/// <summary>
        /// 
        /// </summary>
        /// <param name="requestMessage"></param>
        /// <param name="config"></param>
        /// <param name="withRefreshToken"></param>
        /// <returns></returns>
        public static AccessTokenResponse ProcessAccessTokenRequest(AccessTokenRequest requestMessage, SecurityTokenServiceConfiguration config, Boolean withRefreshToken)
        {
            ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => true;

            // Call issuer to create token
            WSTrustChannelFactory factory = new WSTrustChannelFactory("issuer");
            // TODO: factory.Credentials.UserName.UserName = requestMessage.Name ?? requestMessage.ClientId;
            // TODO: factory.Credentials.UserName.Password = requestMessage.Password ?? requestMessage.ClientSecret;
            WSTrustChannel issuer = factory.CreateChannel() as WSTrustChannel;
            RequestSecurityToken rst = new RequestSecurityToken(WSTrust13Constants.RequestTypes.Issue);
            rst.AppliesTo = new EndpointAddress("https://wrap.client");
            rst.KeyType = WSTrust13Constants.KeyTypes.Bearer;

            RequestSecurityTokenResponse response = null;
            issuer.Issue(rst, out response);

            WSTrustSerializationContext context = new WSTrustSerializationContext(
                config.SecurityTokenHandlerCollectionManager,
                config.CreateAggregateTokenResolver(),
                config.IssuerTokenResolver);

            // Create response
            var token = response.RequestedSecurityToken.SecurityToken;
            if (null == token)
            {
                using (XmlReader reader = new XmlNodeReader(response.RequestedSecurityToken.SecurityTokenXml))
                {
                    token = FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlers.ReadToken(reader);
                }
                token = ConvertToSimpleWebToken(token, response);
            }

            // Write token
            return WriteToken(token, withRefreshToken);
        }
Beispiel #2
0
 /// <summary>
 /// 
 /// </summary>
 /// <param name="request"></param>
 /// <param name="message"></param>
 public static void WriteRequest(this HttpWebRequest request, AccessTokenRequest message)
 {
     request.Method = "POST";
     request.ContentType = "application/x-www-form-urlencoded";
     using (TextWriter writer = new StreamWriter(request.GetRequestStream()))
     {
         writer.Write(message.ToString());
     }
 }
Beispiel #3
0
 /// <summary>
 /// 
 /// </summary>
 /// <param name="request"></param>
 /// <param name="message"></param>
 public static void WriteRequest(this WebRequest request, AccessTokenRequest message)
 {
     var httpRequest = request as HttpWebRequest;
     if (null == httpRequest)
         throw new NotSupportedException("Only HttpWebRequests are supported.");
     httpRequest.WriteRequest(message);
 }
Beispiel #4
0
        public void ProcessCommon(AccessTokenRequest request)
        {
            // Example processing.
            var name = String.Empty;
            if (false == String.IsNullOrEmpty(request.Name))
                name = request.Name;
            else if (false == String.IsNullOrEmpty(request.ClientId))
                name = request.ClientId;

            var withRefreshToken = false == String.IsNullOrEmpty(request.ClientId);

            if ("bad client" == name || "bad client id" == name)
            {
                Response.WriteResponse(AccessTokenResponse.CreateForUnauthorized());
                return;
            }
            if ("client id for captcha" == name && null == request.CaptchaSolution)
            {
                Response.WriteResponse(new CaptchaResponse(new Uri("http://captcha.url")));
                return;
            }
            if ("client id for captcha" == name && "incorrect solution" == request.CaptchaSolution)
            {
                Response.WriteResponse(AccessTokenResponse.CreateForUnauthorized());
                return;
            }

            // Create claims
            List<Claim> claims = new List<Claim>() {
                new Claim(ClaimTypes.Name, name),
                // new Claim("http://wrap.resource/can.post", "x")
            };

            // Respond with OK and access token
            Response.WriteResponse(
                WrapSecurityTokenServiceOperations.ProcessAccessTokenRequest(
                    request,
                    User,
                    new WrapIssuer(new SimpleWrapIssuerConfiguration(), new ReadOnlyCollection<Claim>(claims)),
                    withRefreshToken));
        }
 /// <summary>
 /// 
 /// </summary>
 /// <param name="requestMessage"></param>
 /// <param name="config"></param>
 /// <returns></returns>
 public static AccessTokenResponse ProcessAccessTokenRequest(AccessTokenRequest requestMessage, SecurityTokenServiceConfiguration config)
 {
     return ProcessAccessTokenRequest(requestMessage, config, false);
 }
 /// <summary>
 /// Creates a message for requesting a security token with WS-Trust.
 /// </summary>
 /// <param name="requestMessage">A WRAP message for requesting access tokens.</param>
 /// <returns>A WS-Trust Request Security Token (RST) message.</returns>
 public RequestSecurityToken CreateRequest(AccessTokenRequest requestMessage)
 {
     return new RequestSecurityToken()
     {
         RequestType = RequestTypes.Issue,
         Lifetime = null,
         KeyType = KeyTypes.Bearer,
         ReplyTo = String.Empty,
         AppliesTo = new EndpointAddress("http://wrap.resource") // TODO
     };
 }
        /// <summary>
        /// Requests a token from the issuer and builds a response with that token.
        /// </summary>
        /// <param name="requestMessage"></param>
        /// <param name="principal"></param>
        /// <param name="sts"></param>
        /// <param name="withRefreshToken"></param>
        /// <returns></returns>
        public static AccessTokenResponse ProcessAccessTokenRequest(AccessTokenRequest requestMessage, IPrincipal principal, SecurityTokenService sts, Boolean withRefreshToken)
        {
            if (null == requestMessage)
                throw new ArgumentNullException("requestMessage");
            if (null == principal)
                throw new ArgumentNullException("principal");
            if (null == sts)
                throw new ArgumentNullException("sts");

            // Call issuer to create token
            var response = sts.Issue(
                ClaimsPrincipal.CreateFromPrincipal(principal),
                new WrapSerializer().CreateRequest(requestMessage));

            // Create response
            var token = response.RequestedSecurityToken.SecurityToken;
            return WriteToken(token, withRefreshToken);
        }
 /// <summary>
 /// 
 /// </summary>
 /// <param name="requestMessage"></param>
 /// <param name="principal"></param>
 /// <param name="sts"></param>
 /// <returns></returns>
 public static AccessTokenResponse ProcessAccessTokenRequest(AccessTokenRequest requestMessage, IPrincipal principal, SecurityTokenService sts)
 {
     return ProcessAccessTokenRequest(requestMessage, principal, sts, false);
 }