stackoom
  简体   繁体   中英

How do I configure my SAML Service Provider to send metadata to the Identity Provider?

 原文  2023-02-01 18:52:31       c#/ asp.net-core-webapi/ saml-2.0/ itfoxtec-identity-saml2

Question

I am using the ITfoxTec SAML library in my.Net Web API project.

I have it working with a SAML Identity Provider testing service called Okta and it's working great.

But now I need to use a corporate SAML Identity Provider that is more complicated.

I am required to send metadata, so I used one of those online SAML metadata generators and got this:

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
                     validUntil="2023-02-03T18:10:14Z"
                     cacheDuration="PT604800S"
                     entityID="54ab9813-9546-4630-90eb-f31f69fbe535">
    <md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
                                     Location="https://portal.xyz.com/claims"
                                     index="1" />
        
    </md:SPSSODescriptor>
</md:EntityDescriptor>

I made the metadata XML file available on my site:

https://portal.xyz.com/public/5001_Saml2.xml

However when I try to connect to the SAML IdP, I get this error in the console:

System.InvalidOperationException occurred HResult=0x80131509 Message=Incorrect Content-Type

The controller my app uses to connect to the IdP is here:

[Route("Login")]
public IActionResult Login(string? returnUrl = null)
{
    var binding = new Saml2RedirectBinding();
    binding.SetRelayStateQuery(new Dictionary<string, string> { { relayStateReturnUrl, returnUrl ?? Url.Content("~/") } });

    return binding.Bind(new Saml2AuthnRequest(config)).ToActionResult();
}

I'm not sure what I'm doing wrong, does anyone know how to setup Metadata like this for ITfoxTec SAML 2.0?

Thanks!

1 answers

solution1
 1  2023-02-02 14:14:14

You shuld let the ITfoxtec Identity SAML libery create the online metadata, then it should work.

You can eg, find a metadata generation example in the TestWebAppCore sample .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can I configure Microsoft Account identity provider in Azure AD B2C to redirect to my URL SAML2: Does the Service Provider or Identity Provider create the X.509 certificate? Shibboleth Service Provider for SAML authentication Hard time with SAML and Identity Provider (IdP) How to add SAML2 service provider with SingleLogoutService URL to jumpcloud? Using Duende Identity Server and RSK SAML Identity Provider Store How do I calculate the next run time for my event provider? AuthenticationResponseGrant is null after successful login from SAML Identity Provider? Log in to SimpleMembership app using external SAML identity provider Can Identityserver3 act as a Identity Provider with SAML (C#, MVC)?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM