Creating SAML protocol sign-in request programatically with .net libraries

I have implemented Asp.net website which acts as relying party. Currently it supports WS-federation protocol for SSO. It uses “WSFederationAuthenticationModule” class to create a request and sends it to ADFS. It also verifies the SAML response with “SecurityTokenHandler” class and asserts users’ identity.

Now I have to support SAML protocol along with the WS-Fed protocol. Since the site is multi-tenant site I cannot rely just on the web.confing configuration and let framework take care of request and response processing. I will need to generate the SAML request programmatically.

Here are my questions:

It seems that I will need to create “SAMLRequest” which will be similar to :

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_7171b0b2-19f2-4ba2-8f94-24b5e56b7f1e" IssueInstant="2014-01-30T16:18:35Z" Version="2.0" AssertionConsumerServiceIndex="0" >
  <saml:Issuer>urn:federation:MicrosoftOnline</saml:Issuer>
  <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
</samlp:AuthnRequest>

1. Are there any .net classes/ libraries I can use to generate above request? Or do I need to create raw XML? If not, are there any free libraries to do this work?

2. Since I support SAML 1.1 and SAML 2.0 while verifying the SAML response, I believe that I don’t need to worry about the response verification. I assume that WS-Fed and SAML are different only while sending the request to the IDP. The response that I will get from IDP will be same irrespective of the protocol.

Can someone please validate my assumptions point me to blogs or sample code?