public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (reader.IsStartElement(samlDictionary.Action, samlDictionary.Namespace))
{
this.ns = reader.GetAttribute(samlDictionary.ActionNamespaceAttribute, null);
reader.MoveToContent();
this.action = reader.ReadString();
if (string.IsNullOrEmpty(this.action))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLActionNameRequiredOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
}
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.Action, dictionary.Namespace);
if (this.ns != null)
{
writer.WriteStartAttribute(dictionary.ActionNamespaceAttribute, null);
writer.WriteString(this.ns);
writer.WriteEndAttribute();
}
writer.WriteString(this.action);
writer.WriteEndElement();
}
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.Evidence.Value, dictionary.Namespace.Value);
for (int i = 0; i < this.assertionIdReferences.Count; i++)
{
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AssertionIdReference, dictionary.Namespace);
writer.WriteString(this.assertionIdReferences[i]);
writer.WriteEndElement();
}
for (int i = 0; i < this.assertions.Count; i++)
{
this.assertions[i].WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
this.CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.AuthorizationDecisionStatement, samlDictionary.Namespace);
writer.WriteStartAttribute(samlDictionary.Decision, null);
writer.WriteString(this.accessDecision.ToString());
writer.WriteEndAttribute();
writer.WriteStartAttribute(samlDictionary.Resource, null);
writer.WriteString(this.resource);
writer.WriteEndAttribute();
base.SamlSubject.WriteXml(writer, samlSerializer, keyInfoSerializer);
foreach (SamlAction action in this.actions)
{
action.WriteXml(writer, samlSerializer, keyInfoSerializer);
}
if (this.evidence != null)
{
this.evidence.WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (!reader.IsStartElement(samlDictionary.DoNotCacheCondition, samlDictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.DoNotCacheCondition.Value })));
}
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
}
else
{
reader.MoveToContent();
reader.Read();
reader.ReadEndElement();
}
}
public virtual void WriteXml(
XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw new ArgumentNullException("writer");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
if (AuthorityKind == null)
{
throw new SecurityTokenException("AuthorityKind must be set to SAML AuthorityBinding before being written.");
}
if (Binding == null)
{
throw new SecurityTokenException("non-zero length Binding must be set to SAML AuthorityBinding before being written.");
}
if (Location == null)
{
throw new SecurityTokenException("non-zero length Location must be set to SAML AuthorityBinding before being written.");
}
writer.WriteStartElement("saml", "AuthorityBinding", SamlConstants.Namespace);
writer.WriteXmlnsAttribute(String.Empty, AuthorityKind.Namespace);
writer.WriteAttributeString("AuthorityKind", AuthorityKind.Name);
writer.WriteAttributeString("Location", Location);
writer.WriteAttributeString("Binding", Binding);
writer.WriteEndElement();
}
public virtual void WriteXml(XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw new ArgumentNullException("writer");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
writer.WriteStartElement("saml", "Conditions", SamlConstants.Namespace);
CultureInfo invariant = CultureInfo.InvariantCulture;
if (has_not_before)
{
writer.WriteAttributeString("NotBefore", NotBefore.ToString(SamlConstants.DateFormat, invariant));
}
if (has_not_on_after)
{
writer.WriteAttributeString("NotOnOrAfter", NotOnOrAfter.ToString(SamlConstants.DateFormat, invariant));
}
foreach (SamlCondition cond in Conditions)
{
cond.WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (!reader.IsStartElement(samlDictionary.DoNotCacheCondition, samlDictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.DoNotCacheCondition.Value })));
}
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
}
else
{
reader.MoveToContent();
reader.Read();
reader.ReadEndElement();
}
}
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Conditions, samlDictionary.Namespace);
if (this.notBefore != System.IdentityModel.SecurityUtils.MinUtcDateTime)
{
writer.WriteStartAttribute(samlDictionary.NotBefore, null);
writer.WriteString(this.notBefore.ToString("yyyy-MM-ddTHH:mm:ss.fffZ", DateTimeFormatInfo.InvariantInfo));
writer.WriteEndAttribute();
}
if (this.notOnOrAfter != System.IdentityModel.SecurityUtils.MaxUtcDateTime)
{
writer.WriteStartAttribute(samlDictionary.NotOnOrAfter, null);
writer.WriteString(this.notOnOrAfter.ToString("yyyy-MM-ddTHH:mm:ss.fffZ", DateTimeFormatInfo.InvariantInfo));
writer.WriteEndAttribute();
}
for (int i = 0; i < this.conditions.Count; i++)
{
this.conditions[i].WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AudienceRestrictionCondition, dictionary.Namespace);
for (int i = 0; i < this.audiences.Count; i++)
{
writer.WriteElementString(dictionary.Audience, dictionary.Namespace, this.audiences[i].AbsoluteUri);
}
writer.WriteEndElement();
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (!reader.IsStartElement(dictionary.DoNotCacheCondition, dictionary.Namespace))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.DoNotCacheCondition.Value)));
// saml:DoNotCacheCondition is a empty element. So just issue a read for
// the empty element.
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
return;
}
reader.MoveToContent();
reader.Read();
reader.ReadEndElement();
}
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
this.CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Attribute, samlDictionary.Namespace);
writer.WriteStartAttribute(samlDictionary.AttributeName, null);
writer.WriteString(this.name);
writer.WriteEndAttribute();
writer.WriteStartAttribute(samlDictionary.AttributeNamespace, null);
writer.WriteString(this.nameSpace);
writer.WriteEndAttribute();
for (int i = 0; i < this.attributeValues.Count; i++)
{
if (this.attributeValues[i] == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAttributeValueCannotBeNull"));
}
writer.WriteElementString(samlDictionary.PreferredPrefix.Value, samlDictionary.AttributeValue, samlDictionary.Namespace, this.attributeValues[i]);
}
writer.WriteEndElement();
}
public virtual void WriteXml(XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw new ArgumentNullException("writer");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
if (Action == null)
{
throw new SecurityTokenException("non-zero length string must be set for SAML Action before being written.");
}
writer.WriteStartElement("saml", "Action", SamlConstants.Namespace);
if (Namespace != null)
{
writer.WriteAttributeString("Namespace", Namespace);
}
writer.WriteString(Action);
writer.WriteEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer,
SecurityTokenResolver outOfBandTokenResolver)
{
throw new NotImplementedException();
}
protected void ReadSignature(XmlDictionaryReader reader,
SecurityTokenSerializer keyInfoTokenSerializer,
SecurityTokenResolver outOfBandTokenResolver,
SamlSerializer samlSerializer)
{
throw new NotImplementedException();
}
public virtual void WriteXml(XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw new ArgumentNullException("writer");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
if (references.Count == 0 && assertions.Count == 0)
{
throw new SecurityTokenException("At least either one of AssertionIDReference or Assertion must exist in SAML Evidence.");
}
writer.WriteStartElement("saml", "Evidence", SamlConstants.Namespace);
foreach (string s in references)
{
writer.WriteElementString("saml", "AssertionIDReference", SamlConstants.Namespace, s);
}
foreach (SamlAssertion a in assertions)
{
a.WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Advice, samlDictionary.Namespace);
for (int i = 0; i < this.assertionIdReferences.Count; i++)
{
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.AssertionIdReference, samlDictionary.Namespace);
writer.WriteString(this.assertionIdReferences[i]);
writer.WriteEndElement();
}
for (int j = 0; j < this.assertions.Count; j++)
{
this.assertions[j].WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
public override void WriteXml(
XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw new ArgumentNullException("writer");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
if (Audiences.Count == 0)
{
throw new SecurityTokenException("SAML AudienceRestrictionCondition must contain at least one Audience.");
}
writer.WriteStartElement("saml", "AudienceRestrictionCondition", SamlConstants.Namespace);
foreach (Uri a in Audiences)
{
writer.WriteElementString("saml", "Audience", SamlConstants.Namespace, a.AbsoluteUri);
}
writer.WriteEndElement();
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (!reader.IsStartElement(dictionary.DoNotCacheCondition, dictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.DoNotCacheCondition.Value)));
}
// saml:DoNotCacheCondition is a empty element. So just issue a read for
// the empty element.
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
return;
}
reader.MoveToContent();
reader.Read();
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (reader.IsStartElement(dictionary.Action, dictionary.Namespace))
{
// The Namespace attribute is optional.
this.ns = reader.GetAttribute(dictionary.ActionNamespaceAttribute, null);
reader.MoveToContent();
this.action = reader.ReadString();
if (string.IsNullOrEmpty(this.action))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLActionNameRequiredOnRead)));
}
reader.MoveToContent();
reader.ReadEndElement();
}
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
string str2;
string str3;
if (reader == null)
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
string attribute = reader.GetAttribute(samlDictionary.AuthorityKind, null);
if (string.IsNullOrEmpty(attribute))
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingAuthorityKindOnRead")));
}
string[] strArray = attribute.Split(new char[] { ':' });
if (strArray.Length > 2)
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingInvalidAuthorityKind")));
}
if (strArray.Length == 2)
{
str3 = strArray[0];
str2 = strArray[1];
}
else
{
str3 = string.Empty;
str2 = strArray[0];
}
string ns = reader.LookupNamespace(str3);
this.authorityKind = new XmlQualifiedName(str2, ns);
this.binding = reader.GetAttribute(samlDictionary.Binding, null);
if (string.IsNullOrEmpty(this.binding))
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingBindingOnRead")));
}
this.location = reader.GetAttribute(samlDictionary.Location, null);
if (string.IsNullOrEmpty(this.location))
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingLocationOnRead")));
}
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
}
else
{
reader.MoveToContent();
reader.Read();
reader.ReadEndElement();
}
}
public virtual void WriteXml(XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoTokenSerializer)
{
if (writer == null)
{
throw new ArgumentNullException("writer");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
if (Name == null || Name.Length == 0)
{
throw new SecurityTokenException("non-zero length string must be set to Name of SAML Subject before being written.");
}
writer.WriteStartElement("saml", "Subject", SamlConstants.Namespace);
writer.WriteStartElement("saml", "NameIdentifier", SamlConstants.Namespace);
writer.WriteAttributeString("Format", NameFormat);
writer.WriteAttributeString("NameQualifier", NameQualifier);
writer.WriteString(Name);
writer.WriteEndElement();
writer.WriteEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (reader.IsStartElement(dictionary.Action, dictionary.Namespace))
{
// The Namespace attribute is optional.
this.ns = reader.GetAttribute(dictionary.ActionNamespaceAttribute, null);
reader.MoveToContent();
this.action = reader.ReadString();
if (string.IsNullOrEmpty(this.action))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLActionNameRequiredOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
}
public virtual void ReadXml(XmlDictionaryReader reader,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoTokenSerializer,
SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw new ArgumentNullException("reader");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
reader.ReadStartElement("Subject", SamlConstants.Namespace);
NameFormat = reader.GetAttribute("Format");
NameQualifier = reader.GetAttribute("NameQualifier");
Name = reader.ReadElementContentAsString("NameIdentifier", SamlConstants.Namespace);
reader.ReadEndElement();
if (Name == null || Name.Length == 0)
{
throw new SecurityTokenException("non-zero length string must be exist for Name.");
}
}
internal void WriteTo(XmlWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
}
if ((this.signingCredentials == null) && (this.signature == null))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.IdentityModel.SR.GetString("SamlAssertionMissingSigningCredentials")));
}
XmlDictionaryWriter innerWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer);
if (this.signingCredentials != null)
{
using (HashAlgorithm algorithm = CryptoHelper.CreateHashAlgorithm(this.signingCredentials.DigestAlgorithm))
{
this.hashStream = new HashStream(algorithm);
this.keyInfoSerializer = keyInfoSerializer;
this.dictionaryManager = samlSerializer.DictionaryManager;
SamlDelegatingWriter writer3 = new SamlDelegatingWriter(innerWriter, this.hashStream, this, samlSerializer.DictionaryManager.ParentDictionary);
this.WriteXml(writer3, samlSerializer, keyInfoSerializer);
return;
}
}
this.tokenStream.SetElementExclusion(null, null);
this.tokenStream.WriteTo(innerWriter, samlSerializer.DictionaryManager);
}
public WSSecurityTokenSerializer (
SecurityVersion securityVersion,
bool emitBspRequiredAttributes,
SamlSerializer samlSerializer)
: this (securityVersion, emitBspRequiredAttributes,
samlSerializer, null, null)
{
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace))
{
SamlSubject subject = new SamlSubject();
subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
base.SamlSubject = subject;
}
else
{
// SAML Subject is a required Attribute Statement clause.
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingSubjectOnRead)));
}
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Attribute, dictionary.Namespace))
{
// SAML Attribute is a extensibility point. So ask the SAML serializer
// to load this part.
SamlAttribute attribute = samlSerializer.LoadAttribute(reader, keyInfoSerializer, outOfBandTokenResolver);
if (attribute == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAttribute)));
}
this.attributes.Add(attribute);
}
else
{
break;
}
}
if (this.attributes.Count == 0)
{
// Each Attribute statement should have at least one attribute.
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingAttributeOnRead)));
}
reader.MoveToContent();
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
string str2;
string str3;
if (reader == null)
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
string attribute = reader.GetAttribute(samlDictionary.AuthorityKind, null);
if (string.IsNullOrEmpty(attribute))
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingAuthorityKindOnRead")));
}
string[] strArray = attribute.Split(new char[] { ':' });
if (strArray.Length > 2)
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingInvalidAuthorityKind")));
}
if (strArray.Length == 2)
{
str3 = strArray[0];
str2 = strArray[1];
}
else
{
str3 = string.Empty;
str2 = strArray[0];
}
string ns = reader.LookupNamespace(str3);
this.authorityKind = new XmlQualifiedName(str2, ns);
this.binding = reader.GetAttribute(samlDictionary.Binding, null);
if (string.IsNullOrEmpty(this.binding))
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingBindingOnRead")));
}
this.location = reader.GetAttribute(samlDictionary.Location, null);
if (string.IsNullOrEmpty(this.location))
{
throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingLocationOnRead")));
}
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
}
else
{
reader.MoveToContent();
reader.Read();
reader.ReadEndElement();
}
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
string authKind = reader.GetAttribute(dictionary.AuthorityKind, null);
if (string.IsNullOrEmpty(authKind))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorityBindingMissingAuthorityKindOnRead)));
string[] authKindParts = authKind.Split(':');
if (authKindParts.Length > 2)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorityBindingInvalidAuthorityKind)));
string localName;
string prefix;
string nameSpace;
if (authKindParts.Length == 2)
{
prefix = authKindParts[0];
localName = authKindParts[1];
}
else
{
prefix = String.Empty;
localName = authKindParts[0];
}
nameSpace = reader.LookupNamespace(prefix);
this.authorityKind = new XmlQualifiedName(localName, nameSpace);
this.binding = reader.GetAttribute(dictionary.Binding, null);
if (string.IsNullOrEmpty(this.binding))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorityBindingMissingBindingOnRead)));
this.location = reader.GetAttribute(dictionary.Location, null);
if (string.IsNullOrEmpty(this.location))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorityBindingMissingLocationOnRead)));
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
}
else
{
reader.MoveToContent();
reader.Read();
reader.ReadEndElement();
}
}
public virtual void WriteXml(XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoTokenSerializer)
{
if (writer == null)
{
throw new ArgumentNullException("writer");
}
if (Issuer == null || Issuer.Length == 0)
{
throw new SecurityTokenException("Issuer must not be null or empty.");
}
if (Statements.Count == 0)
{
throw new SecurityTokenException("At least one assertion statement is required.");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
CultureInfo invariant = CultureInfo.InvariantCulture;
writer.WriteStartElement("saml", "Assertion", SamlConstants.Namespace);
writer.WriteAttributeString("MajorVersion", MajorVersion.ToString(invariant));
writer.WriteAttributeString("MinorVersion", MinorVersion.ToString(invariant));
writer.WriteAttributeString("AssertionID", AssertionId);
writer.WriteAttributeString("Issuer", Issuer);
writer.WriteAttributeString("IssueInstant", IssueInstant.ToString(SamlConstants.DateFormat, invariant));
try
{
if (Conditions != null)
{
Conditions.WriteXml(writer, samlSerializer, keyInfoTokenSerializer);
}
if (Advice != null)
{
Advice.WriteXml(writer, samlSerializer, keyInfoTokenSerializer);
}
foreach (SamlStatement statement in Statements)
{
statement.WriteXml(writer, samlSerializer, keyInfoTokenSerializer);
}
}
catch (NotImplementedException)
{
throw;
}
catch (Exception ex) // bad catch, eh?
{
throw new InvalidOperationException("There is an error on writing assertion statements.", ex);
}
writer.WriteEndElement();
}
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AuthenticationStatement, dictionary.Namespace);
writer.WriteStartAttribute(dictionary.AuthenticationMethod, null);
writer.WriteString(this.authenticationMethod);
writer.WriteEndAttribute();
writer.WriteStartAttribute(dictionary.AuthenticationInstant, null);
writer.WriteString(this.authenticationInstant.ToString(SamlConstants.GeneratedDateTimeFormat, CultureInfo.InvariantCulture));
writer.WriteEndAttribute();
this.SamlSubject.WriteXml(writer, samlSerializer, keyInfoSerializer);
if ((this.ipAddress != null) || (this.dnsAddress != null))
{
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.SubjectLocality, dictionary.Namespace);
if (this.ipAddress != null)
{
writer.WriteStartAttribute(dictionary.SubjectLocalityIPAddress, null);
writer.WriteString(this.ipAddress);
writer.WriteEndAttribute();
}
if (this.dnsAddress != null)
{
writer.WriteStartAttribute(dictionary.SubjectLocalityDNSAddress, null);
writer.WriteString(this.dnsAddress);
writer.WriteEndAttribute();
}
writer.WriteEndElement();
}
for (int i = 0; i < this.authorityBindings.Count; i++)
{
this.authorityBindings[i].WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
protected void ReadSignature(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver, SamlSerializer samlSerializer)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer");
}
if (this.signature != null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SAMLSignatureAlreadyRead)));
}
// If the reader cannot canonicalize then buffer the signature element to a canonicalizing reader.
XmlDictionaryReader effectiveReader = reader;
if (!effectiveReader.CanCanonicalize)
{
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateBinaryWriter(stream, samlSerializer.DictionaryManager.ParentDictionary);
writer.WriteNode(effectiveReader, false);
writer.Flush();
stream.Position = 0;
effectiveReader = XmlDictionaryReader.CreateBinaryReader(stream.GetBuffer(), 0, (int)stream.Length, samlSerializer.DictionaryManager.ParentDictionary, reader.Quotas);
effectiveReader.MoveToContent();
writer.Close();
}
SignedXml signedXml = new SignedXml(new StandardSignedInfo(samlSerializer.DictionaryManager), samlSerializer.DictionaryManager, keyInfoSerializer);
signedXml.TransformFactory = ExtendedTransformFactory.Instance;
signedXml.ReadFrom(effectiveReader);
SecurityKeyIdentifier securityKeyIdentifier = signedXml.Signature.KeyIdentifier;
this.verificationKey = SamlSerializer.ResolveSecurityKey(securityKeyIdentifier, outOfBandTokenResolver);
if (this.verificationKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToResolveSignatureKey, this.issuer)));
}
this.signature = signedXml;
this.signingToken = SamlSerializer.ResolveSecurityToken(securityKeyIdentifier, outOfBandTokenResolver);
if (this.signingToken == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SamlSigningTokenNotFound)));
}
if (!ReferenceEquals(reader, effectiveReader))
{
effectiveReader.Close();
}
}
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
this.CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
try
{
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Assertion, samlDictionary.Namespace);
writer.WriteStartAttribute(samlDictionary.MajorVersion, null);
writer.WriteValue(SamlConstants.MajorVersionValue);
writer.WriteEndAttribute();
writer.WriteStartAttribute(samlDictionary.MinorVersion, null);
writer.WriteValue(SamlConstants.MinorVersionValue);
writer.WriteEndAttribute();
writer.WriteStartAttribute(samlDictionary.AssertionId, null);
writer.WriteString(this.assertionId);
writer.WriteEndAttribute();
writer.WriteStartAttribute(samlDictionary.Issuer, null);
writer.WriteString(this.issuer);
writer.WriteEndAttribute();
writer.WriteStartAttribute(samlDictionary.IssueInstant, null);
writer.WriteString(this.issueInstant.ToString("yyyy-MM-ddTHH:mm:ss.fffZ", CultureInfo.InvariantCulture));
writer.WriteEndAttribute();
if (this.conditions != null)
{
this.conditions.WriteXml(writer, samlSerializer, keyInfoSerializer);
}
if (this.advice != null)
{
this.advice.WriteXml(writer, samlSerializer, keyInfoSerializer);
}
for (int i = 0; i < this.statements.Count; i++)
{
this.statements[i].WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
catch (Exception exception)
{
if (Fx.IsFatal(exception))
{
throw;
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.IdentityModel.SR.GetString("SAMLTokenNotSerialized"), exception));
}
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
string time = reader.GetAttribute(dictionary.NotBefore, null);
if (!string.IsNullOrEmpty(time))
{
this.notBefore = DateTime.ParseExact(
time, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
}
time = reader.GetAttribute(dictionary.NotOnOrAfter, null);
if (!string.IsNullOrEmpty(time))
{
this.notOnOrAfter = DateTime.ParseExact(
time, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
}
// Saml Conditions element is an optional element and all its child element
// are optional as well. So we can have a empty <saml:Conditions /> element
// in a valid Saml token.
if (reader.IsEmptyElement)
{
// Just issue a read to read the Empty element.
reader.MoveToContent();
reader.Read();
return;
}
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
SamlCondition condition = samlSerializer.LoadCondition(reader, keyInfoSerializer, outOfBandTokenResolver);
if (condition == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadCondtion)));
}
this.conditions.Add(condition);
}
reader.MoveToContent();
reader.ReadEndElement();
}
public override void WriteXml (
XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
throw new ArgumentNullException ("writer");
if (samlSerializer == null)
throw new ArgumentNullException ("samlSerializer");
writer.WriteStartElement ("saml", "DoNotCacheCondition", SamlConstants.Namespace);
writer.WriteEndElement ();
}
public override void WriteXml (XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoTokenSerializer)
{
if (SamlSubject == null)
throw new SecurityTokenException ("Subject is null in the AttributeStatement");
writer.WriteStartElement ("saml", "AttributeStatement", SamlConstants.Namespace);
SamlSubject.WriteXml (writer, samlSerializer, keyInfoTokenSerializer);
foreach (SamlAttribute a in Attributes)
a.WriteXml (writer, samlSerializer, keyInfoTokenSerializer);
writer.WriteEndElement ();
}
public WSSecurityTokenSerializer (
SecurityVersion securityVersion,
bool emitBspRequiredAttributes,
SamlSerializer samlSerializer,
SecurityStateEncoder securityStateEncoder,
IEnumerable<Type> knownTypes)
: this (securityVersion, emitBspRequiredAttributes,
samlSerializer, securityStateEncoder,
knownTypes, defaultOffset, defaultLabelLength,
defaultNonceLength)
{
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace))
{
SamlSubject subject = new SamlSubject();
subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
base.SamlSubject = subject;
}
else
{
// SAML Subject is a required Attribute Statement clause.
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingSubjectOnRead)));
}
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Attribute, dictionary.Namespace))
{
// SAML Attribute is a extensibility point. So ask the SAML serializer
// to load this part.
SamlAttribute attribute = samlSerializer.LoadAttribute(reader, keyInfoSerializer, outOfBandTokenResolver);
if (attribute == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAttribute)));
this.attributes.Add(attribute);
}
else
{
break;
}
}
if (this.attributes.Count == 0)
{
// Each Attribute statement should have at least one attribute.
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingAttributeOnRead)));
}
reader.MoveToContent();
reader.ReadEndElement();
}
public virtual void WriteXml(XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
writer.WriteStartElement("saml", "Attribute", SamlConstants.Namespace);
writer.WriteAttributeString("AttributeName", Name);
writer.WriteAttributeString("AttributeNamespace", Namespace);
foreach (string s in AttributeValues)
{
writer.WriteElementString("saml", "AttributeValue", SamlConstants.Namespace, s);
}
writer.WriteEndElement();
}
internal IssuedTokenServiceCredential(IssuedTokenServiceCredential other)
{
this.audienceUriMode = other.audienceUriMode;
this.allowedAudienceUris = new List<string>(other.allowedAudienceUris);
this.samlSerializer = other.samlSerializer;
this.knownCertificates = new List<X509Certificate2>(other.knownCertificates);
this.certificateValidationMode = other.certificateValidationMode;
this.customCertificateValidator = other.customCertificateValidator;
this.trustedStoreLocation = other.trustedStoreLocation;
this.revocationMode = other.revocationMode;
this.allowUntrustedRsaIssuers = other.allowUntrustedRsaIssuers;
this.isReadOnly = other.isReadOnly;
}
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.DoNotCacheCondition, dictionary.Namespace);
writer.WriteEndElement();
}
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.DoNotCacheCondition, samlDictionary.Namespace);
writer.WriteEndElement();
}
public override void WriteXml (
XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
throw new ArgumentNullException ("writer");
if (samlSerializer == null)
throw new ArgumentNullException ("samlSerializer");
if (Audiences.Count == 0)
throw new SecurityTokenException ("SAML AudienceRestrictionCondition must contain at least one Audience.");
writer.WriteStartElement ("saml", "AudienceRestrictionCondition", SamlConstants.Namespace);
foreach (Uri a in Audiences)
writer.WriteElementString ("saml", "Audience", SamlConstants.Namespace, a.AbsoluteUri);
writer.WriteEndElement ();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
}
else
{
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
if (!reader.IsStartElement(samlDictionary.AssertionIdReference, samlDictionary.Namespace))
{
if (!reader.IsStartElement(samlDictionary.Assertion, samlDictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.Advice.Value })));
}
SamlAssertion item = new SamlAssertion();
item.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.assertions.Add(item);
}
else
{
reader.MoveToContent();
this.assertionIdReferences.Add(reader.ReadString());
reader.MoveToContent();
reader.ReadEndElement();
continue;
}
}
reader.MoveToContent();
reader.ReadEndElement();
}
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
string attribute = reader.GetAttribute(samlDictionary.NotBefore, null);
if (!string.IsNullOrEmpty(attribute))
{
this.notBefore = DateTime.ParseExact(attribute, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
}
attribute = reader.GetAttribute(samlDictionary.NotOnOrAfter, null);
if (!string.IsNullOrEmpty(attribute))
{
this.notOnOrAfter = DateTime.ParseExact(attribute, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
}
if (reader.IsEmptyElement)
{
reader.MoveToContent();
reader.Read();
}
else
{
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
SamlCondition item = samlSerializer.LoadCondition(reader, keyInfoSerializer, outOfBandTokenResolver);
if (item == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadCondtion")));
}
this.conditions.Add(item);
}
reader.MoveToContent();
reader.ReadEndElement();
}
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("version");
}
MessageSecurityTokenVersion wsVersion = version as MessageSecurityTokenVersion;
if (wsVersion != null)
{
SamlSerializer samlSerializer = null;
if (parent.IssuedTokenAuthentication != null)
samlSerializer = parent.IssuedTokenAuthentication.SamlSerializer;
else
samlSerializer = new SamlSerializer();
return new WSSecurityTokenSerializer(wsVersion.SecurityVersion, wsVersion.TrustVersion, wsVersion.SecureConversationVersion, wsVersion.EmitBspRequiredAttributes, samlSerializer, parent.SecureConversationAuthentication.SecurityStateEncoder, parent.SecureConversationAuthentication.SecurityContextClaimTypes);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SecurityTokenManagerCannotCreateSerializerForVersion, version)));
}
}
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
this.CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Action, samlDictionary.Namespace);
if (this.ns != null)
{
writer.WriteStartAttribute(samlDictionary.ActionNamespaceAttribute, null);
writer.WriteString(this.ns);
writer.WriteEndAttribute();
}
writer.WriteString(this.action);
writer.WriteEndElement();
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Audience, dictionary.Namespace))
{
reader.MoveToContent();
string audience = reader.ReadString();
if (string.IsNullOrEmpty(audience))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAudienceRestrictionInvalidAudienceValueOnRead)));
this.audiences.Add(new Uri(audience));
reader.MoveToContent();
reader.ReadEndElement();
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.AudienceRestrictionCondition.Value)));
}
}
if (this.audiences.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAudienceRestrictionShouldHaveOneAudienceOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (reader.IsStartElement(samlDictionary.Action, samlDictionary.Namespace))
{
this.ns = reader.GetAttribute(samlDictionary.ActionNamespaceAttribute, null);
reader.MoveToContent();
this.action = reader.ReadString();
if (string.IsNullOrEmpty(this.action))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLActionNameRequiredOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
if (!reader.IsStartElement(samlDictionary.Audience, samlDictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.AudienceRestrictionCondition.Value })));
}
reader.MoveToContent();
string str = reader.ReadString();
if (string.IsNullOrEmpty(str))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAudienceRestrictionInvalidAudienceValueOnRead")));
}
this.audiences.Add(new Uri(str));
reader.MoveToContent();
reader.ReadEndElement();
}
if (this.audiences.Count == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAudienceRestrictionShouldHaveOneAudienceOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader);
WrappedReader wrappedReader = new WrappedReader(dictionaryReader);
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (!wrappedReader.IsStartElement(dictionary.Assertion, dictionary.Namespace))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLElementNotRecognized, wrappedReader.LocalName)));
string attributeValue = wrappedReader.GetAttribute(dictionary.MajorVersion, null);
if (string.IsNullOrEmpty(attributeValue))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMajorVersionAttributeOnRead)));
int majorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);
attributeValue = wrappedReader.GetAttribute(dictionary.MinorVersion, null);
if (string.IsNullOrEmpty(attributeValue))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMinorVersionAttributeOnRead)));
int minorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);
if ((majorVersion != SamlConstants.MajorVersionValue) || (minorVersion != SamlConstants.MinorVersionValue))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLTokenVersionNotSupported, majorVersion, minorVersion, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue)));
}
attributeValue = wrappedReader.GetAttribute(dictionary.AssertionId, null);
if (string.IsNullOrEmpty(attributeValue))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIdRequired)));
if (!IsAssertionIdValid(attributeValue))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIDIsInvalid, attributeValue)));
this.assertionId = attributeValue;
attributeValue = wrappedReader.GetAttribute(dictionary.Issuer, null);
if (string.IsNullOrEmpty(attributeValue))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingIssuerAttributeOnRead)));
this.issuer = attributeValue;
attributeValue = wrappedReader.GetAttribute(dictionary.IssueInstant, null);
if (!string.IsNullOrEmpty(attributeValue))
this.issueInstant = DateTime.ParseExact(
attributeValue, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
wrappedReader.MoveToContent();
wrappedReader.Read();
if (wrappedReader.IsStartElement(dictionary.Conditions, dictionary.Namespace))
{
this.conditions = samlSerializer.LoadConditions(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
if (this.conditions == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadCondtions)));
}
if (wrappedReader.IsStartElement(dictionary.Advice, dictionary.Namespace))
{
this.advice = samlSerializer.LoadAdvice(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
if (this.advice == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAdvice)));
}
while (wrappedReader.IsStartElement())
{
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
{
break;
}
else
{
SamlStatement statement = samlSerializer.LoadStatement(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
if (statement == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadStatement)));
this.statements.Add(statement);
}
}
if (this.statements.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionRequireOneStatementOnRead)));
if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
this.ReadSignature(wrappedReader, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);
wrappedReader.MoveToContent();
wrappedReader.ReadEndElement();
this.tokenStream = wrappedReader.XmlTokens;
if (this.signature != null)
{
VerifySignature(this.signature, this.verificationKey);
}
BuildCryptoList();
}
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
this.CheckObjectValidity();
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Subject, samlDictionary.Namespace);
if (this.name != null)
{
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.NameIdentifier, samlDictionary.Namespace);
if (this.nameFormat != null)
{
writer.WriteStartAttribute(samlDictionary.NameIdentifierFormat, null);
writer.WriteString(this.nameFormat);
writer.WriteEndAttribute();
}
if (this.nameQualifier != null)
{
writer.WriteStartAttribute(samlDictionary.NameIdentifierNameQualifier, null);
writer.WriteString(this.nameQualifier);
writer.WriteEndAttribute();
}
writer.WriteString(this.name);
writer.WriteEndElement();
}
if (this.confirmationMethods.Count > 0)
{
writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.SubjectConfirmation, samlDictionary.Namespace);
foreach (string str in this.confirmationMethods)
{
writer.WriteElementString(samlDictionary.SubjectConfirmationMethod, samlDictionary.Namespace, str);
}
if (!string.IsNullOrEmpty(this.confirmationData))
{
writer.WriteElementString(samlDictionary.SubjectConfirmationData, samlDictionary.Namespace, this.confirmationData);
}
if (this.securityKeyIdentifier != null)
{
SamlSerializer.WriteSecurityKeyIdentifier(XmlDictionaryWriter.CreateDictionaryWriter(writer), this.securityKeyIdentifier, keyInfoSerializer);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer");
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(samlDictionary.NameIdentifier, samlDictionary.Namespace))
{
this.nameFormat = reader.GetAttribute(samlDictionary.NameIdentifierFormat, null);
this.nameQualifier = reader.GetAttribute(samlDictionary.NameIdentifierNameQualifier, null);
reader.MoveToContent();
this.name = reader.ReadString();
if (this.name == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLNameIdentifierMissingIdentifierValueOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
if (reader.IsStartElement(samlDictionary.SubjectConfirmation, samlDictionary.Namespace))
{
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement(samlDictionary.SubjectConfirmationMethod, samlDictionary.Namespace))
{
string str = reader.ReadString();
if (string.IsNullOrEmpty(str))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.SubjectConfirmationMethod.Value })));
}
this.confirmationMethods.Add(str);
reader.MoveToContent();
reader.ReadEndElement();
}
if (this.confirmationMethods.Count == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLSubjectConfirmationClauseMissingConfirmationMethodOnRead")));
}
if (reader.IsStartElement(samlDictionary.SubjectConfirmationData, samlDictionary.Namespace))
{
reader.MoveToContent();
this.confirmationData = reader.ReadString();
reader.MoveToContent();
reader.ReadEndElement();
}
if (reader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.KeyInfo, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
{
XmlDictionaryReader reader2 = XmlDictionaryReader.CreateDictionaryReader(reader);
this.securityKeyIdentifier = SamlSerializer.ReadSecurityKeyIdentifier(reader2, keyInfoSerializer);
this.crypto = SamlSerializer.ResolveSecurityKey(this.securityKeyIdentifier, outOfBandTokenResolver);
if (this.crypto == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SamlUnableToExtractSubjectKey")));
}
this.subjectToken = SamlSerializer.ResolveSecurityToken(this.securityKeyIdentifier, outOfBandTokenResolver);
}
if ((this.confirmationMethods.Count == 0) && string.IsNullOrEmpty(this.name))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLSubjectRequiresNameIdentifierOrConfirmationMethodOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
reader.MoveToContent();
reader.ReadEndElement();
}
public override void WriteXml (XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoTokenSerializer)
{
if (writer == null)
throw new ArgumentNullException ("writer");
if (samlSerializer == null)
throw new ArgumentNullException ("samlSerializer");
if (SamlSubject == null)
throw new SecurityTokenException ("SAML Subject must be set to AuthenticationStatement before it is written.");
writer.WriteStartElement ("saml", "AuthenticationStatement", SamlConstants.Namespace);
writer.WriteAttributeString ("AuthenticationMethod", AuthenticationMethod);
writer.WriteAttributeString ("AuthenticationInstant",
AuthenticationInstant.ToString (SamlConstants.DateFormat, CultureInfo.InvariantCulture));
SamlSubject.WriteXml (writer, samlSerializer, keyInfoTokenSerializer);
if (DnsAddress != null || IPAddress != null) {
writer.WriteStartElement ("saml", "SubjectLocality", SamlConstants.Namespace);
if (IPAddress != null)
writer.WriteAttributeString ("IPAddress", IPAddress);
if (DnsAddress != null)
writer.WriteAttributeString ("DNSAddress", DnsAddress);
writer.WriteEndElement ();
}
writer.WriteEndElement ();
}
public virtual void WriteXml (
XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
throw new ArgumentNullException ("writer");
if (samlSerializer == null)
throw new ArgumentNullException ("samlSerializer");
if (AuthorityKind == null)
throw new SecurityTokenException ("AuthorityKind must be set to SAML AuthorityBinding before being written.");
if (Binding == null)
throw new SecurityTokenException ("non-zero length Binding must be set to SAML AuthorityBinding before being written.");
if (Location == null)
throw new SecurityTokenException ("non-zero length Location must be set to SAML AuthorityBinding before being written.");
writer.WriteStartElement ("saml", "AuthorityBinding", SamlConstants.Namespace);
writer.WriteXmlnsAttribute (String.Empty, AuthorityKind.Namespace);
writer.WriteAttributeString ("AuthorityKind", AuthorityKind.Name);
writer.WriteAttributeString ("Location", Location);
writer.WriteAttributeString ("Binding", Binding);
writer.WriteEndElement ();
}
internal void WriteTo(XmlWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
if ((this.signingCredentials == null) && (this.signature == null))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SamlAssertionMissingSigningCredentials)));
XmlDictionaryWriter dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer);
if (this.signingCredentials != null)
{
using (HashAlgorithm hash = CryptoHelper.CreateHashAlgorithm(this.signingCredentials.DigestAlgorithm))
{
this.hashStream = new HashStream(hash);
this.keyInfoSerializer = keyInfoSerializer;
this.dictionaryManager = samlSerializer.DictionaryManager;
SamlDelegatingWriter delegatingWriter = new SamlDelegatingWriter(dictionaryWriter, this.hashStream, this, samlSerializer.DictionaryManager.ParentDictionary);
this.WriteXml(delegatingWriter, samlSerializer, keyInfoSerializer);
}
}
else
{
this.tokenStream.SetElementExclusion(null, null);
this.tokenStream.WriteTo(dictionaryWriter, samlSerializer.DictionaryManager);
}
}
public abstract void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer);
public abstract void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver);
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
CheckObjectValidity();
if (writer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
try
{
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.Assertion, dictionary.Namespace);
writer.WriteStartAttribute(dictionary.MajorVersion, null);
writer.WriteValue(SamlConstants.MajorVersionValue);
writer.WriteEndAttribute();
writer.WriteStartAttribute(dictionary.MinorVersion, null);
writer.WriteValue(SamlConstants.MinorVersionValue);
writer.WriteEndAttribute();
writer.WriteStartAttribute(dictionary.AssertionId, null);
writer.WriteString(this.assertionId);
writer.WriteEndAttribute();
writer.WriteStartAttribute(dictionary.Issuer, null);
writer.WriteString(this.issuer);
writer.WriteEndAttribute();
writer.WriteStartAttribute(dictionary.IssueInstant, null);
writer.WriteString(this.issueInstant.ToString(SamlConstants.GeneratedDateTimeFormat, CultureInfo.InvariantCulture));
writer.WriteEndAttribute();
// Write out conditions
if (this.conditions != null)
{
this.conditions.WriteXml(writer, samlSerializer, keyInfoSerializer);
}
// Write out advice if there is one
if (this.advice != null)
{
this.advice.WriteXml(writer, samlSerializer, keyInfoSerializer);
}
for (int i = 0; i < this.statements.Count; i++)
{
this.statements[i].WriteXml(writer, samlSerializer, keyInfoSerializer);
}
writer.WriteEndElement();
}
catch (Exception e)
{
// Always immediately rethrow fatal exceptions.
if (Fx.IsFatal(e)) throw;
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SAMLTokenNotSerialized), e));
}
}
public override void ReadXml (XmlDictionaryReader reader,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoTokenSerializer,
SecurityTokenResolver outOfBandTokenResolver)
{
throw new NotImplementedException ();
}
