Hello,
We are having some issues reading the attribute values present in SAML response.
We expect the following call to populate the Attributes collection, which it does, it populates the collection with Key names, but no corresponding value??
var ssoResult = await SamlServiceProvider.ReceiveSsoAsync();
Section of SAML response from trace looks like this…
<saml2:Subject xmlns:saml2=“urn:oasis:names:tc:SAML:2.0:assertion”><saml2:NameID Format=“urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified”>test@me.ssss.org</saml2:NameID><saml2:SubjectConfirmation Method=“urn:oasis:names:tc:SAML:2.0:cm:bearer”><saml2:SubjectConfirmationData InResponseTo=“_19aa28d3-3e9f-49bd-8f1b-8c9b62e3475e” NotOnOrAfter=“2021-07-23T15:56:11.111Z” Recipient=“</saml2:SubjectConfirmation></saml2:Subject>saml2:Conditions"https://id.ssss.com/saml/assert”/></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions NotBefore=“2021-07-23T15:46:11.111Z” NotOnOrAfter=“2021-07-23T15:56:11.111Z” xmlns:saml2=“urn:oasis:names:tc:SAML:2.0:assertion”>saml2:AudienceRestrictionsaml2:AudienceNepris-App</saml2:Audience></saml2:AudienceRestriction>
</saml2:Conditions><saml2:AuthnStatement AuthnInstant=“2021-07-23T15:51:10.533Z” SessionIndex=“_19aa28d3-3e9f-49bd-8f1b-8c9b62e3475e” xmlns:saml2=“urn:oasis:names:tc:SAML:2.0:assertion”>saml2:AuthnContext
saml2:AuthnContextClassRefurn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef></saml2:AuthnContext>
</saml2:AuthnStatement>
<saml2:AttributeStatement xmlns:saml2=“urn:oasis:names:tc:SAML:2.0:assertion”><saml2:Attribute Name=“First” NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified”><saml2:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>Test User</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name=“Last” NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified”><saml2:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>Last Name</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name=“Email” NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified”><saml2:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>test@me.ssss.org</saml2:AttributeValue></saml2:Attribute><saml2:Attribute Name=“Role” NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified”><saml2:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>Staff</saml2:AttributeValue></saml2:Attribute></saml2:AttributeStatement>
The result of SamlServiceProvider.ReceiveSsoAsync() as JSON,
{
“__type”: “ComponentSpace.Saml2.SpSsoResult, ComponentSpace.Saml2”,
“partnerName”: "<a href=“http://www.okta.com/XXXXXXXXXXXXXXX",">http://www.okta.com/XXXXXXXXXXXXXXX",</a><br/>"isInResponseTo”: true,
“userID”: “test@me.ssss.org”,
“attributes”: [{
“name”: “First”,
“nameFormat”: “urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified”,
“attributeValues”: [{
“data”: [
[]
],
“type”: “xs:string”,
“xmlAttributes”: {
“xmlns:xs”: “<a href=“http://www.w3.org/2001/XMLSchema",">http://www.w3.org/2001/XMLSchema",</a><br/>"xmlns:xsi”: “<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance”
}
}]
}, {
“name”: “Last”,
“nameFormat”: “urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified”,
“attributeValues”: [{
“data”: [
[]
],
“type”: “xs:string”,
“xmlAttributes”: {
“xmlns:xs”: “<a href=“http://www.w3.org/2001/XMLSchema",">http://www.w3.org/2001/XMLSchema",</a><br/>"xmlns:xsi”: “<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance”
}
}]
}, {
“name”: “Email”,
“nameFormat”: “urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified”,
“attributeValues”: [{
“data”: [
[]
],
“type”: “xs:string”,
“xmlAttributes”: {
“xmlns:xs”: “<a href=“http://www.w3.org/2001/XMLSchema",">http://www.w3.org/2001/XMLSchema",</a><br/>"xmlns:xsi”: “<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance”
}
}]
}, {
“name”: “Role”,
“nameFormat”: “urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified”,
“attributeValues”: [{
“data”: [
[]
],
“type”: “xs:string”,
“xmlAttributes”: {
“xmlns:xs”: “<a href=“http://www.w3.org/2001/XMLSchema",">http://www.w3.org/2001/XMLSchema",</a><br/>"xmlns:xsi”: “<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance"</a><br/>}<br/>}]<br/>}],<br/>"authnContext”: “urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport”,
“relayState”: “{"target":"/dashboard/my","app":"v3"}”
}
All and any help is greatly appreciated
Thanks,
Binu
I’ll have to check this but I suspect this is a JSON serialization issue. The data type is IEnumerable. Typically you use the AttributeValue.ToString() method to convert a simple attribute value to a string.
[quote]
[/quote]
I suspected the same, so I did logged the following just to check,
ssoResult.Attributes.SingleOrDefault(c => c.Name == "Name")?.ToString();
-- this ended being empty string.
I didn’t see an attribute with the name “Name”.
Try the following:
ssoResult.Attributes.SingleOrDefault(c => c.Name == “First”)?.ToString();
[quote]
[/quote]
I think you are right, it looks like a JSON serialization issue.
I enumerated the object hierarchy and was able to pull the data out of all XML Nodes.
Thank you for your help
You’re welcome.