search

Sustainsys / Saml2

Saml2 Authentication services for ASP.NET
Other
940 stars 606 forks source link

Unable to get pass the ACS url #1413

Closed gwalingarj closed 7 months ago

gwalingarj commented 8 months ago

.AddSaml2(samlOptions => {

CryptoConfig.AddAlgorithm(typeof(RsaPkCs1Sha256SignatureDescription), System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA256Url);
CryptoConfig.AddAlgorithm(typeof(RsaPkCs1Sha1SignatureDescription), System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url);
samlOptions.SPOptions.EntityId = new EntityId("https://localhost:7094/Saml2/Acs");
samlOptions.SPOptions.ReturnUrl = new Uri("https://localhost:7094/Saml2/Acs");
samlOptions.SPOptions.RequestedAuthnContext =
       new Saml2RequestedAuthnContext(
           new("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"), new AuthnContextComparisonType());
samlOptions.SPOptions.AuthenticateRequestSigningBehavior = SigningBehavior.Always;
samlOptions.SPOptions.ServiceCertificates.Add(new X509Certificate2("Sustainsys.Saml2.Tests.pfx"));
samlOptions.SPOptions.WantAssertionsSigned = true;
samlOptions.SPOptions.OutboundSigningAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
samlOptions.SPOptions.MinIncomingSigningAlgorithm = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
} UnsuccessfulSamlOperationException: The Saml2Response must have status success to extract claims. Saml2 Status Code: Requester Saml2 Status Message: Application registered corresponding to IssuerUri "https://localhost:7094/Saml2/Acs" in AuthRequest does not have assertion consumer service URL "https://localhost:7094/Saml2/Acs" specified in its metadata. Saml2 Second Level Status: Sustainsys.Saml2.Saml2P.Saml2Response.CreateClaims(IOptions options, IdentityProvider idp)+MoveNext() System.Collections.Generic.List..ctor(IEnumerable collection) System.Linq.Enumerable.ToList(IEnumerable source) Sustainsys.Saml2.Saml2P.Saml2Response.GetClaims(IOptions options, IDictionary relayData) Sustainsys.Saml2.WebSso.AcsCommand.ProcessResponse(IOptions options, Saml2Response samlResponse, StoredRequestState storedRequestState, IdentityProvider identityProvider, string relayState) Sustainsys.Saml2.WebSso.AcsCommand.Run(HttpRequestData request, IOptions options) Sustainsys.Saml2.AspNetCore2.Saml2Handler.HandleRequestAsync() Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.g__Awaited|8_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task) Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.HandleException(HttpContext context, ExceptionDispatchInfo edi) Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.g__Awaited|8_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)
AndersAbel commented 8 months ago

The Identity Provider needs to be configured to accept that Acs url.