我正在尝试根据Asp.net c#中的证书构建到ADFS端点“ / adfs / services / trust / 13 / certificatemixed”的SOAP RST,并努力构建其某些元素。你能帮我吗 ?
这是一个示例以及我正在苦苦挣扎的部分-
<?xml version="1.0"?><s:Envelope xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://www.w3.org/2003/05/soap-envelope">
<s:Header>
<a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</a:Action>
<a:MessageID>urn:uuid:0c512535-aa02-4358-b979-c926af75faaf</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1" u:Id="_1">https://sts.abc.com/adfs/services/trust/13/certificatemixed</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2018-04-12T03:12:58.086Z</u:Created>
<u:Expires>2018-04-12T03:17:58.086Z</u:Expires>
</u:Timestamp>
<o:BinarySecurityToken u:Id="uuid-c01c675a-6204-411c-9621-354a848454e4-13" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIGqzCCBZOgAwIBAgITQAAAAAezicTRUNCATED==</o:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#_0">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>l+DaXNISZG0PnnR24iq/fH5BWjE=</DigestValue>
</Reference>
<Reference URI="#_1">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>t/p+BPT/AiEA536kEC+QxXy796g=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>Zwzd/LAW/9i8YHTsVpZ+EHCjvt4U5TRUNCATED==</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" URI="#uuid-c01c675a-6204-411c-9621-354a848454e4-13"/>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
<s:Body>
<trust:RequestSecurityToken xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsa:Address>urn:microsoft:adfs:claimsxray</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
<trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
<trust:TokenType>urn:oasis:names:tc:SAML:2.0:assertion</trust:TokenType>
</trust:RequestSecurityToken>
</s:Body>
</s:Envelope>
我可能错了,但似乎- 内部标记的第一个DigestValue来自“ Timestamp u:Id =“ _ 0”>”。 第二个DigestValue内部标记来自s:mustUnderstand =“ 1” u:Id =“ _ 1”> https://sts.abc.com/adfs/services/trust/13/certificatemixed,它是特定SOAP RST的常量。
但是我无法找出“ BinarySecurityToken u:Id =“ uuid-c01c675a-6204-411c-9621-354a848454e4-13”和“ SignatureValue”。 我的目的是从证书中以编程方式创建xml->点击adfs / services / trust / 13 / certificatemixed端点并获取一些令牌。