C# 中的 SAML 断言 WriteXML 问题

发布于 2024-07-08 19:49:18 字数 1917 浏览 9 评论 0原文

我创建了 SamlAssertion 的实例，并向其中添加了授权语句和属性语句，现在我想打印出 XML，以便可以执行 HTTP post，但并非所有断言都会输出。我错过了什么（我确信这是一些愚蠢的事情）？

这是我正在使用的代码：

// Add the Statements to the SAML Assertion
   samlAssert.Statements.Add(samlAuthStatement);
   samlAssert.Statements.Add(samlAttrStatement);
   MemoryStream xmlStream = new MemoryStream();
   XmlDictionaryWriter xmlWriter = XmlDictionaryWriter.CreateTextWriter(xmlStream, System.Text.Encoding.UTF8);
   SamlSerializer samlAssertSerializer = new SamlSerializer();
   WSSecurityTokenSerializer secTokenSerializer = new WSSecurityTokenSerializer();
   samlAssert.WriteXml(xmlWriter, samlAssertSerializer, secTokenSerializer);

   xmlStream.Position = 0;
   StreamReader sr = new StreamReader(xmlStream, System.Text.Encoding.UTF8);
   string AssertStr = sr.ReadToEnd();
   TextBox1.Text = AssertStr;

但是返回的只是：

<saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="assertID" 
                Issuer="my Company" IssueInstant="2008-11-19T19:54:12.191Z" 
                xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
    <saml:Conditions NotBefore="2008-11-19T19:54:12.191Z" NotOnOrAfter="2008-11-19T19:59:12.191Z"/>
    <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken" 
                                  AuthenticationInstant="2008-11-19T19:54:12.191Z">
        <saml:Subject>
            <saml:NameIdentifier Format="cs-sstc-schema-assertion-1.1.xsd" NameQualifier="My company">xxxx</saml:NameIdentifier>
            <saml:SubjectConfirmation>
                <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod>
            </saml:SubjectConfirmation>
        </saml:Subject>
        <saml:SubjectLocality IPAddress="x.x.x.x"/>
        </saml:

原文

I've created an instance of a SamlAssertion, and added the the authorization statement and attribute statments to it, and now I want to print out the XML so I can do an HTTP post, but not all of the assertion is being outputed. What am I missing (I'm sure it's something bone-headed)?

Here is the code I'm using:

// Add the Statements to the SAML Assertion
   samlAssert.Statements.Add(samlAuthStatement);
   samlAssert.Statements.Add(samlAttrStatement);
   MemoryStream xmlStream = new MemoryStream();
   XmlDictionaryWriter xmlWriter = XmlDictionaryWriter.CreateTextWriter(xmlStream, System.Text.Encoding.UTF8);
   SamlSerializer samlAssertSerializer = new SamlSerializer();
   WSSecurityTokenSerializer secTokenSerializer = new WSSecurityTokenSerializer();
   samlAssert.WriteXml(xmlWriter, samlAssertSerializer, secTokenSerializer);

   xmlStream.Position = 0;
   StreamReader sr = new StreamReader(xmlStream, System.Text.Encoding.UTF8);
   string AssertStr = sr.ReadToEnd();
   TextBox1.Text = AssertStr;

But All that gets returned is this:

<saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="assertID" 
                Issuer="my Company" IssueInstant="2008-11-19T19:54:12.191Z" 
                xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
    <saml:Conditions NotBefore="2008-11-19T19:54:12.191Z" NotOnOrAfter="2008-11-19T19:59:12.191Z"/>
    <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken" 
                                  AuthenticationInstant="2008-11-19T19:54:12.191Z">
        <saml:Subject>
            <saml:NameIdentifier Format="cs-sstc-schema-assertion-1.1.xsd" NameQualifier="My company">xxxx</saml:NameIdentifier>
            <saml:SubjectConfirmation>
                <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod>
            </saml:SubjectConfirmation>
        </saml:Subject>
        <saml:SubjectLocality IPAddress="x.x.x.x"/>
        </saml:

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

陌路黄昏 2024-07-15 19:49:18

如果我在这种情况下有一个建议给您，那就是：在使用 IDisposable 对象，例如流。除了自动刷新流之外，它还会在出现异常时释放资源：

// Add the Statements to the SAML Assertion
samlAssert.Statements.Add(samlAuthStatement);
samlAssert.Statements.Add(samlAttrStatement);

var sb = new StringBuilder();
var settings = new XmlWriterSettings 
{
    OmitXmlDeclaration = true,
    Encoding = Encoding.UTF8
};
using (var stringWriter = new StringWriter(sb))
using (var xmlWriter = XmlWriter.Create(stringWriter, settings))
using (var dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter))
{
    var samlAssertSerializer = new SamlSerializer();
    var secTokenSerializer = new WSSecurityTokenSerializer();
    samlAssert.WriteXml(
        dictionaryWriter, 
        samlAssertSerializer, 
        secTokenSerializer
    );
}

TextBox1.Text = sb.ToString();

If I had one advice to give you in this case it would be: always use using statements when working with IDisposable objects such as streams. In addition to automatically flushing streams it would also free resources in case of exception:

// Add the Statements to the SAML Assertion
samlAssert.Statements.Add(samlAuthStatement);
samlAssert.Statements.Add(samlAttrStatement);

var sb = new StringBuilder();
var settings = new XmlWriterSettings 
{
    OmitXmlDeclaration = true,
    Encoding = Encoding.UTF8
};
using (var stringWriter = new StringWriter(sb))
using (var xmlWriter = XmlWriter.Create(stringWriter, settings))
using (var dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter))
{
    var samlAssertSerializer = new SamlSerializer();
    var secTokenSerializer = new WSSecurityTokenSerializer();
    samlAssert.WriteXml(
        dictionaryWriter, 
        samlAssertSerializer, 
        secTokenSerializer
    );
}

TextBox1.Text = sb.ToString();

回复收藏 0 原文