internal SecurityToken GetSecurityTokenInternal()
{
TokenServiceMetadata gatewayMetadata = GetMetadata();
AuthenticationMetadata dSTSMetadata = new AuthenticationMetadata(TVSSerializerUtility.Deserialize(gatewayMetadata.Metadata));
if (cloudServiceName != null && cloudServiceName != gatewayMetadata.ServiceName)
{
string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceName", cloudServiceName, gatewayMetadata.ServiceName);
TraceSource.WriteWarning(
TraceType,
warning);
throw new FabricException(warning);
}
if (cloudServiceDnsNames != null &&
cloudServiceDnsNames.FirstOrDefault(name => name == gatewayMetadata.ServiceDnsName) == null)
{
string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceDNSNames", string.Join(",", cloudServiceDnsNames), gatewayMetadata.ServiceDnsName);
TraceSource.WriteWarning(
TraceType,
warning);
throw new FabricException(warning);
}
SecurityTokenIssuanceResponse rstr;
try
{
rstr = authenticationClient.GetSecurityToken(
gatewayMetadata.ServiceName,
gatewayMetadata.ServiceDnsName,
dSTSMetadata);
}
catch (SecurityTokenIssuanceException e)
{
TraceSource.WriteWarning(
TraceType,
"GetSecurityToken failed with exception: {0}",
e.Message);
throw new FabricException(e.Message);
}
return(rstr.SecurityToken);
}
internal TokenServiceMetadata GetDSTSMetadata()
{
if (this.claimsAuthEnabled)
{
if (!this.reloadLock.TryEnterReadLock(DSTSObjectManager.LockTimeout))
{
TokenValidationServiceFactory.TraceSource.WriteWarning(
DSTSObjectManager.TraceType,
"Failed to obtain read lock on GetDSTSMetadata");
throw new InvalidOperationException("Failed to get read lock within required time for getting token metadata");
}
try
{
TokenValidationServiceFactory.TraceSource.WriteNoise(
DSTSObjectManager.TraceType,
"GetDSTSMetadata invoked for service {0} with DNS name {1}",
settings.ServiceName,
settings.ServiceDnsName);
object metadata = this.authenticationProvider.CreateAuthenticationMetadata();
using (Message metadataMessage = Message.CreateMessage(MessageVersion.Default, "", metadata))
{
return(new TokenServiceMetadata(
TVSSerializerUtility.Serialize(metadataMessage),
settings.ServiceName,
settings.ServiceDnsName));
}
}
finally
{
this.reloadLock.ExitReadLock();
}
}
else
{
TokenValidationServiceFactory.TraceSource.WriteWarning(
DSTSObjectManager.TraceType,
"GetDSTSMetadata method called when TVS is disabled");
throw new InvalidOperationException(System.Fabric.Strings.StringResources.Error_InvalidOperation);
}
}
