WebEx

WebEx

关注
发信
关注(28)粉丝(399)

c# - 如何将WebEx的XML-API与SSO(SAML)结合使用

我正在编写一个小工具,使用支持票证信息与我们的支持客户一起打开webex。
当网站使用用户名/密码时,我可以让它工作,现在我们使用sso。
WebEx服务器已经设置为接受SSO(由我们的IT经理而不是我)。
WebEx参考(链接在下面)没有详细说明,官方网站上的WebEx开发论坛是如此的沉寂,没有关于这个主题的答案,所以我决定在这里试试运气。posted this same question over the official forum
有人知道如何使下面的代码实际工作吗?
进入<samlResponse>标记的内容,并将代码中的下面一行替换为可以正常工作的内容:

    <samlResponse>samlResponse message will go here</samlResponse>

文档中的saml断言(见下文)是什么意思?
我现在发现的
webex的XML-API documentation(第68页)描述了以下内容:
3.1认证者
authenticateuser api将接受saml断言来代替用户密码。这个
返回的可用于后续的xml api请求,而无需使用
在超级管理员中定义的会话持续时间内。这可以代替当前对和进行身份验证的要求。

下面的架构图显示authenticateuser请求的元素结构
消息。
然后它提供了xml模式图和一个示例。
参考示例.net代码(不使用saml),我得到了以下代码:
string strXMLServer = "https://varonis.webex.com/WBXService/XMLService";
WebRequest request = WebRequest.Create(strXMLServer);
// Set the Method property of the request to POST.
request.Method = "POST";
// Set the ContentType property of the WebRequest.
request.ContentType = "application/x-www-form-urlencoded";

// Create POST data and convert it to a byte array.
Func<StringBuilder, StringBuilder> webExXML =
    bodySB => new StringBuilder(1024) // Currently 294 bytes in length
        .AppendLine("<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>")
        .Append("<serv:message xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"")
        .Append(" xmlns:serv=\"http://www.webex.com/schemas/2002/06/service\"")
        .Append(" xsi:schemaLocation=\"http://www.webex.com/schemas/2002/06/service")
        .Append(" http://www.webex.com/schemas/2002/06/service/service.xsd\">")
        .AppendLine("<header>")
        .AppendLine("<securityContext>")
        .AppendLine("<siteName>siteName</siteName>")
        .AppendLine("<webExID>username</webExID>")
        .AppendLine("<password></password>")
        .AppendLine("<partnerID></partnerID>")
        .AppendLine("</securityContext>")
        .AppendLine("</header>")
        .AppendLine()
        .AppendLine("<body>")
        .Append(bodySB)
        .AppendLine()
        .AppendLine("</body>")
        .AppendLine("</serv:message>");

var xmlAuthBodyContent = new StringBuilder()
    .AppendLine("<bodyContent ")
    .AppendLine("xsi:type=\"java:com.webex.service.binding.user.AuthenticateUser\">")
    .AppendLine("<samlResponse>samlResponse message will go here</samlResponse>")
    .AppendLine("</bodyContent>");

byte[] byteArray = Encoding.UTF8.GetBytes(webExXML(xmlAuthBodyContent).ToString());

// Set the ContentLength property of the WebRequest.
request.ContentLength = byteArray.Length;

// Get the request stream.
Stream dataStream = request.GetRequestStream();
// Write the data to the request stream.
dataStream.Write(byteArray, 0, byteArray.Length);
// Close the Stream object.
dataStream.Close();
// Get the response.
WebResponse response = request.GetResponse();

DataSet DSResponse = new DataSet();
DSResponse.ReadXml(response.GetResponseStream());
DSResponse.GetXml().Dump();

我得到的结果是:
<serv:message xmlns:serv="http://www.webex.com/schemas/2002/06/service">
<serv:header>
    <serv:response>
    <serv:result>FAILURE</serv:result>
    <serv:reason>Authentication Server can't generate a valid session ticket</serv:reason>
    <serv:gsbStatus>PRIMARY</serv:gsbStatus>
    <serv:exceptionID>030048</serv:exceptionID>
    <serv:subErrors>
        <serv:subError>
        <serv:exceptionID>AS0062</serv:exceptionID>
        <serv:reason>Validate assertion failed</serv:reason>
        <serv:value />
        </serv:subError>
    </serv:subErrors>
    </serv:response>
</serv:header>
<serv:body>
    <serv:bodyContent />
</serv:body>
</serv:message>

最佳答案

很抱歉线程死灵术,但这里的答案并没有那么有用,我想我会在c(在adfs 3.0服务器上测试)中包含一个完整的工作示例,从上面的代码中被黑到一起,再加上一些附加项:

 var handler = new HttpClientHandler
        {
            UseDefaultCredentials = true,
            AllowAutoRedirect = true,
            CookieContainer = new System.Net.CookieContainer(),
            UseCookies = true
        };
        var client = new HttpClient(handler) {MaxResponseContentBufferSize = 256000};
        client.DefaultRequestHeaders.Add("User-Agent", "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)");
        client.DefaultRequestHeaders.Add("Connection", "Keep-Alive");
        client.DefaultRequestHeaders.ExpectContinue = false;


        var samlResponseString = client
            .GetStringAsync(
                new Uri("https://AdfsServer/adfs/ls/IdpInitiatedSignOn.aspx?logintoRP=RPIdentifier")).Result;


        var parsedSamlResponse = "";
        Regex reg = new Regex("SAMLResponse\\W+value\\=\\\"([^\\\"]+)\\\"");
        MatchCollection matches = reg.Matches(samlResponseString);
        foreach (Match m in matches)
        {
            parsedSamlResponse =  m.Groups[1].Value;
        }

        string strXMLServer = "https://mysite.webex.com/WBXService/XMLService";
        WebRequest request = WebRequest.Create(strXMLServer);
// Set the Method property of the request to POST.
        request.Method = "POST";
// Set the ContentType property of the WebRequest.
        request.ContentType = "application/x-www-form-urlencoded";

// Create POST data and convert it to a byte array.
        Func<StringBuilder, StringBuilder> webExXML =
            bodySB => new StringBuilder(1024) // Currently 294 bytes in length
                .AppendLine("<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>")
                .Append("<serv:message xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"")
                .Append(" xmlns:serv=\"http://www.webex.com/schemas/2002/06/service\"")
                .Append(" xsi:schemaLocation=\"http://www.webex.com/schemas/2002/06/service")
                .Append(" http://www.webex.com/schemas/2002/06/service/service.xsd\">")
                .AppendLine("<header>")
                .AppendLine("<securityContext>")
                .AppendLine("<siteName>siteName</siteName>")
                .AppendLine("<webExID>adminUsername</webExID>")
                .AppendLine("</securityContext>")
                .AppendLine("</header>")
                .AppendLine()
                .AppendLine("<body>")
                .Append(bodySB)
                .AppendLine()
                .AppendLine("</body>")
                .AppendLine("</serv:message>");

        var xmlAuthBodyContent = new StringBuilder()
            .AppendLine("<bodyContent ")
            .AppendLine("xsi:type=\"java:com.webex.service.binding.user.AuthenticateUser\">")
            .AppendLine($"<samlResponse>{parsedSamlResponse}</samlResponse>")
            .AppendLine("<protocol>SAML2.0</protocol>")
            .AppendLine("</bodyContent>");

        byte[] byteArray = Encoding.UTF8.GetBytes(webExXML(xmlAuthBodyContent).ToString());

// Set the ContentLength property of the WebRequest.
        request.ContentLength = byteArray.Length;

// Get the request stream.
        Stream dataStream = request.GetRequestStream();
// Write the data to the request stream.
        dataStream.Write(byteArray, 0, byteArray.Length);
// Close the Stream object.
        dataStream.Close();
// Get the response.
        WebResponse response = request.GetResponse();

        DataSet DSResponse = new DataSet();
        DSResponse.ReadXml(response.GetResponseStream());
        string xmlResponse = DSResponse.GetXml();

更改代码以反映您的adfs服务器、rp标识符、webex站点名称和管理员用户名。
缺少的重要部分:
从adfs获取samlResponse的代码
protocol块中的bodyContent标记(设置为SAML2.0

09-27 05:48
Powered by LMLPHP ©2024 WebEx 0.026214