How do I extract friendlyname from an attribute.

MatthewBeste · September 28, 2018, 9:20am

Currently my code looks something like this:

Dim attributes As IDictionary(Of String, String) = Nothing

SAMLServiceProvider.ReceiveSSO(Request, isInResponseTo, partnerIdP, authnContext, userName, attributes, targeturl)

dim email as string = If(returnedAttributes.ContainsKey(“emailaddress”), returnedAttributes(“emailaddress”), Nothing)

Now most previous clients had sent attributes that looked like this:

<Attribute Name=“”=“”>“>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress”>temp@temp.org

This works fine. The new client is sending them like this:

<saml2:Attribute FriendlyName=“emailaddress” Name=“urn:oid:0.9.2342.19200300.100.1.3” NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:uri”>
saml2:AttributeValue temp@temp.org</saml2:AttributeValue>
</saml2:Attribute>

Is there any easy way to accommodate both?

The first client is using ADFS which is what most have used.
The second is using shibboleth.

ComponentSpace · September 28, 2018, 3:21pm

Yes. You’ll need to use the SAMLServiceProvider.ReceiveSSO overload that returns a SAMLAttribute array rather than the dictionary.
This gives you access to all the SAMl attribute properties including the friendly name.
You can then retrieve the specify attribute using code like the following.

var samlAttribute = samlAttributes.SingleOrDefault(
a => a.Name == “emailaddress” || a.FriendlyName == “emailaddress”);
var attributeValue = samlAttribute.ToString();