时间戳

首页 > 解决方案 > 如何从 SAML 响应中获取所有属性和值?

c# - 如何从 SAML 响应中获取所有属性和值?

问题描述

我已经使用 Azure ADFS 实现了 SSO 并使用了 SAML,下面是我来自 Azure 的 SAML 响应。

<saml2:AttributeStatement xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
<saml2:Attribute Name="User.email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
    <saml2:AttributeValue 
        xmlns:xs="http://www.w3.org/2001/XMLSchema" 
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Rudresh@gmail.com
    </saml2:AttributeValue></saml2:Attribute>
    
<saml2:Attribute Name="emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
    <saml2:AttributeValue 
        xmlns:xs="http://www.w3.org/2001/XMLSchema" 
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">rudresh@google.com
    </saml2:AttributeValue></saml2:Attribute>
</saml2:AttributeStatement>

我想从上面的 SAML 响应中提取所有属性和值,如下所示。

User.Email = 'Rudresh@gmail'
emailAddress = 'rudresh@google.com'

标签: c#.netasp.net-mvcsamlsaml-2.0

解决方案

您可以将响应转换为 xml 对象,然后将值映射到所需的属性。

总而言之,一旦XmlSerializer完成并将响应转换为对象,
使用Linq我们就可以进入并找到FirstOrDefault emailaddressUser.emailAttribute 并将它们分配给对象构造函数中的所有属性EmailAddress。这是一个如何在控制台应用程序中使用它的示例。Email

// Your above payload.
string examplePayload = System.IO.File.ReadAllText("TextFile1.txt");

// Creating the saml response.
SamlResponse samlResponse = new SamlResponse(examplePayload);

// writing the output, rudresh@google.com
Console.WriteLine(samlResponse.EmailAddress);

这是响应类。

public class SamlResponse
{
    public string EmailAddress { get; }
    public string Email { get; }

    public SamlResponse(string saml2)
    {
        if (string.IsNullOrEmpty(saml2)) throw new ArgumentNullException(nameof(saml2));

        using (MemoryStream ms = new MemoryStream(System.Text.Encoding.UTF8.GetBytes(saml2)))
        {
            XmlSerializer xmlSerializer = new XmlSerializer(typeof(AttributeStatement));
            AttributeStatement response = (AttributeStatement)xmlSerializer.Deserialize(ms);
            EmailAddress = response.Attribute.FirstOrDefault(x => x.Name == "emailaddress").AttributeValue?.TrimEnd();
            Email = response.Attribute.FirstOrDefault(x => x.Name == "User.email").AttributeValue?.TrimEnd();
        }
    }

    /// <remarks/>
    [Serializable()]
    [System.ComponentModel.DesignerCategory("code")]
    [XmlType(AnonymousType = true, Namespace = "urn:oasis:names:tc:SAML:2.0:assertion")]
    [XmlRoot(Namespace = "urn:oasis:names:tc:SAML:2.0:assertion", IsNullable = false)]
    public partial class AttributeStatement
    {

        private AttributeStatementAttribute[] attributeField;

        /// <remarks/>
        [XmlElement("Attribute")]
        public AttributeStatementAttribute[] Attribute
        {
            get
            {
                return this.attributeField;
            }
            set
            {
                this.attributeField = value;
            }
        }
    }

    /// <remarks/>
    [Serializable()]
    [System.ComponentModel.DesignerCategory("code")]
    [XmlType(AnonymousType = true, Namespace = "urn:oasis:names:tc:SAML:2.0:assertion")]
    public partial class AttributeStatementAttribute
    {
        private string attributeValueField;

        private string nameField;

        private string nameFormatField;

        /// <remarks/>
        public string AttributeValue
        {
            get
            {
                return this.attributeValueField;
            }
            set
            {
                this.attributeValueField = value;
            }
        }

        /// <remarks/>
        [XmlAttribute()]
        public string Name
        {
            get
            {
                return this.nameField;
            }
            set
            {
                this.nameField = value;
            }
        }

        /// <remarks/>
        [XmlAttribute()]
        public string NameFormat
        {
            get
            {
                return this.nameFormatField;
            }
            set
            {
                this.nameFormatField = value;
            }
        }
    }
}

推荐阅读