I have a scenario where I have an ASP.Net application that authenticates using the Thinktecture IdentityServer. This all works fine, it has a relationship with our ADFS and that is all working great. What I need though is to call the ShareFile-NET SDK and authenticate using the below sample code..
//SAML Authentication: This authentication support assumes you have a mechanism for obtaining a SAML assertion, samlAssertion from the user's IdP.
var sfClient = new ShareFileClient("https://secure.sf-api.com/sf/v3/");
var oauthService = new OAuthService(sfClient, "[clientid]", "[clientSecret]");
var oauthToken = await oauthService.ExchangeSamlAssertionAsync(samlAssertion,
subdomain, applicationControlPlane);
sfClient.AddOAuthCredentials(oauthToken);
sfClient.BaseUri = oauthToken.GetUri();
So I have the IdP, but I have not had any luck researching how exactly to make use of the token it has provided me to create that "samlAssertion" parameter..
I have found the answer to this.
The SAML assertion can be found in the ClaimsIdentity
var icp = System.Security.Claims.ClaimsPrincipal.Current;
var claimsIdentity = icp.Identity as System.Security.Claims.ClaimsIdentity;
var token = claimsIdentity.BootstrapContext as System.IdentityModel.Tokens.BootstrapContext;
For this to be populated you need to add the following to the web.config:
<identityConfiguration saveBootstrapContext="true">