public override bool CheckAccess(OperationContext operationContext, ref Message message)
{
base.CheckAccess(operationContext, ref message);
string action = operationContext.IncomingMessageHeaders.Action;
if (action == "urn:msdnmag/IService/GetRoles")
{
// messags in WCF are always read-once
// we create one copy to work with, and one copy to return back to the plumbing
MessageBuffer buffer = operationContext.RequestContext.RequestMessage.CreateBufferedCopy(int.MaxValue);
message = buffer.CreateMessage();
// get the username vale using XPath
XPathNavigator nav = buffer.CreateNavigator();
StandardNamespaceManager nsm = new StandardNamespaceManager(nav.NameTable);
nsm.AddNamespace("msdn", "urn:msdnmag");
XPathNavigator node =
nav.SelectSingleNode("s:Envelope/s:Body/msdn:GetRoles/msdn:username", nsm);
string parameter = node.InnerXml;
// check authorization
if (operationContext.ServiceSecurityContext.PrimaryIdentity.Name == parameter)
{
return(true);
}
else
{
return(GetPrincipal(operationContext).IsInRole("administrators"));
}
}
return(true);
}
/// <summary>
/// Converts the message buffer to the message which is actually journalled in
/// the database. This will follow/respect the configuration settings and
/// apply the necessary transformations.
/// </summary>
/// <param name="emit">Whether to obtain the message from the buffer or not.</param>
/// <param name="buffer">Buffer containing message.</param>
/// <returns>XML message to journal.</returns>
private static string ToMessage(bool emit, MessageBuffer buffer)
{
#region Validations
if (buffer == null)
{
throw new ArgumentNullException(nameof(buffer));
}
#endregion
if (emit == false)
{
return("<not-journaled />");
}
/*
*
*/
XPathNavigator nav = buffer.CreateNavigator();
string message = nav.OuterXml;
return(message);
}
private Message TransformMessage(Message oldMessage)
{
Message newMessage = null;
MessageBuffer msgbuf = oldMessage.CreateBufferedCopy(int.MaxValue);
XPathNavigator nav = msgbuf.CreateNavigator();
//load the old message into xmldocument
MemoryStream ms = new MemoryStream();
XmlWriter xw = XmlWriter.Create(ms);
nav.WriteSubtree(xw);
xw.Flush();
xw.Close();
ms.Position = 0;
XDocument xdoc = XDocument.Load(
XmlReader.Create(ms)
);
string sXML = xdoc.ToString();
//perform transformation
var strElms = xdoc.Descendants(XName.Get("StringValue", "urn:test:datacontracts"));
foreach (XElement strElm in strElms)
{
strElm.Value = "[Modified in SimpleMessageInspector]" + strElm.Value;
}
XDocument xdoc1 = XDocument.Parse(sXML);
//xdoc = XDocument.Parse(sXML);
xw = XmlWriter.Create(ms);
ms.Position = 0;
xdoc.Save(
xw
);
xw.Flush();
xw.Close();
ms.Position = 0;
StreamReader sr = new StreamReader(ms);
Console.WriteLine(sr.ReadToEnd());
//create the new message
ms.Position = 0;
XmlDictionaryReader xdr = XmlDictionaryReader.CreateTextReader(
ms, new XmlDictionaryReaderQuotas()
);
newMessage = Message.CreateMessage(xdr, int.MaxValue, oldMessage.Version);
return(newMessage);
}
public void TestCreateNavigator()
{
Message m = Message.CreateMessage(MessageVersion.Default, "http://tempuri.org/");
MessageBuffer mb = m.CreateBufferedCopy(1024);
XPathNavigator nav = mb.CreateNavigator();
Assert.IsTrue(nav is SeekableXPathNavigator);
}
public override bool Match(MessageBuffer buffer)
{
XPathExpression expr = XPathExpression.Compile(string.Format("////value == {0}", _filterParam));
XPathNavigator navigator = buffer.CreateNavigator();
return(navigator.Matches(expr));
//XDocument doc = await GetMessageEnvelope(buffer);
//return Match(doc);
}
/*Atención:
* Los procedimientos aquí realizados son basados y cumplen con la especificación
* OASIS Web Service Security 1.1
* (https://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf),
* La especificación XML Encryption Syntax and Processing(https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/Overview.html)
* y la Espeficación XML Signature Syntax and Processing(https://www.w3.org/TR/xmldsig-core1/)
* No cambiar nada de lo que hay acá, inclusive el orden de los elementos puede causar errores fatales en
* el servidor al querer procesar el mensaje.
* Si se quiere cambiar algo, por favor, guiarse y adherirse a la especificación de OASIS Web Service Security 1.1
*/
public static Message GetSignedRequest(ref Message unsignedRequest)
{
#region Obtener el XML del Message
MessageBuffer messageBuffer = unsignedRequest.CreateBufferedCopy(Int32.MaxValue); //Crea una copia de request en el Buffer de tamaño Int32.MaxValue
XPathNavigator xpathNavigator = messageBuffer.CreateNavigator(); //Creamos un Cursor para navegar a través del mensaje xml (messageBuffer)
//Cargar el mensaje en un documento xml.
MemoryStream memoryStream = new MemoryStream();
XmlWriter escritorXml = XmlWriter.Create(memoryStream);
xpathNavigator.WriteSubtree(escritorXml);
escritorXml.Flush();
escritorXml.Close();
memoryStream.Position = 0;
//Creamos un documento XML vacio
XmlDocument xmldoc = new XmlDocument()
{
PreserveWhitespace = true
};
xmldoc.Load(XmlReader.Create(memoryStream));
#endregion
PrepararXml(ref xmldoc);
//Obtenemos los certificados requeridos para Firmas y Encriptar.
//Aquí comienza la magia.
X509Certificate2 certificadoconllaveprivada = RetrieveCertificate(true, "cf0b691745fd90204f387214e49ffc3e7b48f3c0");
X509Certificate2 certificadopublico = RetrieveCertificate(false, "3febb2423e8baf23ae4ee30672551e766f0a536b");
#region Obtener el XML firmado y encriptado y lo convierte en un objeto Message
XmlDocument newxml = FirmaryEncriptarSoapRequest(xmldoc, certificadoconllaveprivada, certificadopublico);
newxml.PreserveWhitespace = true;
escritorXml = XmlWriter.Create(memoryStream);
memoryStream.Position = 0;
newxml.Save(escritorXml);
escritorXml.Flush();
escritorXml.Close();
memoryStream.Position = 0;
XmlDictionaryReader xdr = XmlDictionaryReader.CreateTextReader(memoryStream, new XmlDictionaryReaderQuotas());
Message newMessage = Message.CreateMessage(xdr, Int32.MaxValue, unsignedRequest.Version);
newMessage.Properties.CopyProperties(unsignedRequest.Properties);
#endregion
return(newMessage);
}
public override bool Match(MessageBuffer buffer)
{
if (_filterExpression == null)
{
_filterExpression = XPathExpression.Compile($"////value == {_filterParam}");
}
XPathNavigator navigator = buffer.CreateNavigator();
return(navigator.Matches(_filterExpression));
//XDocument doc = await GetMessageEnvelope(buffer);
//return Match(doc);
}
/// <summary>
/// Returns a StringBuilder containing the contents of the given message buffer.
/// </summary>
/// <param name="messageBuffer"></param>
/// <returns></returns>
protected StringBuilder GetMessageBufferAsStringBuilder(MessageBuffer messageBuffer)
{
XPathNavigator nav = messageBuffer.CreateNavigator();
XmlDocument navDoc = new XmlDocument();
navDoc.LoadXml(nav.OuterXml);
StringBuilder sb = new StringBuilder();
sb.Append(navDoc.ChildNodes[0].ChildNodes[1].InnerXml);
return(sb);
}
internal static Message GetDecryptedResponse(ref Message reply)
{
#region Obtener el XML del Message
MessageBuffer messageBuffer = reply.CreateBufferedCopy(Int32.MaxValue); //Crea una copia de request en el Buffer de tamaño Int32.MaxValue
XPathNavigator xpathNavigator = messageBuffer.CreateNavigator(); //Creamos un Cursor para navegar a través del mensaje xml (messageBuffer)
//Cargar el mensaje en un documento xml.
MemoryStream memoryStream = new MemoryStream();
XmlWriter escritorXml = XmlWriter.Create(memoryStream);
xpathNavigator.WriteSubtree(escritorXml);
escritorXml.Flush();
escritorXml.Close();
memoryStream.Position = 0;
//Creamos un documento XML vacio
XmlDocument xmldoc = new XmlDocument()
{
PreserveWhitespace = true
};
xmldoc.Load(XmlReader.Create(memoryStream));
#endregion
#region Desencriptar la respuesta.
X509Certificate2 certificadoconllaveprivada = RetrieveCertificate(true, "cf0b691745fd90204f387214e49ffc3e7b48f3c0");
#endregion
#region Crear un message a partir del XML desencriptado.
XmlDocument newxml = Decrypt(xmldoc, certificadoconllaveprivada);
newxml.PreserveWhitespace = true;
escritorXml = XmlWriter.Create(memoryStream);
memoryStream.Position = 0;
newxml.Save(escritorXml);
escritorXml.Flush();
escritorXml.Close();
memoryStream.Position = 0;
XmlDictionaryReader xdr = XmlDictionaryReader.CreateTextReader(memoryStream, new XmlDictionaryReaderQuotas());
Message newMessage = Message.CreateMessage(xdr, Int32.MaxValue, reply.Version);
newMessage.Properties.CopyProperties(reply.Properties);
#endregion
return(newMessage);
}
