/// <summary>
/// Checks the expiration.
/// </summary>
/// <param name="accToken">The acc token.</param>
private void CheckExpiration(AccessSecurityToken accToken)
{
Contract.Requires(accToken != null);
//Contract.Requires(accToken.ValidTo != null);
if (accToken.ValidTo < DateTime.UtcNow)
{
throw new SecurityTokenValidationException("Token has expired");
}
}
/// <summary>
/// Creates the token.
/// </summary>
/// <param name="tokenDescriptor">The token descriptor.</param>
/// <returns></returns>
public override SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor)
{
if (tokenDescriptor == null)
{
throw new ArgumentNullException("tokenDescriptor");
}
//Contract.Ensures(Contract.Result<SecurityToken>() != null);
//Contract.EndContractBlock();
AccessSecurityToken token = new AccessSecurityToken(
tokenDescriptor.Subject.Name,
tokenDescriptor.AppliesToAddress,
tokenDescriptor.Lifetime,
((X509SigningCredentials)tokenDescriptor.SigningCredentials).Certificate);
return(token);
}
/// <summary>
/// Creates the claims.
/// </summary>
/// <param name="token">The token.</param>
/// <param name="issuer">The issuer.</param>
/// <returns></returns>
protected virtual ClaimsIdentityCollection CreateClaims(AccessSecurityToken token, string issuer)
{
Contract.Requires(token != null);
Contract.Requires(!String.IsNullOrEmpty(token.SubjectName));
Contract.Requires(!String.IsNullOrEmpty(token.Resource));
//Contract.Requires(token.ValidTo != null);
Contract.Ensures(Contract.Result <ClaimsIdentityCollection>() != null);
var claims = new List <Claim>
{
new Claim(WSIdentityConstants.ClaimTypes.Name, token.SubjectName, ClaimValueTypes.String, issuer),
new Claim(WSIdentityConstants.ClaimTypes.Uri, token.Resource, ClaimValueTypes.String, issuer),
new Claim("http://www.thinktecture.com/claims/expires", XmlConvert.ToString(token.ValidTo, DateTimeFormats.Generated), ClaimValueTypes.Datetime, issuer)
};
return(new ClaimsIdentityCollection(new List <IClaimsIdentity> {
new ClaimsIdentity(claims)
}));
}
/// <summary>
/// Creates the claims.
/// </summary>
/// <param name="token">The token.</param>
/// <param name="issuer">The issuer.</param>
/// <returns></returns>
protected virtual ClaimsIdentityCollection CreateClaims(AccessSecurityToken token, string issuer)
{
Contract.Requires(token != null);
Contract.Requires(!String.IsNullOrEmpty(token.SubjectName));
Contract.Requires(!String.IsNullOrEmpty(token.Resource));
//Contract.Requires(token.ValidTo != null);
Contract.Ensures(Contract.Result<ClaimsIdentityCollection>() != null);
var claims = new List<Claim>
{
new Claim(WSIdentityConstants.ClaimTypes.Name, token.SubjectName, ClaimValueTypes.String, issuer),
new Claim(WSIdentityConstants.ClaimTypes.Uri, token.Resource, ClaimValueTypes.String, issuer),
new Claim("http://www.thinktecture.com/claims/expires", XmlConvert.ToString(token.ValidTo, DateTimeFormats.Generated), ClaimValueTypes.Datetime, issuer)
};
return new ClaimsIdentityCollection(new List<IClaimsIdentity> { new ClaimsIdentity(claims) });
}
/// <summary>
/// Checks the expiration.
/// </summary>
/// <param name="accToken">The acc token.</param>
private void CheckExpiration(AccessSecurityToken accToken)
{
Contract.Requires(accToken != null);
//Contract.Requires(accToken.ValidTo != null);
if (accToken.ValidTo < DateTime.UtcNow)
{
throw new SecurityTokenValidationException("Token has expired");
}
}
/// <summary>
/// Creates the token.
/// </summary>
/// <param name="tokenDescriptor">The token descriptor.</param>
/// <returns></returns>
public override SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor)
{
if (tokenDescriptor == null)
{
throw new ArgumentNullException("tokenDescriptor");
}
//Contract.Ensures(Contract.Result<SecurityToken>() != null);
//Contract.EndContractBlock();
AccessSecurityToken token = new AccessSecurityToken(
tokenDescriptor.Subject.Name,
tokenDescriptor.AppliesToAddress,
tokenDescriptor.Lifetime,
((X509SigningCredentials)tokenDescriptor.SigningCredentials).Certificate);
return token;
}
