SAML2 for Thinktecture IdentityServer 3 with Kentor.AuthServices

Using the Kentor.AuthServices SAML2 Service Provider with Thinktecture IdentityServer 3 bridges the gap between SAML2 and OAuth2/OpenID Connect. Thinktecture IdentityServer 3 support clients using the modern OAuth2 and OpenID Connect protocols. It can either have a local account database through e.g. ASP.NET Identity, or use external authentication services. By registering Kentor.AuthServices with IdentityServer, IdentityServer can authenticate to a SAML2 Idp.

I know that SAML2 is often regarded as legacy, but the truth is that there is still vast amounts of infrastructure out there that supports SAML2, but has not yet taken the leap to OpenID Connect. When the client applications prefer modern standards, a bridge between them is needed. With Kentor.AuthServices, Thinktecture IdentityServer can be that bridge.

Get It Running

To add SAML2 to IdentityServier, changes are needed in three places: Installing the Kentor.AuthServices.Owin package, alter the startup configuration method for IdentityServer and add two lines to the web/app.config file.

Three Years of Passion for Coding

In November 2011, I decided to try blogging and created the Passion for Coding blog. Three years and 186 published posts later, my blog has grown into a resource for programmers from all over the world. I would like to thank you all for reading, commenting and sharing my posts. Without readers, blogging would be extremely boring.

When I first started the blog three years ago I had to be careful to filter out my own page views from the web server analytics, to not get confusing numbers. In fact, I could see from the web server statistics on what days I had written new posts, solely on the extra hits using the admin interface produced on the web server. That is no longer the case. I’ve so far had visits from 210 countries/territories, which is basically the entire world except a few countries in central Africa and the one exception in Asia: North Korea.

During this year I’ve gradually narrowed the focus on the blog to become more technical and less about the soft sides of software development. I’ve reduced the number of articles on methodology and focused on programming instead. At first I was a bit worried that I might loose quite a few of my readers. I probably did, but I’ve gained even more so I think it was the right decision. It is also in line with a general career decision I made, to focus more on the technical expertise and less on the soft sides. I want to focus more on coding and architecture and that means that I have to focus less on project management.

Internal Classes and Members

What’s the use for the internal access modifier in C#? It’s not as common to use as public, protected or private. It wasn’t until I started some serious stand alone library work that I fully started to appreciate and use internal.

All was fine and I was happy with my use of internal. Until I saw this tweet yesterday.

That tweet by Mark sparked an interesting discussion, but as great as Twitter is for new ideas, I can’t fit my thoughts on this subject into the 160 chars limit. Actually that last sentence alone is too big for a tweet.

In one of my replies to Mark, I mentioned that I think that there’s a huge difference between using internal on an entire type and using it on specific members.

Code Coverage and Nullable

Comparisons of Nullable<T> types and code coverage can give some unexpected, but logical results. Earlier this week I posted a small Puzzle showing the problem.

2014-12-01 16_54_38-BlogCode - Microsoft Visual StudioThe light blue shade of the return statements indicate that they have been executed. So both branches of the if statement have been covered. But the light pink shade of the comparison indicates that the comparison has not been completely covered.

That code was deliberately somewhat obfuscated. MyNumericType is defined by using MyNumericType = System.Nullable<IntStruct> and SingleDigitLimit is IntStruct SingleDigitLimit = new IntStruct(10);.

A Code Coverage Puzzle

A simple comparison is marked as not completely covered, although both branches of the if statement have been covered!?! How is that possible?

This is a small function I’ve created, which is also covered by unit tests. The light blue shade of the return statements indicate that they have been executed. So both branches of the if statement have been covered. But the light pink shade of the comparison indicates that the comparison has not been completely covered.
2014-12-01 16_54_38-BlogCode - Microsoft Visual Studio

Having a logical expression marked as not completely covered is common if it includes any && or || operators that are short circuited. But there are no such operators here. So what is the reason for the partial coverage?

I’ll post the answer and explanation later this week.

Software Development is a Job – Coding is a Passion

I'm Anders Abel, a systems architect and developer working for Kentor in Stockholm, Sweden.

profile for Anders Abel at Stack Overflow, Q&A for professional and enthusiast programmers

The complete code for all posts is available on GitHub.

Popular Posts

Archives

Series

Powered by WordPress with the Passion for Coding theme.