| | | 1 | | namespace ProjectTemplate.Web.Authentication.Providers.Saml2; |
| | | 2 | | |
| | | 3 | | /// <summary> |
| | | 4 | | /// Represents SAML2 authentication provider configuration. |
| | | 5 | | /// </summary> |
| | | 6 | | public sealed class Saml2AuthenticationOptions |
| | | 7 | | { |
| | | 8 | | /// <summary> |
| | | 9 | | /// Gets or sets a value indicating whether the feature is enabled. |
| | | 10 | | /// </summary> |
| | 910 | 11 | | public bool Enabled { get; set; } |
| | | 12 | | |
| | | 13 | | /// <summary> |
| | | 14 | | /// Gets or sets the authentication scheme used for the current operation. |
| | | 15 | | /// </summary> |
| | 940 | 16 | | public string Scheme { get; set; } = "Saml2"; |
| | | 17 | | |
| | | 18 | | /// <summary> |
| | | 19 | | /// Gets or sets the display name associated with the SAML2 entity. |
| | | 20 | | /// </summary> |
| | 944 | 21 | | public string DisplayName { get; set; } = "SAML2"; |
| | | 22 | | |
| | | 23 | | /// <summary> |
| | | 24 | | /// Gets or sets the unique identifier for the entity. |
| | | 25 | | /// </summary> |
| | 940 | 26 | | public string EntityId { get; set; } = string.Empty; |
| | | 27 | | |
| | | 28 | | /// <summary> |
| | | 29 | | /// Gets or sets the URL of the metadata endpoint associated with this instance. |
| | | 30 | | /// </summary> |
| | 942 | 31 | | public string MetadataUrl { get; set; } = string.Empty; |
| | | 32 | | |
| | | 33 | | /// <summary> |
| | | 34 | | /// Gets or sets the relative request path that the application listens on for SAML2 authentication callbacks. |
| | | 35 | | /// </summary> |
| | | 36 | | /// <remarks>This path is used by the authentication middleware to receive SAML2 assertions from the |
| | | 37 | | /// identity provider. It should match the Assertion Consumer Service (ACS) endpoint configured with the identity |
| | | 38 | | /// provider.</remarks> |
| | 942 | 39 | | public string ModulePath { get; set; } = "/Saml2/Acs"; |
| | | 40 | | |
| | | 41 | | /// <summary> |
| | | 42 | | /// Gets or sets a value indicating whether metadata should be loaded. |
| | | 43 | | /// </summary> |
| | 930 | 44 | | public bool LoadMetadata { get; set; } = true; |
| | | 45 | | |
| | | 46 | | /// <summary> |
| | | 47 | | /// Gets or sets a value indicating whether assertions must be signed. |
| | | 48 | | /// </summary> |
| | | 49 | | /// <remarks>Set this property to <see langword="true"/> to require that all assertions are |
| | | 50 | | /// cryptographically signed for validation. This enhances security by ensuring the authenticity and integrity of |
| | | 51 | | /// assertions. If set to <see langword="false"/>, unsigned assertions will be accepted, which may reduce |
| | | 52 | | /// security.</remarks> |
| | 938 | 53 | | public bool RequireSignedAssertions { get; set; } = true; |
| | | 54 | | |
| | | 55 | | /// <summary> |
| | | 56 | | /// Gets or sets a value indicating whether to validate SSL certificates during secure connections. |
| | | 57 | | /// </summary> |
| | | 58 | | /// <remarks>Set this property to <see langword="false"/> to disable certificate validation, which may |
| | | 59 | | /// expose the connection to security risks. It is recommended to leave this property set to <see langword="true"/> |
| | | 60 | | /// in production environments.</remarks> |
| | 938 | 61 | | public bool ValidateCertificates { get; set; } = true; |
| | | 62 | | } |