6 Replies Latest reply on May 16, 2019 8:55 AM by randomname

    Obtaining holder-of-key token from SSO.

    randomname Novice

      Does anyone have any sample PowerShell code for obtaining a holder-of-key token from SSO? The Java and .NET examples in the SSO SDK aren't clear enough to me (yet) as a non-developer to port to PowerShell.

        • 1. Re: Obtaining holder-of-key token from SSO.
          LucD Guru
          User ModeratorsCommunity WarriorsvExpert

          Which .Net example are you referring to?

          • 2. Re: Obtaining holder-of-key token from SSO.
            randomname Novice

            LucD,

             

            In the SDK, the files are in SDK\ssoclient\dotnet\cs\samples\AcquireHoKTokenByUserCredentialSample.

             

            The code doesn't look too onerous, but I haven't dug deep enough to get through the GetSTSService method being called from SamlTokenHelper. Not being a C# developer, I can't figure out from looking just at this sample what SamlTokenHelper is. I don't see it being instantiated in any way in the code.

             

            /*

             

            ********************************************************

             

            * Copyright (c) VMware, Inc.2010, 2016. All Rights Reserved.

             

            ********************************************************

             

            *

             

            * DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT

             

            * WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,

             

            * EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED

             

            * WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,

             

            * NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.

             

            */

             

             

             

            namespace AcquireHoKTokenByUserCredentialSample

             

            {

             

                using System;

             

                using System.Net;

             

                using System.Security.Cryptography.X509Certificates;

             

                using System.ServiceModel;

             

                using VMware.Binding.WsTrust;

             

                using vmware.sso;

             

             

             

                public class AcquireHoKTokenByUserCredential

             

                {

             

                    # region Private function definition

             

             

             

                    /// <summary>

             

                    ///  This method is used to print message if there is insufficient parameter

             

                    /// </summary>

             

                    private static void PrintUsage()

             

                    {

             

                        Console.WriteLine("AcquireHoKTokenByUserCredentialSample [sso url] [username] [password]");

             

                    }

             

             

             

                    # endregion

             

             

             

                    # region public function definition

             

             

             

                    /// <summary>

             

                    ///  This method is used to get Token

             

                    /// </summary>

             

                    /// <param name="args">string Array [sso url] [username] [password]</param>

             

                    public static RequestSecurityTokenResponseType GetToken(String[] args)

             

                    {

             

                        var ssoUrl = args[0];

             

                        var ssoUserName = args[1];

             

                        var ssoPassword = args[2];

             

             

             

                        try

             

                        {

             

                            ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls12;

             

                            SamlTokenHelper.SetupServerCertificateValidation();

             

                            X509Certificate2 signingCertificate = SamlTokenHelper.GetCertificate();

             

                            var service = SamlTokenHelper.GetSTSService(ssoUrl, ssoUserName, ssoPassword, signingCertificate);

             

                            var response = service.Issue(SamlTokenHelper.GetHokRequestSecurityTokenType());

             

                            return response.RequestSecurityTokenResponse;

             

                        }

             

                        catch (Exception ex)

             

                        {

             

                            Console.WriteLine(ex.ToString());

             

                            throw ex;

             

                        }

             

                    }

             

             

             

                    /// <summary>

             

                    /// Main function of the application

             

                    /// </summary>

             

                    /// <param name="args">string args [sso url] [username] [password]</param>

             

                    public static void Main(string[] args)

             

                    {

             

                        if (args.Length < 3)

             

                        {

             

                            PrintUsage();

             

                        }

             

                        else

             

                        {

             

                            SamlTokenHelper.PrintToken(GetToken(args).RequestedSecurityToken);

             

                        }

             

             

             

                        Console.WriteLine("Press Any Key To Exit.");

             

                        Console.ReadLine();

             

                    }

             

             

             

                    # endregion

             

                }

             

            }

            • 3. Re: Obtaining holder-of-key token from SSO.
              randomname Novice

              So SamlTokenHelper is a class defined in SDK\ssoclient\dotnet\cs\samples\VMware.Binding.WsTrust. Trying to figure out what it's doing now.

              • 4. Re: Obtaining holder-of-key token from SSO.
                LucD Guru
                vExpertUser ModeratorsCommunity Warriors

                Do you have a link to that SDK?

                • 6. Re: Obtaining holder-of-key token from SSO.
                  randomname Novice

                  Gave up on this for a while, but am trying again. Anyone know how to get a principal HoK token from SSO with PowerShell? Still can't seem to find anyone on the Internet who has done it.