SAML Token Handler with OWIN using Federation Metadata

Apr 4, 2014 at 1:22 PM
I need to validate the SAML token on the service side using the Federation Metadata. Can I do the SAML token validation programmatically with new OWIN components?

Following is the WIF code we use to validate the code,

var configuration = new SecurityTokenHandlerConfiguration();
                configuration.AudienceRestriction.AudienceMode = AudienceUriMode.Never;
                configuration.CertificateValidationMode = X509CertificateValidationMode.ChainTrust;
                configuration.RevocationMode = X509RevocationMode.NoCheck;
                configuration.CertificateValidator = X509CertificateValidator.ChainTrust;

                var registry = new ConfigurationBasedIssuerNameRegistry();
                registry.AddTrustedIssuer("xxxxxxxxxxx", "urn:federation:");
                configuration.IssuerNameRegistry = registry;

                var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(configuration);

                //var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection();

                var sectoken = handler.ReadToken(samlReader);
                var identity = handler.ValidateToken(sectoken).First();
Coordinator
Apr 4, 2014 at 2:43 PM
Apr 5, 2014 at 11:43 PM
And now for the stretch goal on supporting SAML2 protocol (not just token type)
(:

//Adam
Apr 6, 2014 at 12:58 AM
Developer
Apr 30, 2014 at 6:02 PM
@adam,

We don't have any plans for Samlp just yet.