public static SecurityToken GetSecurityToken(RequestSecurityTokenConfiguration rstConfiguration, SecurityToken bootstrapToken)
{
var certificateRst = new RequestSecurityToken
{
AppliesTo = new EndpointReference(rstConfiguration.AppliesTo),
RequestType = RequestTypes.Issue,
TokenType = "urn:oasis:names:tc:SAML:2.0:assertion",
KeyType = KeyTypes.Symmetric,
Issuer = new EndpointReference(rstConfiguration.StsEndpointAddress.Uri.AbsoluteUri),
};
if (bootstrapToken != null)
{
certificateRst.ActAs = new SecurityTokenElement(bootstrapToken);
}
if (rstConfiguration.ClientCertificate == null)
{
throw new IdentifyStsProcessException("Cannot execute negotiating token request to certificate endpoint withou client cerificate");
}
try
{
var stschannel = CreateStsChannel(rstConfiguration.ClientCertificate, rstConfiguration.StsEndpointAddress);
return(stschannel.Issue(certificateRst));
}
catch (Exception ex)
{
Logging.Instance.Error(ex, "There is an error responsed from ws-trust service.");
throw;
}
}
/// <summary>
/// Creates a configuration section handler.
/// </summary>
public object Create(object parent, object configContext, XmlNode section)
{
var config = new RequestSecurityTokenConfiguration();
config.LoadConfiguration(section);
return(config);
}
public static SecurityToken GetSecurityToken(RequestSecurityTokenConfiguration rstConfiguration, SecurityToken bootstrapToken)
{
var upnRst = new RequestSecurityToken
{
AppliesTo = new EndpointReference(rstConfiguration.AppliesTo),
RequestType = RequestTypes.Issue,
TokenType = "urn:oasis:names:tc:SAML:2.0:assertion",
KeyType = KeyTypes.Symmetric,
Issuer = new EndpointReference(rstConfiguration.StsEndpointAddress.Uri.AbsoluteUri),
};
if (bootstrapToken != null)
{
upnRst.ActAs = new SecurityTokenElement(bootstrapToken);
}
if (string.IsNullOrEmpty(rstConfiguration.ClientUsername))
{
throw new IdentifyStsProcessException("Cannot execute negotiating token request to certificate endpoint without client username or password");
}
if (rstConfiguration.Claims != null && rstConfiguration.Claims.Any())
{
upnRst.Claims.Dialect = "http://docs.oasis-open.org/wsfed/authorization/200706/authclaims";
foreach (var claim in rstConfiguration.Claims)
{
upnRst.Claims.Add(new RequestClaim(claim.Type, false, claim.Value));
}
}
try
{
var stschannel = CreateStsChannel(rstConfiguration.ClientUsername, rstConfiguration.ClientPassword, rstConfiguration.StsEndpointAddress);
return(stschannel.Issue(upnRst));
}
catch (Exception ex)
{
Logging.Instance.Error(ex, "There is an error responsed from ws-trust service.");
throw;
}
}
public static SecurityToken GetSecurityToken(RequestSecurityTokenConfiguration rstConfiguration)
{
return(GetSecurityToken(rstConfiguration, null));
}
