从 C# 4.5 (WIF) 中的断言创建 SAML 响应

Create SAML response from assertion in C# 4.5 (WIF)

我需要一种方法来 POST 向某个 URL 发送 <samlp:response> 消息,它相当简单,.NET 帮助我 Saml2Assertion class但我似乎无法找到一种方法将该断言包装在响应中并将其序列化(甚至无需手动发送 post)?

Saml2Assertion assert = new Saml2Assertion(new Saml2NameIdentifier("SAMLIssuer"));
assert.Subject = new Saml2Subject(new Saml2NameIdentifier("10001", new Uri("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent")));
Saml2AuthenticationContext context = new Saml2AuthenticationContext(new Uri("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"));
assert.Statements.Add(new Saml2AuthenticationStatement(context, DateTime.Now));

string assertion;
using (var sw = new StringWriter())
{
    var xws = new XmlWriterSettings();
    using (var xw = XmlWriter.Create(sw, xws))
    {
        var handler = new Saml2SecurityTokenHandler();
        handler.WriteToken(xw, new Saml2SecurityToken(assert));
    }
    assertion = sw.ToString();
}

我得到的断言 XML 看起来不错:

<?xml version="1.0" encoding="utf-16"?>
<Assertion ID="_fc348927-c0bf-4955-b98f-483043d8dedd" IssueInstant="2017-04-19T11:29:38.464Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
    <Issuer>SAMLIssuer</Issuer>
    <Subject>
        <NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">10001</NameID>
    </Subject>
    <AuthnStatement AuthnInstant="2017-04-19T11:29:39.040Z">
        <AuthnContext>
           <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthnContextClassRef>
        </AuthnContext>
    </AuthnStatement>
</Assertion>

那么,现在怎么办?我如何从我的代码得到:

<samlp:Response
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    ID="new id"
    InResponseTo="old id"
    Version="2.0"
    IssueInstant="2017-04-19T11:29:39.040Z"
    Destination="some url">
    <saml:Issuer>SAMLIssuer</saml:Issuer>
    <samlp:Status>
      <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </samlp:Status>
    <saml:Assertion ....

不使用外部库或自己制作 wrappers/string 连接?我似乎无法在 WIF 的 .NET 4.5 实现中找到任何可以帮助我的东西。

AFAIK .NET 没有对 SAMLp 协议的内置支持。它只支持 WsFederation。也可以在这里看看:How should I implement SAMLP 2.0 in an ASP.NET MVC 4 service provider?