How to create an ASP.NET Web App For Testing ADFS Claims
Do you sometimes wonder if your ADFS claims are issued correctly and have the appropriate naming? Testing claims rules can be hard.
Testing what claims you are actually receiving from your ADFS service can sometimes be difficult. This little web application can be used to test just that. This is currently not in ASP.NET Core, but I am working on it.
You need to create a trusted party for the web application in your ADFS service and the claims that you would like to verify/test. The app will basically also verify that your ADFS solution is capable of issuing claims.
Testing what claims you are actually receiving from your ADFS service can sometimes be difficult. This little web application can be used to test just that. This is currently not in ASP.NET Core, but I am working on it.
You need to create a trusted party for the web application in your ADFS service and the claims that you would like to verify/test. The app will basically also verify that your ADFS solution is capable of issuing claims.
Startup.cs
using Owin;
namespace PingAuth
{
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
ConfigureAuth(app);
}
}
}
Global.asax
using System.Web.Mvc;
using System.Web.Optimization;
using System.Web.Routing;
namespace PingAuth
{
public class MvcApplication : System.Web.HttpApplication
{
protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
}
}
Web.config
In Your web.config file it is vital to insert the correct path to the ADFS metadata provider (i.e Your internal ADFS server) and also you need to make sure that the configured Wtrealm is exactly the same as Your Relying Party (configured on the ADFS server).
<appSettings>
<add key="webpages:Version" value="3.0.0.0"/>
<add key="webpages:Enabled" value="true"/>
<add key="ClientValidationEnabled" value="true"/>
<add key="UnobtrusiveJavaScriptEnabled" value="true"/>
<add key="ida:ADFSMetadata" value="https://sso.xxx.xx/FederationMetadata/2007-06/FederationMetadata.xml"/>
<add key="ida:Wtrealm" value="https://localhost:44300/"/>
</appSettings>
The View - Index.cshtml
<div class="jumbotron">
<h2>@ViewBag.ClaimsIdentity.Name</h2>
<h3>Note: Cookies are cached. Remember to delete them if
you want to perform multiple tests. </h3>
</div>
<h3>Values from Identity</h3>
<div class="row">
<div class="col-md-4">IsAuthenticated : @ViewBag.ClaimsIdentity.IsAuthenticated</div>
<div class="col-md-4">Name : @ViewBag.ClaimsIdentity.Name</div>
<div class="col-md-4">AuthType : @ViewBag.ClaimsIdentity.AuthenticationType</div>
</div>
<h3>Claims from ClaimsIdentity</h3>
<div class="row">
<div class="col-md-6"><h3>Claim Type</h3></div>
<div class="col-md-6"><h3>Claim Value</h3></div>
</div>
@foreach (System.Security.Claims.Claim claim in ViewBag.ClaimsIdentity.Claims)
{
<div class="row">
<div class="col-md-6">@claim.Type</div
<div class="col-md-6">@claim.Value</div
</div>
}