Cleanup sample, remove saml idp functionality from duende dynamic providers sample

Author: SundasChoudyRsk

DuendeIdentityServer/DuendeDynamicProviders/Config.cs

@@ -5,8 +5,6 @@
 using Duende.IdentityServer.Models;
 using System.Collections.Generic;
 using Duende.IdentityServer;
-using Rsk.Saml;
-using Rsk.Saml.Models;
 
 namespace DuendeDynamicProviders
 {
@@ -44,25 +42,12 @@ public static IEnumerable<Client> GetClients()
             {
                 new Client
                 {
-                    ClientId = "https://localhost:5002/saml",
-                    ClientName = "RSK SAML2P Test Client - Multiple SP",
-                    ProtocolType = IdentityServerConstants.ProtocolTypes.Saml2p,
+                    ClientId = "https://localhost:5002",
+                    ClientName = "client",
+                    ProtocolType = IdentityServerConstants.ProtocolTypes.OpenIdConnect,
                     AllowedScopes = {"openid", "profile"}
                 }
             };
         }
-
-        public static IEnumerable<ServiceProvider> GetServiceProviders()
-        {
-            return new[]
-            {
-                new ServiceProvider
-                {
-                    EntityId = "https://localhost:5002/saml",
-                    AssertionConsumerServices =
-                        {new Service(SamlConstants.BindingTypes.HttpPost, "https://localhost:5002/signin-saml-4")}
-                }
-            };
-        }
     }
 }

DuendeIdentityServer/DuendeDynamicProviders/Startup.cs

@@ -8,7 +8,6 @@
 using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.DependencyInjection;
 using Rsk.AspNetCore.Authentication.Saml2p;
-using Rsk.Saml.Configuration;
 using System.Security.Cryptography.X509Certificates;
 using Rsk.Saml.DuendeIdentityServer.DynamicProviders;
 
@@ -32,23 +31,18 @@ public void ConfigureServices(IServiceCollection services)
             builder.AddInMemoryClients(Config.GetClients());
             builder.AddSigningCredential(new X509Certificate2("testclient.pfx", "test"));
 
-            // OPTIONAL - only required if you want to be a SAML IdP too
-            builder.AddSamlPlugin(options =>
-                {
-                    options.Licensee = "";
-                    options.LicenseKey = "";
-                    options.WantAuthenticationRequestsSigned = false;
-                })
-                .AddInMemoryServiceProviders(Config.GetServiceProviders());
-
             // SP configuration - dynamic providers
             builder.AddSamlDynamicProvider(options =>
                 {
                     // unstorable/reusable data, such as license information and events. This will override the data stored
                     options.Licensee = "";
                     options.LicenseKey = "";
                 })
+
+                // Use EntityFramework store for storing identity providers
                 //.AddIdentityProviderStore<SamlIdentityProviderStore>();
+
+                // use in memory store for storing identity providers
                 .AddInMemoryIdentityProviders(new List<SamlDynamicIdentityProvider>
                 {
                     new SamlDynamicIdentityProvider
@@ -68,12 +62,12 @@ public void ConfigureServices(IServiceCollection services)
                             ServiceProviderOptions = new SpOptions
                             {
                                 EntityId = "https://localhost:5004/saml",
-                                MetadataPath = "/saml/metadata-sp",
+                                MetadataPath = "/federation/saml/metadata",
                                 SignAuthenticationRequests = false // OPTIONAL - use if you want to sign your auth requests
                             },
 
                             NameIdClaimType = "sub",
-                            CallbackPath = "/federation/saml/signin-saml", // Duende prefixes "/federation/{scheme}" to call back paths
+                            CallbackPath = "/federation/saml/signin-saml", // Duende prefixes "/federation/{scheme}" to all paths
                             SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme,
                         },
 
@@ -95,8 +89,7 @@ public void Configure(IApplicationBuilder app)
             app.UseStaticFiles();
             app.UseRouting();
 
-            app.UseIdentityServer()
-                .UseIdentityServerSamlPlugin(); // OPTIONAL - only required if you want to be a SAML IdP too
+            app.UseIdentityServer();
 
             app.UseAuthorization();
 

spWithMultipleIdps/Startup.cs

@@ -76,30 +76,6 @@ public void ConfigureServices(IServiceCollection services)
                     options.NameIdClaimType = "sub";
                     options.CallbackPath = "/signin-saml-3";
                     options.SignInScheme = "cookie";
-                })
-                .AddSaml2p("duendeDynamicProviders", options =>
-                {
-                    options.Licensee = "";
-                    options.LicenseKey = "";
-
-                    options.IdentityProviderOptions = new IdpOptions
-                    {
-                        EntityId = "https://localhost:5004",
-                        SigningCertificates = { new X509Certificate2("testclient.cer") },
-                        SingleSignOnEndpoint = new SamlEndpoint("https://localhost:5004/saml/sso", SamlBindingTypes.HttpRedirect),
-                        SingleLogoutEndpoint = new SamlEndpoint("https://localhost:5004/saml/slo", SamlBindingTypes.HttpRedirect),
-                    };
-
-                    options.ServiceProviderOptions = new SpOptions
-                    {
-                        EntityId = "https://localhost:5002/saml",
-                        MetadataPath = "/saml/metadata-saml-4",
-                        SignAuthenticationRequests = false
-                    };
-
-                    options.NameIdClaimType = "sub";
-                    options.CallbackPath = "/signin-saml-4";
-                    options.SignInScheme = "cookie";
                 });
         }
 

spWithMultipleIdps/Views/Home/Index.cshtml

@@ -23,6 +23,5 @@
         <a asp-action="ChallengeScheme" asp-route-scheme="idp1" class="btn btn-default">Login with IdP1</a>
         <a asp-action="ChallengeScheme" asp-route-scheme="idp2" class="btn btn-default">Login with IdP2</a>
         <a asp-action="ChallengeScheme" asp-route-scheme="duende" class="btn btn-default">Login with Duende</a>
-        <a asp-action="ChallengeScheme" asp-route-scheme="duendeDynamicProviders" class="btn btn-default">Login with Duende Dynamic Providers</a>
     </div>
 </div>