run the app and follow the questions by putting your answers:

$> SamlIntegration.MetadataFileGenerator.exe
  1. After file is successfully generated, it will appear in the same Applcation directory.

  2. Provide metadata.xml and Public part of your certificate to the Service Provider.

Saml Integration Utilities class library

A set of utility classes

How to use

  1. Attach library or project to your project

  2. Follow the Service Provider requirements and comment/remove the steps that are not necessary (i.e. sign of Assertion or SAMLResponse documents, encryption of Assertion document).

  3. Attach SamlIntegrationSteps Utilities to your project, so you could use and modify it

  4. Modify list of attributes (Dictionary<string, string>) inside of SamlIntegrationSteps.BuildEncodedSamlResponse() according to the needs of your third-party vendor. Usually, it requires some kind of user identity and user profile information to be passed.

  5. In the client code (see IntegrationClientExample in the Example project) call SamlIntegrationSteps.BuildEncodedSamlResponse() to create SAMLResponse document ready for the authentication HTTP POST request.

  6. Parse HTTP response to find redirect URL and do the redirect, so user will be authenticated on the vendor side.

Follow

Ask questions using contacts shown here Anton Yarkov

Copyright

Copyright © 2021 Anton Yarkov. All rights reserved. Contacts: anton.yarkov@gmail.com

Licensed under the Apache License, Version 2.0 (the "License you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.