working SAML

App_Code/SAML/PostResponse.aspx.vb

@@ -0,0 +1,60 @@
+Namespace SAML
+    Partial Public Class PostResponse
+        Inherits System.Web.UI.Page
+
+        Protected result As System.Web.UI.HtmlControls.HtmlGenericControl
+
+        Protected Sub Page_Load(sender As Object, e As EventArgs)
+            Dim samlResponse = Request.Form("SAMLResponse")
+            If String.IsNullOrEmpty(samlResponse) Then
+                result.InnerHtml = "<h2>No SAML Response found</h2>"
+                Return
+            End If
+
+            Dim cert As String = _
+            "-----BEGIN CERTIFICATE-----" & vbCrLf & _
+            "MIIE6DCCAtCgAwIBAgIQOQaY6KUdPItB52hpOsIBvjANBgkqhkiG9w0BAQsFADAw" & vbCrLf & _
+            "MS4wLAYDVQQDEyVBREZTIFNpZ25pbmcgLSBzc28uc2F0aXRtLmNodWxhLmFjLnRo" & vbCrLf & _
+            "MB4XDTI1MDQwNjEyNTQxNFoXDTI2MDQwNjEyNTQxNFowMDEuMCwGA1UEAxMlQURG" & vbCrLf & _
+            "UyBTaWduaW5nIC0gc3NvLnNhdGl0bS5jaHVsYS5hYy50aDCCAiIwDQYJKoZIhvcN" & vbCrLf & _
+            "AQEBBQADggIPADCCAgoCggIBAMlu6kjF9Ghsr9Z6+AIYRjHTx4OL6fROrCzq26/h" & vbCrLf & _
+            "YBfsrsL5QeJlWtYhRsbrW3wAFaQukNYal5LRJx8BXXlngIDIfoIEixT62BqFC2XO" & vbCrLf & _
+            "Ju7Rq+p1ei2WZb06V0It8ohmZVPqsDPzygjBblta27DBGQ8qQ4upGVTwOIBRisMj" & vbCrLf & _
+            "Ixxx90p6DeB2ZCiGOYCYMYPdFWwz8QCZv64WbWRw3WhRKla05nyiV352aaC53XL0" & vbCrLf & _
+            "ZZlRFV8jj6YiKsbKEzkxKpDVxEaH28NGVptBJyfkU5VOpqkmZZtqhSCrrIprfa+j" & vbCrLf & _
+            "Dl6De9Siq8/CUDoZhkhRoNUqmhaiu0ZbV3AF0iN+XLtmeP/GJREz5m3gOoAGH8Rl" & vbCrLf & _
+            "g5pyca6vmSnJHKnTsu8Elc4pVvO6jH1hqdBLVFa4uftqqBY2B/ZuUXj7764eHsMZ" & vbCrLf & _
+            "kHZC6SXOxAP2BPbRbslbd4CRErnuE5rgMRQAYQVWcrDvagUdvm2T1+wJN7GmwBg9" & vbCrLf & _
+            "GGhTA3r9howvIj2RFLxCZbpy2QlWKMb1zjyvtCHrM7g8/aGuvJfY5cmfww5aib4a" & vbCrLf & _
+            "QpJq+ZyCPZpW8iXZTnxVuyV57WFTOmCvy/9dfK/IQXEqG5FIikwaB2nyL/D5FXIP" & vbCrLf & _
+            "xH+OzLeLdLlKe2zpOJgx2p1M6rJ29AJRASKs+ikqlSV/i5t+1sw2qinFKJ8ZegsN" & vbCrLf & _
+            "HDgBAgMBAAEwDQYJKoZIhvcNAQELBQADggIBABzrTEbbzMHbq0mIV1w3TL6IVOv8" & vbCrLf & _
+            "BeXoYznSI7P/MhJwBXMbrYNNbpSkv5jWhtSAWQWrDrN0IUqvKwIYYRlRtgvma6Mk" & vbCrLf & _
+            "PFXRvzkVhpuqm/bp1HAH2yoJUXNuWInzdJeMnPaQymU/hSvSJ8f66pwlPrAYTSBk" & vbCrLf & _
+            "YIbcEdLJ3OmcnjOjj4W+s70J0s0HTnNQboAzjue3SmpsPVVetP+cwaoIASz2M6Fr" & vbCrLf & _
+            "wfqFaUUiSAxcUzfELOyN8d1dnRFQVkrNyayz0fHH2Kje5GnGLMNaZTKZ88nVbmoq" & vbCrLf & _
+            "Cbow7ofjEb74jNwWhmRhntuEE0I1W55LnU3Srjptjnfkd604W60DbqiWBKM6rTTb" & vbCrLf & _
+            "ilCJsW3umI26/eFZAfZIA2n7/FKDcDXFCJOM1UV+09pZ12p0TAaA3nyA2TbdI+PM" & vbCrLf & _
+            "GtvvEK2PU+tdU64uAlOOaldk52dIuR7kOVBk53Gf3K2wY2U/oovLrlXLHb8NJD49" & vbCrLf & _
+            "Po6XT3w6WL+okyr7FgdmAHTNpTnthXG0pyN4KUFEAK9HWXdGRWUgFX4yBOjmPN1N" & vbCrLf & _
+            "Vx7G3klMd+ccQUU80lxDKQUbjhcWLloWNlg6w2SKk4Ku7/f8HmPkqppvFow+ytWm" & vbCrLf & _
+            "0abcCjptoUrFR1BCM86CIDCo9bEWIyWv+SHr2AvlQ8D0Z8aQRr6M73NN1PNWruPf" & vbCrLf & _
+            "bpD2ekhB2vZ9R2ij" & vbCrLf & _
+            "-----END CERTIFICATE-----"
+
+            Try
+                Dim resp = New SamlHelper.Response(cert, samlResponse)
+                If resp.IsValid() Then
+                    Dim email = resp.GetEmail()
+                    Dim firstName = resp.GetFirstName()
+                    Dim lastName = resp.GetLastName()
+                    result.InnerHtml = $"<h2>Welcome, {firstName} {lastName}</h2><p>Email: {email}</p>"
+                Else
+                    result.InnerHtml = "<h2>Invalid SAML Response</h2>"
+                End If
+            Catch ex As Exception
+                result.InnerHtml = $"<h2>Error parsing response: {ex.Message}</h2>"
+            End Try
+        End Sub
+    End Class
+End Namespace

App_Code/SAMLHelper.vb

@@ -0,0 +1,83 @@
+Imports System.IO
+Imports System.Text
+Imports System.Xml
+Imports System.Security.Cryptography
+Imports System.Security.Cryptography.X509Certificates
+Imports System.Security.Cryptography.Xml
+Imports System.IO.Compression
+
+Namespace SAML
+    Public Class SamlHelper
+
+        Public Shared Function CreateAuthRequest(issuer As String, assertionConsumerServiceUrl As String) As String
+            Dim id = "_" & Guid.NewGuid().ToString()
+            Dim issueInstant = DateTime.UtcNow.ToString("yyyy-MM-ddTHH:mm:ssZ")
+
+            Dim requestXml As String = String.Format( _
+                "<samlp:AuthnRequest xmlns:samlp=""urn:oasis:names:tc:SAML:2.0:protocol"" ID=""{0}"" Version=""2.0"" IssueInstant=""{1}"" ProtocolBinding=""urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"" AssertionConsumerServiceURL=""{2}"">" & vbCrLf & _
+                "  <saml:Issuer xmlns:saml=""urn:oasis:names:tc:SAML:2.0:assertion"">{3}</saml:Issuer>" & vbCrLf & _
+                "</samlp:AuthnRequest>", _
+                id, issueInstant, assertionConsumerServiceUrl, issuer _
+            )
+            
+            Dim bytes = Encoding.UTF8.GetBytes(requestXml)
+
+            Using ms = New MemoryStream()
+                Using zip = New DeflateStream(ms, CompressionMode.Compress, True)
+                    zip.Write(bytes, 0, bytes.Length)
+                End Using
+                Dim compressedBytes = ms.ToArray()
+                Return Convert.ToBase64String(compressedBytes)
+            End Using
+        End Function
+
+        Public Class Response
+            Private ReadOnly _xml As XmlDocument
+            Private ReadOnly _certificate As X509Certificate2
+
+            Public Sub New(certString As String, base64Response As String)
+                Dim decoded = Convert.FromBase64String(base64Response)
+                Dim xmlString = Encoding.UTF8.GetString(decoded)
+
+                _xml = New XmlDocument()
+                _xml.PreserveWhitespace = True
+                _xml.LoadXml(xmlString)
+
+                _certificate = New X509Certificate2(Encoding.UTF8.GetBytes(certString))
+            End Sub
+
+            Public Function IsValid() As Boolean
+                Dim ns = New XmlNamespaceManager(_xml.NameTable)
+                ns.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#")
+
+                Dim signatureNode = _xml.SelectSingleNode("//ds:Signature", ns)
+                If signatureNode Is Nothing Then Return False
+
+                Dim signedXml = New SignedXml(_xml)
+                signedXml.LoadXml(CType(signatureNode, XmlElement))
+
+                Return signedXml.CheckSignature(_certificate, True)
+            End Function
+
+            Public Function GetEmail() As String
+                Return GetAttributeValue("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress")
+            End Function
+
+            Public Function GetFirstName() As String
+                Return GetAttributeValue("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname")
+            End Function
+
+            Public Function GetLastName() As String
+                Return GetAttributeValue("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname")
+            End Function
+
+            Private Function GetAttributeValue(attributeName As String) As String
+                Dim nsmgr = New XmlNamespaceManager(_xml.NameTable)
+                nsmgr.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion")
+
+                Dim attrNode = _xml.SelectSingleNode(String.Format("//saml:Attribute[@Name='{0}']/saml:AttributeValue", attributeName), nsmgr)
+                Return If(attrNode IsNot Nothing, attrNode.InnerText, String.Empty)
+            End Function
+        End Class
+    End Class
+End Namespace