using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.WsFederation; using Microsoft.Extensions.Logging; using Microsoft.IdentityModel.Tokens; using Serilog; using System.Security.Claims; using Microsoft.IdentityModel.Protocols.WsFederation; var builder = WebApplication.CreateBuilder(args); var logger = new LoggerConfiguration() .ReadFrom.Configuration(builder.Configuration) .Enrich.FromLogContext() .WriteTo.File("C:\\temp\\Logs\\sqs.txt") .CreateLogger(); builder.Services.AddAuthentication(sharedOptions => { sharedOptions.DefaultAuthenticateScheme = WsFederationDefaults.AuthenticationScheme; sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; sharedOptions.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme; }) .AddCookie() .AddWsFederation(options => { options.MetadataAddress = "https://idp.example.com/FederationMetadata/2007-06/FederationMetadata.xml"; options.Wtrealm = "urn:DevDotNet"; options.CallbackPath = new PathString("/Home/Privacy"); options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidIssuer = "https://idp.example.com", ValidateAudience = true, ValidAudience = "urn:DevDotNet", ValidateLifetime = true, ClockSkew = TimeSpan.FromMinutes(5) }; options.Events = new WsFederationEvents() { OnTicketReceived = context => { logger.Error("OnTicketReceived"); foreach (var claim in context.Principal.Claims) { //logger.LogInformation("WS-Federation Claim: {Type} - {Value}", claim.Type, claim.Value); } return Task.CompletedTask; }, OnAuthenticationFailed = context => { logger.Error("OnAuthenticationFailed"); return Task.CompletedTask; }, OnSecurityTokenReceived = c => { logger.Error("OnSecurityTokenReceived"); return Task.CompletedTask; }, OnAccessDenied = c => { logger.Error("OnAccessDenied"); return Task.CompletedTask; }, OnMessageReceived = c => { logger.Error("OnMessageReceived"); return Task.CompletedTask; }, OnRedirectToIdentityProvider = c => { logger.Error("OnRedirectToIdentityProvider"); return Task.CompletedTask; }, OnRemoteFailure = c => { logger.Error("OnRemoteFailure"); return Task.CompletedTask; }, OnRemoteSignOut = c => { logger.Error("OnRemoteSignOut"); return Task.CompletedTask; }, OnSecurityTokenValidated = c => { var roleClaim = c.Principal.FindFirst(ClaimTypes.Role); if (roleClaim != null) { c.Success(); } logger.Error("OnSecurityTokenValidated"); return Task.CompletedTask; } }; }); // Add services to the container. builder.Services.Configure(options => { options.CheckConsentNeeded = context => true; options.MinimumSameSitePolicy = SameSiteMode.None; }); builder.Services.AddControllersWithViews(); builder.Logging.ClearProviders(); builder.Logging.AddSerilog(logger); logger.Error("test"); var app = builder.Build(); app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseAuthentication(); app.UseAuthorization(); app.MapControllerRoute( name: "default", pattern: "{controller=Home}/{action=Index}/{id?}"); app.Run();