Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
class Sustainsys.Saml2.IdentityProvider
Assembly: Sustainsys.Saml2
Inheritance: object → IdentityProvider
Represents a known identity provider that this service provider can communicate with.
Properties
public
bool
LoadMetadata
Should this idp load metadata? The metadata is loaded immediately
when the property is set to true, so the <see cref="P:Sustainsys.Saml2.IdentityProvider.MetadataLocation" />
must be correct before settingLoadMetadata to true.
public
Saml2BindingType
Binding
The binding used when sending AuthnRequests to the identity provider.
public
System.Uri
SingleSignOnServiceUrl
The Url of the single sign on service. This is where the browser is redirected or
where the post data is sent to when sending an AuthnRequest to the idp.
public
System.Collections.Generic.IDictionary<int, System.Uri>
ArtifactResolutionServiceUrls
Artifact resolution endpoints on the idp.
public
System.Uri
SingleLogoutServiceUrl
The Url of the single sign out service. This is where the browser
is redirected or where the post data is sent to when sending a
LogoutRequest to the idp.
public
System.Uri
SingleLogoutServiceResponseUrl
The Url to send single logout responses to. Defaults to
SingleLogoutServiceUrl.
public
Saml2BindingType
SingleLogoutServiceBinding
Binding for the Single logout service. If not set, returns the
same as the main binding (used for AuthnRequests)
public
EntityId
EntityId
The Entity Id of the identity provider.
public
bool
AllowUnsolicitedAuthnResponse
Is this idp allowed to send unsolicited responses, i.e. idp initiated sign in?
public
bool
RelayStateUsedAsReturnUrl
Does the RelayState contains the return url?,
This setting is used only when the AllowUnsolicitedAuthnResponse setting is enabled.
public
string
MetadataLocation
Location of metadata for the Identity Provider. Automatically enables
<see cref="P:Sustainsys.Saml2.IdentityProvider.LoadMetadata" /> . The location can be a URL, an absolute
path to a local file or an app relative path
(e.g. ~/App_Data/IdpMetadata.xml). By default the entity id is
interpreted as the metadata location (which is a convention).
public
string
OutboundSigningAlgorithm
Signing Algorithm to be used when signing oubound messages.
SigningKeys
The public key of the idp that is used to verify signatures of responses/assertions.
public
System.DateTime?
MetadataValidUntil
Validity time of the metadata this idp was configured from. Null if
idp was not configured from metadata.
public
bool
WantAuthnRequestsSigned
Does this Idp want the AuthnRequests signed?
public
bool
DisableOutboundLogoutRequests
Disable outbound logout requests to this idp, even though
Saml2 is configured for single logout and the idp supports
it. This setting might be usable when adding SLO to an existing
setup, to ensure that everyone is ready for SLO before activating.
Methods
public
Saml2AuthenticationRequest
CreateAuthenticateRequest(Saml2Urls saml2Urls)
Create an authenticate request aimed for this idp.
saml2Urls
Urls for Saml2, used to populate fields
in the created AuthnRequest
public
CommandResult
Bind(ISaml2Message request)
Bind a Saml2 message using the active binding of the idp,
producing a CommandResult with the result of the binding.
Returns CommandResult with the bound request.
request
The Saml2 message to bind.
Remarks
This overload does not support the usage of Xml Created notifications.
public
CommandResult
Bind(TMessage message,
System.Action<TMessage, System.Xml.Linq.XDocument, Saml2BindingType> xmlCreatedNotification)
Bind a Saml2 message using the active binding of hte idp,
producing a CommandResult with the result of the binding.
Returns CommandResult with the bound message.
message
The Saml2 message to bind.
xmlCreatedNotification
Notification to call with Xml structure
public
void
ReadMetadata(EntityDescriptor metadata)
Reads the supplied metadata and sets all properties of the
IdentityProvider based on the metadata.
metadata
Metadata to read.
public
Saml2LogoutRequest
CreateLogoutRequest(System.Security.Claims.ClaimsPrincipal user)
Create a logout request to the idp, for the current identity.
public
bool
Equals(object obj)
Inherited from object
protected
void
Finalize()
Inherited from object
public
int
GetHashCode()
Inherited from object
protected
object
MemberwiseClone()
Inherited from object
public
string
ToString()
Inherited from object