I’m probably asking a question that has been answered but I’ve searched throufgh here and can’t find an answer. I’m porting a previous SSO implementation from .net to .net core. I have the new dlls, etc. But obviously several things are differnet.

The one thing I can’t figure out is how to sign the assertion.

Before I used: SAMLAssertionSignature.Generate. The codew is: SAMLAssertionSignature.Generate(samlAssertionXml, x509Certificate.PrivateKey, x509Certificate);

But I can’t find SamlAssertionSignature. anywhere. Can someone help me to know what the replacement is? Or how to create the signature.

Thank you.

If you take a look at the GenerateSignature project under the Examples\Signature folder you’ll see an example of generating a SAML assertion signature.

You would use dependency injection to access the IXmlSignature interface and call IXmlSignature.Generate.

However, I strongly recommend not going down this path but instead calling the SAML high-level API as demonstrated by the ExampleIdentityProvider project under the Examples\SSO folder.

You call ISamlIdentityProvider.InitiateSsoAsync or ISamlIdentityProvider.SendSsoAsync to create and send a SAML response to the service provider as part of IdP-initiated or SP-initiated SSO respectively. These APIs are driven by SAML configuration which may be included in your appsettings.json. They handle the signing of the SAML assertion etc.

The Examples Guide walks you through the ExampleIdentityProvider and other example projects.

The Developer Guide and Configuration Guide document the SAML API and SAML configuration.

You’ll find these guides under the documentation folder.