internal IList <SupportingTokenAuthenticatorSpecification> GetSupportingTokenAuthenticators(string action, out bool expectSignedTokens, out bool expectBasicTokens, out bool expectEndorsingTokens)
{
if (_mergedSupportingTokenAuthenticatorsMap != null && _mergedSupportingTokenAuthenticatorsMap.Count > 0)
{
if (action != null && _mergedSupportingTokenAuthenticatorsMap.ContainsKey(action))
{
MergedSupportingTokenAuthenticatorSpecification mergedSpec = _mergedSupportingTokenAuthenticatorsMap[action];
expectSignedTokens = mergedSpec.ExpectSignedTokens;
expectBasicTokens = mergedSpec.ExpectBasicTokens;
expectEndorsingTokens = mergedSpec.ExpectEndorsingTokens;
return(mergedSpec.SupportingTokenAuthenticators);
}
else if (_mergedSupportingTokenAuthenticatorsMap.ContainsKey(MessageHeaders.WildcardAction))
{
MergedSupportingTokenAuthenticatorSpecification mergedSpec = _mergedSupportingTokenAuthenticatorsMap[MessageHeaders.WildcardAction];
expectSignedTokens = mergedSpec.ExpectSignedTokens;
expectBasicTokens = mergedSpec.ExpectBasicTokens;
expectEndorsingTokens = mergedSpec.ExpectEndorsingTokens;
return(mergedSpec.SupportingTokenAuthenticators);
}
}
expectSignedTokens = _expectChannelSignedTokens;
expectBasicTokens = _expectChannelBasicTokens;
expectEndorsingTokens = _expectChannelEndorsingTokens;
// in case the channelSupportingTokenAuthenticators is empty return null so that its Count does not get accessed.
return((Object.ReferenceEquals(_channelSupportingTokenAuthenticatorSpecification, EmptyTokenAuthenticators)) ? null : (IList <SupportingTokenAuthenticatorSpecification>)_channelSupportingTokenAuthenticatorSpecification);
}
internal IList <SupportingTokenAuthenticatorSpecification> GetSupportingTokenAuthenticators(string action, out bool expectSignedTokens, out bool expectBasicTokens, out bool expectEndorsingTokens)
{
if ((this.mergedSupportingTokenAuthenticatorsMap != null) && (this.mergedSupportingTokenAuthenticatorsMap.Count > 0))
{
if ((action != null) && this.mergedSupportingTokenAuthenticatorsMap.ContainsKey(action))
{
MergedSupportingTokenAuthenticatorSpecification specification = this.mergedSupportingTokenAuthenticatorsMap[action];
expectSignedTokens = specification.ExpectSignedTokens;
expectBasicTokens = specification.ExpectBasicTokens;
expectEndorsingTokens = specification.ExpectEndorsingTokens;
return(specification.SupportingTokenAuthenticators);
}
if (this.mergedSupportingTokenAuthenticatorsMap.ContainsKey("*"))
{
MergedSupportingTokenAuthenticatorSpecification specification2 = this.mergedSupportingTokenAuthenticatorsMap["*"];
expectSignedTokens = specification2.ExpectSignedTokens;
expectBasicTokens = specification2.ExpectBasicTokens;
expectEndorsingTokens = specification2.ExpectEndorsingTokens;
return(specification2.SupportingTokenAuthenticators);
}
}
expectSignedTokens = this.expectChannelSignedTokens;
expectBasicTokens = this.expectChannelBasicTokens;
expectEndorsingTokens = this.expectChannelEndorsingTokens;
if (!object.ReferenceEquals(this.channelSupportingTokenAuthenticatorSpecification, EmptyTokenAuthenticators))
{
return((IList <SupportingTokenAuthenticatorSpecification>) this.channelSupportingTokenAuthenticatorSpecification);
}
return(null);
}
private void MergeSupportingTokenAuthenticators(TimeSpan timeout)
{
if (_scopedSupportingTokenAuthenticatorSpecification.Count == 0)
{
_mergedSupportingTokenAuthenticatorsMap = null;
}
else
{
TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
_expectSupportingTokens = true;
_mergedSupportingTokenAuthenticatorsMap = new Dictionary <string, MergedSupportingTokenAuthenticatorSpecification>();
foreach (string action in _scopedSupportingTokenAuthenticatorSpecification.Keys)
{
ICollection <SupportingTokenAuthenticatorSpecification> scopedAuthenticators = _scopedSupportingTokenAuthenticatorSpecification[action];
if (scopedAuthenticators == null || scopedAuthenticators.Count == 0)
{
continue;
}
Collection <SupportingTokenAuthenticatorSpecification> mergedAuthenticators = new Collection <SupportingTokenAuthenticatorSpecification>();
bool expectSignedTokens = _expectChannelSignedTokens;
bool expectBasicTokens = _expectChannelBasicTokens;
bool expectEndorsingTokens = _expectChannelEndorsingTokens;
foreach (SupportingTokenAuthenticatorSpecification spec in _channelSupportingTokenAuthenticatorSpecification)
{
mergedAuthenticators.Add(spec);
}
foreach (SupportingTokenAuthenticatorSpecification spec in scopedAuthenticators)
{
SecurityUtils.OpenTokenAuthenticatorIfRequired(spec.TokenAuthenticator, timeoutHelper.RemainingTime());
mergedAuthenticators.Add(spec);
if (spec.SecurityTokenAttachmentMode == SecurityTokenAttachmentMode.Endorsing ||
spec.SecurityTokenAttachmentMode == SecurityTokenAttachmentMode.SignedEndorsing)
{
if (spec.TokenParameters.RequireDerivedKeys && !spec.TokenParameters.HasAsymmetricKey)
{
_expectKeyDerivation = true;
}
}
SecurityTokenAttachmentMode mode = spec.SecurityTokenAttachmentMode;
if (mode == SecurityTokenAttachmentMode.SignedEncrypted ||
mode == SecurityTokenAttachmentMode.Signed ||
mode == SecurityTokenAttachmentMode.SignedEndorsing)
{
expectSignedTokens = true;
if (mode == SecurityTokenAttachmentMode.SignedEncrypted)
{
expectBasicTokens = true;
}
}
if (mode == SecurityTokenAttachmentMode.Endorsing || mode == SecurityTokenAttachmentMode.SignedEndorsing)
{
expectEndorsingTokens = true;
}
}
VerifyTypeUniqueness(mergedAuthenticators);
MergedSupportingTokenAuthenticatorSpecification mergedSpec = new MergedSupportingTokenAuthenticatorSpecification();
mergedSpec.SupportingTokenAuthenticators = mergedAuthenticators;
mergedSpec.ExpectBasicTokens = expectBasicTokens;
mergedSpec.ExpectEndorsingTokens = expectEndorsingTokens;
mergedSpec.ExpectSignedTokens = expectSignedTokens;
_mergedSupportingTokenAuthenticatorsMap.Add(action, mergedSpec);
}
}
}
private void MergeSupportingTokenAuthenticators(TimeSpan timeout)
{
if (this.scopedSupportingTokenAuthenticatorSpecification.Count == 0)
{
this.mergedSupportingTokenAuthenticatorsMap = null;
}
else
{
TimeoutHelper helper = new TimeoutHelper(timeout);
this.expectSupportingTokens = true;
this.mergedSupportingTokenAuthenticatorsMap = new Dictionary <string, MergedSupportingTokenAuthenticatorSpecification>();
foreach (string str in this.scopedSupportingTokenAuthenticatorSpecification.Keys)
{
ICollection <SupportingTokenAuthenticatorSpecification> is2 = this.scopedSupportingTokenAuthenticatorSpecification[str];
if ((is2 != null) && (is2.Count != 0))
{
Collection <SupportingTokenAuthenticatorSpecification> supportingTokenAuthenticators = new Collection <SupportingTokenAuthenticatorSpecification>();
bool expectChannelSignedTokens = this.expectChannelSignedTokens;
bool expectChannelBasicTokens = this.expectChannelBasicTokens;
bool expectChannelEndorsingTokens = this.expectChannelEndorsingTokens;
foreach (SupportingTokenAuthenticatorSpecification specification in this.channelSupportingTokenAuthenticatorSpecification)
{
supportingTokenAuthenticators.Add(specification);
}
foreach (SupportingTokenAuthenticatorSpecification specification2 in is2)
{
System.ServiceModel.Security.SecurityUtils.OpenTokenAuthenticatorIfRequired(specification2.TokenAuthenticator, helper.RemainingTime());
supportingTokenAuthenticators.Add(specification2);
if (((specification2.SecurityTokenAttachmentMode == SecurityTokenAttachmentMode.Endorsing) || (specification2.SecurityTokenAttachmentMode == SecurityTokenAttachmentMode.SignedEndorsing)) && (specification2.TokenParameters.RequireDerivedKeys && !specification2.TokenParameters.HasAsymmetricKey))
{
this.expectKeyDerivation = true;
}
SecurityTokenAttachmentMode securityTokenAttachmentMode = specification2.SecurityTokenAttachmentMode;
switch (securityTokenAttachmentMode)
{
case SecurityTokenAttachmentMode.SignedEncrypted:
case SecurityTokenAttachmentMode.Signed:
case SecurityTokenAttachmentMode.SignedEndorsing:
expectChannelSignedTokens = true;
if (securityTokenAttachmentMode == SecurityTokenAttachmentMode.SignedEncrypted)
{
expectChannelBasicTokens = true;
}
break;
}
if ((securityTokenAttachmentMode == SecurityTokenAttachmentMode.Endorsing) || (securityTokenAttachmentMode == SecurityTokenAttachmentMode.SignedEndorsing))
{
expectChannelEndorsingTokens = true;
}
}
this.VerifyTypeUniqueness(supportingTokenAuthenticators);
MergedSupportingTokenAuthenticatorSpecification specification3 = new MergedSupportingTokenAuthenticatorSpecification {
SupportingTokenAuthenticators = supportingTokenAuthenticators,
ExpectBasicTokens = expectChannelBasicTokens,
ExpectEndorsingTokens = expectChannelEndorsingTokens,
ExpectSignedTokens = expectChannelSignedTokens
};
this.mergedSupportingTokenAuthenticatorsMap.Add(str, specification3);
}
}
}
}
