ComponentSpace

Forums



Migrating to .NET Core version


Migrating to .NET Core version

Author
Message
Salgat
Salgat
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 12
We're migrating from the 3.0.0 .NET Framework version to the 2.1 .NET Core version and there seems to be many low level APIs missing. For example, SAML.FromBase64String(), SAMLValidator, SAMLResponse. Are these types still available but just under a new namespace? If not, is there a migration guide available? Unfortunately we specifically need the low level API since this specific service acts as a proxy for another auth layer, so we have a specific endpoint dedicated to parsing the SAML request and redirecting the request with a new response that translates to OAuth. At this point I'm not sure where to really begin in migrating, as all the examples seem to be specifically for integrating into ASP.NET Core's auth which we don't want to do.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
There isn't a direct correlation between the two APIs. They are functionally equivalent and there are similarities but it's not a direct one-to-one correlation. We don't have a migration guide for moving to the SAML low-level API for ASP.NET Core as the vast majority of developers will use the SAML high-level API. 

The SAML high-level API is the recommended approach, if possible. The examples tie into ASP.NET Core's authentication model but there's no requirement to do this. You can use any authentication model you like. For example, our ExampleWebApi project translates a SAML assertion into a JWT for subsequent authorized web API calls.

I recommend first determining whether you actually have to use the SAML low-level API. If you do, you'll find the APIs under the ComponentSpace.Saml2.* namespaces. For example, the SamlResponse class is under ComponentSpace.Saml2.Protocols and SamlAssertion is under ComponentSpace.Saml2.Assertions. All the APIs are documented in our Reference Guide.

https://www.componentspace.com/Forums/9357/Reference-Guide




Regards
ComponentSpace Development
Salgat
Salgat
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 12
ComponentSpace - 2/20/2020
There isn't a direct correlation between the two APIs. They are functionally equivalent and there are similarities but it's not a direct one-to-one correlation. We don't have a migration guide for moving to the SAML low-level API for ASP.NET Core as the vast majority of developers will use the SAML high-level API. 

The SAML high-level API is the recommended approach, if possible. The examples tie into ASP.NET Core's authentication model but there's no requirement to do this. You can use any authentication model you like. For example, our ExampleWebApi project translates a SAML assertion into a JWT for subsequent authorized web API calls.

I recommend first determining whether you actually have to use the SAML low-level API. If you do, you'll find the APIs under the ComponentSpace.Saml2.* namespaces. For example, the SamlResponse class is under ComponentSpace.Saml2.Protocols and SamlAssertion is under ComponentSpace.Saml2.Assertions. All the APIs are documented in our Reference Guide.

https://www.componentspace.com/Forums/9357/Reference-Guide



Thank you so much for your response! It seems the version I had didn't have that test project but the newer ones I downloaded from the trial did. After some digging through the decompiled source I was able to find some pretty close .net core versions of the API. For anyone curious,

SAML.FromBase64String(samlBase64String); becomes,
        var receiveResult = new ReceiveResult()
        {
          Binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
        };
        receiveResult.Message = Encoding.UTF8.GetString(Convert.FromBase64String(samlBase64String));
        var samlMessageXmlDocument = new XmlDocument()
        {
          PreserveWhitespace = true,
          XmlResolver = null
        };
        var settings = new XmlReaderSettings()
        {
          DtdProcessing = DtdProcessing.Ignore,
          XmlResolver = null
        };
        using (var reader = XmlReader.Create(new StringReader(receiveResult.Message), settings))
        {
          samlMessageXmldocument.Load(reader);
        }
        var samlMessage = samlMessageXmldocument.DocumentElement;
        var samlResponse = new SamlResponse(samlMessage);


SAMLValidator becomes,

        var samlValidator = new SamlSchemaValidator();
        var validated = samlValidator.Validate(samlMessage);


For asserting signed, inject IXmlSignature (make sure to do serviceCollection.AddSaml() for .NET Core)

        var signedAssertion = samlResponse.GetSignedAssertion();
        var signedAssertionParsed = new SamlAssertion(signedAssertion);
        xmlSignatureService.Verify(signedAssertion, Startup.MetadataPublicKey.PublicKey.Key)


And you're right, at some point in the future this would probably be better converted over to entirely integrate with ASP.NET using ISamlServiceProvider, I just didn't have the time to look into it.


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Thanks.

I would encourage you to take a quick look at the ISamlServiceProvider interface and the SAML controller in the ExampleServicerProvider project. In most cases, the effort involved in porting the low-level API would be much more than switching to the high-level API.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search