static void Main(string[] args)
{
// <Snippet0>
// <Snippet3>
// <Snippet1>
EndpointAddressBuilder eab = new EndpointAddressBuilder();
// </Snippet1>
eab.Uri = new Uri("http://localhost/Uri");
eab.Headers.Add(AddressHeader.CreateAddressHeader("n", "ns", "val"));
// </Snippet3>
// <Snippet4>
eab.Identity = EndpointIdentity.CreateUpnIdentity("identity");
// </Snippet4>
// <Snippet5>
XmlDictionaryReader xdrExtensions = eab.GetReaderAtExtensions();
// </Snippet5>
// <Snippet6>
StringReader sr = new StringReader(@"<myExtension xmlns=""myExtNs"" />");
eab.SetExtensionReader(XmlDictionaryReader.CreateDictionaryReader(XmlReader.Create(sr)));
// </Snippet6>
// <Snippet7>
EndpointAddress ea = eab.ToEndpointAddress();
// </Snippet7>
// <Snippet8>
sr = new StringReader(@"<myMetadata xmlns=""myMetaNs"" />");
XmlDictionaryReader xdrMetaData = eab.GetReaderAtMetadata();
// </Snippet8>
// <Snippet9>
eab.SetMetadataReader(XmlDictionaryReader.CreateDictionaryReader(XmlReader.Create(sr)));
// </Snippet9>
// </Snippet0>
// <Snippet2>
EndpointAddress endpointAddress = new EndpointAddress("http://localhost/uri2");
EndpointAddressBuilder eab2 = new EndpointAddressBuilder(endpointAddress);
// </Snippet2>
}
public void SerializeAndSign(string filename, X509Certificate2 cert)
{
MemoryStream stream = new MemoryStream();
XmlWriter writer = XmlWriter.Create(stream);
writer.WriteStartElement(XmlNames.WSIdentity.InfoCardElement, XmlNames.WSIdentity.Namespace);
//
// write the InformationCardReference element
//
writer.WriteAttributeString(XmlNames.Xml.Language, XmlNames.Xml.Namespace, m_language);
writer.WriteStartElement(XmlNames.WSIdentity.InfoCardRefElement, XmlNames.WSIdentity.Namespace);
writer.WriteElementString(XmlNames.WSIdentity.CardIdElement, XmlNames.WSIdentity.Namespace, m_cardId);
writer.WriteElementString(XmlNames.WSIdentity.CardVersionElement, XmlNames.WSIdentity.Namespace, m_cardVersion);
writer.WriteEndElement();
//
// card name
//
if (!String.IsNullOrEmpty(m_cardName))
{
writer.WriteStartElement(XmlNames.WSIdentity.CardNameElement, XmlNames.WSIdentity.Namespace);
writer.WriteString(m_cardName);
writer.WriteEndElement();
}
//
// card image
//
if (null != m_logo && 0 != m_logo.Length)
{
writer.WriteStartElement(XmlNames.WSIdentity.CardImageElement, XmlNames.WSIdentity.Namespace);
if (!String.IsNullOrEmpty(m_mimeType))
{
writer.WriteAttributeString(XmlNames.WSIdentity.MimeTypeAttribute, m_mimeType);
}
string val = Convert.ToBase64String(m_logo);
writer.WriteString(val);
writer.WriteEndElement();
}
//
// card issuer uri
//
writer.WriteStartElement(XmlNames.WSIdentity.IssuerElement, XmlNames.WSIdentity.Namespace);
writer.WriteString(m_issuerId);
writer.WriteEndElement();
//
// issue time
//
writer.WriteStartElement(XmlNames.WSIdentity.TimeIssuedElement, XmlNames.WSIdentity.Namespace);
writer.WriteString(XmlConvert.ToString(m_issuedOn, XmlDateTimeSerializationMode.Utc));
writer.WriteEndElement();
//
// expiry time
//
writer.WriteStartElement(XmlNames.WSIdentity.TimeExpiresElement, XmlNames.WSIdentity.Namespace);
writer.WriteString(XmlConvert.ToString(m_expiresOn, XmlDateTimeSerializationMode.Utc));
writer.WriteEndElement();
//
// Start the tokenservice list
//
writer.WriteStartElement(XmlNames.WSIdentity.TokenServiceListElement, XmlNames.WSIdentity.Namespace);
EndpointAddressBuilder eprBuilder = new EndpointAddressBuilder();
eprBuilder.Uri = new Uri(m_issuerId);
eprBuilder.Identity = new X509CertificateEndpointIdentity(cert);
if (null != m_mexUri)
{
MetadataReference mexRef = new MetadataReference();
mexRef.Address = new EndpointAddress(m_mexUri);
mexRef.AddressVersion = AddressingVersion.WSAddressing10;
MetadataSection mexSection = new MetadataSection();
mexSection.Metadata = mexRef;
MetadataSet mexSet = new MetadataSet();
mexSet.MetadataSections.Add(mexSection);
MemoryStream memStream = new MemoryStream();
XmlTextWriter writer1 = new XmlTextWriter(memStream, System.Text.Encoding.UTF8);
mexSet.WriteTo(writer1);
writer1.Flush();
memStream.Seek(0, SeekOrigin.Begin);
XmlDictionaryReader reader = XmlDictionaryReader.CreateTextReader(memStream, XmlDictionaryReaderQuotas.Max);
eprBuilder.SetMetadataReader(reader);
}
m_epr = eprBuilder.ToEndpointAddress();
writer.WriteStartElement(XmlNames.WSIdentity.TokenServiceElement, XmlNames.WSIdentity.Namespace);
//
// Write the EndPointReference
//
m_epr.WriteTo(AddressingVersion.WSAddressing10, writer);
//
// Write the UserCredential Element
//
writer.WriteStartElement(XmlNames.WSIdentity.UserCredentialElement, XmlNames.WSIdentity.Namespace);
//
// Write the hint
//
if (!String.IsNullOrEmpty(m_hint))
{
writer.WriteStartElement(XmlNames.WSIdentity.DisplayCredentialHintElement, XmlNames.WSIdentity.Namespace);
writer.WriteString(m_hint);
writer.WriteEndElement();
}
switch (m_cardType)
{
case DefaultValues.CardType.UserNamePassword:
writer.WriteStartElement(XmlNames.WSIdentity.UserNamePasswordCredentialElement, XmlNames.WSIdentity.Namespace);
if (!string.IsNullOrEmpty(m_credentialIdentifier))
{
writer.WriteStartElement(XmlNames.WSIdentity.UserNameElement, XmlNames.WSIdentity.Namespace);
writer.WriteString(m_credentialIdentifier);
writer.WriteEndElement();
}
writer.WriteEndElement();
break;
case DefaultValues.CardType.KerberosAuth:
writer.WriteStartElement(XmlNames.WSIdentity.KerberosV5CredentialElement, XmlNames.WSIdentity.Namespace);
writer.WriteEndElement();
break;
case DefaultValues.CardType.SelfIssuedAuth:
writer.WriteStartElement(XmlNames.WSIdentity.SelfIssuedCredentialElement, XmlNames.WSIdentity.Namespace);
if (!string.IsNullOrEmpty(m_credentialIdentifier))
{
writer.WriteStartElement(XmlNames.WSIdentity.PrivatePersonalIdentifierElement, XmlNames.WSIdentity.Namespace);
writer.WriteString(m_credentialIdentifier);
writer.WriteEndElement();
}
else
{
throw new InvalidDataException("No PPID was specified");
}
writer.WriteEndElement();
break;
case DefaultValues.CardType.SmartCard:
writer.WriteStartElement(XmlNames.WSIdentity.X509V3CredentialElement, XmlNames.WSIdentity.Namespace);
writer.WriteStartElement(XmlNames.XmlDSig.X509DataElement, XmlNames.XmlDSig.Namespace);
if (!string.IsNullOrEmpty(m_credentialIdentifier))
{
writer.WriteStartElement(XmlNames.WSSecurityExt.KeyIdentifierElement, XmlNames.WSSecurityExt.Namespace);
writer.WriteAttributeString(XmlNames.WSSecurityExt.ValueTypeAttribute,
null,
XmlNames.WSSecurityExt.Sha1ThumbrpintKeyTypeValue);
writer.WriteString(m_credentialIdentifier);
writer.WriteEndElement();
}
else
{
throw new InvalidDataException("No thumbprint was specified");
}
writer.WriteEndElement();
writer.WriteEndElement();
break;
default:
break;
}
writer.WriteEndElement(); //end of user credential
writer.WriteEndElement(); // end of tokenservice
writer.WriteEndElement(); //end of tokenservice list
//
// tokentypes
//
writer.WriteStartElement(XmlNames.WSIdentity.SupportedTokenTypeListElement, XmlNames.WSIdentity.Namespace);
foreach (string type in m_tokenTypes)
{
writer.WriteElementString(XmlNames.WSTrust.TokenType,
XmlNames.WSTrust.Namespace,
type);
}
writer.WriteEndElement();
//
// claims
//
writer.WriteStartElement(XmlNames.WSIdentity.SupportedClaimTypeListElement, XmlNames.WSIdentity.Namespace);
foreach (ClaimInfo clm in m_supportedClaims)
{
writer.WriteStartElement(XmlNames.WSIdentity.SupportedClaimTypeElement, XmlNames.WSIdentity.Namespace);
writer.WriteAttributeString(XmlNames.WSIdentity.UriAttribute, clm.Id);
if (!String.IsNullOrEmpty(clm.DisplayTag))
{
writer.WriteElementString(XmlNames.WSIdentity.DisplayTagElement,
XmlNames.WSIdentity.Namespace,
clm.DisplayTag);
}
if (!String.IsNullOrEmpty(clm.Description))
{
writer.WriteElementString(XmlNames.WSIdentity.DescriptionElement,
XmlNames.WSIdentity.Namespace,
clm.Description);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
//
// RequireAppliesTo
//
if (m_requireAppliesTo)
{
writer.WriteElementString(XmlNames.WSIdentity.RequireAppliesToElement, XmlNames.WSIdentity.Namespace, null);
}
//
// Privacy Notice
//
if (!String.IsNullOrEmpty(m_privacyNoticeAt))
{
writer.WriteStartElement(XmlNames.WSIdentity.PrivacyNoticeAtElement, XmlNames.WSIdentity.Namespace);
writer.WriteString(m_privacyNoticeAt);
writer.WriteEndElement();
}
writer.WriteEndElement();
writer.Close();
//
// Sign the xml content
//
stream.Position = 0;
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = false;
doc.Load(stream);
SignedXml signed = new SignedXml();
signed.SigningKey = cert.PrivateKey;
signed.Signature.SignedInfo.CanonicalizationMethod
= SignedXml.XmlDsigExcC14NTransformUrl;
Reference reference = new Reference();
reference.Uri = "#_Object_InfoCard";
reference.AddTransform(
new XmlDsigExcC14NTransform());
signed.AddReference(reference);
KeyInfo info = new KeyInfo();
KeyInfoX509Data data = new KeyInfoX509Data(cert,
X509IncludeOption.WholeChain);
info.AddClause(data);
signed.KeyInfo = info;
DataObject cardData = new DataObject("_Object_InfoCard", null, null, doc.DocumentElement);
signed.AddObject(cardData);
signed.ComputeSignature();
XmlElement e = signed.GetXml();
XmlTextWriter fileWriter = new XmlTextWriter(filename, Encoding.UTF8);
e.WriteTo(fileWriter);
fileWriter.Flush();
fileWriter.Close();
}
public XmlDocument CreateInformationCardXML(InformationCard card)
{
MemoryStream stream = new MemoryStream();
XmlWriter writer = XmlWriter.Create(stream);
writer.WriteStartElement("InformationCard", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteAttributeString("lang", "http://www.w3.org/XML/1998/namespace", "en-US");
writer.WriteStartElement("InformationCardReference", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteElementString("CardId", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.CardReference.CardID);
writer.WriteElementString("CardVersion", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.CardReference.CardVersion.ToString());
writer.WriteEndElement();
if (card.CardName != null && card.CardName.Length > 0)
{
writer.WriteStartElement("CardName", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(card.CardName);
writer.WriteEndElement();
}
if (card.CardImage != null && card.CardImage.ImageName.Length > 0)
{
writer.WriteStartElement("CardImage", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (card.CardImage != null && card.CardImage.ImageMimeType != null && card.CardImage.ImageMimeType.Length > 0)
{
writer.WriteAttributeString("MimeType", card.CardImage.ImageMimeType);
}
FileInfo cardImage = new FileInfo(card.CardImage.ImageName);
if (cardImage.Exists)
{
byte[] cardImageBytes = new byte[cardImage.Length];
using (FileStream imageFS = cardImage.OpenRead())
{
imageFS.Read(cardImageBytes, 0, cardImageBytes.Length);
}
string imageBase64 = Convert.ToBase64String(cardImageBytes);
writer.WriteString(imageBase64);
writer.WriteEndElement();
}
}
writer.WriteStartElement("Issuer", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(card.Issuer);
writer.WriteEndElement();
//writer.WriteStartElement("IssuerName", "http://schemas.xmlsoap.org/ws/2005/05/identity");
//writer.WriteString(card.IssuerName);
//writer.WriteEndElement();
writer.WriteStartElement("TimeIssued", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(XmlConvert.ToString(card.TimeIssued, XmlDateTimeSerializationMode.Utc));
writer.WriteEndElement();
writer.WriteStartElement("TimeExpires", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(XmlConvert.ToString(card.TimeExpires, XmlDateTimeSerializationMode.Utc));
writer.WriteEndElement();
writer.WriteStartElement("TokenServiceList", "http://schemas.xmlsoap.org/ws/2005/05/identity");
foreach (TokenService ts in card.TokenServiceList)
{
EndpointAddressBuilder endpointBuilder = new EndpointAddressBuilder();
endpointBuilder.Uri = new Uri(ts.EndpointReference.Address);
endpointBuilder.Identity = new X509CertificateEndpointIdentity(RetrieveCertificate(ts.EndpointReference.Identity));
if (null != ts.EndpointReference.Mex)
{
MetadataReference mexReference = new MetadataReference();
mexReference.Address = new EndpointAddress(ts.EndpointReference.Mex);
mexReference.AddressVersion = AddressingVersion.WSAddressing10;
MetadataSection mexSection = new MetadataSection();
mexSection.Metadata = mexReference;
MetadataSet mexSet = new MetadataSet();
mexSet.MetadataSections.Add(mexSection);
MemoryStream mexMemoryStream = new MemoryStream();
XmlTextWriter mexWriter = new XmlTextWriter(mexMemoryStream, System.Text.Encoding.UTF8);
mexSet.WriteTo(mexWriter);
mexWriter.Flush();
mexMemoryStream.Seek(0, SeekOrigin.Begin);
XmlDictionaryReader reader = XmlDictionaryReader.CreateTextReader(mexMemoryStream, XmlDictionaryReaderQuotas.Max);
endpointBuilder.SetMetadataReader(reader);
writer.WriteStartElement("TokenService", "http://schemas.xmlsoap.org/ws/2005/05/identity");
EndpointAddress endpoint = endpointBuilder.ToEndpointAddress();
endpoint.WriteTo(AddressingVersion.WSAddressing10, writer);
writer.WriteStartElement("UserCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (ts.UserCredential.DisplayCredentialHint != null && ts.UserCredential.DisplayCredentialHint.Length > 0)
{
writer.WriteStartElement("DisplayCredentialHint", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (ts.UserCredential.UserCredentialType == CredentialType.SelfIssued)
{
//Override the user value as this should be false for types of SelfIssued
ts.UserCredential.DisplayCredentialHint = "false";
}
writer.WriteString(ts.UserCredential.DisplayCredentialHint);
writer.WriteEndElement();
}
switch (ts.UserCredential.UserCredentialType)
{
case CredentialType.SelfIssued:
writer.WriteStartElement("SelfIssuedCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (!string.IsNullOrEmpty(ts.UserCredential.Value))
{
writer.WriteStartElement("PrivatePersonalIdentifier", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(ts.UserCredential.Value);
writer.WriteEndElement();
}
writer.WriteEndElement();
break;
case CredentialType.UsernameAndPassword:
writer.WriteStartElement("UsernamePasswordCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (!string.IsNullOrEmpty(ts.UserCredential.Value))
{
writer.WriteStartElement("Username", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(ts.UserCredential.Value);
writer.WriteEndElement();
}
writer.WriteEndElement();
break;
case CredentialType.Kerberos:
writer.WriteStartElement("KerberosV5Credential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteEndElement();
break;
case CredentialType.SmartCard:
writer.WriteStartElement("X509V3Credential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteStartElement("X509Data", "http://www.w3.org/2000/09/xmldsig#");
if (!string.IsNullOrEmpty(ts.UserCredential.Value))
{
writer.WriteStartElement("KeyIdentifier", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
writer.WriteAttributeString("ValueType",
null,
"http://docs.oasis-open.org/wss/2004/xx/oasis-2004xx-wss-soap-message-security-1.1#ThumbprintSHA1");
writer.WriteString(RetrieveCertificate(ts.UserCredential.Value).Thumbprint);
writer.WriteEndElement();
}
else
{
throw new InvalidDataException("No thumbprint was specified");
}
writer.WriteEndElement();
writer.WriteEndElement();
break;
default:
break;
}
writer.WriteEndElement();
writer.WriteEndElement();
}
}
writer.WriteEndElement(); //end of tokenservice list
//
// tokentypes
//
writer.WriteStartElement("SupportedTokenTypeList", "http://schemas.xmlsoap.org/ws/2005/05/identity");
foreach (TokenType tokenType in card.AcceptedTokenTypes)
{
writer.WriteElementString("TokenType",
"http://schemas.xmlsoap.org/ws/2005/02/trust",
tokenType.Uri);
}
writer.WriteEndElement();
//
// claims
//
writer.WriteStartElement("SupportedClaimTypeList", "http://schemas.xmlsoap.org/ws/2005/05/identity");
foreach (CardClaim claim in card.SupportedClaimTypeList)
{
writer.WriteStartElement("SupportedClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteAttributeString("Uri", claim.Uri);
if (!String.IsNullOrEmpty(claim.DisplayTag))
{
writer.WriteElementString("DisplayTag", "http://schemas.xmlsoap.org/ws/2005/05/identity",
claim.DisplayTag);
}
if (!String.IsNullOrEmpty(claim.Description))
{
writer.WriteElementString("Description", "http://schemas.xmlsoap.org/ws/2005/05/identity",
claim.Description);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
if (card.RequireRPIdentification)
{
writer.WriteElementString("RequireAppliesTo", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.RequireRPIdentification.ToString());
}
if (!String.IsNullOrEmpty(card.PrivacyNotice))
{
writer.WriteStartElement("PrivacyNotice", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(card.PrivacyNotice);
writer.WriteEndElement();
}
writer.WriteEndElement();
writer.Close();
stream.Position = 0;
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = false;
doc.Load(stream);
return(doc);
}
