/tokenservice_oioidws-net

Denne kodepakke er en opdatering til DIGST OIOIDWS for .NET brugere. Det er en midlertidig placering indtil koden overtages af DIGST. Mere information findes under https://github.com/digst/OIOIDWS.Net

Primary LanguageC#OtherNOASSERTION

README

Getting started with OIOIDWS.Net.Core

OIOIDWS.Net.Core is a .Net Core- based reference implementation of the OIOIDWS 1.0.1a profile.

The OIOIDWS.Net.Core components can be used by service providers to act as a Web Service Consumer (WSC) using the SOAP standard. Note that this Core implementation does not have functionality needed by a Web Service Producer (WSP).

This is the codebase that the OIOIDWS.Net.Core components are built from. All WSP examples found in this repository uses .Net framework.

Resource links

Repository content

  • Build: Contains build files that are used to build and publish the OIOIDWS.Net.Core Nuget package.

  • Docs: Contains guidelines about how to use OIOIDWS.Net.Core.

  • Examples: Contains examples that illustrates how to use OIOIDWS.Net.Core. In the Solution Explorer view in Visual Studio, the folder name is Examples.Core.

    • Digst.OioIdws.WscExampleCommon: This is a common code library shared across .NET Core client examples.
    • Digst.OioIdws.WscExampleCore: This example demonstrates how to use OIOIDWS.Net.Core to implement a .NET Core WSC that implements the SOAP variant of the OIOIDWS profile. Specifically, it shows how to obtain a direct token from the KOMBIT STS and then call a WSP using that token.
    • Digst.OioIdws.WscLocalTokenExampleCore: This example demonstrates how to use OIOIDWS.Net.Core to implement a .NET Core WSC that implements the SOAP variant of the OIOIDWS profile. Specifically, it shows how to obtain an OBO token from the KOMBIT STS and then call a WSP using that token.
    • Digst.OioIdws.WscProxyOBOExampleCore: This example demonstrates how to use OIOIDWS.Net.Core to implement a .NET Core WSC that implements the SOAP variant of the OIOIDWS profile. Specifically, it shows how to obtain a proxy OBO token from the KOMBIT STS and then call a WSP using that token.
    • Digst.OioIdws.WscExampleCoreNuget: This example is the same as Digst.OioIdws.WscExampleCore, but based on the latest public available Digst.OioIdws.WscCore NuGet package.
    • Digst.OioIdws.WscExampleCoreWithCode: This example is the same as Digst.OioIdws.WscExampleCore, but based on the latest public available Digst.OioIdws.WscCore NuGet package. It also initializes the Configuration object by code and eliminates the use of the app.config file.
    • Digst.OioIdws.DotnetWscJavaWspExampleCore: This example demonstrates how to run the .NET Core WSC/Client in the SOAP variant of OIOIDWS in the direct token scenario against a Java WSP/Server. Note that a Java WSP/Server must be up and running for this example to work. See the WSP section for instructions on how to prepare and run the Java WSP.
  • Misc: Contains various resources related to the project.

    • Certificates: Includes all necessary certificates for running the examples.
    • SOAP examples: Provides examples of requests and responses for both OioWsTrust communication between WSC <-> STS and WSC <-> WSP.
    • Specifications: Contains all PDF specifications related to OIOIDWS. These specifications are named [spec-name] and are referenced by that name. They are included solely to document the specifications as they existed during the development of the project.
    • Token examples: Features examples of tokens issued by the KOMBIT STS.
  • Setup: This folder contains PowerShell scripts that automatically set up the development environment.

  • Source: This folder contains the source code of the OIOIDWS.Net.Core library.

    • Digst.OioIdws.CommonCore: This is a common code library shared across .NET Core projects.
    • Digst.OioIdws.OioWsTrustCore: This project contains the .NET Core implementation of the [OIO-WST] specification.
    • Digst.OioIdws.SoapCore: This project contains the .NET Core implementation of the [OIO IDWS SOAP 1.1] specification.
    • Digst.OioIdws.WscCore: This project encapsulates the usage and configuration of Digst.OioIdws.SoapCore and Digst.OioIdws.OioWsTrustCore.
  • Tests: This folder contains various unit and integration test projects:

    • Digst.OioIdws.Common.TestUtils: This project contains common code used by the other test projects.
    • Digst.OioIdws.CommonCore.Test: This project contains tests for the Digst.OioIdws.CommonCore project.
    • Digst.OioIdws.IntegrationTests: This project contains integration tests for all normal STS, OBO token and proxy OBO token cases.
    • Digst.OioIdws.OioWsTrustCore.Test: This project contains tests for the Digst.OioIdws.CommonCore Digst.OioIdws.OioWsTrustCore projects.
    • Digst.OioIdws.SoapCore.Test: This project contains tests for the Digst.OioIdws.SoapCore project.
  • WspExamples: Contains examples that illustrates a WSP application.

    • Digst.OioIdws.WspExample: This is an WSP example hosted in a managed application (e.g. a .NET console application) that the WSC examples can call.
    • Digst.OioIdws.WspSvcExample:This is an WSP example hosted in an an Azure App Service that the WSC examples can call.
    • Digst.OioIdws.Wsp: This project encapsulates the usage and configuration of Digst.OioIdws.Soap.
    • Digst.OioIdws.Wsp.Wsdl: This project is part of the Digst.OioIdws.Wsp project and provides cross-platform capabilities for exposing ServiceMetadata (WSDL) by the .NET WSP. Usage is optional, but highly recommened as it will ease and minimize the amout of manual task for non-.NET WSC consuming the .NET WSP.
    • Digst.OioIdws.Common: This is a common code library shared across WSP example projects.
    • Digst.OioIdws.Soap: This project contains the implementation of the [OIO IDWS SOAP 1.1] specification.
  • DEVELOPER-NOTES.md: This file contains information relevant to maintainers of OIOIDWS.Net.Core.

  • Digst.OioIdws.Core.sln: This Visual Studio solution file contains all .NET Core projects, including example projects, but does not contain all WSP-related projects.

  • Digst.OioIdws.Core with WSP.sln: This Visual Studio solution file contains all projects, including all WSP-related projects.

  • README.md: This file.

Getting started

The source code contains everything you need to set up a demonstration environment that federates with the KOMBIT STS.

The full documentation of OIOIDWS.Net.Core is a combination of the various readme files, API documentation, and provided examples.

For a quick setup, follow these steps:

  • Run the script Setup\setup_prerequisites.ps1 from an elevated PowerShell. This installs all required certificates and performs sslcert bindings to host local websites using HTTPS.
  • Open the solution Digst.OioIdws.Core.sln in Visual Studio 2022 and build it (if you get errors on external dependencies, ensure NuGet packages are being restored).
  • The external IP address must be whitelisted at NETS to make revocation check of the test FOCES certificates.
  • Run one of example projects (Digst.OioIdws.WscExampleCore, Digst.OioIdws.WscLocalTokenExampleCore, Digst.OioIdws.WscProxyOBOExampleCore) for different scenarios. Due to restrictions on what service can use OBO use cases, you will likely only be able to try the Digst.OioIdws.WscExampleCore example out successfully.

To try the normal STS case against a Java WSP:

  • Refer to the Configuring WSP section for how to set up and start the Java WSP
  • Run the Digst.OioIdws.DotnetWscJavaWspExampleCore project to start a signature case scenario against a Java WSP.

This should start a console application that will request an token from KOMBIT STS then use it to call the target WSP.

Configuring WSP

.NET Framework

To run a local WSP, you need to use the Digst.OioIdws.Core with WSP.sln' solution file. Right-click on the Digst.OioIdws.WspExampleproject and selectDebug=>Start Without Debugging. The WSP service will be ready to listen at https://Digst.OioIdws.Wsp:9899/HelloWorld. Refer to the Configuring WSP` section for how to configure them.

The Digst.OioIdws.WspExample is a .NET WSP that supports both SOAP 1.1 and 1.2. To specify the SOAP version, you need to configure the useSoap12 attribute in the SoapBindingConfiguration in the App.config file:

<binding name="SoapBindingConfiguration" useHttps="true" sendTimeout="00:15:00" useSoap12="false"/>

Configure Trusted issuers

The trustedIssuers list must contain the thumbprint of the signing certificate that a KOMBIT STS instance is using so that the WSP can accept security tokens from that STS:

<issuerNameRegistry>
  <trustedIssuers>
    <add name="sts.oioidws-net.dk" thumbprint="8081b09446a396ba0ff9b7159d07d8c90f7db9ae"/>
    <add name="test-ekstern-adgangsstyring" thumbprint="7002cf221d1d3979eca623599e43e0b6b4c8920c"/>
  </trustedIssuers>
</issuerNameRegistry>      

Configure Audience Uris

<audienceUris>
  <add value="https://wsp.oioidws-net.dk"/>
  <add value="http://wsp11.oioidws-net.dk/service/service/1"/>
  <add value="http://wsp12.oioidws-net.dk/service/service/1"/>
</audienceUris>

The Digst.OioIdws.WspSvcExample example is the same as the Digst.OioIdws.WspExample example, except the fact that it is an ASP.NET-based WCF that we can host on Azure App Service or IIS instead of running as a managed application (e.g. a .NET console application).

All settings are usually pre-configured correctly, so you do not need to make any changes though.

Java

We will use the Java WSP example at https://github.com/digst/OIOIDWS.Java as the WSP to test the Digst.OioIdws.DotnetWscJavaWspExampleCore example

Required steps to run the Holder-Of-Key Java WSP:

Update dotnet-svcutil

To add service reference to an OIOIDWS WSP from Visual Studio, your machine needs to have dotnet-svcutil version 2.1.0 or newer. You can update the tool to the latest version using the following command:

dotnet tool install --global dotnet-svcutil

Reference: https://learn.microsoft.com/en-us/dotnet/core/additional-tools/dotnet-svcutil-guide?tabs=dotnetsvcutil2x