dsolovay · December 8, 2021 06:01 · dsolovay · Sep 23, 2021
diff --git a/ConfigureSitecore.cs b/ConfigureSitecore.cs
 using IdentityServer4;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.DependencyInjection;
 using Sustainsys.Saml2;
 using Sustainsys.Saml2.Configuration;
 using Sustainsys.Saml2.Metadata;
 using Sustainsys.Saml2.WebSso;

 namespace SitecoreIdentitySamlDemo
 {
  public class ConfigureSitecore
  {
    public void ConfigureServices(IServiceCollection services)
    {
      var builder = new AuthenticationBuilder(services);

      builder.AddSaml2("Saml2", "SSO Button Text", options =>
      {
        options.SignInScheme = "idsrv.external";
        options.SignOutScheme = IdentityServerConstants.DefaultCookieAuthenticationScheme;
        options.SPOptions.EntityId = new EntityId("https://xp0identityserver.dev.local/Saml2");
        IdentityProvider provider = GetIdentityProvider(options.SPOptions);
        options.IdentityProviders.Add(provider);
      });
    }

    private IdentityProvider GetIdentityProvider(SPOptions options)
    {
      var idp = new IdentityProvider(new EntityId("https://stubidp.sustainsys.com/Metadata"), options);
      idp.Binding = Saml2BindingType.HttpPost;
      idp.LoadMetadata = true;
      return idp;
    }
  }
 }
diff --git a/Package Manager Console commands b/Package Manager Console commands
 Install-Package Sitecore.Plugin.IdentityProviders -Version 5.1.1 -Source https://sitecore.myget.org/F/sc-identity/api/v3/index.json
 Install-Package IdentityServer4 -Version 2.3.2 
 Install-Package Sustainsys.Saml2.AspNetCore2 -Version 2.8.0
diff --git a/Saml2Configuration.xml b/Saml2Configuration.xml
 <?xml version="1.0" encoding="utf-8"?>
 <Settings>
  <Sitecore>
    <ExternalIdentityProviders>
      <IdentityProviders>
        <Saml2Configuration type="Sitecore.Plugin.IdentityProviders.IdentityProvider, Sitecore.Plugin.IdentityProviders">
          <AuthenticationScheme>Saml2</AuthenticationScheme>
          <DisplayName>Saml2 SSO</DisplayName>
          <Enabled>true</Enabled>
          <ClaimsTransformations>
            <ClaimsTransformation1 type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
              <SourceClaims>
                <Claim1 type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" />
              </SourceClaims>
              <NewClaims>
                <Claim1 type="email" />
              </NewClaims>
            </ClaimsTransformation1 >
            <ClaimsTransformation2 type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
              <SourceClaims>
                <Claim1 type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
              </SourceClaims>
              <NewClaims>
                <Claim1 type="email" />
              </NewClaims>
            </ClaimsTransformation2>
            <AuthorRule type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
              <SourceClaims>
                <Claim1 type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" value="Author" />
              </SourceClaims>
              <NewClaims>
                <Claim1 type="role" value="sitecore\Author" />
              </NewClaims>
            </AuthorRule>
            <AdminRule  type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
              <SourceClaims>
                <Claim1 type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" value="Administrator" />
              </SourceClaims>
              <NewClaims>
                <Claim1 type="http://www.sitecore.net/identity/claims/isAdmin" value="true"/>
              </NewClaims>
            </AdminRule>
          </ClaimsTransformations>
        </Saml2Configuration>
      </IdentityProviders>
    </ExternalIdentityProviders>
  </Sitecore>
 </Settings>
diff --git a/Sitecore.Plugin.manifest b/Sitecore.Plugin.manifest
 <?xml version="1.0" encoding="utf-8"?>
 <SitecorePlugin PluginName="SitecoreIdentitySamlDemo" AssemblyName="SitecoreIdentitySamlDemo" Version="1.0.0">
  <Dependencies>
    <Dependency name="Sitecore.Plugin.IdentityProviders">5.1.1</Dependency>
  </Dependencies>
  <Tags />
 </SitecorePlugin>
	using IdentityServer4;
	using Microsoft.AspNetCore.Authentication;
	using Microsoft.Extensions.DependencyInjection;
	using Sustainsys.Saml2;
	using Sustainsys.Saml2.Configuration;
	using Sustainsys.Saml2.Metadata;
	using Sustainsys.Saml2.WebSso;

	namespace SitecoreIdentitySamlDemo
	{
	public class ConfigureSitecore
	{
	public void ConfigureServices(IServiceCollection services)
	{
	var builder = new AuthenticationBuilder(services);

	builder.AddSaml2("Saml2", "SSO Button Text", options =>
	{
	options.SignInScheme = "idsrv.external";
	options.SignOutScheme = IdentityServerConstants.DefaultCookieAuthenticationScheme;
	options.SPOptions.EntityId = new EntityId("https://xp0identityserver.dev.local/Saml2");
	IdentityProvider provider = GetIdentityProvider(options.SPOptions);
	options.IdentityProviders.Add(provider);
	});
	}

	private IdentityProvider GetIdentityProvider(SPOptions options)
	{
	var idp = new IdentityProvider(new EntityId("https://stubidp.sustainsys.com/Metadata"), options);
	idp.Binding = Saml2BindingType.HttpPost;
	idp.LoadMetadata = true;
	return idp;
	}
	}
	}
	Install-Package Sitecore.Plugin.IdentityProviders -Version 5.1.1 -Source https://sitecore.myget.org/F/sc-identity/api/v3/index.json
	Install-Package IdentityServer4 -Version 2.3.2
	Install-Package Sustainsys.Saml2.AspNetCore2 -Version 2.8.0
	<?xml version="1.0" encoding="utf-8"?>
	<Settings>
	<Sitecore>
	<ExternalIdentityProviders>
	<IdentityProviders>
	<Saml2Configuration type="Sitecore.Plugin.IdentityProviders.IdentityProvider, Sitecore.Plugin.IdentityProviders">
	<AuthenticationScheme>Saml2</AuthenticationScheme>
	<DisplayName>Saml2 SSO</DisplayName>
	<Enabled>true</Enabled>
	<ClaimsTransformations>
	<ClaimsTransformation1 type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
	<SourceClaims>
	<Claim1 type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" />
	</SourceClaims>
	<NewClaims>
	<Claim1 type="email" />
	</NewClaims>
	</ClaimsTransformation1 >
	<ClaimsTransformation2 type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
	<SourceClaims>
	<Claim1 type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
	</SourceClaims>
	<NewClaims>
	<Claim1 type="email" />
	</NewClaims>
	</ClaimsTransformation2>
	<AuthorRule type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
	<SourceClaims>
	<Claim1 type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" value="Author" />
	</SourceClaims>
	<NewClaims>
	<Claim1 type="role" value="sitecore\Author" />
	</NewClaims>
	</AuthorRule>
	<AdminRule type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
	<SourceClaims>
	<Claim1 type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" value="Administrator" />
	</SourceClaims>
	<NewClaims>
	<Claim1 type="http://www.sitecore.net/identity/claims/isAdmin" value="true"/>
	</NewClaims>
	</AdminRule>
	</ClaimsTransformations>
	</Saml2Configuration>
	</IdentityProviders>
	</ExternalIdentityProviders>
	</Sitecore>
	</Settings>
	<?xml version="1.0" encoding="utf-8"?>
	<SitecorePlugin PluginName="SitecoreIdentitySamlDemo" AssemblyName="SitecoreIdentitySamlDemo" Version="1.0.0">
	<Dependencies>
	<Dependency name="Sitecore.Plugin.IdentityProviders">5.1.1</Dependency>
	</Dependencies>
	<Tags />
	</SitecorePlugin>