SamlSecurityTokenHandler Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
A SecurityTokenHandler designed for creating and validating Saml Tokens, which supports validating tokens passed as strings using TokenValidationParameters.
public class SamlSecurityTokenHandler : Microsoft.IdentityModel.Tokens.SecurityTokenHandlertype SamlSecurityTokenHandler = class
inherit SecurityTokenHandlerPublic Class SamlSecurityTokenHandler
Inherits SecurityTokenHandler- Inheritance
Constructors
| SamlSecurityTokenHandler() |
Properties
| CanValidateToken |
Gets a value indicating whether this handler supports validation of tokens handled by this instance. |
| CanWriteToken |
Gets a value indicating whether the class provides serialization functionality to serialize securityToken handled by this instance. |
| MaximumTokenSizeInBytes |
Gets and sets the maximum token size in bytes that will be processed. (Inherited from TokenHandler) |
| SamlSubjectEqualityComparer |
Gets or sets the SamlSubject comparer. |
| Serializer |
Gets or set the SamlSerializer that will be used to read and write a SamlSecurityToken. |
| SetDefaultTimesOnTokenCreation |
Gets or sets a bool that controls if token creation will set default 'exp', 'nbf' and 'iat' if not specified. (Inherited from TokenHandler) |
| TokenLifetimeInMinutes |
Gets or sets the token lifetime in minutes. (Inherited from TokenHandler) |
| TokenType |
Gets the securityToken type supported by this handler. |
Methods
| AddActorToAttributes(ICollection<SamlAttribute>, ClaimsIdentity) |
Adds all Actors. |
| CanReadToken(String) |
Determines if the string is a valid Saml token by examining the xml for the correct start element. |
| CanReadToken(XmlReader) |
Indicates whether the current reader is positioned at a Saml assertion. |
| ConsolidateAttributes(ICollection<SamlAttribute>) |
Collects attributes with a common claim type, claim value type, and original issuer into a single attribute with multiple values. |
| CreateAdvice(SecurityTokenDescriptor) |
Override this method to provide a SamlAdvice to place in the Samltoken. |
| CreateAttribute(Claim) |
Generates a SamlAttribute from a claim. |
| CreateAttributeStatement(SamlSubject, SecurityTokenDescriptor) |
Creates SamlAttributeStatements and adds them to a collection. Override this method to provide a custom implementation. Default behavior is to create a new SamlAttributeStatement for each Subject in the tokenDescriptor.Subjects collection. |
| CreateAuthenticationStatement(SamlSubject, AuthenticationInformation) |
Creates a SamlAuthenticationStatement for each AuthenticationInformation found in AuthenticationInformation. Override this method to provide a custom implementation. |
| CreateAuthorizationDecisionStatement(SecurityTokenDescriptor) |
Creates a SamlAuthorizationDecisionStatement from a SecurityTokenDescriptor. |
| CreateClaimsIdentities(SamlSecurityToken, String, TokenValidationParameters) |
Creates claims from a Saml securityToken. |
| CreateConditions(SecurityTokenDescriptor) |
Generates all the conditions for saml |
| CreateSecurityTokenReference(SecurityToken, Boolean) |
Returns SecurityKeyIdentifierClause. (Inherited from SecurityTokenHandler) |
| CreateStatements(SecurityTokenDescriptor, AuthenticationInformation) |
Generates an enumeration of SamlStatements from a SecurityTokenDescriptor. Only SamlAttributeStatements and SamlAuthenticationStatements are generated. Overwrite this method to customize the creation of statements. Calls in order (all are virtual): 1. CreateSamlSubject 2. CreateAttributeStatements 3. CreateAuthenticationStatements 4. CreateAuthorizationDecisionStatement |
| CreateSubject(SecurityTokenDescriptor) |
Returns the SamlSubject to use for all the statements that will be created. Overwrite this method to customize the creation of the SamlSubject. |
| CreateToken(SecurityTokenDescriptor) |
Creates a SamlSecurityToken based on a information contained in the SecurityTokenDescriptor. |
| CreateToken(SecurityTokenDescriptor, AuthenticationInformation) |
Creates a SamlSecurityToken based on a information contained in the SecurityTokenDescriptor. |
| CreateXmlStringFromAttributes(ICollection<SamlAttribute>) |
Builds an XML formated string from a collection of saml attributes that represent an Actor. |
| ProcessAttributeStatement(SamlAttributeStatement, ClaimsIdentity, String) |
Creates claims from a SamlAttributeStatement. |
| ProcessAuthenticationStatement(SamlAuthenticationStatement, ClaimsIdentity, String) |
Creates claims from a SamlAuthenticationStatement. |
| ProcessAuthorizationDecisionStatement(SamlAuthorizationDecisionStatement, ClaimsIdentity, String) |
Creates claims from a SamlAuthorizationDecisionStatement. |
| ProcessCustomSubjectStatement(SamlStatement, ClaimsIdentity, String) |
Creates claims from a unknow statements. |
| ProcessStatements(SamlSecurityToken, String, TokenValidationParameters) |
Processes all statements to generate claims. |
| ProcessSubject(SamlSubject, ClaimsIdentity, String) |
Creates subject claims from the SamlSubject. |
| ReadSamlToken(String) |
Converts a string into an instance of SamlSecurityToken. |
| ReadSamlToken(XmlReader) |
Reads a SamlSecurityToken where the XmlReader is positioned the beginning of a Saml assertion. |
| ReadToken(String) |
Converts a string into an instance of SamlSecurityToken. |
| ReadToken(XmlReader) |
Reads a SamlSecurityToken where the XmlReader is positioned the beginning of a Saml assertion. |
| ReadToken(XmlReader, TokenValidationParameters) |
Deserializes from XML a token of the type handled by this instance. |
| ResolveIssuerSigningKey(String, SamlSecurityToken, TokenValidationParameters) |
Returns a SecurityKey to use for validating the signature of a token. |
| SetDelegateFromAttribute(SamlAttribute, ClaimsIdentity, String) |
This method gets called when a special type of SamlAttribute is detected. The SamlAttribute passed in wraps a SamlAttribute that contains a collection of AttributeValues, each of which are mapped to a claim. All of the claims will be returned in an ClaimsIdentity with the specified issuer. |
| ValidateAudience(IEnumerable<String>, SecurityToken, TokenValidationParameters) |
Determines if the audiences found in a SamlSecurityToken are valid. |
| ValidateConditions(SamlSecurityToken, TokenValidationParameters) |
Validates the Lifetime and Audience conditions. |
| ValidateIssuer(String, SecurityToken, TokenValidationParameters) |
Determines if an issuer found in a SamlSecurityToken is valid. |
| ValidateIssuerSecurityKey(SecurityKey, SamlSecurityToken, TokenValidationParameters) |
Validates the SigningKey is an expected value. |
| ValidateIssuerSecurityKey(SecurityKey, SecurityToken, TokenValidationParameters) |
Validates the SecurityToken was signed by a valid SecurityKey. |
| ValidateLifetime(Nullable<DateTime>, Nullable<DateTime>, SecurityToken, TokenValidationParameters) |
Validates the lifetime of a SamlSecurityToken. |
| ValidateSignature(String, TokenValidationParameters) |
Validates that the signature, if found is valid. |
| ValidateToken(String, TokenValidationParameters, SecurityToken) |
Reads and validates a well formed SamlSecurityToken. |
| ValidateToken(XmlReader, TokenValidationParameters, SecurityToken) |
Reads and validates a well formed SamlSecurityToken. |
| ValidateTokenAsync(SecurityToken, TokenValidationParameters) |
Validates a token. On a validation failure, no exception will be thrown; instead, the exception will be set in the returned TokenValidationResult.Exception property. Callers should always check the TokenValidationResult.IsValid property to verify the validity of the result. (Inherited from TokenHandler) |
| ValidateTokenAsync(String, TokenValidationParameters) |
Validates a token. On a validation failure, no exception will be thrown; instead, the exception will be set in the returned TokenValidationResult.Exception property. Callers should always check the TokenValidationResult.IsValid property to verify the validity of the result. |
| ValidateTokenReplay(Nullable<DateTime>, String, TokenValidationParameters) |
Validates the token replay. |
| WriteToken(SecurityToken) |
Serializes a SamlSecurityToken to a string. |
| WriteToken(XmlWriter, SecurityToken) |
Serializes to XML a securityToken of the type handled by this instance. |
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for