public override T GetProperty <T>(BindingContext context)
{
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(context));
}
if (typeof(T) == typeof(ITransportServiceBuilder))
{
return((T)(object)new HttpTransportServiceBuilder());
}
//else if (typeof(T) == typeof(ISecurityCapabilities))
//{
// AuthenticationSchemes effectiveAuthenticationSchemes = HttpTransportBindingElement.GetEffectiveAuthenticationSchemes(this.AuthenticationScheme,
// context.BindingParameters);
// return (T)(object)new SecurityCapabilities(this.GetSupportsClientAuthenticationImpl(effectiveAuthenticationSchemes),
// effectiveAuthenticationSchemes == AuthenticationSchemes.Negotiate,
// this.GetSupportsClientWindowsIdentityImpl(effectiveAuthenticationSchemes),
// ProtectionLevel.None,
// ProtectionLevel.None);
//}
//else if (typeof(T) == typeof(IBindingDeliveryCapabilities))
//{
// return (T)(object)new BindingDeliveryCapabilitiesHelper();
//}
else if (typeof(T) == typeof(TransferMode))
{
return((T)(object)TransferMode);
}
//else if (typeof(T) == typeof(ExtendedProtectionPolicy))
//{
// return (T)(object)this.ExtendedProtectionPolicy;
//}
//else if (typeof(T) == typeof(IAnonymousUriPrefixMatcher))
//{
// if (_anonymousUriPrefixMatcher == null)
// {
// _anonymousUriPrefixMatcher = new HttpAnonymousUriPrefixMatcher();
// }
// return (T)(object)_anonymousUriPrefixMatcher;
//}
else if (typeof(T).FullName.Equals("CoreWCF.Channels.ITransportCompressionSupport"))
{
IApplicationBuilder app = context.BindingParameters.Find <IApplicationBuilder>();
if (app == null)
{
return(base.GetProperty <T>(context));
}
object tcs = app.ApplicationServices.GetService(typeof(T).Assembly.GetType("CoreWCF.Channels.TransportCompressionSupportHelper"));
return((T)tcs);
}
else
{
if (context.BindingParameters.Find <MessageEncodingBindingElement>() == null)
{
context.BindingParameters.Add(new TextMessageEncodingBindingElement());
}
return(base.GetProperty <T>(context));
}
}
public override StreamUpgradeProvider BuildServerStreamUpgradeProvider(BindingContext context)
{
return(new WindowsStreamSecurityUpgradeProvider(this, context, false));
}
internal override SecurityProtocolFactory CreateSecurityProtocolFactory <TChannel>(BindingContext context, SecurityCredentialsManager credentialsManager, bool isForService, BindingContext issuerBindingContext)
{
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(context));
}
if (credentialsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(credentialsManager));
}
TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory();
// if (isForService)
// base.ApplyAuditBehaviorSettings(context, protocolFactory);
ConfigureProtocolFactory(protocolFactory, credentialsManager, isForService, issuerBindingContext, context.Binding);
protocolFactory.DetectReplays = false;
return(protocolFactory);
}
protected override IServiceDispatcher BuildServiceDispatcherCore <TChannel>(BindingContext context, IServiceDispatcher serviceDispatcher)
{
SecurityServiceDispatcher securityServiceDispatcher = new SecurityServiceDispatcher(context, serviceDispatcher);
SecurityCredentialsManager credentialsManager = serviceDispatcher.Host.Description.Behaviors.Find <SecurityCredentialsManager>();
if (credentialsManager == null)
{
credentialsManager = ServiceCredentials.CreateDefaultCredentials();
}
SecureConversationSecurityTokenParameters scParameters;
if (EndpointSupportingTokenParameters.Endorsing.Count > 0)
{
scParameters = EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters;
}
else
{
scParameters = null;
}
bool requireDemuxer = RequiresChannelDemuxer();
ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer);
if (requireDemuxer)
{
ApplyPropertiesOnDemuxer(channelBuilder, context);
}
BindingContext issuerBindingContext = context.Clone();
issuerBindingContext.BindingParameters.Add(credentialsManager);
if (scParameters != null)
{
if (scParameters.BootstrapSecurityBindingElement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.Format(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding)));
}
if (scParameters.RequireCancellation)
{
SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory
{
// base.ApplyAuditBehaviorSettings(context, sessionFactory);
SecurityTokenParameters = scParameters.Clone()
};
((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
ConfigureProtocolFactory(sessionFactory, credentialsManager, true, issuerBindingContext, context.Binding);
}
finally
{
EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters);
}
securityServiceDispatcher.SessionMode = true;
securityServiceDispatcher.SessionServerSettings.InactivityTimeout = LocalServiceSettings.InactivityTimeout;
securityServiceDispatcher.SessionServerSettings.KeyRolloverInterval = LocalServiceSettings.SessionKeyRolloverInterval;
securityServiceDispatcher.SessionServerSettings.MaximumPendingSessions = LocalServiceSettings.MaxPendingSessions;
securityServiceDispatcher.SessionServerSettings.MaximumKeyRenewalInterval = LocalServiceSettings.SessionKeyRenewalInterval;
securityServiceDispatcher.SessionServerSettings.TolerateTransportFailures = LocalServiceSettings.ReconnectTransportOnFailure;
securityServiceDispatcher.SessionServerSettings.CanRenewSession = scParameters.CanRenewSession;
securityServiceDispatcher.SessionServerSettings.IssuedSecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)securityServiceDispatcher.SessionServerSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
securityServiceDispatcher.SessionServerSettings.SecurityStandardsManager = sessionFactory.StandardsManager;
securityServiceDispatcher.SessionServerSettings.SessionProtocolFactory = sessionFactory;
securityServiceDispatcher.SecurityProtocolFactory = sessionFactory;
// pass in the error handler for handling unknown security sessions - dont do this if the underlying channel is duplex since sending
// back faults in response to badly secured requests over duplex can result in DoS.
//if (context.BindingParameters != null && context.BindingParameters.Find<IChannelDemuxFailureHandler>() == null
// && !IsUnderlyingListenerDuplex<TChannel>(context))
//{
// context.BindingParameters.Add(new SecuritySessionServerSettings.SecuritySessionDemuxFailureHandler(sessionFactory.StandardsManager));
//}
}
else
{
//TODO later
TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory();
// base.ApplyAuditBehaviorSettings(context, protocolFactory);
EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
ConfigureProtocolFactory(protocolFactory, credentialsManager, true, issuerBindingContext, context.Binding);
SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters)scParameters.Clone();
acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext;
protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters);
}
finally
{
EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters);
}
securityServiceDispatcher.SecurityProtocolFactory = protocolFactory;
}
}
else
{
SecurityProtocolFactory protocolFactory = CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, true, issuerBindingContext);
securityServiceDispatcher.SecurityProtocolFactory = protocolFactory;
}
securityServiceDispatcher.InitializeSecurityDispatcher(channelBuilder, typeof(TChannel));
//return channelListener;
channelBuilder.BuildServiceDispatcher <TChannel>(context, securityServiceDispatcher);
return(securityServiceDispatcher);
}
internal IServiceDispatcher CreateServiceDispatcher <TChannel>(IServiceDispatcher innerDispatcher, BindingContext context)
{
return(GetTypedServiceDispatcher <TChannel>(context).AddDispatcher(innerDispatcher, new ChannelDemuxerFilter(new MatchAllMessageFilter(), 0)));
}
internal void RemoveServiceDispatcher <TChannel>(MessageFilter filter, BindingContext context)
{
GetTypedServiceDispatcher <TChannel>(context).RemoveDispatcher(filter);
}
internal IServiceDispatcher CreateServiceDispatcher <TChannel>(IServiceDispatcher innerDispatcher, ChannelDemuxerFilter filter, BindingContext context)
{
return(GetTypedServiceDispatcher <TChannel>(context).AddDispatcher(innerDispatcher, filter));
}
internal void ConfigureProtocolFactory(SecurityProtocolFactory factory, SecurityCredentialsManager credentialsManager, bool isForService, BindingContext issuerBindingContext, Binding binding)
{
if (factory == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(factory)));
}
if (credentialsManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException(nameof(credentialsManager)));
}
factory.AddTimestamp = IncludeTimestamp;
factory.IncomingAlgorithmSuite = DefaultAlgorithmSuite;
factory.OutgoingAlgorithmSuite = DefaultAlgorithmSuite;
factory.SecurityHeaderLayout = SecurityHeaderLayout;
factory.TimestampValidityDuration = LocalServiceSettings.TimestampValidityDuration;
factory.DetectReplays = LocalServiceSettings.DetectReplays;
factory.MaxCachedNonces = LocalServiceSettings.ReplayCacheSize;
factory.MaxClockSkew = LocalServiceSettings.MaxClockSkew;
factory.ReplayWindow = LocalServiceSettings.ReplayWindow;
if (LocalServiceSettings.DetectReplays)
{
factory.NonceCache = LocalServiceSettings.NonceCache;
}
factory.SecurityBindingElement = (SecurityBindingElement)Clone();
factory.SecurityBindingElement.SetIssuerBindingContextIfRequired(issuerBindingContext);
factory.SecurityTokenManager = credentialsManager.CreateSecurityTokenManager();
SecurityTokenSerializer tokenSerializer = factory.SecurityTokenManager.CreateSecurityTokenSerializer(_messageSecurityVersion.SecurityTokenVersion);
factory.StandardsManager = new SecurityStandardsManager(_messageSecurityVersion, tokenSerializer);
}
private static void SetIssuerBindingContextIfRequired(SupportingTokenParameters supportingParameters, BindingContext issuerBindingContext)
{
for (int i = 0; i < supportingParameters.Endorsing.Count; ++i)
{
SetIssuerBindingContextIfRequired(supportingParameters.Endorsing[i], issuerBindingContext);
}
for (int i = 0; i < supportingParameters.SignedEndorsing.Count; ++i)
{
SetIssuerBindingContextIfRequired(supportingParameters.SignedEndorsing[i], issuerBindingContext);
}
for (int i = 0; i < supportingParameters.Signed.Count; ++i)
{
SetIssuerBindingContextIfRequired(supportingParameters.Signed[i], issuerBindingContext);
}
for (int i = 0; i < supportingParameters.SignedEncrypted.Count; ++i)
{
SetIssuerBindingContextIfRequired(supportingParameters.SignedEncrypted[i], issuerBindingContext);
}
}
// since the OnOuterListenerOpen method will be called for every outer listener and we will open
// the inner listener only once, we need to ensure that all the outer listeners wait till the
// inner listener is opened.
public DatagramChannelDemuxer(BindingContext context)
{
_filterTable = new MessageFilterTable <IServiceDispatcher>();
DemuxFailureHandler = context.BindingParameters?.Find <IChannelDemuxFailureHandler>();
}
protected static void SetIssuerBindingContextIfRequired(SecurityTokenParameters parameters, BindingContext issuerBindingContext)
{
if (parameters is SslSecurityTokenParameters)
{
throw new NotImplementedException();
//((SslSecurityTokenParameters)parameters).IssuerBindingContext = CreateIssuerBindingContextForNegotiation(issuerBindingContext);
}
else if (parameters is SspiSecurityTokenParameters)
{
throw new NotImplementedException();
// ((SspiSecurityTokenParameters)parameters).IssuerBindingContext = CreateIssuerBindingContextForNegotiation(issuerBindingContext);
}
}
protected abstract IServiceDispatcher BuildServiceDispatcherCore <TChannel>(BindingContext context, IServiceDispatcher serviceDispatcher)
where TChannel : class, IChannel;
internal abstract SecurityProtocolFactory CreateSecurityProtocolFactory <TChannel>(BindingContext context, SecurityCredentialsManager credentialsManager,
bool isForService, BindingContext issuanceBindingContext);
public abstract T GetProperty <T>(BindingContext context) where T : class;
public ReplyChannelDemuxer(BindingContext context) : base(context)
{
}
public override IServiceDispatcher BuildServiceDispatcher <TChannel>(BindingContext context, IServiceDispatcher innerDispatcher)
{
return(innerDispatcher);
}
internal bool IsUnderlyingDispatcherDuplex <TChannel>(BindingContext context)
{
return((typeof(TChannel) == typeof(IDuplexSessionChannel)) && context.CanBuildNextServiceDispatcher <IDuplexChannel>() &&
!context.CanBuildNextServiceDispatcher <IDuplexSessionChannel>());
}
