我有一個用 .NET 5 開發的 asp net core 應用程式。
在此應用程式中,有一個控制器 (ACSController) 來管理來自身份提供者的回應。該控制器 是如下:
public class ACSController : Controller
{
private readonly IRequestRepository _requestRepository;
private readonly IHttpClientFactory _httpClientFactory;
private readonly IIdpRepository _idpRepository;
private readonly IResponseRepository _responseRepository;
private readonly AppSessionViewModel _session;
public ACSController(IRequestRepository requestRepository, IHttpClientFactory httpClientFactory,
IIdpRepository idpRepository, IResponseRepository responseRepository, AppSessionViewModel session)
{
_requestRepository = requestRepository;
_httpClientFactory = httpClientFactory;
_idpRepository = idpRepository;
_responseRepository = responseRepository;
_session = session;
}
[HttpPost]
public async Task<IActionResult> IndexAsync(IFormCollection form)
{
var base64Response = form["SAMLResponse"].ToString();
var response = SAMLHelper.GetAuthnResponse(base64Response);
var cachedRequest = _requestRepository.Read();
var idpMetadata = await SamlHandler.DownloadIdPMetadata(_httpClientFactory,
_idpRepository.Read().OrganizationUrlMetadata);
var validationResult = ResponseValidator.ValidateAuthnResponse(response, cachedRequest, idpMetadata);
if (validationResult.IsSuccess)
{
_responseRepository.Write(response);
_session.Logged = true;
ViewData["UserInfo"] = CreateUserInfo(response);
return View();
}
else
{
ViewData["Message"] = validationResult.Error;
return View("Error");
}
}
[HttpPost]
public IActionResult Logout(IFormCollection form)
{
var base64Response = form["SAMLResponse"].ToString();
return View();
}
[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
public IActionResult Error()
{
return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
}
#region Utilities
private Dictionary<string, string> CreateUserInfo(AuthnResponse response)
{
if (response == null) throw new ArgumentException(nameof(response));
var attributes = response.GetAssertion().GetAttributeStatement().Items;
var userDictionary = new Dictionary<string, string>();
foreach (var attribute in attributes)
{
var attr = (AttributeType)attribute;
userDictionary.Add(attr.Name, (string)attr.AttributeValue.First());
}
return userDictionary;
}
#endregion
}
就我而言,當 acs/index 方法被 POST 請求呼叫時沒有問題。
當我呼叫注銷程式(從另一個控制器)時,我的應用程式正確發送了請求,但是當 IdP 回應我時,我在瀏覽器上獲得了此回應:

更新:
如果要解碼 base64string,請嘗試使用:
byte[] data = Convert.FromBase64String(SAMLResponse);
string decodedString = Encoding.UTF8.GetString(data);
轉載請註明出處,本文鏈接:https://www.uj5u.com/qiye/347648.html
