Page History
...
Først logges der ind i gateway'en. Der bruges en WCF service reference, SosiGWFacadeClient, der er lavet ud fra en WSDL fil:
Code Block | ||
---|---|---|
| ||
public static async Task LoginToGateway(IdCard idCard, X509Certificate2 userCert) { var sosiGwAssertion = idCard.GetAssertion<AssertionType>(); var security = new GW.Security { Timestamp = new GW.Timestamp { Created = DateTimeEx.UtcNowRound - TimeSpan.FromMinutes(5) }, Assertion = sosiGwAssertion }; const string endpointAddress = "http://test1.ekstern-test.nspop.dk:8080/sosigw/service/sosigw"; using var gwClient = new SosiGWFacadeClient(SosiGWSoapBinding, endpointAddress); var dig = (await gwClient.requestIdCardDigestForSigningAsync(security, "whatever")).requestIdCardDigestForSigningResponse; var digestHash = SHA1.HashData(dig.DigestValue); var signature = userCert.GetRSAPrivateKey().SignHash(digestHash, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1); var cardRequestBody = new signIdCardRequestBody { SignatureValue = signature, KeyInfo = new GW.KeyInfo { Item = new GW.X509Data { Item = userCert.Export(X509ContentType.Cert) } } }; // The STS signed card is saved in the sosiGw cache and is used for future calls through the proxy var res = (await gwClient.signIdCardAsync(security, cardRequestBody)).signIdCardResponse; if (res != signIdCardResponse.ok) { throw new Exception("Gateway logon error"); } // Convert the GW Assertion to a dgwsType Assertion var sosiGwAssertionDocument = SerializerUtil.Serialize(sosiGwAssertion).Root; SerializerUtil.Deserialize<Assertion>(sosiGwAssertionDocument, typeof(AssertionType).Name); } |
...
Herefter kan ID kort ombyttes til SAML tokens med 'Sosi2SamlStsClient':
...