Merge pull request #79 from Zyano/master

Support for saml2:conditions on AuthnRequest

Author: Revsgaard

src/ITfoxtec.Identity.Saml2/Request/Saml2AuthnRequest.cs

@@ -84,6 +84,13 @@ public class Saml2AuthnRequest : Saml2Request
         /// </summary>
         public RequestedAuthnContext RequestedAuthnContext { get; set; }
 
+        /// <summary>
+        /// [Optional]
+        /// If present, specifies an Audience
+        /// Part of the OIOSAML standard used for conditions on request.
+        /// </summary>
+        public Condition Conditions { get; set; }
+
         public Saml2AuthnRequest(Saml2Configuration config) : base(config)
         {
             if (config == null) throw new ArgumentNullException(nameof(config));
@@ -124,6 +131,11 @@ protected override IEnumerable<XObject> GetXContent()
                 yield return new XAttribute(Saml2Constants.Message.ProtocolBinding, ProtocolBinding);
             }
 
+            if (Conditions != null)
+            {
+                yield return Conditions.ToXElement();
+            }
+
             if (Subject != null)
             {
                 yield return Subject.ToXElement();

src/ITfoxtec.Identity.Saml2/Request/Saml2Request.cs

@@ -7,6 +7,7 @@
 using System.Xml;
 using System.Xml.Linq;
 using System.Security.Cryptography.Xml;
+using System.Diagnostics;
 #if NETFULL
 using System.IdentityModel.Tokens;
 #else
@@ -113,7 +114,7 @@ public string IdAsString
 
         internal Saml2IdentityConfiguration IdentityConfiguration { get; private set; }
 
-        public Saml2Request(Saml2Configuration config)
+        protected Saml2Request(Saml2Configuration config)
         {
             if (config == null) throw new ArgumentNullException(nameof(config));
 

src/ITfoxtec.Identity.Saml2/Schemas/Condition.cs

@@ -0,0 +1,59 @@
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Xml.Linq;
+using ITfoxtec.Identity.Saml2.Schemas.Conditions;
+
+namespace ITfoxtec.Identity.Saml2.Schemas
+{
+    /// <summary>
+    /// Implementation of Saml2:Condition
+    /// </summary>
+    public class Condition
+    {
+        /// <summary>
+        /// The XML Element name of this class
+        /// </summary>
+        public const string elementName = Saml2Constants.Message.Conditions;
+
+        public List<ConditionAbstract> Items { get; set; }
+
+        public DateTimeOffset? NotOnOrAfter { get; set; }
+
+        public DateTimeOffset? NotBefore { get; set; }
+
+        public XElement ToXElement()
+        {
+            var envelope = new XElement(Saml2Constants.AssertionNamespaceX + elementName);
+
+            envelope.Add(GetXContent());
+
+            return envelope;
+        }
+
+        protected virtual IEnumerable<XObject> GetXContent()
+        {
+            yield return new XAttribute(Saml2Constants.AssertionNamespaceNameX, Saml2Constants.AssertionNamespaceX);
+            if (NotOnOrAfter.HasValue)
+            {
+                yield return new XAttribute(Saml2Constants.Message.NotOnOrAfter,
+                    NotOnOrAfter.Value.UtcDateTime.ToString(Schemas.Saml2Constants.DateTimeFormat,
+                        CultureInfo.InvariantCulture));
+            }
+
+            if (NotBefore.HasValue)
+            {
+                yield return new XAttribute(Saml2Constants.Message.NotBefore,
+                    NotBefore.Value.UtcDateTime.ToString(Schemas.Saml2Constants.DateTimeFormat,
+                        CultureInfo.InvariantCulture));
+            }
+            if (Items != null)
+            {
+                foreach (var condition in Items)
+                {
+                    yield return condition.ToXElement();
+                }
+            }
+        }
+    }
+}

src/ITfoxtec.Identity.Saml2/Schemas/Conditions/Audience.cs

@@ -0,0 +1,32 @@
+using System.Collections.Generic;
+using System.Xml.Linq;
+
+namespace ITfoxtec.Identity.Saml2.Schemas.Conditions
+{
+    public class Audience
+    {
+        /// <summary>
+        /// The XML Element name of this class
+        /// </summary>
+        const string elementName = Saml2Constants.Message.Audience;
+
+        public string Uri { get; set; }
+
+        public XElement ToXElement()
+        {
+            var envelope = new XElement(Saml2Constants.AssertionNamespaceX + elementName);
+
+            envelope.Add(GetXContent());
+
+            return envelope;
+        }
+
+        protected IEnumerable<XObject> GetXContent()
+        {
+            if (!string.IsNullOrEmpty(Uri))
+            {
+                yield return new XText(Uri);
+            }
+        }
+    }
+}

src/ITfoxtec.Identity.Saml2/Schemas/Conditions/AudienceRestriction.cs

@@ -0,0 +1,35 @@
+using System.Collections.Generic;
+using System.Xml.Linq;
+
+namespace ITfoxtec.Identity.Saml2.Schemas.Conditions
+{
+    public class AudienceRestriction : ConditionAbstract
+    {
+        /// <summary>
+        /// The XML Element name of this class
+        /// </summary>
+        const string elementName = Saml2Constants.Message.AudienceRestriction;
+
+        public List<Audience> Audiences { get; set; }
+
+        public override XElement ToXElement()
+        {
+            var envelope = new XElement(Saml2Constants.AssertionNamespaceX + elementName);
+
+            envelope.Add(GetXContent());
+
+            return envelope;
+        }
+
+        protected IEnumerable<XObject> GetXContent()
+        {
+            if (Audiences != null)
+            {
+                foreach (var audience in Audiences)
+                {
+                    yield return audience.ToXElement();
+                }
+            }
+        }
+    }
+}

src/ITfoxtec.Identity.Saml2/Schemas/Conditions/ConditionAbstract.cs

@@ -0,0 +1,9 @@
+using System.Xml.Linq;
+
+namespace ITfoxtec.Identity.Saml2.Schemas.Conditions
+{
+    public abstract class ConditionAbstract
+    {
+        public abstract XElement ToXElement();
+    }
+}

src/ITfoxtec.Identity.Saml2/Schemas/Conditions/OneTimeUse.cs

@@ -0,0 +1,21 @@
+using System;
+using System.Collections.Generic;
+using System.Xml.Linq;
+
+namespace ITfoxtec.Identity.Saml2.Schemas.Conditions
+{
+    public class OneTimeUse : ConditionAbstract
+    {
+        /// <summary>
+        /// The XML Element name of this class
+        /// </summary>
+        const string elementName = Saml2Constants.Message.OneTimeUse;
+
+        public override XElement ToXElement()
+        {
+            var envelope = new XElement(Saml2Constants.AssertionNamespaceX + elementName);
+
+            return envelope;
+        }
+    }
+}

src/ITfoxtec.Identity.Saml2/Schemas/Conditions/ProxyRestriction.cs

@@ -0,0 +1,42 @@
+using System.Collections.Generic;
+using System.Xml.Linq;
+
+namespace ITfoxtec.Identity.Saml2.Schemas.Conditions
+{
+    public class ProxyRestriction : ConditionAbstract
+    {
+        /// <summary>
+        /// The XML Element name of this class
+        /// </summary>
+        const string elementName = Saml2Constants.Message.ProxyRestriction;
+
+        public List<Audience> Audiences { get; set; }
+
+        public uint? Count { get; set; }
+
+        public override XElement ToXElement()
+        {
+            var envelope = new XElement(Saml2Constants.AssertionNamespaceX + elementName);
+
+            envelope.Add(GetXContent());
+
+            return envelope;
+        }
+
+        protected IEnumerable<XObject> GetXContent()
+        {
+            if (Audiences != null)
+            {
+                foreach (var audience in Audiences)
+                {
+                    yield return audience.ToXElement();
+                }
+            }
+
+            if (Count.HasValue)
+            {
+                yield return new XAttribute(Saml2Constants.Message.Count, Count.Value);
+            }
+        }
+    }
+}

src/ITfoxtec.Identity.Saml2/Schemas/Saml2Constants.cs

@@ -119,6 +119,8 @@ public static class Message
 
             internal const string NotOnOrAfter = "NotOnOrAfter";
 
+            internal const string NotBefore = "NotBefore";
+
             internal const string Reason = "Reason";
 
             internal const string NameIdPolicy = "NameIDPolicy";
@@ -142,6 +144,12 @@ public static class Message
             internal const string SubjectConfirmation = "SubjectConfirmation";
 
             internal const string SubjectConfirmationData = "SubjectConfirmationData";
+
+            internal const string OneTimeUse = "OneTimeUse";
+
+            internal const string ProxyRestriction = "ProxyRestriction";
+
+            internal const string Count = "Count";
         }
     }
 }