2

I have a scenario where I have an ASP.Net application that authenticates using the Thinktecture IdentityServer. This all works fine, it has a relationship with our ADFS and that is all working great. What I need though is to call the ShareFile-NET SDK and authenticate using the below sample code..

    //SAML Authentication: This authentication support assumes you have a mechanism for obtaining a SAML assertion, samlAssertion from the user's IdP.

var sfClient = new ShareFileClient("https://secure.sf-api.com/sf/v3/");
var oauthService = new OAuthService(sfClient, "[clientid]", "[clientSecret]");

var oauthToken = await oauthService.ExchangeSamlAssertionAsync(samlAssertion,
  subdomain, applicationControlPlane);

sfClient.AddOAuthCredentials(oauthToken);
sfClient.BaseUri = oauthToken.GetUri();

So I have the IdP, but I have not had any luck researching how exactly to make use of the token it has provided me to create that "samlAssertion" parameter..

Florian Greinacher
  • 14,478
  • 1
  • 35
  • 53
punkologist
  • 721
  • 5
  • 14

1 Answers1

1

I have found the answer to this.

The SAML assertion can be found in the ClaimsIdentity

var icp = System.Security.Claims.ClaimsPrincipal.Current;

        var claimsIdentity = icp.Identity as System.Security.Claims.ClaimsIdentity;

        var token = claimsIdentity.BootstrapContext as System.IdentityModel.Tokens.BootstrapContext;

For this to be populated you need to add the following to the web.config:

<identityConfiguration saveBootstrapContext="true">
punkologist
  • 721
  • 5
  • 14