Secure.SAML
4.5.0
.NET 9.0
This package targets .NET 9.0. The package is compatible with this framework or higher.
.NET Standard 2.0
This package targets .NET Standard 2.0. The package is compatible with this framework or higher.
.NET Framework 4.6.2
This package targets .NET Framework 4.6.2. The package is compatible with this framework or higher.
dotnet add package Secure.SAML --version 4.5.0
NuGet\Install-Package Secure.SAML -Version 4.5.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Secure.SAML" Version="4.5.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="Secure.SAML" Version="4.5.0" />
<PackageReference Include="Secure.SAML" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add Secure.SAML --version 4.5.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: Secure.SAML, 4.5.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package Secure.SAML@4.5.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=Secure.SAML&version=4.5.0
#tool nuget:?package=Secure.SAML&version=4.5.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
.Net utility library to generate signed SAML 2.0 Response
Getting Started?
i. Installation
Install the latest version of Secure.SAML nuget package with command below.
Install-Package Secure.SAML
ii. Implementation: Using Secure.SAML
You can use this .Net library to generate signed SAML 2.0 Response with following parameters below-
key="Recipient"is Recipient or Consumer URLkey="Issuer"is value for Issuer Name or domainkey="AudienceRestrictions"is (name/value) dictionary for Audience Restrictionskey="NamedId"is value representing the user Identity or subjectkey="CustomAttributes"is (name/value) dictionary for custom attributes to pass to recipient.key="SignatureType"is whether to sign Response or Assertion.key="signingAlgorithm"supports SHA1, SHA256 and SHA512 algorithms.
var saml = new SAML(Func<X509Certificate2> certificateFactory);
var parameters = new Parameters
{
Issuer = "http://ninjacorp.com",
Recipient = "https://xyz.target-link.co.uk:443/saml/api",
AudienceRestrictions = new[] { "xyz.target-link.co.uk" },
NamedId = "NIN0123456",
NameIdFormat = NameIdFormat.Unspecified, // Default - Unspecified
Attributes = new Dictionary<string, string> // Optional, Custom payload to recipient.
{
{ "Custom_key", "value" }
},
SignatureType = SignType.Response, // Default - Response
NotOnOrAfterInMins = 10, // Default - 10 minutes
SigningAlgorithm = SigningAlgorithm.SHA512, // Supports - SHA1, SHA256 & SHA512 (default).
SamlId = Guid.Parse("95AD6A84-95C1-4B39-AE5E-FE1E700C406C"), // Optional, defaults to new guid.
AssertionId = Guid.Parse("B3CA912A-4A6B-4F31-9FD8-FC5E55837656"), // Optional, defaults to new guid.
Timestamp = DateTime.Parse("2018-02-27T09:36:44.0665619Z") // Optional, defaults to DateTime.UtcNow
};
var xmlDocument = saml.Create(parameters); // Returns XMLDocument with Signed SAML.
var base64EncodedString = saml.CreateEncoded(parameters); // Returns Base64 encoded string for Signed SAML.
Example IoC Registration
Container.RegisterType<ISAML>(c=> new SAML(()=> CertificateFactory.Get("signing-cert")));
Example Generated SAML :-
<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="_95ad6a8495c14b39ae5efe1e700c406c"
Version="2.0"
IssueInstant="2018-02-27T09:36:44Z"
Destination="https://xyz.target-link.co.uk:443/saml/api"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer>http://ninjacorp.com</saml:Issuer>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<Reference URI="#_95ad6a8495c14b39ae5efe1e700c406c">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="#default saml ds xs xsi"
xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transform>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<DigestValue>SLRX7pQuCZwnqc033B5ohdF7If9zYy8ez1uaDb7E7QKYYHRbIuZ8xDNGTSDI/1WmjkcPiGy8PoCu7l2TflaxVg==</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>EN/W5jihCeYjUMO3T2I83N6J+gtWsyo1nFCyFacD88TE/00aSATsXC/koju3p+wO1h5xxiGW9mk3kOEOKCUKjekZ7Oub4irCz1xUJ2WmDM1h/+uxb9yFrflnVt8CRuUdfOQpTDAXqS4ENQn26ZsrH9iQ3oPDZcTHqIgwTRWCzR0=</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIB/DCCAWWgAwIBAgIQ39LYOFEy9K1A+f1T4C/ELzANBgkqhkiG9w0BAQQFADAWMRQwEgYDVQQDEwtYWVogQ29tcGFueTAeFw0wNDEyMzExNzAwMDBaFw0wOTEyMzExNzAwMDBaMBYxFDASBgNVBAMTC1hZWiBDb21wYW55MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3E55S/VquStRieuJ39TM6HkKh47pC+x3XklZ+gmIPHk2XRbUuOCnJunxnesChjDJ2H0tP1usHoPU2jJbfNffEJRrVw8zDavvVqiye4hHGaSL3i7BDOChzKeQY/8yifIMFUIK7DOKwfQDUbJf662gac6u0AmNv/CNdIpECWUHokQIDAQABo0swSTBHBgNVHQEEQDA+gBDHk2UyyDjvEL4gr3OaFlNBoRgwFjEUMBIGA1UEAxMLWFlaIENvbXBhbnmCEN/S2DhRMvStQPn9U+AvxC8wDQYJKoZIhvcNAQEEBQADgYEAIqaguk7RrjeJJtq44DSFatuGtYxASy/MXtdbHhuiYIRNNBgBPB3NWYHVBrZnftBmbHz1Ur61x7ZWYPqezvKhyKZNgHHkbL0O35MHEYNNJhDLdw0QVn4QkZL5MhLHU+8zcaMWTERlQN3rQTAg4paz5oSVDMQyPbUAC/xsquUP44E=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
<saml:Assertion Version="2.0"
ID="_b3ca912a4a6b4f319fd8fc5e55837656"
IssueInstant="2018-02-27T09:36:44Z">
<saml:Issuer>http://ninjacorp.com</saml:Issuer>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified">NIN0123456</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData NotOnOrAfter="2018-02-27T09:46:44Z"
Recipient="https://xyz.target-link.co.uk:443/saml/api"/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2018-02-27T09:35:44Z"
NotOnOrAfter="2018-02-27T09:46:44Z">
<saml:AudienceRestriction>
<saml:Audience>xyz.target-link.co.uk</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2018-02-27T09:36:44Z">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute Name="Custom_key"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue>value</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</samlp:Response>
Support
If you are having problems, please let me know by raising a new issue.
License
This project is licensed with the MIT license.
Credits
Thank you for reading. Please fork, explore, contribute and report. Happy Coding !! 😃
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
| .NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
| .NET Standard | netstandard2.0 is compatible. netstandard2.1 is compatible. |
| .NET Framework | net461 was computed. net462 is compatible. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
| MonoAndroid | monoandroid was computed. |
| MonoMac | monomac was computed. |
| MonoTouch | monotouch was computed. |
| Tizen | tizen40 was computed. tizen60 was computed. |
| Xamarin.iOS | xamarinios was computed. |
| Xamarin.Mac | xamarinmac was computed. |
| Xamarin.TVOS | xamarintvos was computed. |
| Xamarin.WatchOS | xamarinwatchos was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
.NETFramework 4.6.2
- System.Security.Cryptography.Xml (>= 9.0.0)
-
.NETStandard 2.0
- System.Security.Cryptography.Xml (>= 9.0.0)
-
.NETStandard 2.1
- System.Security.Cryptography.Xml (>= 9.0.0)
-
net9.0
- System.Security.Cryptography.Xml (>= 9.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
v4.5.0 Release Notes: Targets .Net Framework 4.6.2; .Net Standards 2.0 and 2.1; .Net 9.0
.Net utility to create Signed SAML 2.0 Response
* Supported Signing Algorithms - SHA1, SHA256, SHA512
* Signs Assertion or Response.
* Outputs Base64 string or XMLDocument.