search

X-Guardian / AdfsDsc

DSC resources for deployment and configuration of Active Directory Federation Services
MIT License
9 stars 5 forks source link

AdfsRelyingPartyTrust: Add Support for SAML Endpoints #3

Closed X-Guardian closed 4 years ago

X-Guardian commented 4 years ago

The AdfsRelyingPartyTrust resource needs to support SAML endpoints.

New resource properties required:

Property Name Type Description
SamlEndpoint MSFT_AdfsSamlEndpoint Array Specifies an array of Security Assertion Markup Language (SAML) protocol endpoints for this relying party.

The MSFT_AdfsSamlEndpoint class would contain the following properties:

Parameter Type ValueMap Description
Binding String Artifact, POST, Redirect, SOAP Specifies the binding type of the endpoint.
Index SInt32 Specifies the index that is defined for this endpoint.
IsDefault Boolean Indicates whether this is a default endpoint for the particular protocol type.
Protocol String SAMLArtifactResolution, SAMLAssertionConsumer, SAMLLogout, SAMLSingleSignOn Specifies the type of service at the endpoint.
ResponseUri String Specifies the response URI for the endpoint.
Uri String Specifies the URI of this endpoint.

Example DSC configuration would look like:

AdfsRelyingPartyTrust Example
{
    Name         = 'Example'
    SamlEndpoint = @(
        MSFT_AdfsSamlEndpoint
        {
            Binding     = 'POST'
            Index       = 0
            IsDefault   = $false
            Protocol    = 'SAMLAssertionConsumer'
            Uri         = 'https://example.com'
        }
    )
}