tciss
tciss
Reputation Top 1%
tciss
2 Snippets  (244th place)
Published
1 Channel
Created
5 Channels
Following
Feb 15, 2018
Last Visit
Apr 2, 2014
Registered
3346 points  (28th place)
Reputation
Junior Code Generator
Serious Code Generator
Junior Popular Coder
Junior Autobiographer
Junior Famous Coder
Junior Wise Coder

Recent Snippets See all snippets by tciss

public by tciss created Jan 23, 2018  1210  1  5  0

Create SAML2 Assertion

//-----------------------------------------------------------------------
// <copyright file="SAML20Assertion.cs" company="CoverMyMeds">
//  Copyright (c) 2012 CoverMyMeds.  All rights reserved.
//  This code is presented as reference material only.
// </copyright>
//-----------------------------------------------------------------------

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Xml;
using System.Xml.Serialization;
using System.Security.Cryptography.X509Certificates;
using System.Security.Cryptography.Xml;
using System.IO;
using CoverMyMeds.SAML.Library.Schema;

namespace CoverMyMeds.SAML.Library {

    /// <summary>
    /// Encapsulate functionality for building a SAML Response using the Schema object
    ///     created by xsd.exe from the OASIS spec
    /// </summary>
    /// <remarks>Lots of guidance from this CodeProject implementation
    ///     http://www.codeproject.com/Articles/56640/Performing-a-SAML-Post-with-C#xx0xx
    /// </remarks>
    public class SAML20Assertion {

        /// <summary>
        /// Build a signed XML SAML Response string to be inlcuded in an HTML Form
        /// for POSTing to a SAML Service Provider
        /// </summary>
        /// <param name="Issuer">Identity Provider - Used to match the certificate for verifying 
        ///     Response signing</param>
        /// <param name="AssertionExpirationMinutes">Assertion lifetime</param>
        /// <param name="Audience"></param>
        /// <param name="Subject"></param>
        /// <param name="Recipient"></param>
        /// <param name="Attributes">Dictionary of attributes to send through for user SSO</param>
        /// <param name="SigningCert">X509 Certificate used to sign Assertion</param>
        /// <returns></returns>
        public static string CreateSAML20Response(string Issuer, int AssertionExpirationMinutes, string Audience, string Subject, string Recipient, Dictionary<string, string> Attributes, X509Certificate2 SigningCert) {
            // Create SAML Response object with a unique ID and correct version
            ResponseType response = new ResponseType() {ID = "_" + System.Guid.NewGuid().ToString(), Version = "2.0", IssueInstant = System.DateTime.UtcNow, Destination = Recipient.Trim(), Issuer = new NameIDType() {Value = Issuer.Trim()}, Status = new StatusType() {StatusCode = new StatusCodeType() {Value = "urn:oasis:names:tc:SAML:2.0:status:Success"}}};

            // Put SAML 2.0 Assertion in Response
            response.Items = new AssertionType[] {CreateSAML20Assertion(Issuer, AssertionExpirationMinutes, Audience, Subject, Recipient, Attributes)};

            XmlDocument XMLResponse = SerializeAndSignSAMLResponse(response, SigningCert);

            return System.Convert.ToBase64String(Encoding.UTF8.GetBytes(XMLResponse.OuterXml));
        }

        /// <summary>
        /// Accepts SAML Response, serializes it to XML and signs using the supplied certificate
        /// </summary>
        /// <param name="Response">SAML 2.0 Response</param>
        /// <param name="SigningCert">X509 certificate</param>
        /// <returns>XML Document with computed signature</returns>
        private static XmlDocument SerializeAndSignSAMLResponse(ResponseType Response, X509Certificate2 SigningCert) {
            // Set serializer and writers for action
            XmlSerializer responseSerializer = new XmlSerializer(Response.GetType());
            StringWriter stringWriter = new StringWriter();
            XmlWriter responseWriter = XmlTextWriter.Create(stringWriter, new XmlWriterSettings() {OmitXmlDeclaration = true, Indent = true, Encoding = Encoding.UTF8});
            responseSerializer.Serialize(responseWriter, Response);
            responseWriter.Close();
            XmlDocument xmlResponse = new XmlDocument();
            xmlResponse.LoadXml(stringWriter.ToString());

            // Set the namespace for prettire and more consistent XML
            XmlNamespaceManager ns = new XmlNamespaceManager(xmlResponse.NameTable);
            ns.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");

            CertificateUtility.AppendSignatureToXMLDocument(ref xmlResponse, "#" + ((AssertionType) Response.Items[0]).ID, SigningCert);

            return xmlResponse;
        }

        /// <summary>
        /// Creates a SAML 2.0 Assertion Segment for a Response
        /// Simple implmenetation assuming a list of string key and value pairs
        /// </summary>
        /// <param name="Issuer"></param>
        /// <param name="AssertionExpirationMinutes"></param>
        /// <param name="Audience"></param>
        /// <param name="Subject"></param>
        /// <param name="Recipient"></param>
        /// <param name="Attributes">Dictionary of string key, string value pairs</param>
        /// <returns>Assertion to sign and include in Response</returns>
        private static AssertionType CreateSAML20Assertion(string Issuer, int AssertionExpirationMinutes, string Audience, string Subject, string Recipient, Dictionary<string, string> Attributes) {
            AssertionType NewAssertion = new AssertionType() {Version = "2.0", IssueInstant = System.DateTime.UtcNow, ID = "_" + System.Guid.NewGuid().ToString()};

            // Create Issuer
            NewAssertion.Issuer = new NameIDType() {Value = Issuer.Trim()};

            // Create Assertion Subject
            SubjectType subject = new SubjectType();
            NameIDType subjectNameIdentifier = new NameIDType() {Value = Subject.Trim(), Format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"};
            SubjectConfirmationType subjectConfirmation = new SubjectConfirmationType() {Method = "urn:oasis:names:tc:SAML:2.0:cm:bearer", SubjectConfirmationData = new SubjectConfirmationDataType() {NotOnOrAfter = DateTime.UtcNow.AddMinutes(AssertionExpirationMinutes), Recipient = Recipient}};
            subject.Items = new object[] {subjectNameIdentifier, subjectConfirmation};
            NewAssertion.Subject = subject;

            // Create Assertion Conditions
            ConditionsType conditions = new ConditionsType();
            conditions.NotBefore = DateTime.UtcNow;
            conditions.NotBeforeSpecified = true;
            conditions.NotOnOrAfter = DateTime.UtcNow.AddMinutes(AssertionExpirationMinutes);
            conditions.NotOnOrAfterSpecified = true;
            conditions.Items = new ConditionAbstractType[] {new AudienceRestrictionType() {Audience = new string[] {Audience.Trim()}}};
            NewAssertion.Conditions = conditions;

            // Add AuthnStatement and Attributes as Items
            AuthnStatementType authStatement = new AuthnStatementType() {AuthnInstant = DateTime.UtcNow, SessionIndex = NewAssertion.ID};
            AuthnContextType context = new AuthnContextType();
            context.ItemsElementName = new ItemsChoiceType5[] {ItemsChoiceType5.AuthnContextClassRef};
            context.Items = new object[] {"urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified"};
            authStatement.AuthnContext = context;

            AttributeStatementType attributeStatement = new AttributeStatementType();
            attributeStatement.Items = new AttributeType[Attributes.Count];
            int i = 0;
            foreach (KeyValuePair<string, string> attribute in Attributes) {
                attributeStatement.Items[i] = new AttributeType() {Name = attribute.Key, AttributeValue = new object[] {attribute.Value}, NameFormat = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic"};
                i++;
            }

            NewAssertion.Items = new StatementAbstractType[] {authStatement, attributeStatement};

            return NewAssertion;
        }

    }

}
;

public by eyemonen created Oct 21, 2013  327062  0  4  0

Here are a set of libraries, plugins and guides which may be useful to your Javascript coding.

Here are a set of libraries, plugins and guides which may be useful to your Javascript coding.: javascript_resources.md
## Libraries

- [jQuery](http://jquery.com) - The de-facto library for the modern age. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers.
- [Backbone](http://backbonejs.org/) - Backbone.js gives structure to web applications by providing models with key-value binding and custom events, collections with a rich API of enumerable functions, views with declarative event handling, and connects it all to your existing API over a RESTful JSON interface.
- [AngularJS](http://angularjs.org/) - Conventions based MVC framework for HTML5 apps.
- [Underscore](http://underscorejs.org/) - Underscore is a utility-belt library for JavaScript that provides a lot of the functional programming support that you would expect in Prototype.js (or Ruby), but without extending any of the built-in JavaScript objects.
- [lawnchair](http://brian.io/lawnchair/) - Key/value store adapter for indexdb, localStorage and more
- [Handlebars](http://handlebarsjs.com/) - Minimal semantic templating

## Plugins
- [jQueryUI](http://jqueryui.com/) - jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.
- [Bootstrap](http://getbootstrap.com/javascript/) - Bring Bootstrap's components to life with over a dozen custom jQuery plugins. Easily include them all, or one by one.
- [Async.js](https://github.com/caolan/async) - Async is a utility module which provides straight-forward, powerful functions for working with asynchronous JavaScript. Although originally designed for use with node.js, it can also be used directly in the browser. Also supports component.
- [timeago](http://timeago.yarp.com/) - Timeago is a jQuery plugin that makes it easy to support automatically updating fuzzy timestamps (e.g. "4 minutes ago" or "about 1 day ago").
- [Chosen](https://github.com/harvesthq/chosen) - Chosen is a library for making long, unwieldy select boxes more friendly.
- [QTip2](http://qtip2.com/) - Second generation of the advanced tooltip plugin for jQuery
- [spin.js](http://fgnass.github.io/spin.js/) - JS replacement for gif loading spinners
- [Hotkeys](https://github.com/jeresig/jquery.hotkeys) - John Resig's plugin for adding/removing handlers for keyboard events
- [Linkify](https://github.com/uudashr/jquery-linkify) - jQuery plugin to format text containing URL or hashtag into clickable anchor tags.

## Tools
- [Bower](http://bower.io/) - Bower is a package manager for the web. It offers a generic, unopinionated solution to the problem of front-end package management, while exposing the package dependency model via an API that can be consumed by a more opinionated build stack. There are no system wide dependencies, no dependencies are shared between different apps, and the dependency tree is flat.
- [Grunt](http://gruntjs.com/) - Javascript Task Runner

## Guides
- [Jasmine](http://pivotal.github.io/jasmine/) - Jasmine is a behavior-driven development framework for testing JavaScript code.
- [Building a Chrome Extension](https://developer.chrome.com/extensions/getstarted.html) - Extensions allow you to add functionality to Chrome without diving deeply into native code. You can create new extensions for Chrome with those core technologies that you're already familiar with from web development: HTML, CSS, and JavaScript.
- [Backbone Tutorials](http://backbonetutorials.com/) - Backbone Tutorials is a collection of tutorials written by Thomas Davis.

;