search

Sustainsys / Saml2

Saml2 Authentication services for ASP.NET
Other
951 stars 601 forks source link

How to get assertion ? #1324

Closed AlexAlexGoTO closed 2 years ago

AlexAlexGoTO commented 2 years ago

Hello, I'm new to SAML and I have some issue, previously we used old SAML library and we handled SamlResponse in this way

                [Route("api/Acs")]
        [HttpPost]
        public async Task<IHttpActionResult> SamlSignInAsync()
        {
            Log.WriteLogEntry("SAML login response received.");
            var context = Request.GetOwinContext();
            var content = await context.Request.ReadFormAsync();
            var samlResponse = content["SAMLResponse"];
            if (string.IsNullOrEmpty(samlResponse))
            {
                return BadRequest("SAML response not found.");
            }
            var assertion = **Utility.HandleResponse(samlResponse);**
        }

Now I'm tryin to use this library and I don't have that Utility.HandleResponse method anymore... How can I get assertion here ? I need to ensure that I have some attributes there. I override default /Saml2/Acs method, so now I'm getting response here from saml but how can I handle it ?

So in a nutshell how to handle SAMLResponse ?

AndersAbel commented 2 years ago

Please see the sample applications. The Acs end point is built into the library and handled by the library. It then connects to e.g. the Asp.Net Core authentication model for setting a cookie (when using the AspNetCore2 package)

simitch1 commented 2 years ago

Hi @AndersAbel,

Sorry if I reopen this thread. I have the same problem as the op above. My setup is an Angular SPA + Net Core 5 api. I'm able to redirect my user from the angular app to the identity provider using the api configured with your library. Problems starts when i try too receive the callback like the post above. I can get manually the decoded xml strings, but I think it's the correct way of doing the integration. I saw that you normally use cookies but i wasn't able to use them.

Can you explain a little better or link me to an example that works on net core? Eventually if it doesn't exists i can try to build a shareable example for this flow with your help.

Thank you very much Simone

AndersAbel commented 2 years ago

@simitch1 This is a new question, please open a new issue next time instead of adding things to an old and closed.

Any way, what you should look into is using the BFF pattern for your SPA. That will let you use cookies for the session.