Merge pull request #33 from peteat/support-idp-WantAuthnRequestsSigned

Support IdP WantAuthnRequestsSigned.

Author: Revsgaard

src/ITfoxtec.Identity.Saml2/Schemas/Metadata/IdPSsoDescriptor.cs

@@ -15,6 +15,14 @@ public class IdPSsoDescriptor : SsoDescriptorType
     {
         const string elementName = Saml2MetadataConstants.Message.IdPSsoDescriptor;
 
+        /// <summary>
+        /// [Optional]
+        /// Optional attribute that indicates to service providers whether or not they can expect an 
+        /// unsigned &lt;AuthnRequest&gt; message to be accepted by the identity provider. 
+        /// If omitted, the value is assumed to be false.
+        /// </summary>
+        public bool? WantAuthnRequestsSigned { get; set; }
+
         /// <summary>
         /// One or more elements of type EndpointType that describe endpoints that support the profiles of the 
         /// Authentication Request protocol defined in [SAMLProf]. All identity providers support at least one 
@@ -35,6 +43,11 @@ protected IEnumerable<XObject> GetXContent()
         {
             yield return new XAttribute(Saml2MetadataConstants.Message.ProtocolSupportEnumeration, protocolSupportEnumeration);
 
+            if (WantAuthnRequestsSigned.HasValue)
+            {
+                yield return new XAttribute(Saml2MetadataConstants.Message.WantAuthnRequestsSigned, WantAuthnRequestsSigned.Value);
+            }
+
             if (EncryptionCertificates != null)
             {
                 foreach (var encryptionCertificate in EncryptionCertificates)
@@ -78,6 +91,8 @@ protected IEnumerable<XObject> GetXContent()
 
         protected internal IdPSsoDescriptor Read(XmlElement xmlElement)
         {
+            WantAuthnRequestsSigned = xmlElement.Attributes[Saml2MetadataConstants.Message.WantAuthnRequestsSigned]?.Value.Equals(true.ToString(), StringComparison.InvariantCultureIgnoreCase);
+
             var signingKeyDescriptorElements = xmlElement.SelectNodes($"*[local-name()='{Saml2MetadataConstants.Message.KeyDescriptor}'][contains(@use,'{Saml2MetadataConstants.KeyTypes.Signing}') or not(@use)]");
             if (signingKeyDescriptorElements != null)
             {

src/ITfoxtec.Identity.Saml2/Schemas/Metadata/Saml2MetadataConstants.cs

@@ -66,7 +66,9 @@ public class Message
             public const string ResponseLocation = "ResponseLocation";
 
             public const string ProtocolSupportEnumeration = "protocolSupportEnumeration";
-            
+
+            public const string WantAuthnRequestsSigned = "WantAuthnRequestsSigned";
+
             public const string AuthnRequestsSigned = "AuthnRequestsSigned";
 
             public const string WantAssertionsSigned = "WantAssertionsSigned";