Azure Key Vault sample added

Author: Revsgaard

.gitignore

@@ -22,6 +22,11 @@ bld/
 [Bb]in/
 [Oo]bj/
 
+# ignore appsettings configuration files
+**/appsettings.development.json
+**/appsettings.staging.json
+**/appsettings.production.json
+
 # Visual Studio 2015 cache/options directory
 .vs/
 # Uncomment if you have tasks that create the project's static files in wwwroot

ITfoxtec.Identity.Saml2.sln

@@ -1,7 +1,7 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio 15
-VisualStudioVersion = 15.0.27004.2002
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.28922.388
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{A05F26DE-17C2-497F-B244-EE6790789066}"
 EndProject
@@ -21,7 +21,9 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ITfoxtec.Identity.Saml2", "
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "TestWebAppCoreFramework", "test\TestWebAppCoreFramework\TestWebAppCoreFramework.csproj", "{AB921243-70BE-4B10-BDDD-7F62FDA8CF93}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ITfoxtec.Identity.Saml2.Mvc", "src\ITfoxtec.Identity.Saml2.Mvc\ITfoxtec.Identity.Saml2.Mvc.csproj", "{1966436F-5CEC-4290-A547-152357C0BD24}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "ITfoxtec.Identity.Saml2.Mvc", "src\ITfoxtec.Identity.Saml2.Mvc\ITfoxtec.Identity.Saml2.Mvc.csproj", "{1966436F-5CEC-4290-A547-152357C0BD24}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "TestWebAppCoreAzureKeyVault", "test\TestWebAppCoreAzureKeyVault\TestWebAppCoreAzureKeyVault.csproj", "{03A37D91-A36B-48C0-90A1-1FCF43621E60}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -57,6 +59,10 @@ Global
 		{1966436F-5CEC-4290-A547-152357C0BD24}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{1966436F-5CEC-4290-A547-152357C0BD24}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{1966436F-5CEC-4290-A547-152357C0BD24}.Release|Any CPU.Build.0 = Release|Any CPU
+		{03A37D91-A36B-48C0-90A1-1FCF43621E60}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{03A37D91-A36B-48C0-90A1-1FCF43621E60}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{03A37D91-A36B-48C0-90A1-1FCF43621E60}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{03A37D91-A36B-48C0-90A1-1FCF43621E60}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -69,6 +75,7 @@ Global
 		{3EE8359C-DD95-4AC9-8137-2E551CF7CDCD} = {A05F26DE-17C2-497F-B244-EE6790789066}
 		{AB921243-70BE-4B10-BDDD-7F62FDA8CF93} = {DE5976C5-83CD-4518-A05E-0DEC2EA5D17C}
 		{1966436F-5CEC-4290-A547-152357C0BD24} = {A05F26DE-17C2-497F-B244-EE6790789066}
+		{03A37D91-A36B-48C0-90A1-1FCF43621E60} = {DE5976C5-83CD-4518-A05E-0DEC2EA5D17C}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {64BB7D39-E92F-466D-B601-276E16FF6EB4}

test/TestIdPCore/Controllers/AuthController.cs

@@ -155,6 +155,13 @@ private RelyingParty ValidateRelyingParty(string issuer)
                 SingleLogoutResponseDestination = new Uri("https://localhost:44307/Auth/LoggedOut"),
                 SignatureValidationCertificate = CertificateUtil.Load(Startup.AppEnvironment.MapToPhysicalFilePath("itfoxtec.identity.saml2.testwebappcore_Certificate.crt"))
             });
+            validRelyingPartys.Add(new RelyingParty
+            {
+                Issuer = "urn:itfoxtec:identity:saml2:testwebappcoreAzureKeyVault",
+                SingleSignOnDestination = new Uri("https://localhost:44308/Auth/AssertionConsumerService"),
+                SingleLogoutResponseDestination = new Uri("https://localhost:44308/Auth/LoggedOut"),
+                SignatureValidationCertificate = CertificateUtil.Load(Startup.AppEnvironment.MapToPhysicalFilePath("itfoxtec.identity.saml2.testwebappcore_Certificate.crt"))
+            });
 
             return validRelyingPartys.Where(rp => rp.Issuer.Equals(issuer, StringComparison.InvariantCultureIgnoreCase)).Single();
         }

test/TestIdPCore/TestIdPCore.csproj

@@ -7,7 +7,7 @@
     <Version>4.0.0</Version>
     <Authors>Anders Revsgaard</Authors>
     <Company>ITfoxtec</Company>
-    <Copyright>Copyright © 2018</Copyright>
+    <Copyright>Copyright © 2019</Copyright>
   </PropertyGroup>
   <ItemGroup>
     <Content Remove="package-lock.json" />

test/TestIdPCore/web.config

@@ -11,6 +11,7 @@
       <environmentVariables>
         <environmentVariable name="ASPNETCORE_HTTPS_PORT" value="44305" />
         <environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
+        <environmentVariable name="COMPLUS_ForceENC" value="1" />
       </environmentVariables>
     </aspNetCore>
   </system.webServer>

test/TestWebApp/Properties/AssemblyInfo.cs

@@ -10,7 +10,7 @@
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("ITfoxtec")]
 [assembly: AssemblyProduct("TestWebApp")]
-[assembly: AssemblyCopyright("Copyright © 2018")]
+[assembly: AssemblyCopyright("Copyright © 2019")]
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 

test/TestWebAppCore/TestWebAppCore.csproj

@@ -7,7 +7,7 @@
     <Version>4.0.0</Version>
     <Authors>Anders Revsgaard</Authors>
     <Company>ITfoxtec</Company>
-    <Copyright>Copyright © 2018</Copyright>
+    <Copyright>Copyright © 2019</Copyright>
   </PropertyGroup>
   <ItemGroup>
     <Content Remove="package-lock.json" />

test/TestWebAppCore/web.config

@@ -11,6 +11,7 @@
       <environmentVariables>
         <environmentVariable name="ASPNETCORE_HTTPS_PORT" value="44306" />
         <environmentVariable name="ASPNETCORE_ENVIRONMENT" value="Development" />
+        <environmentVariable name="COMPLUS_ForceENC" value="1" />
       </environmentVariables>
     </aspNetCore>
   </system.webServer>

test/TestWebAppCoreAzureKeyVault/AzureKeyVault/ADTokenRequest.cs

@@ -0,0 +1,14 @@
+using ITfoxtec.Identity.Messages;
+using Newtonsoft.Json;
+
+namespace TestWebAppCoreAzureKeyVault.AzureKeyVault
+{
+    public class ADTokenRequest : TokenRequest
+    {
+        /// <summary>
+        /// Azure AD resource.
+        /// </summary>
+        [JsonProperty(PropertyName = "resource")]
+        public string Resource { get; set; }
+    }
+}

test/TestWebAppCoreAzureKeyVault/AzureKeyVault/AppKeyVaultClient.cs

@@ -0,0 +1,30 @@
+using System;
+using ITfoxtec.Identity.Helpers;
+using Microsoft.Azure.KeyVault;
+
+namespace TestWebAppCoreAzureKeyVault.AzureKeyVault
+{
+    public static class AppKeyVaultClient
+    {
+        public static KeyVaultClient GetClient(string keyVaultClientId, string keyVaultClientSecret, TokenHelper tokenHelper)
+        {
+            var client = new KeyVaultClient(async (authority, resource, scope) =>
+            {
+                try
+                {
+                    var tokenRequest = new ADTokenRequest
+                    {
+                        Resource = resource
+                    };
+                    return await tokenHelper.GetAccessTokenWithClientCredentialsAsync(keyVaultClientId, keyVaultClientSecret, $"{authority}/oauth2/token", tokenRequest);
+                }
+                catch (Exception ex)
+                {
+                    throw new Exception("Error while retrieving a token from Azure AD to Azure Key Vault.", ex);
+                }
+            });
+
+            return client;
+        }
+    }
+}