C# Class Amazon.SecurityToken.SAML.SAMLAssertion

Contains the parsed SAML response data following successful user authentication against a federated endpoint. We only parse out the data we need to support generation of temporary AWS credentials.

Show file Open project: aws/aws-sdk-net

Public Methods

Method	Description
GetRoleCredentials ( IAmazonSecurityTokenService stsClient, string principalAndRoleArns, System.TimeSpan duration ) : SAMLImmutableCredentials	Retrieves a set of temporary credentials for the specified role, valid for the specified timespan. If the SAML authentication data yield more than one role, a valid role name must be specified.

Private Methods

Method	Description
ExtractRoleData ( ) : string>.IDictionary	Parses the role data out of the assertion using xpath queries. We additionally parse the role ARNs to extract friendly role names that can be used in UI prompts in tooling.
SAMLAssertion ( string assertion ) : Amazon.SecurityToken.Model	Constructs a new SAML assertion wrapper based on a successful authentication response and extracts the role data contained in the assertion.

Method Details

GetRoleCredentials() public method

Retrieves a set of temporary credentials for the specified role, valid for the specified timespan. If the SAML authentication data yield more than one role, a valid role name must be specified.

public GetRoleCredentials ( IAmazonSecurityTokenService stsClient, string principalAndRoleArns, System.TimeSpan duration ) : SAMLImmutableCredentials
stsClient	IAmazonSecurityTokenService	The STS client to use when making the AssumeRoleWithSAML request.
principalAndRoleArns	string	/// The arns of the principal and role as returned in the SAML assertion. ///
duration	System.TimeSpan	The valid timespan for the credentials.
return	SAMLImmutableCredentials