| Branch | Status |
|---|---|
| master |  |
The aim is to show how to initialize Single Sign-On integration using SAML version 2 standard from Identity Provider to Service Providers (or your web application with authentication mechanisms) using C# .NET 5.0.
See my full artile on dev.to to understand full context.
Small application that allows to initialize integration with Service Provider by generating and sending metadata.xml file.
-
First of all, you have to buy X.509 certificate (or maybe you already have one) in one of the publicly known vendors. This certificate should include both Private and Public keys and allow you to sign in the documents with it. You should have thumbprint identity of this certificate (find it in the certificate information).
-
Then, simply run the app and follow the questions by putting your answers:
$> SamlIntegration.MetadataFileGenerator.exe-
After file is successfully generated, it will appear in the same Applcation directory.
-
Provide metadata.xml and Public part of your certificate to the Service Provider.
A set of utility classes
-
Attach library or project to your project
-
Follow the Service Provider requirements and comment/remove the steps that are not necessary (i.e. sign of Assertion or SAMLResponse documents, encryption of Assertion document).
-
Attach SamlIntegrationSteps Utilities to your project, so you could use and modify it
-
Modify list of attributes (Dictionary<string, string>) inside of SamlIntegrationSteps.BuildEncodedSamlResponse() according to the needs of your third-party vendor. Usually, it requires some kind of user identity and user profile information to be passed.
-
In the client code (see IntegrationClientExample in the Example project) call SamlIntegrationSteps.BuildEncodedSamlResponse() to create SAMLResponse document ready for the authentication HTTP POST request.
-
Parse HTTP response to find redirect URL and do the redirect, so user will be authenticated on the vendor side.
Ask questions using contacts shown here Anton Yarkov
Copyright © 2021 Anton Yarkov. All rights reserved. Contacts: anton.yarkov@gmail.com
Licensed under the Apache License, Version 2.0 (the "License you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.