using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.WsFederation; using Microsoft.Extensions.Logging; using Microsoft.IdentityModel.Tokens; using Serilog; using System.Security.Claims; using Microsoft.IdentityModel.Protocols.WsFederation; var builder = WebApplication.CreateBuilder(args); var logger = new LoggerConfiguration() .ReadFrom.Configuration(builder.Configuration) .Enrich.FromLogContext() .CreateLogger(); builder.Services.AddAuthentication(sharedOptions => { sharedOptions.DefaultAuthenticateScheme = WsFederationDefaults.AuthenticationScheme; sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; sharedOptions.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme; }) .AddCookie() .AddWsFederation(options => { options.MetadataAddress = "https://example.com/FederationMetadata/2007-06/FederationMetadata.xml"; options.Wtrealm = "urn:DevDotNet"; options.Wreply = "https://testdev.com/"; options.Events = new WsFederationEvents() // Configure events for logging { OnTicketReceived = context => { logger.Error("OnTicketReceived"); foreach (var claim in context.Principal.Claims) { //logger.LogInformation("WS-Federation Claim: {Type} - {Value}", claim.Type, claim.Value); } return Task.CompletedTask; }, OnAuthenticationFailed = context => { logger.Error("OnAuthenticationFailed"); return Task.CompletedTask; }, OnSecurityTokenReceived = c => { logger.Error("OnSecurityTokenReceived"); return Task.CompletedTask; }, OnAccessDenied = c => { logger.Error("OnAccessDenied"); return Task.CompletedTask; }, OnMessageReceived = c => { logger.Error("OnMessageReceived"); return Task.CompletedTask; }, OnRedirectToIdentityProvider = c => { logger.Error("OnRedirectToIdentityProvider"); return Task.CompletedTask; }, OnRemoteFailure = c => { logger.Error("OnRemoteFailure"); return Task.CompletedTask; }, OnRemoteSignOut = c => { logger.Error("OnRemoteSignOut"); return Task.CompletedTask; }, OnSecurityTokenValidated = c => { var roleClaim = c.Principal.FindFirst(ClaimTypes.Role); if (roleClaim != null) { c.Success(); } logger.Error("OnSecurityTokenValidated"); return Task.CompletedTask; } }; }); // Add services to the container. builder.Services.Configure(options => { options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); builder.Services.AddControllersWithViews(); builder.Logging.ClearProviders(); builder.Logging.AddSerilog(logger); logger.Error("test"); var app = builder.Build(); app.UseRouting(); app.UseAuthentication(); // Configure the HTTP request pipeline. if (!app.Environment.IsDevelopment()) { app.UseExceptionHandler("/Home/Error"); // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. app.UseHsts(); } app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseAuthorization(); app.MapControllerRoute( name: "default", pattern: "{controller=Home}/{action=Index}/{id?}"); app.Run();