public void Serialize()
{
var serializer = new XmlSerializer(typeof(SubscribeRequestMessageBody));
var message = new SubscribeRequestMessageBody();
// Supply mock Delivery
var delivery = new Mock <Delivery>(MockBehavior.Strict);
delivery.As <IXmlSerializable>().Setup(item => item.WriteXml(It.IsAny <XmlWriter>()));
message.Delivery = delivery.Object;
message.EndTo = EndpointAddressAugust2004.FromEndpointAddress(new EndpointAddress("http://tempuri.org/endTo"));
// Supply mock Expires
var expires = new Mock <Expires>(MockBehavior.Strict);
expires.As <IXmlSerializable>().Setup(item => item.WriteXml(It.IsAny <XmlWriter>()));
message.Expires = expires.Object;
message.Filter = new XPathMessageFilter(@"/foo");
XElement xml;
using (var stream = new MemoryStream())
{
serializer.Serialize(stream, message);
stream.Position = 0;
xml = XElement.Load(stream);
}
var areEqual = XNode.DeepEquals(XElement.Parse("<wse:Subscribe xmlns:wse='http://schemas.xmlsoap.org/ws/2004/08/eventing'><wse:EndTo><Address xmlns='http://schemas.xmlsoap.org/ws/2004/08/addressing'>http://tempuri.org/endTo</Address></wse:EndTo><wse:Filter>/foo</wse:Filter></wse:Subscribe>"), xml.FirstNode);
Assert.IsTrue(areEqual);
}
/// <summary>
/// Replaces the <see cref="Identifier"/> value, if any, with the supplied <paramref name="id"/>, if any.
/// </summary>
/// <param name="id">The new identifier value to use, or clear if null.</param>
public void CreateIdentifierHeader(Guid?id)
{
var builder = new EndpointAddressBuilder(this.EndpointAddress.ToEndpointAddress());
var header = builder.Headers.FirstOrDefault(a => a.Name == "Identifier" && a.Namespace == Constants.WsEventing.Namespace);
if (id == null)
{
if (header == null)
{
return;
}
var wasRemoved = builder.Headers.Remove(header);
Debug.Assert(wasRemoved);
}
else
{
if (header != null)
{
var wasRemoved = builder.Headers.Remove(header);
Debug.Assert(wasRemoved);
}
var uuid = new UniqueId(id.Value);
header = AddressHeader.CreateAddressHeader("Identifier", Constants.WsEventing.Namespace, uuid.ToString());
builder.Headers.Add(header);
}
this.epa = EndpointAddressAugust2004.FromEndpointAddress(builder.ToEndpointAddress());
}
/// <summary>
/// Converts and EndpointReferenceType to an EndpointAddressAugust2004
/// </summary>
/// <returns>Returns an EndpointAddressAugust2004 object</returns>
public EndpointAddressAugust2004 ToEndpointReference()
{
var builder = new StringBuilder();
using (var writer = XmlDictionaryWriter.CreateDictionaryWriter(XmlWriter.Create(builder, new XmlWriterSettings()
{
Indent = false, OmitXmlDeclaration = true
})))
{
XmlSerializer serializer = new XmlSerializer(typeof(EndpointReferenceType));
serializer.Serialize(writer, this);
}
using (var reader = XmlDictionaryReader.CreateDictionaryReader(XmlReader.Create(new StringReader(builder.ToString()), new XmlReaderSettings()
{
IgnoreWhitespace = true
})))
{
builder.Clear();
var address = EndpointAddress.ReadFrom(AddressingVersion.WSAddressingAugust2004, reader);
return(EndpointAddressAugust2004.FromEndpointAddress(address));
}
}
void IXmlSerializable.ReadXml(XmlReader reader)
{
if (reader == null)
{
throw new ArgumentNullException("reader");
}
if (reader.IsStartElement("Delivery", Constants.WsEventing.Namespace) == false)
{
throw new XmlException("Invalid Element, it must be 'Delivery'");
}
String modeAsString = reader.GetAttribute("Mode", Constants.WsEventing.Namespace);
this.DeliveryMode = String.IsNullOrEmpty(modeAsString) ? DeliveryMode = new Uri(Constants.WsEventing.DeliverModes.Push) : new Uri(modeAsString);
reader.ReadToDescendant("NotifyTo", Constants.WsEventing.Namespace);
this.NotifyTo = EndpointAddressAugust2004.FromEndpointAddress(EndpointAddress.ReadFrom(AddressingVersion.WSAddressingAugust2004, reader));
if (this.NotifyTo == null)
{
throw new XmlException("Missing element 'NotifyTo'");
}
while (reader.NodeType != XmlNodeType.EndElement)
{
var additionalElement = XElement.Parse(reader.ReadOuterXml());
this.additionalElements.Add(additionalElement);
}
reader.ReadEndElement();
}
public VolatileEnlistmentInDoubtRecordSchema10(Guid enlistmentId, EndpointAddress replyTo) : base(enlistmentId)
{
base.schemaId = "http://schemas.microsoft.com/2006/08/ServiceModel/VolatileEnlistmentInDoubtTraceRecord";
if (replyTo != null)
{
this.replyTo = EndpointAddressAugust2004.FromEndpointAddress(replyTo);
}
}
public RecoverCoordinatorRecordSchema10(string transactionId, EndpointAddress coordinatorService) : base(transactionId)
{
base.schemaId = "http://schemas.microsoft.com/2006/08/ServiceModel/RecoverCoordinatorTraceRecord";
if (coordinatorService != null)
{
this.coordinatorService = EndpointAddressAugust2004.FromEndpointAddress(coordinatorService);
}
}
/// <summary>
/// Initializes a new instance of the <see cref="SubscriptionManager"/> class from the supplied <paramref name="address"/> and <paramref name="id"/>.
/// </summary>
/// <remarks>
/// This overload is used in similar fashion to <see cref="SubscriptionManager(Uri, WsEventing.Identifier)">this constructor</see> with the
/// variation of supplying a full set of WSA reference parameters in the created EPA. This can be used to perform the direct creation or
/// manipulation of the EPA (including the presence of an <see cref="WsEventing.Identifier"/> element).
/// </remarks>
/// <param name="address">The endpoint address of the subscription manager used by the event sink to manage subscriptions for this event source.</param>
/// <param name="headers">A collection of <see cref="AddressHeader">headers</see> that re contained as part of the WSA reference parameters in the created EPA.</param>
public SubscriptionManager(Uri address, IEnumerable <AddressHeader> headers)
{
Contract.Requires(address != null, "address");
Contract.Requires(headers != null, "headers");
Contract.Requires(Contract.ForAll(headers, item => item != null));
this.epa = EndpointAddressAugust2004.FromEndpointAddress(new EndpointAddress(address, headers.ToArray()));
}
public RegisterParticipantRecordSchema10(string transactionId, Guid enlistmentId, ControlProtocol protocol, EndpointAddress participantService) : base(transactionId, enlistmentId, protocol)
{
base.schemaId = "http://schemas.microsoft.com/2006/08/ServiceModel/RegisterParticipantTraceRecord";
if (participantService != null)
{
this.participantService = EndpointAddressAugust2004.FromEndpointAddress(participantService);
}
}
public RegisterFailureRecordSchema10(string transactionId, ControlProtocol protocol, EndpointAddress protocolService, string reason) : base(transactionId, protocol, reason)
{
base.schemaId = "http://schemas.microsoft.com/2006/08/ServiceModel/RegisterFailureTraceRecord";
if (protocolService != null)
{
this.protocolService = EndpointAddressAugust2004.FromEndpointAddress(protocolService);
}
}
public RegistrationCoordinatorResponseInvalidMetadataSchema10(CoordinationContext context, ControlProtocol protocol, EndpointAddress coordinatorService) : base(context, protocol)
{
base.schemaId = "http://schemas.microsoft.com/2006/08/ServiceModel/RegistrationCoordinatorResponseInvalidMetadataTraceRecord";
if (coordinatorService != null)
{
this.coordinatorService = EndpointAddressAugust2004.FromEndpointAddress(coordinatorService);
}
}
void IXmlSerializable.ReadXml(XmlReader reader)
{
if (reader == null)
{
throw new ArgumentNullException("reader");
}
this.epa = EndpointAddressAugust2004.FromEndpointAddress(System.ServiceModel.EndpointAddress.ReadFrom(AddressingVersion.WSAddressingAugust2004, reader, "SubscriptionManager", Constants.WsEventing.Namespace));
}
/// <summary>
/// Initializes a new instance of the <see cref="Delivery"/> class with the suppleid <paramref name="mode"/> and <paramref name="notifyTo"/> <see cref="Uri"/> parameter values.
/// </summary>
/// <param name="mode">A <see cref="Uri"/> containing the <see cref="DeliveryMode"/> value.</param>
/// <param name="notifyTo">An <see cref="EndpointAddress"/> containing the location to notify an event message to.</param>
public Delivery(Uri mode, EndpointAddress notifyTo)
{
Contract.Requires <ArgumentNullException>(mode != null, "mode");
Contract.Requires <ArgumentNullException>(notifyTo != null, "notifyTo");
this.mode = mode;
this.notifyTo = EndpointAddressAugust2004.FromEndpointAddress(notifyTo);
this.additionalElements = new Collection <XElement>();
}
/// <summary>
/// Initializes a new instance of the <see cref="SubscribeRequestMessageBody"/> class with the supplied <paramref name="delivery"/> and optional <see cref="EndpointAddress"/> to send a notice if a subscription is terminated.
/// </summary>
/// <param name="delivery">The <see cref="Delivery"/> value.</param>
/// <param name="endTo">An optional <see cref="EndpointAddress"/> containing the EPR that should be used when to send a notice if a subscription is terminated.</param>
public SubscribeRequestMessageBody(Delivery delivery, EndpointAddress endTo = null)
{
Contract.Requires <ArgumentNullException>(delivery != null, "delivery");
this.delivery = delivery;
if (endTo == null)
{
return;
}
this.endTo = EndpointAddressAugust2004.FromEndpointAddress(endTo);
}
public void ReadFromAugust2004Error2()
{
//Missing <Address> element
string xml = @"<a:ReplyTo xmlns:a='http://schemas.xmlsoap.org/ws/2004/08/addressing'>http://www.w3.org/2005/08/addressing/anonymous</a:ReplyTo>";
XmlReader src = XmlReader.Create(new StringReader(xml));
XmlDictionaryReader reader =
XmlDictionaryReader.CreateDictionaryReader(src);
EndpointAddressAugust2004 e2k4 = EndpointAddressAugust2004.FromEndpointAddress(new EndpointAddress("http://test"));
((IXmlSerializable)e2k4).ReadXml(reader);
}
public void ReadFromAugust2004Error()
{
//Reading address from EndpointAddress10 namespace with EndpointAddressAugust2004
string xml = @"<a:ReplyTo xmlns:a='http://www.w3.org/2005/08/addressing'><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo>";
XmlReader src = XmlReader.Create(new StringReader(xml));
XmlDictionaryReader reader =
XmlDictionaryReader.CreateDictionaryReader(src);
EndpointAddressAugust2004 e2k4 = EndpointAddressAugust2004.FromEndpointAddress(new EndpointAddress("http://test"));
((IXmlSerializable)e2k4).ReadXml(reader);
}
void IXmlSerializable.ReadXml(XmlReader reader)
{
if (reader == null)
{
throw new ArgumentNullException("reader");
}
if (reader.IsStartElement("Subscribe", Constants.WsEventing.Namespace) == false)
{
throw new XmlException("Invalid Element, it must be 'Subscribe'");
}
reader.ReadStartElement("Subscribe", Constants.WsEventing.Namespace);
while (reader.NodeType != XmlNodeType.EndElement)
{
if (reader.IsStartElement("EndTo", Constants.WsEventing.Namespace))
{
this.EndTo = EndpointAddressAugust2004.FromEndpointAddress(EndpointAddress.ReadFrom(AddressingVersion.WSAddressingAugust2004, reader));
}
else if (reader.IsStartElement("Delivery", Constants.WsEventing.Namespace))
{
this.Delivery = new Delivery(reader);
}
else if (reader.IsStartElement("Expires", Constants.WsEventing.Namespace))
{
this.Expires = new Expires(reader);
}
else if (reader.IsStartElement("Filter", Constants.WsEventing.Namespace))
{
String dialect = reader.GetAttribute("Dialect");
if (String.IsNullOrEmpty(dialect) || dialect == Constants.WsEventing.Dialects.XPath)
{
this.Filter = new XPathMessageFilter(reader);
this.filterDialect = Constants.WsEventing.Dialects.XPath;
}
else
{
reader.Skip();
this.filterDialect = dialect;
}
}
reader.MoveToContent();
}
reader.ReadEndElement();
}
public void ReadFromAugust2004()
{
string xml = @"<a:ReplyTo xmlns:a='http://schemas.xmlsoap.org/ws/2004/08/addressing'><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo>";
XmlReader src = XmlReader.Create(new StringReader(xml));
XmlDictionaryReader reader =
XmlDictionaryReader.CreateDictionaryReader(src);
EndpointAddressAugust2004 e2k4 = EndpointAddressAugust2004.FromEndpointAddress(new EndpointAddress("http://test"));
((IXmlSerializable)e2k4).ReadXml(reader);
Console.WriteLine(e2k4.ToEndpointAddress().Uri.AbsoluteUri);
EndpointAddress a = e2k4.ToEndpointAddress();
Assert.AreEqual("http://www.w3.org/2005/08/addressing/anonymous", a.Uri.AbsoluteUri, "#1");
Assert.IsFalse(a.IsAnonymous, "#2");
}
public static void WriteEndPointAddress(DiscoveryVersion discoveryVersion, EndpointAddress endpointAddress, XmlWriter writer)
{
Fx.Assert(discoveryVersion != null, "The discoveryVersion must be non null");
Fx.Assert(writer != null, "The writer must be non null");
if (discoveryVersion == DiscoveryVersion.WSDiscoveryApril2005 || discoveryVersion == DiscoveryVersion.WSDiscoveryCD1)
{
EndpointAddressAugust2004 endpoint = EndpointAddressAugust2004.FromEndpointAddress(endpointAddress);
discoveryVersion.Implementation.EprSerializer.WriteObject(writer, endpoint);
}
else if (discoveryVersion == DiscoveryVersion.WSDiscovery11)
{
EndpointAddress10 endpoint = EndpointAddress10.FromEndpointAddress(endpointAddress);
discoveryVersion.Implementation.EprSerializer.WriteObject(writer, endpoint);
}
else
{
Fx.Assert("The discoveryVersion parameter cannot be null.");
}
}
void AddEndpointAddressHeader(string name, string ns, EndpointAddress address)
{
if (address == null)
{
return;
}
if (MessageVersion.Addressing.Equals(AddressingVersion.WSAddressing10))
{
Add(MessageHeader.CreateHeader(name, ns, EndpointAddress10.FromEndpointAddress(address)));
}
#if !MOBILE
else if (MessageVersion.Addressing.Equals(AddressingVersion.WSAddressingAugust2004))
{
Add(MessageHeader.CreateHeader(name, ns, EndpointAddressAugust2004.FromEndpointAddress(address)));
}
#endif
else
{
throw new InvalidOperationException("WS-Addressing header is not allowed for AddressingVersion.None");
}
}
public static void Main()
{
// <Snippet1>
// Create an EndpointAddress with a specified address.
EndpointAddress epa1 = new EndpointAddress("http://localhost/ServiceModelSamples");
Console.WriteLine("The URI of the EndpointAddress is {0}:", epa1.Uri);
Console.WriteLine();
//Initialize an EndpointAddressAugust2004 from the endpointAddress.
EndpointAddressAugust2004 epaA4 = EndpointAddressAugust2004.FromEndpointAddress(epa1);
//Serialize and then deserializde the EndpointAugust2004 type.
//Convert the EndpointAugust2004 back into an EndpointAddress.
EndpointAddress epa2 = epaA4.ToEndpointAddress();
Console.WriteLine("The URI of the EndpointAddress is still {0}:", epa2.Uri);
Console.WriteLine();
// </Snippet1>
}
void AddEndpointAddressHeader(string name, string ns, EndpointAddress address)
{
RemoveAll("FaultTo", Constants.WsaNamespace);
if (address == null)
{
return;
}
if (MessageVersion.Addressing.Equals(AddressingVersion.WSAddressing10))
{
Add(MessageHeader.CreateHeader(name, ns, EndpointAddress10.FromEndpointAddress(address)));
}
#if !NET_2_1
else if (MessageVersion.Addressing.Equals(AddressingVersion.WSAddressingAugust2004))
{
Add(MessageHeader.CreateHeader(name, ns, EndpointAddressAugust2004.FromEndpointAddress(address)));
}
#endif
else
{
throw new InvalidOperationException("WS-Addressing header is not allowed for AddressingVersion.None");
}
}
private BodyWriter ProcessNegotiation(SspiNegotiationTokenAuthenticatorState negotiationState, Message incomingMessage, BinaryNegotiation incomingNego)
{
BinaryNegotiation outgoingBinaryNegotiation;
ISspiNegotiation sspiNegotiation = negotiationState.SspiNegotiation;
byte[] outgoingBlob = sspiNegotiation.GetOutgoingBlob(incomingNego.GetNegotiationData(), System.ServiceModel.Security.SecurityUtils.GetChannelBindingFromMessage(incomingMessage), this.extendedProtectionPolicy);
if (!sspiNegotiation.IsValidContext)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("InvalidSspiNegotiation")), incomingMessage);
}
if ((outgoingBlob == null) && !sspiNegotiation.IsCompleted)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoBinaryNegoToSend")), incomingMessage);
}
if (outgoingBlob != null)
{
outgoingBinaryNegotiation = this.GetOutgoingBinaryNegotiation(sspiNegotiation, outgoingBlob);
}
else
{
outgoingBinaryNegotiation = null;
}
if (sspiNegotiation.IsCompleted)
{
SecurityContextSecurityToken token;
WrappedKeySecurityToken token2;
int num;
ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies = this.ValidateSspiNegotiation(sspiNegotiation);
this.IssueServiceToken(negotiationState, authorizationPolicies, out token, out token2, out num);
negotiationState.SetServiceToken(token);
SecurityKeyIdentifierClause clause = base.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(token, SecurityTokenReferenceStyle.External);
SecurityKeyIdentifierClause clause2 = base.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(token, SecurityTokenReferenceStyle.Internal);
RequestSecurityTokenResponse response = new RequestSecurityTokenResponse(base.StandardsManager)
{
Context = negotiationState.Context,
KeySize = num,
TokenType = base.SecurityContextTokenUri
};
if (outgoingBinaryNegotiation != null)
{
response.SetBinaryNegotiation(outgoingBinaryNegotiation);
}
response.RequestedUnattachedReference = clause;
response.RequestedAttachedReference = clause2;
response.SetLifetime(token.ValidFrom, token.ValidTo);
if (negotiationState.AppliesTo != null)
{
if (incomingMessage.Version.Addressing != AddressingVersion.WSAddressing10)
{
if (incomingMessage.Version.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { incomingMessage.Version.Addressing })));
}
response.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(negotiationState.AppliesTo), negotiationState.AppliesToSerializer);
}
else
{
response.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(negotiationState.AppliesTo), negotiationState.AppliesToSerializer);
}
}
response.MakeReadOnly();
AddToDigest(negotiationState, response, false);
RequestSecurityTokenResponse response2 = new RequestSecurityTokenResponse(base.StandardsManager)
{
RequestedSecurityToken = token,
RequestedProofToken = token2,
Context = negotiationState.Context,
KeySize = num,
TokenType = base.SecurityContextTokenUri
};
if (outgoingBinaryNegotiation != null)
{
response2.SetBinaryNegotiation(outgoingBinaryNegotiation);
}
response2.RequestedAttachedReference = clause2;
response2.RequestedUnattachedReference = clause;
if (negotiationState.AppliesTo != null)
{
if (incomingMessage.Version.Addressing != AddressingVersion.WSAddressing10)
{
if (incomingMessage.Version.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { incomingMessage.Version.Addressing })));
}
response2.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(negotiationState.AppliesTo), negotiationState.AppliesToSerializer);
}
else
{
response2.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(negotiationState.AppliesTo), negotiationState.AppliesToSerializer);
}
}
response2.MakeReadOnly();
byte[] authenticator = ComputeAuthenticator(negotiationState, token.GetKeyBytes());
RequestSecurityTokenResponse response3 = new RequestSecurityTokenResponse(base.StandardsManager)
{
Context = negotiationState.Context
};
response3.SetAuthenticator(authenticator);
response3.MakeReadOnly();
return(new RequestSecurityTokenResponseCollection(new List <RequestSecurityTokenResponse>(2)
{
response2, response3
}, base.StandardsManager));
}
RequestSecurityTokenResponse rstr = new RequestSecurityTokenResponse(base.StandardsManager)
{
Context = negotiationState.Context
};
rstr.SetBinaryNegotiation(outgoingBinaryNegotiation);
rstr.MakeReadOnly();
AddToDigest(negotiationState, rstr, false);
return(rstr);
}
protected override BodyWriter ProcessRequestSecurityToken(Message request, RequestSecurityToken requestSecurityToken, out NegotiationTokenAuthenticatorState negotiationState)
{
BodyWriter writer;
if (request == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("request");
}
if (requestSecurityToken == null)
{
throw TraceUtility.ThrowHelperArgumentNull("requestSecurityToken", request);
}
try
{
EndpointAddress address;
DataContractSerializer serializer;
string str;
string str2;
int num;
byte[] buffer;
byte[] buffer2;
SecurityToken token;
ReadOnlyCollection <IAuthorizationPolicy> instance;
if ((requestSecurityToken.RequestType != null) && (requestSecurityToken.RequestType != base.StandardsManager.TrustDriver.RequestTypeIssue))
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(System.ServiceModel.SR.GetString("InvalidRstRequestType", new object[] { requestSecurityToken.RequestType })), request);
}
if ((requestSecurityToken.TokenType != null) && (requestSecurityToken.TokenType != base.SecurityContextTokenUri))
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(System.ServiceModel.SR.GetString("CannotIssueRstTokenType", new object[] { requestSecurityToken.TokenType })), request);
}
requestSecurityToken.GetAppliesToQName(out str, out str2);
if ((str == "EndpointReference") && (str2 == request.Version.Addressing.Namespace))
{
if (request.Version.Addressing != AddressingVersion.WSAddressing10)
{
if (request.Version.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { request.Version.Addressing })));
}
serializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), 0x10000);
address = requestSecurityToken.GetAppliesTo <EndpointAddressAugust2004>(serializer).ToEndpointAddress();
}
else
{
serializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), 0x10000);
address = requestSecurityToken.GetAppliesTo <EndpointAddress10>(serializer).ToEndpointAddress();
}
}
else
{
address = null;
serializer = null;
}
if (this.shouldMatchRstWithEndpointFilter)
{
System.ServiceModel.Security.SecurityUtils.MatchRstWithEndpointFilter(request, base.EndpointFilterTable, base.ListenUri);
}
WSTrust.Driver.ProcessRstAndIssueKey(requestSecurityToken, null, this.KeyEntropyMode, base.SecurityAlgorithmSuite, out num, out buffer, out buffer2, out token);
UniqueId contextId = System.ServiceModel.Security.SecurityUtils.GenerateUniqueId();
string id = System.ServiceModel.Security.SecurityUtils.GenerateId();
DateTime utcNow = DateTime.UtcNow;
DateTime expirationTime = TimeoutHelper.Add(utcNow, base.ServiceTokenLifetime);
SecurityMessageProperty security = request.Properties.Security;
if (security != null)
{
instance = SecuritySessionSecurityTokenAuthenticator.CreateSecureConversationPolicies(security, expirationTime);
}
else
{
instance = EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance;
}
SecurityContextSecurityToken token2 = base.IssueSecurityContextToken(contextId, id, buffer2, utcNow, expirationTime, instance, base.EncryptStateInServiceToken);
if (this.preserveBootstrapTokens)
{
token2.BootstrapMessageProperty = (security == null) ? null : ((SecurityMessageProperty)security.CreateCopy());
System.ServiceModel.Security.SecurityUtils.ErasePasswordInUsernameTokenIfPresent(token2.BootstrapMessageProperty);
}
RequestSecurityTokenResponse response = new RequestSecurityTokenResponse(base.StandardsManager)
{
Context = requestSecurityToken.Context,
KeySize = num,
RequestedUnattachedReference = base.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(token2, SecurityTokenReferenceStyle.External),
RequestedAttachedReference = base.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(token2, SecurityTokenReferenceStyle.Internal),
TokenType = base.SecurityContextTokenUri,
RequestedSecurityToken = token2
};
if (buffer != null)
{
response.SetIssuerEntropy(buffer);
response.ComputeKey = true;
}
if (token != null)
{
response.RequestedProofToken = token;
}
if (address != null)
{
if (request.Version.Addressing != AddressingVersion.WSAddressing10)
{
if (request.Version.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { request.Version.Addressing })));
}
response.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(address), serializer);
}
else
{
response.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(address), serializer);
}
}
response.MakeReadOnly();
negotiationState = new NegotiationTokenAuthenticatorState();
negotiationState.SetServiceToken(token2);
if (base.StandardsManager.MessageSecurityVersion.SecureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
return(response);
}
if (base.StandardsManager.MessageSecurityVersion.SecureConversationVersion != SecureConversationVersion.WSSecureConversation13)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
RequestSecurityTokenResponseCollection responses = new RequestSecurityTokenResponseCollection(new List <RequestSecurityTokenResponse>(1)
{
response
}, base.StandardsManager);
writer = responses;
}
finally
{
SecuritySessionSecurityTokenAuthenticator.RemoveCachedTokensIfRequired(request.Properties.Security);
}
return(writer);
}
protected override BodyWriter GetFirstOutgoingMessageBody(FederatedTokenProviderState negotiationState, out MessageProperties messageProperties)
{
messageProperties = null;
RequestSecurityToken rst = new RequestSecurityToken(this.StandardsManager);
if (this.addTargetServiceAppliesTo)
{
if (this.MessageVersion.Addressing == AddressingVersion.WSAddressing10)
{
rst.SetAppliesTo <EndpointAddress10>(
EndpointAddress10.FromEndpointAddress(negotiationState.TargetAddress),
DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), DataContractSerializerDefaults.MaxItemsInObjectGraph));
}
else if (this.MessageVersion.Addressing == AddressingVersion.WSAddressingAugust2004)
{
rst.SetAppliesTo <EndpointAddressAugust2004>(
EndpointAddressAugust2004.FromEndpointAddress(negotiationState.TargetAddress),
DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), DataContractSerializerDefaults.MaxItemsInObjectGraph));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.GetString(SR.AddressingVersionNotSupported, this.MessageVersion.Addressing)));
}
}
rst.Context = negotiationState.Context;
if (!this.isKeySizePresentInRstProperties)
{
rst.KeySize = this.keySize;
}
Collection <XmlElement> newRequestProperties = new Collection <XmlElement>();
if (this.requestProperties != null)
{
for (int i = 0; i < this.requestProperties.Count; ++i)
{
newRequestProperties.Add(this.requestProperties[i]);
}
}
if (!isKeyTypePresentInRstProperties)
{
XmlElement keyTypeElement = this.StandardsManager.TrustDriver.CreateKeyTypeElement(this.keyType);
newRequestProperties.Insert(0, keyTypeElement);
}
if (this.keyType == SecurityKeyType.SymmetricKey)
{
byte[] requestorEntropy = negotiationState.GetRequestorEntropy();
rst.SetRequestorEntropy(requestorEntropy);
}
else if (this.keyType == SecurityKeyType.AsymmetricKey)
{
RsaKeyIdentifierClause rsaClause = new RsaKeyIdentifierClause(negotiationState.Rsa);
SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier(rsaClause);
newRequestProperties.Add(this.StandardsManager.TrustDriver.CreateUseKeyElement(keyIdentifier, this.StandardsManager));
RsaSecurityTokenParameters rsaParameters = new RsaSecurityTokenParameters();
rsaParameters.InclusionMode = SecurityTokenInclusionMode.Never;
rsaParameters.RequireDerivedKeys = false;
SupportingTokenSpecification rsaSpec = new SupportingTokenSpecification(negotiationState.RsaSecurityToken, EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance, SecurityTokenAttachmentMode.Endorsing, rsaParameters);
messageProperties = new MessageProperties();
SecurityMessageProperty security = new SecurityMessageProperty();
security.OutgoingSupportingTokens.Add(rsaSpec);
messageProperties.Security = security;
}
if (this.keyType == SecurityKeyType.SymmetricKey && this.KeyEntropyMode == SecurityKeyEntropyMode.CombinedEntropy)
{
newRequestProperties.Add(this.StandardsManager.TrustDriver.CreateComputedKeyAlgorithmElement(this.StandardsManager.TrustDriver.ComputedKeyAlgorithm));
}
rst.RequestProperties = newRequestProperties;
rst.MakeReadOnly();
return(rst);
}
protected override BodyWriter ProcessRequestSecurityToken(Message request, RequestSecurityToken requestSecurityToken, out NegotiationTokenAuthenticatorState negotiationState)
{
if (request == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("request");
}
if (requestSecurityToken == null)
{
throw TraceUtility.ThrowHelperArgumentNull("requestSecurityToken", request);
}
try
{
if (requestSecurityToken.RequestType != null && requestSecurityToken.RequestType != this.StandardsManager.TrustDriver.RequestTypeIssue)
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(SR.GetString(SR.InvalidRstRequestType, requestSecurityToken.RequestType)), request);
}
if (requestSecurityToken.TokenType != null && requestSecurityToken.TokenType != this.SecurityContextTokenUri)
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(SR.GetString(SR.CannotIssueRstTokenType, requestSecurityToken.TokenType)), request);
}
EndpointAddress appliesTo;
DataContractSerializer appliesToSerializer;
string appliesToName;
string appliesToNamespace;
requestSecurityToken.GetAppliesToQName(out appliesToName, out appliesToNamespace);
if (appliesToName == AddressingStrings.EndpointReference && appliesToNamespace == request.Version.Addressing.Namespace)
{
if (request.Version.Addressing == AddressingVersion.WSAddressing10)
{
appliesToSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), DataContractSerializerDefaults.MaxItemsInObjectGraph);
appliesTo = requestSecurityToken.GetAppliesTo <EndpointAddress10>(appliesToSerializer).ToEndpointAddress();
}
else if (request.Version.Addressing == AddressingVersion.WSAddressingAugust2004)
{
appliesToSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), DataContractSerializerDefaults.MaxItemsInObjectGraph);
appliesTo = requestSecurityToken.GetAppliesTo <EndpointAddressAugust2004>(appliesToSerializer).ToEndpointAddress();
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.GetString(SR.AddressingVersionNotSupported, request.Version.Addressing)));
}
}
else
{
appliesTo = null;
appliesToSerializer = null;
}
if (this.shouldMatchRstWithEndpointFilter)
{
SecurityUtils.MatchRstWithEndpointFilter(request, this.EndpointFilterTable, this.ListenUri);
}
int issuedKeySize;
byte[] issuerEntropy;
byte[] proofKey;
SecurityToken proofToken;
WSTrust.Driver.ProcessRstAndIssueKey(requestSecurityToken, null, this.KeyEntropyMode, this.SecurityAlgorithmSuite,
out issuedKeySize, out issuerEntropy, out proofKey, out proofToken);
UniqueId contextId = SecurityUtils.GenerateUniqueId();
string id = SecurityUtils.GenerateId();
DateTime effectiveTime = DateTime.UtcNow;
DateTime expirationTime = TimeoutHelper.Add(effectiveTime, this.ServiceTokenLifetime);
// ensure that a SecurityContext is present in the message
SecurityMessageProperty securityProperty = request.Properties.Security;
ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies;
if (securityProperty != null)
{
authorizationPolicies = SecuritySessionSecurityTokenAuthenticator.CreateSecureConversationPolicies(securityProperty, expirationTime);
}
else
{
authorizationPolicies = EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance;
}
SecurityContextSecurityToken serviceToken = this.IssueSecurityContextToken(contextId, id, proofKey, effectiveTime, expirationTime, authorizationPolicies,
this.EncryptStateInServiceToken);
if (this.preserveBootstrapTokens)
{
serviceToken.BootstrapMessageProperty = (securityProperty == null) ? null : (SecurityMessageProperty)securityProperty.CreateCopy();
SecurityUtils.ErasePasswordInUsernameTokenIfPresent(serviceToken.BootstrapMessageProperty);
}
RequestSecurityTokenResponse rstr = new RequestSecurityTokenResponse(this.StandardsManager);
rstr.Context = requestSecurityToken.Context;
rstr.KeySize = issuedKeySize;
rstr.RequestedUnattachedReference = this.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(serviceToken, SecurityTokenReferenceStyle.External);
rstr.RequestedAttachedReference = this.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(serviceToken, SecurityTokenReferenceStyle.Internal);
rstr.TokenType = this.SecurityContextTokenUri;
rstr.RequestedSecurityToken = serviceToken;
if (issuerEntropy != null)
{
rstr.SetIssuerEntropy(issuerEntropy);
rstr.ComputeKey = true;
}
if (proofToken != null)
{
rstr.RequestedProofToken = proofToken;
}
if (appliesTo != null)
{
if (request.Version.Addressing == AddressingVersion.WSAddressing10)
{
rstr.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(appliesTo), appliesToSerializer);
}
else if (request.Version.Addressing == AddressingVersion.WSAddressingAugust2004)
{
rstr.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(appliesTo), appliesToSerializer);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.GetString(SR.AddressingVersionNotSupported, request.Version.Addressing)));
}
}
rstr.MakeReadOnly();
negotiationState = new NegotiationTokenAuthenticatorState();
negotiationState.SetServiceToken(serviceToken);
if (this.StandardsManager.MessageSecurityVersion.SecureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
return(rstr);
}
else if (this.StandardsManager.MessageSecurityVersion.SecureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
List <RequestSecurityTokenResponse> rstrList = new List <RequestSecurityTokenResponse>(1);
rstrList.Add(rstr);
RequestSecurityTokenResponseCollection rstrCollection = new RequestSecurityTokenResponseCollection(rstrList, this.StandardsManager);
return(rstrCollection);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
}
finally
{
SecuritySessionSecurityTokenAuthenticator.RemoveCachedTokensIfRequired(request.Properties.Security);
}
}
protected override BodyWriter GetFirstOutgoingMessageBody(IssuedSecurityTokenProvider.FederatedTokenProviderState negotiationState, out MessageProperties messageProperties)
{
messageProperties = null;
RequestSecurityToken token = new RequestSecurityToken(base.StandardsManager);
if (this.addTargetServiceAppliesTo)
{
if (this.MessageVersion.Addressing != AddressingVersion.WSAddressing10)
{
if (this.MessageVersion.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { this.MessageVersion.Addressing })));
}
token.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(negotiationState.TargetAddress), DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), 0x10000));
}
else
{
token.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(negotiationState.TargetAddress), DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), 0x10000));
}
}
token.Context = negotiationState.Context;
if (!this.isKeySizePresentInRstProperties)
{
token.KeySize = this.keySize;
}
Collection <XmlElement> collection = new Collection <XmlElement>();
if (this.requestProperties != null)
{
for (int i = 0; i < this.requestProperties.Count; i++)
{
collection.Add(this.requestProperties[i]);
}
}
if (!this.isKeyTypePresentInRstProperties)
{
XmlElement item = base.StandardsManager.TrustDriver.CreateKeyTypeElement(this.keyType);
collection.Insert(0, item);
}
if (this.keyType == SecurityKeyType.SymmetricKey)
{
byte[] requestorEntropy = negotiationState.GetRequestorEntropy();
token.SetRequestorEntropy(requestorEntropy);
}
else if (this.keyType == SecurityKeyType.AsymmetricKey)
{
RsaKeyIdentifierClause clause = new RsaKeyIdentifierClause(negotiationState.Rsa);
SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { clause });
collection.Add(base.StandardsManager.TrustDriver.CreateUseKeyElement(keyIdentifier, base.StandardsManager));
RsaSecurityTokenParameters tokenParameters = new RsaSecurityTokenParameters {
InclusionMode = SecurityTokenInclusionMode.Never,
RequireDerivedKeys = false
};
SupportingTokenSpecification specification = new SupportingTokenSpecification(negotiationState.RsaSecurityToken, System.ServiceModel.Security.EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance, SecurityTokenAttachmentMode.Endorsing, tokenParameters);
messageProperties = new MessageProperties();
SecurityMessageProperty property = new SecurityMessageProperty {
OutgoingSupportingTokens = { specification }
};
messageProperties.Security = property;
}
if ((this.keyType == SecurityKeyType.SymmetricKey) && (this.KeyEntropyMode == SecurityKeyEntropyMode.CombinedEntropy))
{
collection.Add(base.StandardsManager.TrustDriver.CreateComputedKeyAlgorithmElement(base.StandardsManager.TrustDriver.ComputedKeyAlgorithm));
}
token.RequestProperties = collection;
token.MakeReadOnly();
return(token);
}
/// <summary>
/// Initializes a new instance of the <see cref="SubscriptionManager"/> class from the supplied and fully initialized <see cref="System.ServiceModel.EndpointAddress"/>.
/// </summary>
/// <param name="address">The EPA used to address the subscription management for event source.</param>
public SubscriptionManager(EndpointAddress address)
{
Contract.Requires(address != null, "address");
this.epa = EndpointAddressAugust2004.FromEndpointAddress(address);
}
private async ValueTask <BodyWriter> ProcessNegotiationAsync(SspiNegotiationTokenAuthenticatorState negotiationState, Message incomingMessage, BinaryNegotiation incomingNego)
{
ISspiNegotiation sspiNegotiation = negotiationState.SspiNegotiation;
byte[] outgoingBlob = sspiNegotiation.GetOutgoingBlob(incomingNego.GetNegotiationData(),
SecurityUtils.GetChannelBindingFromMessage(incomingMessage),
ExtendedProtectionPolicy);
if (sspiNegotiation.IsValidContext == false)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(SR.Format(SR.InvalidSspiNegotiation)), incomingMessage);
}
// if there is no blob to send back the nego must be complete from the server side
if (outgoingBlob == null && sspiNegotiation.IsCompleted == false)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(SR.Format(SR.NoBinaryNegoToSend)), incomingMessage);
}
BinaryNegotiation outgoingBinaryNegotiation;
if (outgoingBlob != null)
{
outgoingBinaryNegotiation = GetOutgoingBinaryNegotiation(sspiNegotiation, outgoingBlob);
}
else
{
outgoingBinaryNegotiation = null;
}
BodyWriter replyBody;
if (sspiNegotiation.IsCompleted)
{
ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies = await ValidateSspiNegotiationAsync(sspiNegotiation);
SecurityContextSecurityToken serviceToken;
WrappedKeySecurityToken proofToken;
int issuedKeySize;
IssueServiceToken(negotiationState, authorizationPolicies, out serviceToken, out proofToken, out issuedKeySize);
negotiationState.SetServiceToken(serviceToken);
SecurityKeyIdentifierClause externalTokenReference = IssuedSecurityTokenParameters.CreateKeyIdentifierClause(serviceToken, SecurityTokenReferenceStyle.External);
SecurityKeyIdentifierClause internalTokenReference = IssuedSecurityTokenParameters.CreateKeyIdentifierClause(serviceToken, SecurityTokenReferenceStyle.Internal);
RequestSecurityTokenResponse dummyRstr = new RequestSecurityTokenResponse(StandardsManager)
{
Context = negotiationState.Context,
KeySize = issuedKeySize,
TokenType = SecurityContextTokenUri
};
if (outgoingBinaryNegotiation != null)
{
dummyRstr.SetBinaryNegotiation(outgoingBinaryNegotiation);
}
dummyRstr.RequestedUnattachedReference = externalTokenReference;
dummyRstr.RequestedAttachedReference = internalTokenReference;
dummyRstr.SetLifetime(serviceToken.ValidFrom, serviceToken.ValidTo);
if (negotiationState.AppliesTo != null)
{
if (incomingMessage.Version.Addressing == AddressingVersion.WSAddressing10)
{
dummyRstr.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(
negotiationState.AppliesTo),
negotiationState.AppliesToSerializer);
}
else if (incomingMessage.Version.Addressing == AddressingVersion.WSAddressingAugust2004)
{
dummyRstr.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(
negotiationState.AppliesTo),
negotiationState.AppliesToSerializer);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.Format(SR.AddressingVersionNotSupported, incomingMessage.Version.Addressing)));
}
}
dummyRstr.MakeReadOnly();
AddToDigest(negotiationState, dummyRstr, false);
RequestSecurityTokenResponse negotiationRstr = new RequestSecurityTokenResponse(StandardsManager)
{
RequestedSecurityToken = serviceToken,
RequestedProofToken = proofToken,
Context = negotiationState.Context,
KeySize = issuedKeySize,
TokenType = SecurityContextTokenUri
};
if (outgoingBinaryNegotiation != null)
{
negotiationRstr.SetBinaryNegotiation(outgoingBinaryNegotiation);
}
negotiationRstr.RequestedAttachedReference = internalTokenReference;
negotiationRstr.RequestedUnattachedReference = externalTokenReference;
if (negotiationState.AppliesTo != null)
{
if (incomingMessage.Version.Addressing == AddressingVersion.WSAddressing10)
{
negotiationRstr.SetAppliesTo <EndpointAddress10>(
EndpointAddress10.FromEndpointAddress(negotiationState.AppliesTo),
negotiationState.AppliesToSerializer);
}
else if (incomingMessage.Version.Addressing == AddressingVersion.WSAddressingAugust2004)
{
negotiationRstr.SetAppliesTo <EndpointAddressAugust2004>(
EndpointAddressAugust2004.FromEndpointAddress(negotiationState.AppliesTo),
negotiationState.AppliesToSerializer);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.Format(SR.AddressingVersionNotSupported, incomingMessage.Version.Addressing)));
}
}
negotiationRstr.MakeReadOnly();
byte[] authenticator = ComputeAuthenticator(negotiationState, serviceToken.GetKeyBytes());
RequestSecurityTokenResponse authenticatorRstr = new RequestSecurityTokenResponse(StandardsManager)
{
Context = negotiationState.Context
};
authenticatorRstr.SetAuthenticator(authenticator);
authenticatorRstr.MakeReadOnly();
List <RequestSecurityTokenResponse> rstrList = new List <RequestSecurityTokenResponse>(2)
{
negotiationRstr,
authenticatorRstr
};
replyBody = new RequestSecurityTokenResponseCollection(rstrList, StandardsManager);
}
else
{
RequestSecurityTokenResponse rstr = new RequestSecurityTokenResponse(StandardsManager)
{
Context = negotiationState.Context
};
rstr.SetBinaryNegotiation(outgoingBinaryNegotiation);
rstr.MakeReadOnly();
AddToDigest(negotiationState, rstr, false);
replyBody = rstr;
}
return(replyBody);
}
