Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Test driving the WS-Federation authentication middleware for Katana
using Microsoft.Owin;
using Microsoft.Owin.Security.Cookies;
using Microsoft.Owin.Security.WsFederation;
using Owin;
using System.IdentityModel.Tokens;
using System.Linq;
[assembly: OwinStartup(typeof(LeastPrivilege.Samples.Startup))]
namespace LeastPrivilege.Samples
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType
});
app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = "https://idsrv.local/FederationMetadata/2007-06/FederationMetadata.xml",
Wtrealm = "urn:owinrp",
TokenValidationParameters = new TokenValidationParameters
{
ValidAudience = "urn:owinrp"
},
});
app.Map("/login", map =>
{
map.Run(async ctx =>
{
if (ctx.Authentication.User == null ||
!ctx.Authentication.User.Identity.IsAuthenticated)
{
ctx.Response.StatusCode = 401;
}
else
{
ctx.Response.Redirect("/");
}
});
});
app.Map("/logout", map =>
{
map.Run(async ctx =>
{
ctx.Authentication.SignOut();
ctx.Response.Redirect("/");
});
});
app.Run(async ctx =>
{
var user = ctx.Authentication.User;
var response = ctx.Response;
response.ContentType = "text/html";
if (user.Identity.IsAuthenticated)
{
await response.WriteAsync(string.Format("<h2>{0}</h2>",
user.Claims.First().Issuer));
await response.WriteAsync("<dl>");
foreach (var claim in user.Claims)
{
await response.WriteAsync(string.Format(
"<dt>{0}</dt> <dd>{1}</dd>",
claim.Type,
claim.Value));
}
await response.WriteAsync("</dl>");
}
else
{
await ctx.Response.WriteAsync("<h2>anonymous</h2>");
}
});
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.