{"id":13414822,"url":"https://github.com/jitbit/AspNetSaml","last_synced_at":"2025-03-14T22:32:09.232Z","repository":{"id":46030545,"uuid":"75106013","full_name":"jitbit/AspNetSaml","owner":"jitbit","description":"Very simple SAML 2.0 consumer module for ASP.NET/C#","archived":false,"fork":false,"pushed_at":"2024-12-02T20:22:05.000Z","size":123,"stargazers_count":388,"open_issues_count":3,"forks_count":121,"subscribers_count":18,"default_branch":"master","last_synced_at":"2025-03-10T00:27:25.816Z","etag":null,"topics":["asp-net","asp-net-core","asp-net-mvc","aspnetcore","dotnet","saml","saml-service-provider","saml2","single-sign-on","sso"],"latest_commit_sha":null,"homepage":"https://www.jitbit.com","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jitbit.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-11-29T17:38:15.000Z","updated_at":"2025-03-07T00:51:26.000Z","dependencies_parsed_at":"2024-03-01T11:54:06.331Z","dependency_job_id":null,"html_url":"https://github.com/jitbit/AspNetSaml","commit_stats":{"total_commits":96,"total_committers":9,"mean_commits":"10.666666666666666","dds":"0.41666666666666663","last_synced_commit":"233728ad836d5476ccd952da7aef585b4b80ca50"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jitbit%2FAspNetSaml","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jitbit%2FAspNetSaml/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jitbit%2FAspNetSaml/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jitbit%2FAspNetSaml/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jitbit","download_url":"https://codeload.github.com/jitbit/AspNetSaml/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243658055,"owners_count":20326459,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["asp-net","asp-net-core","asp-net-mvc","aspnetcore","dotnet","saml","saml-service-provider","saml2","single-sign-on","sso"],"created_at":"2024-07-30T21:00:37.329Z","updated_at":"2025-03-14T22:32:08.933Z","avatar_url":"https://github.com/jitbit.png","language":"C#","readme":"![](https://github.com/jitbit/AspNetSaml/actions/workflows/dotnet.yml/badge.svg)\n\n# AspNetSaml\n\nVery short and simple SAML 2.0 \"consumer\" implementation in C#.\n\nIt's a *SAML client* library, not a *SAML server*. As in - allows adding SAML single-sign-on to your ASP.NET app, but *not* to provide auth services to other apps. In other words, it's a library for \"service-providers\" not for \"identity providers\".\n\n## Installation\n\n`Install-Package AspNetSaml`\n\nAdds a very small .NET Standard 2.0 library (11KB dll) that works with both ASP.NET Core and the \"old\" ASP.NET Framework. Please refer to [releases](https://github.com/jitbit/AspNetSaml/releases) for the change log.\n\n# Usage\n\n## How SAML works? (please read this)\n\nSAML workflow has 2 steps:\n\n1. User is redirected to the SAML provider (with some magic in the query-string) where he authenticates\n2. User is redirected back to your app, where you validate the payload\n\nHere's how you do it (this example is for ASP.NET Core MVC):\n\n## 1. Redirecting the user to the saml provider:\n\n```c#\n//this example is an ASP.NET Core MVC action method\npublic IActionResult Login()\n{\n\t//TODO: specify the SAML provider url here, aka \"Endpoint\"\n\tvar samlEndpoint = \"http://saml-provider-that-we-use.com/login/\";\n\n\tvar request = new AuthRequest(\n\t\t\"http://www.myapp.com\", //TODO: put your app's \"entity ID\" here\n\t\t\"http://www.myapp.com/SamlConsume\" //TODO: put Assertion Consumer URL (where the provider should redirect users after authenticating)\n\t);\n\n\t//now send the user to the SAML provider\n\treturn Redirect(request.GetRedirectUrl(samlEndpoint));\n}\n```\n\n## 2. User has been redirected back\n\nUser is sent back to your app - you need to validate the SAML response (\"assertion\") that you recieved via POST.\n\nHere's an example of how you do it in ASP.NET Core MVC\n\n```c#\n//ASP.NET Core MVC action method... But you can easily modify the code for old .NET Framework, Web-forms etc.\npublic async Task\u003cIActionResult\u003e SamlConsume()\n{\n\t// 1. TODO: specify the certificate that your SAML provider gave you\n\tstring samlCertificate = @\"-----BEGIN CERTIFICATE-----\nBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAHBLAH123543==\n-----END CERTIFICATE-----\";\n\n\t// 2. Let's read the data - SAML providers usually POST it into the \"SAMLResponse\" var\n\tvar samlResponse = new Response(samlCertificate, Request.Form[\"SAMLResponse\"]);\n\n\t// 3. DONE!\n\tif (samlResponse.IsValid()) //all good?\n\t{\n\t\t//WOOHOO!!! the user is logged in\n\t\tvar username = samlResponse.GetNameID(); //let's get the username\n\t\t\n\t\t//the user has been authenticated\n\t\t//now call context.SignInAsync() for ASP.NET Core\n\t\t//or call FormsAuthentication.SetAuthCookie() for .NET Framework\n\t\t//or do something else, like set a cookie or something...\n\t\t\n\t\t//FOR EXAMPLE this is how you sign-in a user in ASP.NET Core 3,5,6,7\n\t\tawait context.SignInAsync(new ClaimsPrincipal(\n\t\t\tnew ClaimsIdentity(\n\t\t\t\tnew[] { new Claim(ClaimTypes.Name, username) },\n\t\t\t\tCookieAuthenticationDefaults.AuthenticationScheme)));\n\t\t\n\t\treturn Redirect(\"~/\");\n\t}\n\t\n\treturn Content(\"Unauthorized\");\n}\n```\n\n# Bonus: reading more attributes from the provider\n\nSAML providers usually send more data with their response: username, first/last names etc. Here's how to get it:\n\n```c#\nif (samlResponse.IsValid())\n{\n\t//WOOHOO!!! user is logged in\n\n\t//Some more optional stuff\n\t//let's extract username/firstname etc\n\ttry\n\t{\n\t\tvar username = samlResponse.GetNameID();\n\t\tvar email = samlResponse.GetEmail();\n\t\tvar firstname = samlResponse.GetFirstName();\n\t\tvar lastname = samlResponse.GetLastName();\n\t\t\n\t\t//or read some custom-named data that you know the IdP sends\n\t\tvar officeLocation = samlResponse.GetCustomAttribute(\"OfficeAddress\");\n\t}\n\tcatch (Exception ex)\n\t{\n\t\t//insert error handling code\n\t\t//in case some extra attributes are not present in XML, for example\n\t\treturn null;\n\t}\n}\n```\n\n# Notes about the source code\n\nAll the functionality sits in one single short file [Saml.cs](https://github.com/jitbit/AspNetSaml/blob/master/AspNetSaml/Saml.cs) other stuff in this repo are just unit tests, nuget-packaging etc. You can take that file and throw it in your project, it should work just fine.\n\nP.S. This library has been battle-tested for years in production in our [helpdesk app](https://www.jitbit.com/helpdesk/) please check it out if you're looking for a ticketing system for your team. Cheers.\n","funding_links":[],"categories":["Authentication and Authorization","认证和授权","C#","Authentication","C\\#","Libraries"],"sub_categories":["\u003ca name=\"authN-cSharp\"\u003e\u003c/a\u003eC#"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjitbit%2FAspNetSaml","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjitbit%2FAspNetSaml","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjitbit%2FAspNetSaml/lists"}