Last active
March 4, 2024 21:02
-
-
Save mgaffigan/0fa7f4795643ecb893a95a6386eae842 to your computer and use it in GitHub Desktop.
Example of using System.ServiceModel.Federation with Windows Integrated Auth on net8.0 and net48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
#if NET | |
using System.IdentityModel.Tokens; | |
using System.ServiceModel; | |
using System.ServiceModel.Description; | |
using System.ServiceModel.Federation; | |
using Microsoft.IdentityModel.Protocols.WsTrust; | |
using Microsoft.IdentityModel.Protocols.WsPolicy; | |
using Microsoft.IdentityModel.Protocols.WsAddressing; | |
#else | |
using System.IdentityModel.Protocols.WSTrust; | |
using System.IdentityModel.Tokens; | |
using System.ServiceModel; | |
using System.ServiceModel.Security; | |
#endif | |
internal class Program | |
{ | |
private static void Main(string[] args) | |
{ | |
string url = args[0]; | |
string rp = args[1]; | |
string user = null, pass = null; | |
if (args.Length > 2) | |
{ | |
user = args[2]; | |
pass = args[3]; | |
} | |
WS2007HttpBinding binding = new WS2007HttpBinding(); | |
//binding.Security.Mode = SecurityMode.TransportWithMessageCredential; | |
binding.Security.Mode = SecurityMode.Transport; | |
binding.Security.Message.EstablishSecurityContext = false; | |
binding.Security.Message.NegotiateServiceCredential = false; | |
//binding.Security.Message.ClientCredentialType = user is null ? MessageCredentialType.Windows : MessageCredentialType.UserName; | |
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows; | |
var factory = new WSTrustChannelFactory(binding, new EndpointAddress(url)); | |
#if !NET | |
factory.Credentials.SupportInteractive = false; | |
factory.Credentials.UseIdentityConfiguration = true; | |
factory.TrustVersion = TrustVersion.WSTrust13; | |
#endif | |
if (user != null) | |
{ | |
factory.Credentials.UserName.UserName = user; | |
factory.Credentials.UserName.Password = pass; | |
} | |
//token request | |
#if NET | |
var req = new WsTrustRequest(WsTrustActions.Trust13.Issue) | |
{ | |
AppliesTo = new AppliesTo(new EndpointReference(rp)), | |
KeyType = WsTrustKeyTypes.Trust13.Bearer, | |
WsTrustVersion = WsTrustVersion.Trust13, | |
}; | |
#else | |
var req = new RequestSecurityToken(RequestTypes.Issue) | |
{ | |
AppliesTo = new EndpointReference(rp), | |
KeyType = KeyTypes.Bearer, | |
}; | |
#endif | |
//get the token, if credentials are invalid, an exception will be thrown | |
#if NET | |
var stschannel = factory.CreateTrustChannel(); | |
var token = (GenericXmlSecurityToken)stschannel.IssueAsync(req).Result; | |
#else | |
var stschannel = factory.CreateChannel(); | |
var token = (GenericXmlSecurityToken)stschannel.Issue(req); | |
#endif | |
var xml = ; | |
Console.WriteLine(xml); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Project Sdk="Microsoft.NET.Sdk"> | |
<PropertyGroup> | |
<OutputType>Exe</OutputType> | |
<TargetFramework>net8.0</TargetFramework> | |
</PropertyGroup> | |
<ItemGroup Condition="'$(TargetFramework)' == 'net48'"> | |
<Reference Include="System.IdentityModel" /> | |
<Reference Include="System.ServiceModel" /> | |
</ItemGroup> | |
<ItemGroup Condition="'$(TargetFramework)' != 'net48'"> | |
<PackageReference Include="System.ServiceModel.Federation" Version="8.0.0" /> | |
<PackageReference Include="System.ServiceModel.Http" Version="8.0.0" /> | |
</ItemGroup> | |
<ItemGroup> | |
<PackageReference Include="Microsoft.IdentityModel.Tokens.Saml" Version="7.4.0" /> | |
</ItemGroup> | |
</Project> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment