AWSSAML.AWSSAMLUtils.GetSamlRoleCredentails C# (CSharp) Метод

Документация по классу AWSSAMLUtils Usage Examples Of AWSSAML.AWSSAMLUtils::GetSamlRoleCredentails Показать файл Открыть проект

GetSamlRoleCredentails() публичный Метод

public GetSamlRoleCredentails ( string samlAssertion, string awsRole ) : SessionAWSCredentials
samlAssertion	string
awsRole	string
Результат	Amazon.Runtime.SessionAWSCredentials

        public SessionAWSCredentials GetSamlRoleCredentails(string samlAssertion, string awsRole)
        {
            string[] role = awsRole.Split(',');

            AssumeRoleWithSAMLRequest samlRequest = new AssumeRoleWithSAMLRequest();
            samlRequest.SAMLAssertion = samlAssertion;
            samlRequest.RoleArn = role[1];
            samlRequest.PrincipalArn = role[0];
            samlRequest.DurationSeconds = 3600;

            AmazonSecurityTokenServiceClient sts;
            AssumeRoleWithSAMLResponse samlResponse;
            try {
                sts = new AmazonSecurityTokenServiceClient();
                samlResponse = sts.AssumeRoleWithSAML(samlRequest);
            }
            catch
            {
                sts = new AmazonSecurityTokenServiceClient("a", "b", "c");
                samlResponse = sts.AssumeRoleWithSAML(samlRequest);
            }

            SessionAWSCredentials sessionCredentials = new SessionAWSCredentials(
                samlResponse.Credentials.AccessKeyId,
                samlResponse.Credentials.SecretAccessKey,
                samlResponse.Credentials.SessionToken);

            return sessionCredentials;
        }

Usage Example

Пример #1

Показать файл

Файл: AWSSAML.cs Проект: pkiddie/aws-saml-adfs-cmdlet-sample

        protected override void ProcessRecord()
        {
            try
            {
                AWSSAMLUtils          awsSamlUtils          = new AWSSAMLUtils();
                SessionAWSCredentials awsSessionCredentials = null;

                ICredentials userCredentials = GetUserCredentials(useCurrentCredentials);

                Uri uri = new Uri(identityProviderUrl);
                NetworkCredential networkCredentials = userCredentials.GetCredential(uri, "");
                if (CredentialCache.DefaultCredentials != userCredentials)
                {
                    ImpersonateUser(networkCredentials.UserName, networkCredentials.Password, networkCredentials.Domain);
                }

                string   samlAssertion = awsSamlUtils.GetSamlAssertion(identityProviderUrl);
                string[] awsSamlRoles  = awsSamlUtils.GetAwsSamlRoles(samlAssertion);
                UnImpersonateUser();

                string awsSamlRole = null;
                if (roleIndex < awsSamlRoles.Length)
                {
                    awsSamlRole = awsSamlRoles[roleIndex];
                }
                else if (!string.IsNullOrEmpty(role))
                {
                    awsSamlRole = awsSamlRoles.FirstOrDefault(p => p.Contains(role));
                    if (awsSamlRole == null)
                    {
                        throw new ArgumentException(string.Format("role {0} not found in list of available roles: {1}", role, string.Join(", ", awsSamlRoles)));
                    }
                }
                else
                {
                    awsSamlRole = AskUserForAwsSamlRole(awsSamlRoles);
                }

                awsSessionCredentials = awsSamlUtils.GetSamlRoleCredentails(samlAssertion, awsSamlRole);
                SetPowershellSamlProfile(awsSessionCredentials.GetCredentials());
            }
            catch
            {
                throw;
            }
        }

All Usage Examples Of AWSSAML.AWSSAMLUtils::GetSamlRoleCredentails

AWSSAMLUtils

GetAwsSamlRoles

GetSamlAssertion

GetSamlRoleCredentails

getResult