I am migrating an ASP.Net site that uses Active Federation and WIF 3.5 to use .Net 4.5. The functionality of Windows Identity Foundation (WIF 3.5) has now been fully integrated in into the .Net 4.5 Framework.
Since classes have moved to three different namespaces, it is mostly a matter of mechanical translation. The part that I am having trouble with is translating the GenericXmlSecurityToken
issued by the STS to a Claims Principal for the call to SessionAuthenticationModule.WriteSessionTokenToCookie
. The documentation is lacking and I just need to find the WIF 4.5 way to access FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlers
Here is a snippet of the WIF 3.5 code that does not compile in WIF 4.5 (WSTrust channel creation omitted for brevity):
var genericToken = channel.Issue(rst) as GenericXmlSecurityToken;
var handlers = FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlers;
var token = handlers.ReadToken(new XmlTextReader(new StringReader(genericToken.TokenXml.OuterXml)));
var identity = handlers.ValidateToken(token).First();
var sessionToken = new SessionSecurityToken(ClaimsPrincipal.CreateFromIdentity(identity),
TimeSpan.FromMinutes(20));
FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);
The fix turned out to be fairly simple (If not immediately obvious).
FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlers
translates to WIF 4.5 as
FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlers
The only other change was replacing the ClaimsPrincipal.CreateFromIdentity(identity)
factory method call with new ClaimsPrincipal(identity)
.
Below is the working snippet:
var handlers = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.SecurityTokenHandlers;
var token = handlers.ReadToken(new XmlTextReader(new StringReader(genericToken.TokenXml.OuterXml)));
var identity = handlers.ValidateToken(token).First();
var sessionToken = new SessionSecurityToken(new ClaimsPrincipal(identity),
TimeSpan.FromMinutes(20));
FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With