| public GetSamlAssertion ( string identityProvider ) : string | ||
| identityProvider | string | |
| Результат | string | |
public string GetSamlAssertion(string identityProvider)
{
string samlAssertion = "";
HttpWebResponse response = getResult(identityProvider);
string responseStreamData;
using (StreamReader reader = new StreamReader(response.GetResponseStream()))
{
responseStreamData = reader.ReadToEnd();
}
Regex reg = new Regex("SAMLResponse\\W+value\\=\\\"([^\\\"]+)\\\"");
MatchCollection matches = reg.Matches(responseStreamData);
string last = null;
foreach (Match m in matches)
{
last = m.Groups[1].Value;
samlAssertion = last;
}
return samlAssertion;
}
protected override void ProcessRecord()
{
try
{
AWSSAMLUtils awsSamlUtils = new AWSSAMLUtils();
SessionAWSCredentials awsSessionCredentials = null;
ICredentials userCredentials = GetUserCredentials(useCurrentCredentials);
Uri uri = new Uri(identityProviderUrl);
NetworkCredential networkCredentials = userCredentials.GetCredential(uri, "");
if (CredentialCache.DefaultCredentials != userCredentials)
{
ImpersonateUser(networkCredentials.UserName, networkCredentials.Password, networkCredentials.Domain);
}
string samlAssertion = awsSamlUtils.GetSamlAssertion(identityProviderUrl);
string[] awsSamlRoles = awsSamlUtils.GetAwsSamlRoles(samlAssertion);
UnImpersonateUser();
string awsSamlRole = null;
if (roleIndex < awsSamlRoles.Length)
{
awsSamlRole = awsSamlRoles[roleIndex];
}
else if (!string.IsNullOrEmpty(role))
{
awsSamlRole = awsSamlRoles.FirstOrDefault(p => p.Contains(role));
if (awsSamlRole == null)
{
throw new ArgumentException(string.Format("role {0} not found in list of available roles: {1}", role, string.Join(", ", awsSamlRoles)));
}
}
else
{
awsSamlRole = AskUserForAwsSamlRole(awsSamlRoles);
}
awsSessionCredentials = awsSamlUtils.GetSamlRoleCredentails(samlAssertion, awsSamlRole);
SetPowershellSamlProfile(awsSessionCredentials.GetCredentials());
}
catch
{
throw;
}
}
