Share via


Saml2SecurityTokenHandler Class

Definition

A SecurityTokenHandler designed for creating and validating Saml2 Tokens. See: http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

public class Saml2SecurityTokenHandler : Microsoft.IdentityModel.Tokens.SecurityTokenHandler
type Saml2SecurityTokenHandler = class
    inherit SecurityTokenHandler
Public Class Saml2SecurityTokenHandler
Inherits SecurityTokenHandler
Inheritance
Saml2SecurityTokenHandler

Constructors

Saml2SecurityTokenHandler()

Fields

DefaultActorClaimName

Default value of the Actor Claim Name used when processing actor claims.

Properties

ActorClaimName

Gets or set the actor claim attribute name that will be used when processing actor claims.

CanValidateToken

Returns a value that indicates if this handler can validate a SecurityToken.

CanWriteToken

Gets the value that indicates if this instance can write a SecurityToken.

MaximumTokenSizeInBytes

Gets and sets the maximum token size in bytes that will be processed.

(Inherited from TokenHandler)
Serializer

Gets or set the Saml2Serializer that will be used to read and write a Saml2SecurityToken.

SetDefaultTimesOnTokenCreation

Gets or sets a bool that controls if token creation will set default 'exp', 'nbf' and 'iat' if not specified.

(Inherited from TokenHandler)
TokenLifetimeInMinutes

Gets or sets the token lifetime in minutes.

(Inherited from TokenHandler)
TokenType

Gets the token type supported by this handler.

Methods

CanReadToken(String)

Determines if the string is a valid Saml2 token by examining the xml for the correct start element.

CanReadToken(XmlReader)

Indicates whether the current reader is positioned at a Saml2 assertion.

ConsolidateAttributes(ICollection<Saml2Attribute>)

Consolidates attributes into a single attribute with multiple values.

CreateActorString(ClaimsIdentity)

Transforms a ClaimsIdentity into a string.

CreateAdvice(SecurityTokenDescriptor)

Creates the advice for the assertion.

CreateAttribute(Claim)

Creates a Saml2Attribute from a claim.

CreateAttributeStatement(SecurityTokenDescriptor)

Creates Saml2AttributeStatement from a SecurityTokenDescriptor and a ClaimsIdentity

CreateAuthenticationStatement(AuthenticationInformation)

Creates a Saml2AuthenticationStatement

CreateAuthorizationDecisionStatement(SecurityTokenDescriptor)

Creates a Saml2AuthorizationDecisionStatement from a SecurityTokenDescriptor.

CreateClaimsIdentity(Saml2SecurityToken, String, TokenValidationParameters)

Creates claims from a Saml2 token.

CreateConditions(SecurityTokenDescriptor)

Creates the conditions for the assertion.

CreateIssuerNameIdentifier(SecurityTokenDescriptor)

Creates a name identifier that identifies the assertion issuer.

CreateSecurityTokenReference(SecurityToken, Boolean)

Returns SecurityKeyIdentifierClause.

(Inherited from SecurityTokenHandler)
CreateStatements(SecurityTokenDescriptor, AuthenticationInformation)

Creates an IEnumerable<T> of Saml2Statement to be included in the assertion.

CreateStatements(SecurityTokenDescriptor)

Creates an IEnumerable<T> of Saml2Statement to be included in the assertion.

CreateSubject(SecurityTokenDescriptor)

Creates a SAML2 subject of the assertion.

CreateToken(SecurityTokenDescriptor, AuthenticationInformation)

Creates a Saml2SecurityToken.

CreateToken(SecurityTokenDescriptor)

Creates a Saml2SecurityToken.

ProcessAttributeStatement(Saml2AttributeStatement, ClaimsIdentity, String)

Creates claims from a Saml2AttributeStatement.

ProcessAuthenticationStatement(Saml2AuthenticationStatement, ClaimsIdentity, String)

Creates claims from a Saml2AuthenticationStatement.

ProcessAuthorizationDecisionStatement(Saml2AuthorizationDecisionStatement, ClaimsIdentity, String)

Creates claims from a Saml2AuthorizationDecisionStatement.

ProcessStatements(ICollection<Saml2Statement>, ClaimsIdentity, String)

Processes all statements and adds claims to the identity.

ProcessSubject(Saml2Subject, ClaimsIdentity, String)

Adds claims from the Saml2Subject into the ClaimsIdentity.

ReadSaml2Token(String)

Converts a string into an instance of Saml2SecurityToken.

ReadSaml2Token(XmlReader)

Reads a Saml2SecurityToken where the XmlReader is positioned the beginning of a Saml2 assertion.

ReadToken(String)

Converts a string into an instance of Saml2SecurityToken.

ReadToken(XmlReader, TokenValidationParameters)

Reads and validates a SAML 2.0 token using the XmlReader.

ReadToken(XmlReader)

Reads a Saml2SecurityToken where the XmlReader is positioned the beginning of a Saml2 assertion.

ResolveIssuerSigningKey(String, Saml2SecurityToken, TokenValidationParameters)

Returns a SecurityKey to use for validating the signature of a token.

SetClaimsIdentityActorFromAttribute(Saml2Attribute, ClaimsIdentity, String)

This method gets called when a special type of Saml2Attribute is detected. The Saml2Attribute passed in wraps a Saml2Attribute that contains a collection of AttributeValues, each of which will get mapped to a claim. All of the claims will be returned in an ClaimsIdentity with the specified issuer.

ValidateAudience(IEnumerable<String>, SecurityToken, TokenValidationParameters)

Determines if the audience found in a Saml2SecurityToken is valid.

ValidateConditions(Saml2SecurityToken, TokenValidationParameters)

Validates the Lifetime and Audience conditions.

ValidateConfirmationData(Saml2SecurityToken, TokenValidationParameters, Saml2SubjectConfirmationData)

Validates Saml2SubjectConfirmationData object.

ValidateIssuer(String, SecurityToken, TokenValidationParameters)

Determines if the issuer found in a Saml2SecurityToken is valid.

ValidateIssuerSecurityKey(SecurityKey, Saml2SecurityToken, TokenValidationParameters)

Validates the SigningKey is an expected value.

ValidateLifetime(Nullable<DateTime>, Nullable<DateTime>, SecurityToken, TokenValidationParameters)

Validates the lifetime of a Saml2SecurityToken.

ValidateOneTimeUseCondition(Saml2SecurityToken, TokenValidationParameters)

Validates the OneTimeUse condition.

ValidateSignature(String, TokenValidationParameters)

Validates that the signature.

ValidateSubject(Saml2SecurityToken, TokenValidationParameters)

Validates the first SubjectConfirmationData

ValidateToken(String, TokenValidationParameters, SecurityToken)

Reads and validates a Saml2SecurityToken.

ValidateToken(XmlReader, TokenValidationParameters, SecurityToken)

Reads and validates a Saml2SecurityToken.

ValidateTokenAsync(SecurityToken, TokenValidationParameters)

Validates a token. On a validation failure, no exception will be thrown; instead, the exception will be set in the returned TokenValidationResult.Exception property. Callers should always check the TokenValidationResult.IsValid property to verify the validity of the result.

(Inherited from TokenHandler)
ValidateTokenAsync(String, TokenValidationParameters)

Validates a token. On a validation failure, no exception will be thrown; instead, the exception will be set in the returned TokenValidationResult.Exception property. Callers should always check the TokenValidationResult.IsValid property to verify the validity of the result.

ValidateTokenReplay(Nullable<DateTime>, String, TokenValidationParameters)

Validates token for replay.

WriteToken(SecurityToken)

Serializes a Saml2SecurityToken to a string.

WriteToken(XmlWriter, SecurityToken)

Writes a Saml2SecurityToken using the XmlWriter.

Applies to