void ImportMessageScopeProtectionPolicy(MetadataImporter importer, PolicyConversionContext policyContext)
{
MessagePartSpecification endpointSignedParts;
MessagePartSpecification endpointEncryptedParts;
bool isContractAssociatedWithAtLeastOneOtherBinding;
ContractProtectionLevel otherBindingProtectionLevel = null;
bool hasContractProtectionLevel = false;
bool isContractProtectionLevelUniform = true;
ProtectionLevel contractProtectionLevel = ProtectionLevel.None;
string contractAssociationName = String.Format("{0}:{1}:{2}", ContractProtectionLevelKey, policyContext.Contract.Name, policyContext.Contract.Namespace);
if (importer.State.ContainsKey(contractAssociationName))
{
isContractAssociatedWithAtLeastOneOtherBinding = true;
otherBindingProtectionLevel = (ContractProtectionLevel)importer.State[contractAssociationName];
}
else
{
isContractAssociatedWithAtLeastOneOtherBinding = false;
}
ICollection<XmlElement> endpointBindingAssertions = policyContext.GetBindingAssertions();
this.ImportProtectionAssertions(endpointBindingAssertions, out endpointSignedParts, out endpointEncryptedParts);
if (importer.State.ContainsKey(InSecureConversationBootstrapBindingImportMode))
{
// when importing secure conversation boostrap binding, add the endpoint scope protection requirements
// to the importer state to be consumed in SecurityPolicy11.TryImportWsspBootrstapPolicyAssertion
if (endpointEncryptedParts != null)
importer.State[SecureConversationBootstrapEncryptionRequirements] = endpointEncryptedParts;
if (endpointSignedParts != null)
importer.State[SecureConversationBootstrapSignatureRequirements] = endpointSignedParts;
}
foreach (OperationDescription operation in policyContext.Contract.Operations)
{
MessagePartSpecification operationSignedParts;
MessagePartSpecification operationEncryptedParts;
ICollection<XmlElement> operationBindingAssertions = policyContext.GetOperationBindingAssertions(operation);
this.ImportProtectionAssertions(operationBindingAssertions, out operationSignedParts, out operationEncryptedParts);
this.AddParts(ref operationSignedParts, endpointSignedParts);
this.AddParts(ref operationEncryptedParts, endpointEncryptedParts);
MessagePartSpecification messageSignedParts;
MessagePartSpecification messageEncryptedParts;
bool hasProtectionLevel = false;
bool isProtectionLevelUniform = true;
ProtectionLevel protectionLevel = ProtectionLevel.None;
// import application message protection requirements
foreach (MessageDescription message in operation.Messages)
{
ICollection<XmlElement> messageBindingAssertions = policyContext.GetMessageBindingAssertions(message);
this.ImportProtectionAssertions(messageBindingAssertions, out messageSignedParts, out messageEncryptedParts);
this.AddParts(ref messageSignedParts, operationSignedParts);
this.AddParts(ref messageEncryptedParts, operationEncryptedParts);
// validate or set body protection level
ProtectionLevel newProtectionLevel = GetProtectionLevel(messageSignedParts.IsBodyIncluded, messageEncryptedParts.IsBodyIncluded, message.Action);
if (OperationFormatter.IsValidReturnValue(message.Body.ReturnValue))
{
ValidateExistingOrSetNewProtectionLevel(message.Body.ReturnValue, message, operation, policyContext.Contract, newProtectionLevel);
}
foreach (MessagePartDescription body in message.Body.Parts)
{
ValidateExistingOrSetNewProtectionLevel(body, message, operation, policyContext.Contract, newProtectionLevel);
}
if (!OperationFormatter.IsValidReturnValue(message.Body.ReturnValue) || message.Body.Parts.Count == 0)
{
ValidateExistingOrSetNewProtectionLevel(null, message, operation, policyContext.Contract, newProtectionLevel);
}
if (hasProtectionLevel)
{
if (protectionLevel != newProtectionLevel)
{
isProtectionLevelUniform = false;
}
}
else
{
protectionLevel = newProtectionLevel;
hasProtectionLevel = true;
}
if (hasContractProtectionLevel)
{
if (contractProtectionLevel != newProtectionLevel)
{
isContractProtectionLevelUniform = false;
}
}
else
{
contractProtectionLevel = newProtectionLevel;
hasContractProtectionLevel = true;
}
// validate o set header protection level
foreach (MessageHeaderDescription header in message.Headers)
{
bool signed = messageSignedParts.IsHeaderIncluded(header.Name, header.Namespace);
bool encrypted = messageEncryptedParts.IsHeaderIncluded(header.Name, header.Namespace);
newProtectionLevel = GetProtectionLevel(signed, encrypted, message.Action);
ValidateExistingOrSetNewProtectionLevel(header, message, operation, policyContext.Contract, newProtectionLevel);
if (hasProtectionLevel)
{
if (protectionLevel != newProtectionLevel)
{
isProtectionLevelUniform = false;
}
}
else
{
protectionLevel = newProtectionLevel;
hasProtectionLevel = true;
}
if (hasContractProtectionLevel)
{
if (contractProtectionLevel != newProtectionLevel)
{
isContractProtectionLevelUniform = false;
}
}
else
{
contractProtectionLevel = newProtectionLevel;
hasContractProtectionLevel = true;
}
}
}
// normalize protection level settings at the operation scope if possible to help avoid typed message generation
if (hasProtectionLevel && isProtectionLevelUniform)
{
// ([....]) remove the foreach message here
// foreach (MessageDescription message in operation.Messages)
this.ResetProtectionLevelForMessages(operation);
operation.ProtectionLevel = protectionLevel;
}
// import fault protection requirements
foreach (FaultDescription fault in operation.Faults)
{
ICollection<XmlElement> faultBindingAssertions = policyContext.GetFaultBindingAssertions(fault);
this.ImportProtectionAssertions(faultBindingAssertions, out messageSignedParts, out messageEncryptedParts);
this.AddParts(ref messageSignedParts, operationSignedParts);
this.AddParts(ref messageEncryptedParts, operationEncryptedParts);
// validate or set fault protection level
ProtectionLevel newProtectionLevel = GetProtectionLevel(messageSignedParts.IsBodyIncluded, messageEncryptedParts.IsBodyIncluded, fault.Action);
if (fault.HasProtectionLevel)
{
if (fault.ProtectionLevel != newProtectionLevel)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.CannotImportProtectionLevelForContract, policyContext.Contract.Name, policyContext.Contract.Namespace)));
}
}
else
{
fault.ProtectionLevel = newProtectionLevel;
}
if (hasContractProtectionLevel)
{
if (contractProtectionLevel != newProtectionLevel)
{
isContractProtectionLevelUniform = false;
}
}
else
{
contractProtectionLevel = newProtectionLevel;
hasContractProtectionLevel = true;
}
}
}
if (isContractAssociatedWithAtLeastOneOtherBinding)
{
if (hasContractProtectionLevel != otherBindingProtectionLevel.HasProtectionRequirements
|| isContractProtectionLevelUniform != otherBindingProtectionLevel.HasUniformProtectionLevel
|| contractProtectionLevel != otherBindingProtectionLevel.UniformProtectionLevel)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.CannotImportProtectionLevelForContract, policyContext.Contract.Name, policyContext.Contract.Namespace)));
}
}
else
{
if (hasContractProtectionLevel && isContractProtectionLevelUniform && contractProtectionLevel == ProtectionLevel.EncryptAndSign)
{
// remove all explicitly set protection levels on the contract description, since they are uniform across the contract
// and match our binding's default of EncryptAndSign
foreach (OperationDescription operation in policyContext.Contract.Operations)
{
this.ResetProtectionLevelForMessages(operation);
foreach (FaultDescription fault in operation.Faults)
{
fault.ResetProtectionLevel();
}
operation.ResetProtectionLevel();
}
}
importer.State[contractAssociationName] = new ContractProtectionLevel(hasContractProtectionLevel, isContractProtectionLevelUniform, contractProtectionLevel);
}
}
internal void AttachPolicy(ServiceEndpoint endpoint, WsdlEndpointConversionContext endpointContext, PolicyConversionContext policyContext)
{
string str;
SortedList<string, string> policyKeys = new SortedList<string, string>();
NamingHelper.DoesNameExist doesNameExist = (name, nameCollection) => policyKeys.ContainsKey(name);
System.Web.Services.Description.ServiceDescription serviceDescription = endpointContext.WsdlBinding.ServiceDescription;
ICollection<XmlElement> bindingAssertions = policyContext.GetBindingAssertions();
System.Web.Services.Description.Binding wsdlBinding = endpointContext.WsdlBinding;
if (bindingAssertions.Count > 0)
{
str = NamingHelper.GetUniqueName(CreateBindingPolicyKey(wsdlBinding), doesNameExist, null);
policyKeys.Add(str, str);
this.AttachItemPolicy(bindingAssertions, str, serviceDescription, wsdlBinding);
}
foreach (OperationDescription description2 in endpoint.Contract.Operations)
{
if (WsdlExporter.OperationIsExportable(description2))
{
bindingAssertions = policyContext.GetOperationBindingAssertions(description2);
if (bindingAssertions.Count > 0)
{
OperationBinding operationBinding = endpointContext.GetOperationBinding(description2);
str = NamingHelper.GetUniqueName(CreateOperationBindingPolicyKey(operationBinding), doesNameExist, null);
policyKeys.Add(str, str);
this.AttachItemPolicy(bindingAssertions, str, serviceDescription, operationBinding);
}
foreach (MessageDescription description3 in description2.Messages)
{
bindingAssertions = policyContext.GetMessageBindingAssertions(description3);
if (bindingAssertions.Count > 0)
{
MessageBinding messageBinding = endpointContext.GetMessageBinding(description3);
str = NamingHelper.GetUniqueName(CreateMessageBindingPolicyKey(messageBinding, description3.Direction), doesNameExist, null);
policyKeys.Add(str, str);
this.AttachItemPolicy(bindingAssertions, str, serviceDescription, messageBinding);
}
}
foreach (FaultDescription description4 in description2.Faults)
{
bindingAssertions = policyContext.GetFaultBindingAssertions(description4);
if (bindingAssertions.Count > 0)
{
FaultBinding faultBinding = endpointContext.GetFaultBinding(description4);
str = NamingHelper.GetUniqueName(CreateFaultBindingPolicyKey(faultBinding), doesNameExist, null);
policyKeys.Add(str, str);
this.AttachItemPolicy(bindingAssertions, str, serviceDescription, faultBinding);
}
}
}
}
}
internal void AttachPolicy(ServiceEndpoint endpoint, WsdlEndpointConversionContext endpointContext, PolicyConversionContext policyContext)
{
SortedList<string, string> policyKeys = new SortedList<string, string>();
NamingHelper.DoesNameExist policyKeyIsUnique
= delegate(string name, object nameCollection)
{
return policyKeys.ContainsKey(name);
};
string key, keyBase;
ICollection<XmlElement> assertions;
WsdlNS.ServiceDescription policyWsdl = endpointContext.WsdlBinding.ServiceDescription;
assertions = policyContext.GetBindingAssertions();
// Add [wsdl:Binding] level Policy
WsdlNS.Binding wsdlBinding = endpointContext.WsdlBinding;
if (assertions.Count > 0)
{
keyBase = CreateBindingPolicyKey(wsdlBinding);
key = NamingHelper.GetUniqueName(keyBase, policyKeyIsUnique, null);
policyKeys.Add(key, key);
AttachItemPolicy(assertions, key, policyWsdl, wsdlBinding);
}
foreach (OperationDescription operation in endpoint.Contract.Operations)
{
if (!WsdlExporter.OperationIsExportable(operation))
{
continue;
}
assertions = policyContext.GetOperationBindingAssertions(operation);
// Add [wsdl:Binding/wsdl:operation] policy
if (assertions.Count > 0)
{
WsdlNS.OperationBinding wsdlOperationBinding = endpointContext.GetOperationBinding(operation);
keyBase = CreateOperationBindingPolicyKey(wsdlOperationBinding);
key = NamingHelper.GetUniqueName(keyBase, policyKeyIsUnique, null);
policyKeys.Add(key, key);
AttachItemPolicy(assertions, key, policyWsdl, wsdlOperationBinding);
}
//
// Add [wsdl:Binding/wsdl:operation] child policy
//
foreach (MessageDescription message in operation.Messages)
{
assertions = policyContext.GetMessageBindingAssertions(message);
// Add [wsdl:Binding/wsdl:operation/wsdl:(input, output, message)] policy
if (assertions.Count > 0)
{
WsdlNS.MessageBinding wsdlMessageBinding = endpointContext.GetMessageBinding(message);
keyBase = CreateMessageBindingPolicyKey(wsdlMessageBinding, message.Direction);
key = NamingHelper.GetUniqueName(keyBase, policyKeyIsUnique, null);
policyKeys.Add(key, key);
AttachItemPolicy(assertions, key, policyWsdl, wsdlMessageBinding);
}
}
foreach (FaultDescription fault in operation.Faults)
{
assertions = policyContext.GetFaultBindingAssertions(fault);
// Add [wsdl:Binding/wsdl:operation/wsdl:fault] policy
if (assertions.Count > 0)
{
WsdlNS.FaultBinding wsdlFaultBinding = endpointContext.GetFaultBinding(fault);
keyBase = CreateFaultBindingPolicyKey(wsdlFaultBinding);
key = NamingHelper.GetUniqueName(keyBase, policyKeyIsUnique, null);
policyKeys.Add(key, key);
AttachItemPolicy(assertions, key, policyWsdl, wsdlFaultBinding);
}
}
}
}
private void ImportMessageScopeProtectionPolicy(MetadataImporter importer, PolicyConversionContext policyContext)
{
MessagePartSpecification specification;
MessagePartSpecification specification2;
bool flag;
ContractProtectionLevel level = null;
bool hasProtectionRequirements = false;
bool hasUniformProtectionLevel = true;
ProtectionLevel none = ProtectionLevel.None;
string key = string.Format("{0}:{1}:{2}", "ContractProtectionLevelKey", policyContext.Contract.Name, policyContext.Contract.Namespace);
if (importer.State.ContainsKey(key))
{
flag = true;
level = (ContractProtectionLevel) importer.State[key];
}
else
{
flag = false;
}
ICollection<XmlElement> bindingAssertions = policyContext.GetBindingAssertions();
this.ImportProtectionAssertions(bindingAssertions, out specification, out specification2);
if (importer.State.ContainsKey("InSecureConversationBootstrapBindingImportMode"))
{
if (specification2 != null)
{
importer.State["SecureConversationBootstrapEncryptionRequirements"] = specification2;
}
if (specification != null)
{
importer.State["SecureConversationBootstrapSignatureRequirements"] = specification;
}
}
foreach (OperationDescription description in policyContext.Contract.Operations)
{
MessagePartSpecification specification3;
MessagePartSpecification specification4;
MessagePartSpecification specification5;
MessagePartSpecification specification6;
ICollection<XmlElement> operationBindingAssertions = policyContext.GetOperationBindingAssertions(description);
this.ImportProtectionAssertions(operationBindingAssertions, out specification3, out specification4);
this.AddParts(ref specification3, specification);
this.AddParts(ref specification4, specification2);
bool flag4 = false;
bool flag5 = true;
ProtectionLevel level3 = ProtectionLevel.None;
foreach (MessageDescription description2 in description.Messages)
{
ICollection<XmlElement> messageBindingAssertions = policyContext.GetMessageBindingAssertions(description2);
this.ImportProtectionAssertions(messageBindingAssertions, out specification5, out specification6);
this.AddParts(ref specification5, specification3);
this.AddParts(ref specification6, specification4);
ProtectionLevel newProtectionLevel = GetProtectionLevel(specification5.IsBodyIncluded, specification6.IsBodyIncluded, description2.Action);
if (OperationFormatter.IsValidReturnValue(description2.Body.ReturnValue))
{
this.ValidateExistingOrSetNewProtectionLevel(description2.Body.ReturnValue, description2, description, policyContext.Contract, newProtectionLevel);
}
foreach (MessagePartDescription description3 in description2.Body.Parts)
{
this.ValidateExistingOrSetNewProtectionLevel(description3, description2, description, policyContext.Contract, newProtectionLevel);
}
if (!OperationFormatter.IsValidReturnValue(description2.Body.ReturnValue) || (description2.Body.Parts.Count == 0))
{
this.ValidateExistingOrSetNewProtectionLevel(null, description2, description, policyContext.Contract, newProtectionLevel);
}
if (flag4)
{
if (level3 != newProtectionLevel)
{
flag5 = false;
}
}
else
{
level3 = newProtectionLevel;
flag4 = true;
}
if (hasProtectionRequirements)
{
if (none != newProtectionLevel)
{
hasUniformProtectionLevel = false;
}
}
else
{
none = newProtectionLevel;
hasProtectionRequirements = true;
}
foreach (MessageHeaderDescription description4 in description2.Headers)
{
bool signed = specification5.IsHeaderIncluded(description4.Name, description4.Namespace);
bool encrypted = specification6.IsHeaderIncluded(description4.Name, description4.Namespace);
newProtectionLevel = GetProtectionLevel(signed, encrypted, description2.Action);
this.ValidateExistingOrSetNewProtectionLevel(description4, description2, description, policyContext.Contract, newProtectionLevel);
if (flag4)
{
if (level3 != newProtectionLevel)
{
flag5 = false;
}
}
else
{
level3 = newProtectionLevel;
flag4 = true;
}
if (hasProtectionRequirements)
{
if (none != newProtectionLevel)
{
hasUniformProtectionLevel = false;
}
}
else
{
none = newProtectionLevel;
hasProtectionRequirements = true;
}
}
}
if (flag4 && flag5)
{
this.ResetProtectionLevelForMessages(description);
description.ProtectionLevel = level3;
}
foreach (FaultDescription description5 in description.Faults)
{
ICollection<XmlElement> faultBindingAssertions = policyContext.GetFaultBindingAssertions(description5);
this.ImportProtectionAssertions(faultBindingAssertions, out specification5, out specification6);
this.AddParts(ref specification5, specification3);
this.AddParts(ref specification6, specification4);
ProtectionLevel level5 = GetProtectionLevel(specification5.IsBodyIncluded, specification6.IsBodyIncluded, description5.Action);
if (description5.HasProtectionLevel)
{
if (description5.ProtectionLevel != level5)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(System.ServiceModel.SR.GetString("CannotImportProtectionLevelForContract", new object[] { policyContext.Contract.Name, policyContext.Contract.Namespace })));
}
}
else
{
description5.ProtectionLevel = level5;
}
if (hasProtectionRequirements)
{
if (none != level5)
{
hasUniformProtectionLevel = false;
}
}
else
{
none = level5;
hasProtectionRequirements = true;
}
}
}
if (flag)
{
if (((hasProtectionRequirements != level.HasProtectionRequirements) || (hasUniformProtectionLevel != level.HasUniformProtectionLevel)) || (none != level.UniformProtectionLevel))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(System.ServiceModel.SR.GetString("CannotImportProtectionLevelForContract", new object[] { policyContext.Contract.Name, policyContext.Contract.Namespace })));
}
}
else
{
if ((hasProtectionRequirements && hasUniformProtectionLevel) && (none == ProtectionLevel.EncryptAndSign))
{
foreach (OperationDescription description6 in policyContext.Contract.Operations)
{
this.ResetProtectionLevelForMessages(description6);
foreach (FaultDescription description7 in description6.Faults)
{
description7.ResetProtectionLevel();
}
description6.ResetProtectionLevel();
}
}
importer.State[key] = new ContractProtectionLevel(hasProtectionRequirements, hasUniformProtectionLevel, none);
}
}
