Created
May 4, 2017 11:33
-
-
Save pkarneliuk/3bbcb887556fa245291a2ceb470afd03 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Text; | |
| using System.Net; | |
| using System.Threading.Tasks; | |
| using System.Collections.Specialized; | |
| using System.IO; | |
| using System.Web.Script.Serialization; | |
| using System.Security.Principal; | |
| using System.ServiceModel; | |
| using System.ServiceModel.Security; | |
| using System.ServiceModel.Channels; | |
| using System.ServiceModel.Description; | |
| using System.IdentityModel; | |
| using System.IdentityModel.Configuration; | |
| using System.IdentityModel.Metadata; | |
| using System.IdentityModel.Protocols.WSTrust; | |
| using System.IdentityModel.Tokens; | |
| using Microsoft.IdentityModel.Protocols.WSTrust.Bindings; | |
| using Microsoft.IdentityModel.Protocols.WSTrust; | |
| using System.ServiceModel.Dispatcher; | |
| using WSTrustChannelFactory = System.ServiceModel.Security.WSTrustChannelFactory; | |
| using RequestSecurityToken = System.IdentityModel.Protocols.WSTrust.RequestSecurityToken; | |
| using WSTrustChannel = System.ServiceModel.Security.WSTrustChannel; | |
| namespace SAML_Example | |
| { | |
| class SAML_Example | |
| { | |
| static void Main(string[] args) | |
| { | |
| var appliesTo = "https://epbyminw1035t1"; | |
| var dmsPath = "/api/v1/session/saml-login"; | |
| var relyingpartyEndpoint = appliesTo + dmsPath; | |
| try | |
| { | |
| string samlToken = GetSamlClaimWSTrustKRB(appliesTo); | |
| Console.WriteLine(samlToken); | |
| } | |
| catch (Exception ex) | |
| { | |
| Console.WriteLine(ex); | |
| } | |
| } | |
| public static string GetSamlClaimWSTrustKRB(string appliesTo) | |
| { | |
| // Allow all certificates | |
| ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true; | |
| //var endpointAddress = "https://adfs.cluster.dom/adfs/services/trust/13/kerberosmixed"; | |
| var endpointAddress = "https://ping.cluster.dom:9031/idp/sts.wst?TokenProcessorId=Kerberos"; | |
| EndpointAddress ep = new EndpointAddress(new Uri(endpointAddress)); | |
| //Establish the Kerberos Binding for WS-Trust messaging | |
| KerberosWSTrustBinding binding = new KerberosWSTrustBinding() | |
| { | |
| SecurityMode = SecurityMode.TransportWithMessageCredential, | |
| TrustVersion = TrustVersion.WSTrust13, | |
| EnableRsaProofKeys = false | |
| }; | |
| WSTrustChannelFactory factory = new WSTrustChannelFactory(binding, ep); | |
| factory.Credentials.Windows.ClientCredential.UserName = "username"; | |
| factory.Credentials.Windows.ClientCredential.Password = "password"; | |
| factory.Credentials.Windows.ClientCredential.Domain = "cluster.dom"; | |
| factory.Credentials.SupportInteractive = false; | |
| WSTrustChannel channel = (WSTrustChannel)factory.CreateChannel(); | |
| var rst = new RequestSecurityToken { RequestType = RequestTypes.Issue, AppliesTo = new EndpointReference(appliesTo), KeyType = KeyTypes.Bearer }; | |
| rst.TokenType = Microsoft.IdentityModel.Tokens.SecurityTokenTypes.Saml2TokenProfile11; | |
| try | |
| { | |
| Console.WriteLine("Attempting to retrieve SAML assertion"); | |
| GenericXmlSecurityToken token = channel.Issue(rst) as GenericXmlSecurityToken; | |
| Console.WriteLine("Successfully retrieved SAML assertion"); | |
| return token.TokenXml.OuterXml; | |
| } | |
| catch (Exception ex) | |
| { | |
| Console.WriteLine("Exception: " + ex.Message); | |
| Console.WriteLine("Exception: " + ex.InnerException); | |
| throw ex; | |
| } | |
| finally | |
| { | |
| factory.Close(); | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
in server.log I see