dsolovay · December 8, 2021 06:01 · Sep 16, 2021 · Sep 16, 2021 · Sep 16, 2021 · Sep 15, 2021
diff --git a/Sitecore.Plugin.manifest b/Sitecore.Plugin.manifest
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<SitecorePlugin PluginName="SitecoreIdentitySamlDemo" AssemblyName="SitecoreIdentitySamlDemo" Version="1.0.0">
+  <Dependencies>
+    <Dependency name="Sitecore.Plugin.IdentityProviders">5.1.1</Dependency>
+  </Dependencies>
+  <Tags />
+</SitecorePlugin>
diff --git a/Package Manager Console commands b/Package Manager Console commands
@@ -0,0 +1,3 @@
+Install-Package Sitecore.Plugin.IdentityProviders -Version 5.1.1 -Source https://sitecore.myget.org/F/sc-identity/api/v3/index.json
+Install-Package IdentityServer4 -Version 2.3.2 
+Install-Package Sustainsys.Saml2.AspNetCore2 -Version 2.8.0
diff --git a/ConfigureSitecore.cs b/ConfigureSitecore.cs
@@ -18,7 +18,7 @@ public void ConfigureServices(IServiceCollection services)
       {
         options.SignInScheme = "idsrv.external";
         options.SignOutScheme = IdentityServerConstants.DefaultCookieAuthenticationScheme;
-        options.SPOptions.EntityId = new EntityId("https://testidserver2/Saml2");
+        options.SPOptions.EntityId = new EntityId("https://xp0identityserver.dev.local/Saml2");
         IdentityProvider provider = GetIdentityProvider(options.SPOptions);
         options.IdentityProviders.Add(provider);
       });

diff --git a/ConfigureSitecore.cs b/ConfigureSitecore.cs
@@ -8,28 +8,28 @@
 
 namespace SitecoreIdentitySamlDemo
 {
-	public class ConfigureSitecore
-	{
-		public void ConfigureServices(IServiceCollection services)
-		{
-			var builder = new AuthenticationBuilder(services);
+  public class ConfigureSitecore
+  {
+    public void ConfigureServices(IServiceCollection services)
+    {
+      var builder = new AuthenticationBuilder(services);
 
-			builder.AddSaml2("Saml2", "SSO Button Text", options =>
-			{
-				options.SignInScheme = "idsrv.external";
-				options.SignOutScheme = IdentityServerConstants.DefaultCookieAuthenticationScheme;
-				options.SPOptions.EntityId = new EntityId("https://testidserver2/Saml2");
-				IdentityProvider provider = GetIdentityProvider(options.SPOptions);
-				options.IdentityProviders.Add(provider);
-			});
-		}
+      builder.AddSaml2("Saml2", "SSO Button Text", options =>
+      {
+        options.SignInScheme = "idsrv.external";
+        options.SignOutScheme = IdentityServerConstants.DefaultCookieAuthenticationScheme;
+        options.SPOptions.EntityId = new EntityId("https://testidserver2/Saml2");
+        IdentityProvider provider = GetIdentityProvider(options.SPOptions);
+        options.IdentityProviders.Add(provider);
+      });
+    }
 
-		private IdentityProvider GetIdentityProvider(SPOptions options)
-		{
-			var idp = new IdentityProvider(new EntityId("https://stubidp.sustainsys.com/Metadata"), options);
-			idp.Binding = Saml2BindingType.HttpPost;
-			idp.LoadMetadata = true;
-			return idp;
-		}
-	}
+    private IdentityProvider GetIdentityProvider(SPOptions options)
+    {
+      var idp = new IdentityProvider(new EntityId("https://stubidp.sustainsys.com/Metadata"), options);
+      idp.Binding = Saml2BindingType.HttpPost;
+      idp.LoadMetadata = true;
+      return idp;
+    }
+  }
 }
diff --git a/Saml2Configuration.xml b/Saml2Configuration.xml
@@ -6,8 +6,7 @@
         <Saml2Configuration type="Sitecore.Plugin.IdentityProviders.IdentityProvider, Sitecore.Plugin.IdentityProviders">
           <AuthenticationScheme>Saml2</AuthenticationScheme>
           <DisplayName>Saml2 SSO</DisplayName>
-          <Enabled>true</Enabled>          
-          <MetadataAddress></MetadataAddress>
+          <Enabled>true</Enabled>
           <ClaimsTransformations>
             <ClaimsTransformation1 type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
               <SourceClaims>

diff --git a/Saml2Configuration.xml b/Saml2Configuration.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Settings>
+  <Sitecore>
+    <ExternalIdentityProviders>
+      <IdentityProviders>
+        <Saml2Configuration type="Sitecore.Plugin.IdentityProviders.IdentityProvider, Sitecore.Plugin.IdentityProviders">
+          <AuthenticationScheme>Saml2</AuthenticationScheme>
+          <DisplayName>Saml2 SSO</DisplayName>
+          <Enabled>true</Enabled>          
+          <MetadataAddress></MetadataAddress>
+          <ClaimsTransformations>
+            <ClaimsTransformation1 type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
+              <SourceClaims>
+                <Claim1 type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" />
+              </SourceClaims>
+              <NewClaims>
+                <Claim1 type="email" />
+              </NewClaims>
+            </ClaimsTransformation1 >
+            <ClaimsTransformation2 type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
+              <SourceClaims>
+                <Claim1 type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
+              </SourceClaims>
+              <NewClaims>
+                <Claim1 type="email" />
+              </NewClaims>
+            </ClaimsTransformation2>
+            <AuthorRule type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
+              <SourceClaims>
+                <Claim1 type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" value="Author" />
+              </SourceClaims>
+              <NewClaims>
+                <Claim1 type="role" value="sitecore\Author" />
+              </NewClaims>
+            </AuthorRule>
+            <AdminRule  type="Sitecore.Plugin.IdentityProviders.DefaultClaimsTransformation, Sitecore.Plugin.IdentityProviders">
+              <SourceClaims>
+                <Claim1 type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" value="Administrator" />
+              </SourceClaims>
+              <NewClaims>
+                <Claim1 type="http://www.sitecore.net/identity/claims/isAdmin" value="true"/>
+              </NewClaims>
+            </AdminRule>
+          </ClaimsTransformations>
+        </Saml2Configuration>
+      </IdentityProviders>
+    </ExternalIdentityProviders>
+  </Sitecore>
+</Settings>
diff --git a/ConfigureSitecore.cs b/ConfigureSitecore.cs
@@ -0,0 +1,35 @@
+using IdentityServer4;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+using Sustainsys.Saml2;
+using Sustainsys.Saml2.Configuration;
+using Sustainsys.Saml2.Metadata;
+using Sustainsys.Saml2.WebSso;
+
+namespace SitecoreIdentitySamlDemo
+{
+	public class ConfigureSitecore
+	{
+		public void ConfigureServices(IServiceCollection services)
+		{
+			var builder = new AuthenticationBuilder(services);
+
+			builder.AddSaml2("Saml2", "SSO Button Text", options =>
+			{
+				options.SignInScheme = "idsrv.external";
+				options.SignOutScheme = IdentityServerConstants.DefaultCookieAuthenticationScheme;
+				options.SPOptions.EntityId = new EntityId("https://testidserver2/Saml2");
+				IdentityProvider provider = GetIdentityProvider(options.SPOptions);
+				options.IdentityProviders.Add(provider);
+			});
+		}
+
+		private IdentityProvider GetIdentityProvider(SPOptions options)
+		{
+			var idp = new IdentityProvider(new EntityId("https://stubidp.sustainsys.com/Metadata"), options);
+			idp.Binding = Saml2BindingType.HttpPost;
+			idp.LoadMetadata = true;
+			return idp;
+		}
+	}
+}