Beispiel #1
0
        static void Main(string[] args)
        {
            // Setup Log4Net configuration by loading it from configuration file.
            // log4net is not necessary and is only being used for demonstration.
            XmlConfigurator.Configure();

            // To ensure that the WSP is up and running.
            Thread.Sleep(1000);

            // Retrieve token
            IStsTokenService tokenService = new StsTokenServiceCache(TokenServiceConfigurationFactory.CreateConfiguration());
            var securityToken             = tokenService.GetToken();

            // Call WSP with token
            var client = new HelloWorldClient();
            var channelWithIssuedToken = client.ChannelFactory.CreateChannelWithIssuedToken(securityToken);

            Console.WriteLine(channelWithIssuedToken.HelloNone("Schultz")); // Even if the protection level is set to 'None' Digst.OioIdws.Wsc ensures that the body is always at least signed.
            Console.WriteLine(channelWithIssuedToken.HelloSign("Schultz"));
            Console.WriteLine(channelWithIssuedToken.HelloEncryptAndSign("Schultz"));

            //Checking that SOAP faults can be read.SOAP faults are encrypted in Sign and EncryptAndSign mode if no special care is taken.
            try
            {
                channelWithIssuedToken.HelloSignError("Schultz");
            }
            catch (Exception e)
            {
                Console.WriteLine(e.Message);
            }

            Console.ReadKey();
        }
        public void DotnetWscCallJavaWspTest()
        {
            // Ensure that the WSP is up and running.
            Thread.Sleep(30000);

            var succeeded = false;

            // Retrieve token
            IStsTokenService stsTokenService =
                new StsTokenServiceCache(
                    TokenServiceConfigurationFactory.CreateConfiguration()
                    );
            var securityToken = stsTokenService.GetToken();

            // Call WSP with token
            var client = new HelloWorldPortTypeClient();

            var channelWithIssuedToken =
                client.ChannelFactory.CreateChannelWithIssuedToken(
                    securityToken
                    );

            var helloWorldRequestJohn = new HelloWorldRequest("John");

            succeeded =
                channelWithIssuedToken
                .HelloWorld(helloWorldRequestJohn)
                .response.Equals("Hello John");

            Assert.IsTrue(succeeded);
        }
Beispiel #3
0
        private string RunSoap(SecurityToken bootstrapToken)
        {
            // Retrieve token
            IStsTokenService stsTokenService = new StsTokenServiceCache(TokenServiceConfigurationFactory.CreateConfiguration());
            SecurityToken    securityToken   = null;

            if (bootstrapToken != null)
            {
                securityToken = stsTokenService.GetTokenWithBootstrapToken(bootstrapToken);
            }
            else
            {
                securityToken = stsTokenService.GetToken();
            }

            // Call WSP with token
            var client = new HelloWorldClient();

            // enable revocation check if not white listed at Nets, don't do this in production!
            //client.ClientCredentials.ServiceCertificate.Authentication.RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck;

            var channelWithIssuedToken = client.ChannelFactory.CreateChannelWithIssuedToken(securityToken);

            return(channelWithIssuedToken.HelloSign("Oiosaml-net.dk TEST"));
        }
Beispiel #4
0
        static void Main(string[] args)
        {
            // Setup Log4Net configuration by loading it from configuration file.
            // log4net is not necessary and is only being used for demonstration.
            XmlConfigurator.Configure();

            // To ensure that the WSP is up and running.
            Thread.Sleep(1000);

            // Retrieve token
            IStsTokenService stsTokenService =
                new StsTokenServiceCache(
                    TokenServiceConfigurationFactory.CreateConfiguration()
                    );
            var securityToken = stsTokenService.GetToken();

            // Call WSP with token
            var client = new HelloWorldPortTypeClient();

            var channelWithIssuedToken =
                client.ChannelFactory.CreateChannelWithIssuedToken(
                    securityToken
                    );

            var helloWorldRequestJohn = new HelloWorldRequest("John");

            Console.WriteLine(
                channelWithIssuedToken.HelloWorld(helloWorldRequestJohn).response
                );

            var helloWorldRequestJane = new HelloWorldRequest("Jane");

            Console.WriteLine(
                channelWithIssuedToken.HelloWorld(helloWorldRequestJane).response
                );

            try
            {
                // third call will trigger a SOAPFault
                var helloWorldRequest = new HelloWorldRequest("");
                Console.WriteLine(
                    channelWithIssuedToken.HelloWorld(helloWorldRequest).response
                    );
            }
            catch (Exception ex)
            {
                Console.WriteLine("Expected SOAPFault caught: " + ex.Message);
            }

            // Encrypted calls fails client side. However, encryption at message
            // level is not required and no further investigation has been
            // putted into this issue yet.
            //
            // Console.WriteLine(channelWithIssuedToken.HelloEncryptAndSign("Schultz"));

            Console.WriteLine("Press <Enter> to stop the service.");
            Console.ReadLine();
        }
Beispiel #5
0
        public void OioWsTrustTokenServiceCacheGivesTheSameTokenTest()
        {
            // Arrange
            IStsTokenService stsTokenService =
                new StsTokenServiceCache(
                    TokenServiceConfigurationFactory.CreateConfiguration()
                    );
            var securityToken = stsTokenService.GetToken();

            // Act
            var securityToken2 = stsTokenService.GetToken();

            // Assert
            Assert.AreEqual(securityToken, securityToken2, "Expected that tokens was the same");
        }
Beispiel #6
0
        public static void Setup(TestContext context)
        {
            // Check certificates
            if (!CertMaker.rootCertIsTrusted())
            {
                CertMaker.trustRootCert();
            }

            // Start proxy server (to simulate man in the middle attacks)
            FiddlerApplication.Startup(
                8877, /* Port */
                true, /* Register as System Proxy */
                true, /* Decrypt SSL */
                false /* Allow Remote */
                );

            // Start WSP
            _process = Process.Start(@"..\..\..\..\Examples\Digst.OioIdws.WspExample\bin\Debug\Digst.OioIdws.WspExample.exe");

            // Retrieve token
            _stsTokenService = new StsTokenServiceCache(TokenServiceConfigurationFactory.CreateConfiguration());
        }
Beispiel #7
0
        static void Main(string[] args)
        {
            // Setup Log4Net configuration by loading it from configuration file
            // log4net is not necessary and is only being used for demonstration
            XmlConfigurator.Configure();

            // To ensure that the WSP is up and running.
            Thread.Sleep(1000);

            // Retrieve token
            IStsTokenService stsTokenService =
                new StsTokenServiceCache(
                    TokenServiceConfigurationFactory.CreateConfiguration()
                    );
            var securityToken = stsTokenService.GetToken();

            // Call WSP with token
            var hostname        = "https://localhost:8443/HelloWorld/services/helloworld";
            var customBinding   = new Channels.CustomBinding();
            var endpointAddress = new System.ServiceModel.EndpointAddress(
                new Uri(hostname),
                System.ServiceModel.EndpointIdentity.CreateDnsIdentity(
                    //"wsp.oioidws-net.dk TEST (funktionscertifikat)"
                    "eID JAVA test (funktionscertifikat)"
                    ),
                new Channels.AddressHeader[] { }
                );

            var asymmetric =
                new Channels.AsymmetricSecurityBindingElement
                (
                    new SecurityTokens.X509SecurityTokenParameters(
                        SecurityTokens.X509KeyIdentifierClauseType.Any,
                        SecurityTokens.SecurityTokenInclusionMode.AlwaysToInitiator
                        ),
                    new Soap.StrCustomization.CustomizedIssuedSecurityTokenParameters(
                        "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
                        )
            {
                UseStrTransform = true
            }
                )
            {
                AllowSerializedSigningTokenOnReply = true,
                ProtectTokens = true
            };

            asymmetric.SetKeyDerivation(false);
            var messageEncoding =
                new Channels.TextMessageEncodingBindingElement
            {
                MessageVersion =
                    Channels.MessageVersion.Soap12WSAddressing10
            };
            var transport =
                (hostname.ToLower().StartsWith("https://"))
                    ? new Channels.HttpsTransportBindingElement()
                    : new Channels.HttpTransportBindingElement();

            customBinding.Elements.Add(asymmetric);
            customBinding.Elements.Add(messageEncoding);
            customBinding.Elements.Add(transport);

            System.ServiceModel.ChannelFactory <HelloWorldPortType> factory =
                new System.ServiceModel.ChannelFactory <HelloWorldPortType>(
                    customBinding, endpointAddress
                    );
            factory.Credentials.UseIdentityConfiguration = true;
            factory.Credentials.ServiceCertificate.SetScopedCertificate(
                X509Certificates.StoreLocation.LocalMachine,
                X509Certificates.StoreName.My,
                X509Certificates.X509FindType.FindByThumbprint,
                //"1F0830937C74B0567D6B05C07B6155059D9B10C7",
                "85398FCF737FB76F554C6F2422CC39D3A35EC26F",
                new Uri(hostname)
                );
            factory.Endpoint.Behaviors.Add(
                new Soap.Behaviors.SoapClientBehavior()
                );

            var channelWithIssuedToken =
                factory.CreateChannelWithIssuedToken(securityToken);

            var helloWorldRequestJohn = new HelloWorldRequest("John");

            Console.WriteLine(
                channelWithIssuedToken.HelloWorld(helloWorldRequestJohn).response
                );

            var helloWorldRequestJane = new HelloWorldRequest("Jane");

            Console.WriteLine(
                channelWithIssuedToken.HelloWorld(helloWorldRequestJane).response
                );

            try
            {
                // third call will trigger a SOAPFault
                var helloWorldRequest = new HelloWorldRequest("");
                Console.WriteLine(
                    channelWithIssuedToken.HelloWorld(helloWorldRequest).response
                    );
            }
            catch (Exception ex)
            {
                Console.WriteLine("Expected SOAPFault caught: " + ex.Message);
            }

            // Encrypted calls fails client side. However, encryption at message
            // level is not required and no further investigation has been
            // putted into this issue yet.
            //
            // Console.WriteLine(channelWithIssuedToken.HelloEncryptAndSign("Schultz"));

            Console.WriteLine("Press <Enter> to stop the service.");
            Console.ReadLine();
        }
Beispiel #8
0
        static void Main(string[] args)
        {
            // Setup Log4Net configuration by loading it from configuration file
            // log4net is not necessary and is only being used for demonstration
            XmlConfigurator.Configure();

            // To ensure that the WSP is up and running.
            Thread.Sleep(1000);

            // Retrieve token
            IStsTokenService stsTokenService =
                new StsTokenServiceCache(
                    TokenServiceConfigurationFactory.CreateConfiguration()
                    );
            var securityToken = stsTokenService.GetToken();

            // Call WSP with token
            var hostname        = "https://Digst.OioIdws.Wsp:9090/HelloWorld";
            var customBinding   = new Channels.CustomBinding();
            var endpointAddress = new System.ServiceModel.EndpointAddress(
                new Uri(hostname),
                System.ServiceModel.EndpointIdentity.CreateDnsIdentity(
                    "wsp.oioidws-net.dk TEST (funktionscertifikat)"
                    ),
                new Channels.AddressHeader[] { }
                );

            var asymmetric =
                new Channels.AsymmetricSecurityBindingElement
                (
                    new SecurityTokens.X509SecurityTokenParameters(
                        SecurityTokens.X509KeyIdentifierClauseType.Any,
                        SecurityTokens.SecurityTokenInclusionMode.AlwaysToInitiator
                        ),
                    new Soap.StrCustomization.CustomizedIssuedSecurityTokenParameters(
                        "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
                        )
            {
                UseStrTransform = true
            }
                )
            {
                AllowSerializedSigningTokenOnReply = true,
                ProtectTokens = true
            };

            asymmetric.SetKeyDerivation(false);
            var messageEncoding =
                new Channels.TextMessageEncodingBindingElement
            {
                MessageVersion =
                    Channels.MessageVersion.Soap12WSAddressing10
            };
            var transport =
                (hostname.ToLower().StartsWith("https://"))
                    ? new Channels.HttpsTransportBindingElement()
                    : new Channels.HttpTransportBindingElement();

            customBinding.Elements.Add(asymmetric);
            customBinding.Elements.Add(messageEncoding);
            customBinding.Elements.Add(transport);

            System.ServiceModel.ChannelFactory <IHelloWorld> factory =
                new System.ServiceModel.ChannelFactory <IHelloWorld>(
                    customBinding, endpointAddress
                    );
            factory.Credentials.UseIdentityConfiguration = true;
            factory.Credentials.ServiceCertificate.SetScopedCertificate(
                X509Certificates.StoreLocation.LocalMachine,
                X509Certificates.StoreName.My,
                X509Certificates.X509FindType.FindByThumbprint,
                "1F0830937C74B0567D6B05C07B6155059D9B10C7",
                new Uri(hostname)
                );
            factory.Endpoint.Behaviors.Add(
                new Soap.Behaviors.SoapClientBehavior()
                );

            var channelWithIssuedToken =
                factory.CreateChannelWithIssuedToken(securityToken);

            Console.WriteLine(channelWithIssuedToken.HelloNone("Schultz"));
            Console.WriteLine(channelWithIssuedToken.HelloSign("Schultz"));
            Console.WriteLine(channelWithIssuedToken.HelloEncryptAndSign("Schultz"));

            // Checking that SOAP faults can be read. SOAP faults are encrypted
            // in Sign and EncryptAndSign mode if no special care is taken.
            try
            {
                channelWithIssuedToken.HelloSignError("Schultz");
            }
            catch (Exception e)
            {
                Console.WriteLine(e.Message);
            }

            // Checking that SOAP faults can be read when only being signed.
            // SOAP faults are only signed if special care is taken.
            try
            {
                channelWithIssuedToken.HelloSignErrorNotEncrypted("Schultz");
            }
            catch (Exception e)
            {
                Console.WriteLine(e.Message);
            }

            Console.ReadLine();
        }