private static SecurityToken ReadToken(AccessSecurityTokenHandler handler, string tokenString)
{
using (var reader = tokenString.AsXmlReader(true))
{
reader.MoveToContent();
var readToken = handler.ReadToken(reader);
return readToken;
}
}
private static StringBuilder WriteToken(AccessSecurityTokenHandler handler, SecurityToken token)
{
var sb = new StringBuilder();
using (var writer = new XmlTextWriter(new StringWriter(sb)))
{
handler.WriteToken(writer, token);
}
return sb;
}
private static SecurityToken CreateToken(AccessSecurityTokenHandler handler)
{
var descriptor = new SecurityTokenDescriptor
{
AppliesToAddress = "http://tecteacher.thinktecture.com/videos/1",
Lifetime = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(60)),
SigningCredentials = GetSigningCredential(),
TokenType = AccessSecurityToken.TokenTypeIdentifier,
Subject = new ClaimsIdentity(new List<Claim>
{
new Claim(WSIdentityConstants.ClaimTypes.Name, "bob")
})
};
var token = handler.CreateToken(descriptor);
return token;
}
static void Main(string[] args)
{
var handler = new AccessSecurityTokenHandler() { Configuration = new SecurityTokenHandlerConfiguration() };
ConfigureHandler(handler.Configuration);
var token = CreateToken(handler);
var tokenString = WriteToken(handler, token);
Console.WriteLine(tokenString.ToString());
Console.WriteLine("\nFull Length : {0}", tokenString.Length);
Console.WriteLine("Compressed Length: {0}\n", Compress(tokenString.ToString()).Length);
var readToken = ReadToken(handler, tokenString.ToString());
var identities = handler.ValidateToken(readToken);
ClaimsViewer.ShowConsole(new ClaimsPrincipal(identities));
TestHandlerCollection(tokenString);
TestMalformedTokens();
TestCompressedToken(token);
}
private static void TestMalformedTokens()
{
var expiredToken = File.ReadAllText("ExpiredToken.xml");
var tamperedToken = File.ReadAllText("TamperedToken.xml");
var handler = new AccessSecurityTokenHandler() { Configuration = new SecurityTokenHandlerConfiguration() };
ConfigureHandler(handler.Configuration);
try
{
using (var reader = expiredToken.AsXmlReader(true))
{
Console.WriteLine("\nReading expired token");
var readToken = handler.ReadToken(reader);
handler.ValidateToken(readToken);
}
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
try
{
using (var reader = tamperedToken.AsXmlReader(true))
{
Console.WriteLine("\nReading tampered token");
var readToken = handler.ReadToken(reader);
handler.ValidateToken(readToken);
}
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
}
