static IAuthorizationPolicy RetrievePolicyFromBlob(byte[] contextBlob, string id, DateTime expirationTime, IList <Type> knownTypes)
        {
            if (contextBlob == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("contextBlob");
            }

            if (id == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");
            }

            SctClaimDictionary  claimDictionary = SctClaimDictionary.Instance;
            XmlDictionaryReader reader          = XmlDictionaryReader.CreateBinaryReader(contextBlob, 0, contextBlob.Length, claimDictionary, XmlDictionaryReaderQuotas.Max, null, null);
            IList <IIdentity>   identities      = null;
            IList <ClaimSet>    claimSets       = null;
            int versionNumber = -1;

            reader.ReadFullStartElement(claimDictionary.SecurityContextSecurityToken, claimDictionary.EmptyString);

            while (reader.IsStartElement())
            {
                if (reader.IsStartElement(claimDictionary.Version, claimDictionary.EmptyString))
                {
                    versionNumber = reader.ReadElementContentAsInt();

                    if (versionNumber != 1)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR2.GetString(SR2.SerializedAuthorizationContextVersionUnsupported, versionNumber)));
                    }
                }
                else
                {
                    if (reader.IsStartElement(claimDictionary.Identities, claimDictionary.EmptyString))
                    {
                        identities = SctClaimSerializer.DeserializeIdentities(reader, claimDictionary, DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), knownTypes, 0x7fffffff));
                        continue;
                    }
                    if (reader.IsStartElement(claimDictionary.ClaimSets, claimDictionary.EmptyString))
                    {
                        reader.ReadStartElement();
                        DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), knownTypes, 0x7fffffff);
                        DataContractSerializer claimSerializer    = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), knownTypes, 0x7fffffff);
                        claimSets = new List <ClaimSet>(1);

                        while (reader.IsStartElement())
                        {
                            claimSets.Add(SctClaimSerializer.DeserializeClaimSet(reader, claimDictionary, claimSetSerializer, claimSerializer));
                        }

                        reader.ReadEndElement();
                        continue;
                    }
                }
            }
            reader.ReadEndElement();
            return(new SctUnconditionalPolicy(identities, id, claimSets, expirationTime));
        }
        static byte[] CreateSerializableBlob(AuthorizationContext authorizationContext, IList <Type> knownTypes)
        {
            if (authorizationContext == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("authorizationContext");
            }

            MemoryStream        stream          = new MemoryStream();
            XmlDictionaryWriter writer          = XmlDictionaryWriter.CreateBinaryWriter(stream, SctClaimDictionary.Instance, null);
            SctClaimDictionary  claimDictionary = SctClaimDictionary.Instance;


            writer.WriteStartElement(claimDictionary.SecurityContextSecurityToken, claimDictionary.EmptyString);
            writer.WriteStartElement(claimDictionary.Version, claimDictionary.EmptyString);
            writer.WriteValue(1);
            writer.WriteEndElement();

            if ((authorizationContext != null) && (authorizationContext.ClaimSets.Count != 0))
            {
                DataContractSerializer identitySerializer = DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), knownTypes, 0x7fffffff);
                DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), knownTypes, 0x7fffffff);
                DataContractSerializer claimSerializer    = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), knownTypes, 0x7fffffff);
                SctClaimSerializer.SerializeIdentities(authorizationContext, claimDictionary, writer, identitySerializer);

                writer.WriteStartElement(claimDictionary.ClaimSets, claimDictionary.EmptyString);
                for (int i = 0; i < authorizationContext.ClaimSets.Count; i++)
                {
                    SctClaimSerializer.SerializeClaimSet(authorizationContext.ClaimSets[i], claimDictionary, writer, claimSetSerializer, claimSerializer);
                }
                writer.WriteEndElement();
            }

            writer.WriteEndElement();
            writer.Flush();
            return(stream.ToArray());
        }