Making people work together! Folie 1 NEXPLORE AG Stefan von Niederhäusern Einfache Anwendung der SuisseID durch das Software Development KIT
Making people work together! Folie 2 Inhalt Was ist das SuisseID SDK /.NET Funktionalität Unterstützte Anwendungsfälle Demos
Making people work together! Folie 3 Was ist das SuisseID SDK/.NET? Ein Software Development Kit (SDK) ist eine Sammlung von Werkzeugen und Anwendungen, um eine Software zu erstellen. Toolkit … (englisch für Werkzeugsatz) ist ein Begriff aus der elektronischen Datenverarbeitung. Er bezeichnet allgemein eine Sammlung von Bibliotheken, Klassen und Schnittstellen, die das Erstellen von Computerprogrammen vereinfachen sollen. Ziel eines Toolkits ist es, einem Programmierer das Entwickeln von Anwendungen zu erleichtern, indem Standardfunktionen zur Verfügung gestellt werden
Making people work together! Folie 4 Was ist das SuisseID SDK/.NET? SuisseID SDK /.NET: Einfach einsetzbare Klassenbibliothek für die Integration von Webapplikationen (ASP.NET) mit der SuisseID Kern-Infrastruktur
Making people work together! Folie Positionierung des SuisseID SDK/.NET Wir befinden uns hier!
Making people work together! Folie 6 Funktionalität Abwicklung der Kommunikation zwischen SuisseID- enabled Applikation und IdP Erstellen von SAML 2.0 Requests Signieren von Requests Verarbeiten von Antworten des IdP Überprüfung der Signatur der Antworten Zugriff auf SuisseID Zertifikat
Making people work together! Folie
Making people work together! Folie
Making people work together! Folie UC1: Zertifikatsbasierte Authentifizierung
Making people work together! Folie UC2: Abfrage von Attributen beim IdP
Making people work together! Folie UC 3: Authentifizierung und Attributabfrage
Making people work together! Folie 12 Links Wiki Download SDKs + Demoapps Whitepaper
Making people work together! Folie 13 Fragen
Making people work together! Folie 14 Backup
Making people work together! Folie 15 What is the SuisseID SDK/.NET? Supported Use Cases API of the SuisseID SDK/.NET Code-Examples Extensions
Making people work together! Folie 16 API Goals Easy to use No SAML for the user Prepared for IoC / Dependency Injection Expandability possible Good testability through IoC-Concept Exception based
Making people work together! Folie API (Certificate)
Making people work together! Folie API (IdP Communication)
Making people work together! Folie API (Helpers)
Making people work together! Folie 20 What is the SuisseID SDK/.NET? Supported Use Cases API of the SuisseID SDK/.NET Code-Examples Extensions
Making people work together! Folie 21 Example Code 1: Build an AuthnRequest (1) var request = SuisseIdSdkObjectFactory.GetAuthenticationRequest(); // add claims needed request.Claims.Add( new ClaimDescriptor { Name = CoreClaimTypes.GivenName, IsRequired = true }); request.Claims.Add(new ClaimDescriptor { Name = CoreClaimTypes.Surname, IsRequired=true }); request.Claims.Add(new ClaimDescriptor { Name = CoreClaimTypes.DateOfBirth, IsRequired = true });
Making people work together! Folie 22 Example Code 1: Build an AuthnRequest (2) // set the endpoint URI from the IdP selector request.Destination = new Uri(" request.PrivacyNoticeAddress = new Uri(" // set return url request.AssertionConsumerServiceUrl = new Uri("
Making people work together! Folie 23 Example Code 2: Sending the request to the IdP // send the request with the request sender var requestSender = SuisseIdSdkObjectFactory.GetRequestSender(); requestSender.UserLanguage = Thread.CurrentThread.CurrentUICulture; requestSender.SendRequest( request, new HttpContextWrapper(HttpContext.Current) );
Making people work together! Folie 24 Example Code 3: Handling the response from the IdP (1) // get the response var responseHandler = SuisseIdSdkObjectFactory.GetResponseHandler(); // handle response var response = responseHandler.HandleResponse( this.ControllerContext.HttpContext); // get the requested claims var claim = response.AllClaims[CoreClaimTypes.IsOver18].Value; // MISSING: some checks and exception handling
Making people work together! Folie 25 What is the SuisseID SDK/.NET? Supported Use Cases API of the SuisseID SDK/.NET Code-Examples Extensions
Making people work together! Folie 26 SuisseID SDK Extensions Once authenticated, a user remains authenticated within the application until he explicitly logs out. The set of claims is persisted until the user explicitly logs out. Developers can use the familiar Principal and Identity objects. Codesamples and further explanation available in the Microsoft Whitepaper (
Making people work together! Folie 27 SuisseID SDK Extensions
Making people work together! Folie 28 Example Code 3: Handling the response from the IdP (1) // get the response var responseHandler = SuisseIdSdkObjectFactory.GetResponseHandler(); try { // handle response var response = responseHandler.HandleResponse( this.ControllerContext.HttpContext); // get the requested claims var claim = response.AllClaims[CoreClaimTypes.IsOver18];
Making people work together! Folie 29 Example Code 3: Handling the response from the IdP (2) // use claim data if (claim != null) { var value = (bool)claim.Value; } catch (StatusAbortedByUserException ex) { return this.View("ErrorUserAborted"); }