Secure.SAML
1.0.5
There is a newer version of this package available.
See the version list below for details.
See the version list below for details.
dotnet add package Secure.SAML --version 1.0.5
NuGet\Install-Package Secure.SAML -Version 1.0.5
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Secure.SAML" Version="1.0.5" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Secure.SAML --version 1.0.5
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: Secure.SAML, 1.0.5"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Secure.SAML as a Cake Addin
#addin nuget:?package=Secure.SAML&version=1.0.5
// Install Secure.SAML as a Cake Tool
#tool nuget:?package=Secure.SAML&version=1.0.5
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
Secure.SAML
.Net library to generate signed SAML 2.0 Response for parameters below-
key="Recipient"is Recipient or Consumer URLkey="Issuer"is value for Issuer Name or domainkey="AudienceRestrictions"is (name/value) dictionary for Audience Restrictionskey="NamedId"is value representing the user Identity or subjectkey="CustomAttributes"is (name/value) dictionary for custom attributes to pass to recipient.key="SignatureType"is whether to sign Response or Assertion.key="signingAlgorithm"supports SHA1, SHA256 and SHA512 algorithms.
var saml = new SAML(Func<X509Certificate2> certificateFactory);
var parameters = new Parameters
{
Issuer = "http://ninjacorp.com",
Recipient = "https://xyz.target-link.co.uk:443/saml/api",
AudienceRestrictions = new[] { "xyz.target-link.co.uk" },
NamedId = "NIN0123456",
NameIdFormat = NameIdFormat.Unspecified, // Default - Unspecified
Attributes = new Dictionary<string, string> // Optional, Custom payload to recipient.
{
{ "Custom_key", "value" }
},
SignatureType = SignType.Response, // Default - Response
NotOnOrAfterInMins = 10, // Default - 10 minutes
SigningAlgorithm = SigningAlgorithm.SHA512, // Supports - SHA1, SHA256 & SHA512 (default).
SamlId = Guid.Parse("95AD6A84-95C1-4B39-AE5E-FE1E700C406C"), // Optional, defaults to new guid.
AssertionId = Guid.Parse("B3CA912A-4A6B-4F31-9FD8-FC5E55837656"), // Optional, defaults to new guid.
Timestamp = DateTime.Parse("2018-02-27T09:36:44.0665619Z") // Optional, defaults to DateTime.UtcNow
};
var xmlDocument = saml.Create(parameters); // Returns XMLDocument with Signed SAML.
var base64EncodedString = saml.CreateEncoded(parameters); // Returns Base64 encoded string for Signed SAML.
Example IoC Registration
Container.RegisterType<ISAML>(c=> new SAML(()=> CertificateFactory.Get("signing-cert")));
Example Generated SAML :-
<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="_95ad6a8495c14b39ae5efe1e700c406c"
Version="2.0"
IssueInstant="2018-02-27T09:36:44Z"
Destination="https://xyz.target-link.co.uk:443/saml/api"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer>http://ninjacorp.com</saml:Issuer>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<Reference URI="#_95ad6a8495c14b39ae5efe1e700c406c">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="#default saml ds xs xsi"
xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<DigestValue>SLRX7pQuCZwnqc033B5ohdF7If9zYy8ez1uaDb7E7QKYYHRbIuZ8xDNGTSDI/1WmjkcPiGy8PoCu7l2TflaxVg==</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>EN/W5jihCeYjUMO3T2I83N6J+gtWsyo1nFCyFacD88TE/00aSATsXC/koju3p+wO1h5xxiGW9mk3kOEOKCUKjekZ7Oub4irCz1xUJ2WmDM1h/+uxb9yFrflnVt8CRuUdfOQpTDAXqS4ENQn26ZsrH9iQ3oPDZcTHqIgwTRWCzR0=</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIB/DCCAWWgAwIBAgIQ39LYOFEy9K1A+f1T4C/ELzANBgkqhkiG9w0BAQQFADAWMRQwEgYDVQQDEwtYWVogQ29tcGFueTAeFw0wNDEyMzExNzAwMDBaFw0wOTEyMzExNzAwMDBaMBYxFDASBgNVBAMTC1hZWiBDb21wYW55MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3E55S/VquStRieuJ39TM6HkKh47pC+x3XklZ+gmIPHk2XRbUuOCnJunxnesChjDJ2H0tP1usHoPU2jJbfNffEJRrVw8zDavvVqiye4hHGaSL3i7BDOChzKeQY/8yifIMFUIK7DOKwfQDUbJf662gac6u0AmNv/CNdIpECWUHokQIDAQABo0swSTBHBgNVHQEEQDA+gBDHk2UyyDjvEL4gr3OaFlNBoRgwFjEUMBIGA1UEAxMLWFlaIENvbXBhbnmCEN/S2DhRMvStQPn9U+AvxC8wDQYJKoZIhvcNAQEEBQADgYEAIqaguk7RrjeJJtq44DSFatuGtYxASy/MXtdbHhuiYIRNNBgBPB3NWYHVBrZnftBmbHz1Ur61x7ZWYPqezvKhyKZNgHHkbL0O35MHEYNNJhDLdw0QVn4QkZL5MhLHU+8zcaMWTERlQN3rQTAg4paz5oSVDMQyPbUAC/xsquUP44E=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
<saml:Assertion Version="2.0"
ID="_b3ca912a4a6b4f319fd8fc5e55837656"
IssueInstant="2018-02-27T09:36:44Z">
<saml:Issuer>http://ninjacorp.com</saml:Issuer>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified">NIN0123456</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData NotOnOrAfter="2018-02-27T09:46:44Z"
Recipient="https://xyz.target-link.co.uk:443/saml/api"/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2018-02-27T09:35:44Z"
NotOnOrAfter="2018-02-27T09:46:44Z">
<saml:AudienceRestriction>
<saml:Audience>xyz.target-link.co.uk</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2018-02-27T09:36:44Z">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute Name="Custom_key"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue>value</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</samlp:Response>
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
| .NET Core | netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
| .NET Standard | netstandard2.1 is compatible. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
.NETStandard 2.1
- NuGet.Build.Packaging (>= 0.1.227)
- System.Security.Cryptography.Xml (>= 7.0.1)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Release Notes : SAML utility to create SAML 2.0 Response
* Supported Signing Algorithms - SHA1, SHA256, SHA512
* Signs Assertion or Response.
* Outputs Base64string or XMLDocument.