Skip to content

Commit

Permalink
sistemata applicazione di esempio e conseguenti fix
Browse files Browse the repository at this point in the history 
- aggiunte delle estensioni mancanti dentro CieExtensions.cs
- sistemato l'ordine dei tag esposti sotto l'elemento ContactPerson per evitare errori con spid-sp-test
- sistemato CieOptions.cs
- aggiornati gli XSD a seguito delle attività su italia/spid-sp-test#149 e su italia/spid-sp-test#148
- aggiornato README.md
  • Loading branch information
@PiemP
PiemP committed Sep 13, 2022
1 parent bedc245 commit d2baa0c
Show file tree
Hide file tree
Showing 11 changed files with 344 additions and 44 deletions.
2 changes: 2 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@ bld/

# Visual Studio 2015/2017 cache/options directory
.vs/
# Visual Studio Code options directory
.vscode/
# Uncomment if you have tasks that create the project's static files in wwwroot
#wwwroot/

Expand Down
62 changes: 59 additions & 3 deletions CIE.AspNetCore.Authentication/CIE.AspNetCore.Authentication/Extensions/CieExtensions.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
using System;
using System.Security.Claims;
using Microsoft.AspNetCore.Builder;
using CIE.AspNetCore.Authentication.Models.ServiceProviders;

namespace CIE.AspNetCore.Authentication.Extensions
{
Expand All @@ -21,26 +22,48 @@ public static class CieExtensions
/// <param name="builder"></param>
/// <returns></returns>
public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, IConfiguration configuration)
=> builder.AddCie(CieDefaults.AuthenticationScheme, configuration, _ => { });
=> builder.AddCie(CieDefaults.AuthenticationScheme, o => { o.LoadFromConfiguration(configuration); });

/// <summary>
/// Registers the <see cref="CieHandler"/> using the default authentication scheme, display name, and the given options configuration.
/// </summary>
/// <param name="builder"></param>
/// <param name="configureOptions">A delegate that configures the <see cref="CieOptions"/>.</param>
/// <returns></returns>
public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, Action<CieOptions> configureOptions)
=> builder.AddCie(CieDefaults.AuthenticationScheme, configureOptions);

/// <summary>
/// Registers the <see cref="CieHandler"/> using the given authentication scheme, default display name, and the given options configuration.
/// </summary>
/// <param name="builder"></param>
/// <param name="authenticationScheme"></param>
/// <param name="configureOptions">A delegate that configures the <see cref="CieOptions"/>.</param>
/// <returns></returns>
public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, string authenticationScheme, Action<CieOptions> configureOptions)
=> builder.AddCie(authenticationScheme, CieDefaults.DisplayName, configureOptions);

/// <summary>
/// Registers the <see cref="CieHandler"/> using the default authentication scheme, display name, and the given options configuration.
/// </summary>
/// <param name="builder"></param>
/// <param name="configureOptions">A delegate that configures the <see cref="CieOptions"/>.</param>
/// <returns></returns>
/*
public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, IConfiguration configuration, Action<CieOptions> configureOptions)
=> builder.AddCie(CieDefaults.AuthenticationScheme, configuration, configureOptions);

*/
/// <summary>
/// Registers the <see cref="CieHandler"/> using the given authentication scheme, default display name, and the given options configuration.
/// </summary>
/// <param name="builder"></param>
/// <param name="authenticationScheme"></param>
/// <param name="configureOptions">A delegate that configures the <see cref="CieOptions"/>.</param>
/// <returns></returns>
/*
public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, string authenticationScheme, IConfiguration configuration, Action<CieOptions> configureOptions)
=> builder.AddCie(authenticationScheme, CieDefaults.DisplayName, configuration, configureOptions);
*/

/// <summary>
/// Registers the <see cref="CieHandler"/> using the given authentication scheme, display name, and options configuration.
Expand All @@ -50,6 +73,31 @@ public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, s
/// <param name="displayName"></param>
/// <param name="configureOptions">A delegate that configures the <see cref="CieOptions"/>.</param>
/// <returns></returns>
public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, string authenticationScheme, string displayName, Action<CieOptions> configureOptions)
{
builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton<IPostConfigureOptions<CieOptions>, CiePostConfigureOptions>());
builder.Services.TryAdd(ServiceDescriptor.Singleton<IActionContextAccessor, ActionContextAccessor>());
builder.Services.AddHttpClient("cie");
builder.Services.TryAddScoped(factory =>
{
var actionContext = factory.GetService<IActionContextAccessor>().ActionContext;
var urlHelperFactory = factory.GetService<IUrlHelperFactory>();
return urlHelperFactory.GetUrlHelper(actionContext);
});
builder.Services.AddOptions<CieOptions>().Configure(configureOptions);
builder.Services.TryAddScoped<IServiceProvidersFactory, DefaultServiceProvidersFactory>();
return builder.AddRemoteScheme<CieOptions, CieHandler>(authenticationScheme, displayName, configureOptions);
}

/// <summary>
/// Registers the <see cref="CieHandler"/> using the given authentication scheme, display name, and options configuration.
/// </summary>
/// <param name="builder"></param>
/// <param name="authenticationScheme"></param>
/// <param name="displayName"></param>
/// <param name="configureOptions">A delegate that configures the <see cref="CieOptions"/>.</param>
/// <returns></returns>
/*
public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, string authenticationScheme, string displayName, IConfiguration configuration, Action<CieOptions> configureOptions)
{
builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton<IPostConfigureOptions<CieOptions>, CiePostConfigureOptions>());
Expand All @@ -64,8 +112,16 @@ public static AuthenticationBuilder AddCie(this AuthenticationBuilder builder, s
builder.Services.AddOptions<CieConfiguration>().Configure(o => OptionsHelper.LoadFromConfiguration(o, configuration));
return builder.AddRemoteScheme<CieOptions, CieHandler>(authenticationScheme, displayName, configureOptions);
}
*/

public static AuthenticationBuilder AddServiceProvidersFactory<T>(this AuthenticationBuilder builder)
where T : class, IServiceProvidersFactory
{
builder.Services.AddScoped<IServiceProvidersFactory, T>();
return builder;
}

public static IApplicationBuilder AddSpidSPMetadataEndpoints(this IApplicationBuilder builder)
public static IApplicationBuilder AddCieSPMetadataEndpoints(this IApplicationBuilder builder)
{
return builder.UseMiddleware<CieSPMetadataMiddleware>();
}
Expand Down
2 changes: 1 addition & 1 deletion CIE.AspNetCore.Authentication/CIE.AspNetCore.Authentication/Models/CieOptions.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ public CieOptions()
// In AAD it sends the cleanup message to a random Reply Url and there's no deterministic way to configure it.
// If you manage to get it configured, then you can set RemoteSignOutPath accordingly.
RemoteSignOutPath = "/signout-cie";
ServiceProvidersMetadataEndpointsBasePath = "/metadata-spid";
ServiceProvidersMetadataEndpointsBasePath = "/metadata-cie";
Events = new CieEvents();
}

Expand Down
61 changes: 39 additions & 22 deletions ...ore.Authentication/CIE.AspNetCore.Authentication/Models/ServiceProviders/ContactPerson.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,13 @@ public interface IContactPerson
ContactKind GetContactKind();
ContactTypeType ContactType { get; set; }
(bool, string) Validate();

Saml.SP.ContactType GetContactForXml(ServiceProvider sp);
}

public abstract class BaseContactPerson : IContactPerson
{
private string _province;
private string[] _nace2codes;

public string Municipality { get; set; }
public string Province { get { return Country != "IT" ? "EE" : _province; } set { _province = value; } }
Expand All @@ -31,9 +31,6 @@ public abstract class BaseContactPerson : IContactPerson
public string[] EmailAddress { get; set; }
public string[] TelephoneNumber { get; set; }
public ContactTypeType ContactType { get; set; }

private string[] _nace2codes;

public string VATNumber { get; set; }
public string FiscalCode { get; set; }
public string[] NACE2Codes { get { return _nace2codes; } set { _nace2codes = value; } }
Expand All @@ -46,22 +43,37 @@ public bool IsItalian()

public Saml.SP.ContactType GetContactForXml(ServiceProvider sp)
{
var elements = GetSpecificElements();
elements.Add(XmlHelpers.GetXmlElement(Saml.SamlConst.cie, Saml.SamlConst.cieNamespace, GetContactKind().ToString()));
//the code order is strange because spid-sp-test require to respect items order
var elements = new List<ItemsChoiceType7>();
var values = new List<string>();
elements.Add(GetContactKind() == ContactKind.Private ? ItemsChoiceType7.Private : ItemsChoiceType7.Public);
values.Add(""); //Private and Public have no value
var (specElements, specValues) = GetSpecificElements();
elements.AddRange(specElements);
values.AddRange(specValues);
if (!string.IsNullOrWhiteSpace(VATNumber))
elements.Add(XmlHelpers.GetXmlElement(Saml.SamlConst.cie, Saml.SamlConst.cieNamespace, ItemsChoiceType7.VATNumber.ToString(), VATNumber));
{
elements.Add(ItemsChoiceType7.VATNumber);
values.Add(this.VATNumber);
}
if (!string.IsNullOrWhiteSpace(FiscalCode))
elements.Add(XmlHelpers.GetXmlElement(Saml.SamlConst.cie, Saml.SamlConst.cieNamespace, ItemsChoiceType7.FiscalCode.ToString(), FiscalCode));
{
elements.Add(ItemsChoiceType7.FiscalCode);
values.Add(this.FiscalCode);
}
if (NACE2Codes.Length > 0)
foreach (var code in NACE2Codes)
elements.Add(XmlHelpers.GetXmlElement(Saml.SamlConst.cie, Saml.SamlConst.cieNamespace, ItemsChoiceType7.NACE2Code.ToString(), code));

{
elements.Add(ItemsChoiceType7.NACE2Code);
values.Add(code);
}

var extensions = new Saml.SP.ContactPersonSPExtensionType()
{
Items = values.ToArray(),
ItemsElementName = elements.ToArray(),
Municipality = this.Municipality,
Country = this.Country,
Any = elements.ToArray()
Country = this.Country
};

if (!string.IsNullOrEmpty(this.Province))
Expand All @@ -81,11 +93,13 @@ public Saml.SP.ContactType GetContactForXml(ServiceProvider sp)
{
if (string.IsNullOrWhiteSpace(Municipality))
return (false, $"No {nameof(Municipality)} are specified");
if (EmailAddress.Length == 0 || EmailAddress.Length == 1 && string.IsNullOrEmpty(EmailAddress[0]))
return (false, $"No {nameof(EmailAddress)} are specified");

return SpecificValidate();
}

public abstract List<XmlElement> GetSpecificElements();
public abstract (List<ItemsChoiceType7>, List<string>) GetSpecificElements();

public abstract (bool, string) SpecificValidate();

Expand All @@ -111,17 +125,15 @@ public override (bool, string) SpecificValidate()
return (true, "");
}

public override List<XmlElement> GetSpecificElements()
public override (List<ItemsChoiceType7>, List<string>) GetSpecificElements()
{
var elements = new List<XmlElement>();

return elements;
return (new List<ItemsChoiceType7>(), new List<string>());
}
}

public class PublicContactPerson : BaseContactPerson
{

public string IPACode { get; set; }
public string IPACategory { get; set; }

Expand All @@ -138,15 +150,20 @@ public override (bool, string) SpecificValidate()
return (true, "");
}

public override List<XmlElement> GetSpecificElements()
public override (List<ItemsChoiceType7>, List<string>) GetSpecificElements()
{
var elements = new List<XmlElement>();
var elements = new List<ItemsChoiceType7>();
var values = new List<string>();

elements.Add(XmlHelpers.GetXmlElement(Saml.SamlConst.cie, Saml.SamlConst.cieNamespace, ItemsChoiceType7.IPACode.ToString(), IPACode));
elements.Add(ItemsChoiceType7.IPACode);
values.Add(this.IPACode);
if (!string.IsNullOrWhiteSpace(IPACategory))
elements.Add(XmlHelpers.GetXmlElement(Saml.SamlConst.cie, Saml.SamlConst.cieNamespace, ItemsChoiceType7.IPACategory.ToString(), IPACategory));
{
elements.Add(ItemsChoiceType7.IPACategory);
values.Add(this.IPACategory);
}

return elements;
return (elements, values);
}
}
}
3 changes: 1 addition & 2 deletions CIE.AspNetCore.Authentication/CIE.AspNetCore.Authentication/Saml/SamlHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,10 @@ internal static class SamlHandler
{ typeof(ResponseType), new XmlSerializer(typeof(ResponseType)) },
{ typeof(LogoutRequestType), new XmlSerializer(typeof(LogoutRequestType)) },
{ typeof(LogoutResponseType), new XmlSerializer(typeof(LogoutResponseType)) },
{ typeof(SP.EntityDescriptorType), new XmlSerializer(typeof(SP.EntityDescriptorType)) },
};
private static readonly List<string> listAuthRefValid = new List<string>
{
SamlConst.SpidL + "1",
SamlConst.SpidL + "2",
SamlConst.SpidL + "3"
};

Expand Down
15 changes: 9 additions & 6 deletions CIE.AspNetCore.Authentication/CIE.AspNetCore.Authentication/Saml/xsd/cie.xsd
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@
<group ref="cie:PublicGroup" maxOccurs="1"/>
<group ref="cie:PrivateGroup" maxOccurs="1"/>
</choice>
<element ref="cie:Municipality" minOccurs="1" maxOccurs="1"/>
<element ref="cie:Province" minOccurs="0" maxOccurs="1"/>
<element ref="cie:Country" minOccurs="0" maxOccurs="1"/>
<element ref="cie:Municipality" minOccurs="1" />
<element ref="cie:Province" minOccurs="0" />
<element ref="cie:Country" minOccurs="0" />
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</complexType>
Expand All @@ -22,14 +22,17 @@
<element ref="cie:Public"/>
<element ref="cie:IPACode" minOccurs="1"/>
<element ref="cie:IPACategory" minOccurs="0"/>
<element ref="cie:VATNumber" minOccurs="0" />
<element ref="cie:FiscalCode" minOccurs="0" />
<element ref="cie:NACE2Code" minOccurs="0" maxOccurs="unbounded" />
</sequence>
</group>
<group name="PrivateGroup">
<sequence>
<element ref="cie:Private"/>
<element ref="cie:VATNumber" minOccurs="0"/>
<element ref="cie:FiscalCode" minOccurs="0" />
<element ref="cie:NACE2Code" minOccurs="0" />
<element ref="cie:VATNumber" />
<element ref="cie:FiscalCode" />
<element ref="cie:NACE2Code" minOccurs="0" maxOccurs="unbounded" />
</sequence>
</group>

Expand Down
1 change: 1 addition & 0 deletions ...ore.Authentication/CIE.AspNetCore.Authentication/Saml/xsd/saml-schema-metadata-sp-cie.xsd
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,7 @@
<element ref="md:SPSSODescriptor" minOccurs="1" maxOccurs="1"/>
<element ref="md:Organization" minOccurs="1" maxOccurs="1"/>
<element ref="md:ContactPerson" minOccurs="1" maxOccurs="2"/>
<element ref="md:Extensions" minOccurs="0" maxOccurs="unbounded"/>
<element ref="md:AdditionalMetadataLocation" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="entityID" type="md:entityIDType" use="required"/>
Expand Down
Loading

0 comments on commit d2baa0c

Please sign in to comment.