internal SecurityToken GetSecurityTokenInternal() { TokenServiceMetadata gatewayMetadata = GetMetadata(); AuthenticationMetadata dSTSMetadata = new AuthenticationMetadata(TVSSerializerUtility.Deserialize(gatewayMetadata.Metadata)); if (cloudServiceName != null && cloudServiceName != gatewayMetadata.ServiceName) { string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceName", cloudServiceName, gatewayMetadata.ServiceName); TraceSource.WriteWarning( TraceType, warning); throw new FabricException(warning); } if (cloudServiceDnsNames != null && cloudServiceDnsNames.FirstOrDefault(name => name == gatewayMetadata.ServiceDnsName) == null) { string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceDNSNames", string.Join(",", cloudServiceDnsNames), gatewayMetadata.ServiceDnsName); TraceSource.WriteWarning( TraceType, warning); throw new FabricException(warning); } SecurityTokenIssuanceResponse rstr; try { rstr = authenticationClient.GetSecurityToken( gatewayMetadata.ServiceName, gatewayMetadata.ServiceDnsName, dSTSMetadata); } catch (SecurityTokenIssuanceException e) { TraceSource.WriteWarning( TraceType, "GetSecurityToken failed with exception: {0}", e.Message); throw new FabricException(e.Message); } return(rstr.SecurityToken); }
internal TokenServiceMetadata GetDSTSMetadata() { if (this.claimsAuthEnabled) { if (!this.reloadLock.TryEnterReadLock(DSTSObjectManager.LockTimeout)) { TokenValidationServiceFactory.TraceSource.WriteWarning( DSTSObjectManager.TraceType, "Failed to obtain read lock on GetDSTSMetadata"); throw new InvalidOperationException("Failed to get read lock within required time for getting token metadata"); } try { TokenValidationServiceFactory.TraceSource.WriteNoise( DSTSObjectManager.TraceType, "GetDSTSMetadata invoked for service {0} with DNS name {1}", settings.ServiceName, settings.ServiceDnsName); object metadata = this.authenticationProvider.CreateAuthenticationMetadata(); using (Message metadataMessage = Message.CreateMessage(MessageVersion.Default, "", metadata)) { return(new TokenServiceMetadata( TVSSerializerUtility.Serialize(metadataMessage), settings.ServiceName, settings.ServiceDnsName)); } } finally { this.reloadLock.ExitReadLock(); } } else { TokenValidationServiceFactory.TraceSource.WriteWarning( DSTSObjectManager.TraceType, "GetDSTSMetadata method called when TVS is disabled"); throw new InvalidOperationException(System.Fabric.Strings.StringResources.Error_InvalidOperation); } }