SAML / Logins for Mojoportal

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.
12/16/2019 2:10:48 AM
Gravatar
Total Posts 101

SAML / Logins for Mojoportal

Hi,

Has anyone integrated a SAML login for Mojoportal ?

The following Github consumer would be enough, its just the best way to integrate into Mojo ?

https://github.com/jitbit/AspNetSaml

How SAML works?

SAML workflow has 2 steps:

User is redirected to the SAML provider (where he authenticates)

User is redirected back to your app, where you validate the payload

Here's how you do it (this example is for ASP.NET MVC:

1. Redirecting the user to the saml provider:

//this example is an ASP.NET MVC action method

public ActionResult Login()
{
            //TODO: specify the SAML provider url here, aka "Endpoint"

            var samlEndpoint = "http://saml-provider-that-we-use.com/login/";

 

            var request = new AuthRequest(

                        "http://www.myapp.com", //TODO: put your app's "unique ID" here

                        "http://www.myapp.com/SamlConsume" //TODO: put Assertion Consumer URL (where the provider should redirect users after authenticating)

                        );

 

            //generate the provider URL

            string url = request.GetRedirectUrl(samlEndpoint);

 

            //then redirect your user to the above "url" var

            //for example, like this:

            Response.Redirect(url);

}

 

2. User has been redirected back

User is sent back to your app - you need to validate the SAML response ("assertion") that you recieved via POST.

Here's an example of how you do it in ASP.NET MVC

//ASP.NET MVC action method... But you can easily modify the code for Web-forms etc.

public ActionResult SamlConsume()

{

            // 1. TODO: specify the certificate that your SAML provider gave you

            string samlCertificate = @"-----BEGIN CERTIFICATE-----

BLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAH123543==

-----END CERTIFICATE-----";

 

            // 2. Let's read the data - SAML providers usually POST it into the "SAMLResponse" var

            Saml.Response samlResponse = new Response(samlCertificate, Request.Form["SAMLResponse"]);

 

            // 3. We're done!

            if (samlResponse.IsValid())

            {

                        //WOOHOO!!! user is logged in

                       

                        //Some more optional stuff for you

                        //let's extract username/firstname etc

                        string username, email, firstname, lastname;

                        try

                        {

                                    username = samlResponse.GetNameID();

                                    email = samlResponse.GetEmail();

                                    firstname = samlResponse.GetFirstName();

                                    lastname = samlResponse.GetLastName();

                        }

                        catch(Exception ex)

                        {

                                    //insert error handling code

                                    //no, really, please do

                                    return null;

                        }

                       

                        //user has been authenticated, put your code here, like set a cookie or something...

                        //or call FormsAuthentication.SetAuthCookie() or something

            }

}

Dependencies

Project should reference System.Security

(NEW!) Nuget

I've published this to Nuget.

Install-Package AspNetSaml