Does anyone have any sample PowerShell code for obtaining a holder-of-key token from SSO? The Java and .NET examples in the SSO SDK aren't clear enough to me (yet) as a non-developer to port to PowerShell.
Which .Net example are you referring to?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
LucD,
In the SDK, the files are in SDK\ssoclient\dotnet\cs\samples\AcquireHoKTokenByUserCredentialSample.
The code doesn't look too onerous, but I haven't dug deep enough to get through the GetSTSService method being called from SamlTokenHelper. Not being a C# developer, I can't figure out from looking just at this sample what SamlTokenHelper is. I don't see it being instantiated in any way in the code.
/*
********************************************************
* Copyright (c) VMware, Inc.2010, 2016. All Rights Reserved.
********************************************************
*
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
*/
namespace AcquireHoKTokenByUserCredentialSample
{
using System;
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel;
using VMware.Binding.WsTrust;
using vmware.sso;
public class AcquireHoKTokenByUserCredential
{
# region Private function definition
/// <summary>
/// This method is used to print message if there is insufficient parameter
/// </summary>
private static void PrintUsage()
{
Console.WriteLine("AcquireHoKTokenByUserCredentialSample [sso url] [username] [password]");
}
# endregion
# region public function definition
/// <summary>
/// This method is used to get Token
/// </summary>
/// <param name="args">string Array [sso url] [username] [password]</param>
public static RequestSecurityTokenResponseType GetToken(String[] args)
{
var ssoUrl = args[0];
var ssoUserName = args[1];
var ssoPassword = args[2];
try
{
ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12;
SamlTokenHelper.SetupServerCertificateValidation();
X509Certificate2 signingCertificate = SamlTokenHelper.GetCertificate();
var service = SamlTokenHelper.GetSTSService(ssoUrl, ssoUserName, ssoPassword, signingCertificate);
var response = service.Issue(SamlTokenHelper.GetHokRequestSecurityTokenType());
return response.RequestSecurityTokenResponse;
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
throw ex;
}
}
/// <summary>
/// Main function of the application
/// </summary>
/// <param name="args">string args [sso url] [username] [password]</param>
public static void Main(string[] args)
{
if (args.Length < 3)
{
PrintUsage();
}
else
{
SamlTokenHelper.PrintToken(GetToken(args).RequestedSecurityToken);
}
Console.WriteLine("Press Any Key To Exit.");
Console.ReadLine();
}
# endregion
}
}
So SamlTokenHelper is a class defined in SDK\ssoclient\dotnet\cs\samples\VMware.Binding.WsTrust. Trying to figure out what it's doing now.
Do you have a link to that SDK?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Gave up on this for a while, but am trying again. Anyone know how to get a principal HoK token from SSO with PowerShell? Still can't seem to find anyone on the Internet who has done it.