This project has moved and is read-only. For the latest updates, please go here.

SAML Token Handler with OWIN using Federation Metadata

Apr 4, 2014 at 2:22 PM
I need to validate the SAML token on the service side using the Federation Metadata. Can I do the SAML token validation programmatically with new OWIN components?

Following is the WIF code we use to validate the code,

var configuration = new SecurityTokenHandlerConfiguration();
                configuration.AudienceRestriction.AudienceMode = AudienceUriMode.Never;
                configuration.CertificateValidationMode = X509CertificateValidationMode.ChainTrust;
                configuration.RevocationMode = X509RevocationMode.NoCheck;
                configuration.CertificateValidator = X509CertificateValidator.ChainTrust;

                var registry = new ConfigurationBasedIssuerNameRegistry();
                registry.AddTrustedIssuer("xxxxxxxxxxx", "urn:federation:");
                configuration.IssuerNameRegistry = registry;

                var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(configuration);

                //var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection();

                var sectoken = handler.ReadToken(samlReader);
                var identity = handler.ValidateToken(sectoken).First();
Apr 4, 2014 at 3:43 PM
Apr 6, 2014 at 12:43 AM
And now for the stretch goal on supporting SAML2 protocol (not just token type)

Apr 6, 2014 at 1:58 AM
Apr 30, 2014 at 7:02 PM

We don't have any plans for Samlp just yet.