Example #1
0
 public T GetAppliesTo <T>()
 {
     return(this.GetAppliesTo <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), DataContractSerializerDefaults.MaxItemsInObjectGraph)));
 }
Example #2
0
        public static AddressHeader CreateAddressHeader(object value)
        {
            Type type = GetObjectType(value);

            return(CreateAddressHeader(value, DataContractSerializerDefaults.CreateSerializer(type, int.MaxValue /*maxItems*/)));
        }
Example #3
0
 public static AddressHeader CreateAddressHeader(string name, string ns, object value)
 {
     return(CreateAddressHeader(name, ns, value, DataContractSerializerDefaults.CreateSerializer(GetObjectType(value), name, ns, int.MaxValue /*maxItems*/)));
 }
Example #4
0
 public T GetValue <T>()
 {
     return(GetValue <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), this.Name, this.Namespace, int.MaxValue /*maxItems*/)));
 }
Example #5
0
 public DictionaryAddressHeader(XmlDictionaryString name, XmlDictionaryString ns, object value)
     : base(name.Value, ns.Value, value, DataContractSerializerDefaults.CreateSerializer(GetObjectType(value), name, ns, int.MaxValue /*maxItems*/))
 {
     this.name = name;
     this.ns   = ns;
 }
Example #6
0
 public T GetDetail <T>()
 {
     return(GetDetail <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), int.MaxValue /*maxItems*/)));
 }
Example #7
0
 internal static MessageFault CreateFault(FaultCode code, FaultReason reason, object detail)
 {
     return(CreateFault(code, reason, detail, DataContractSerializerDefaults.CreateSerializer(
                            (detail == null ? typeof(object) : detail.GetType()), int.MaxValue /*maxItems*/), "", ""));
 }
Example #8
0
        public byte[] CreateCookieFromSecurityContext(UniqueId contextId, string id, byte[] key, DateTime tokenEffectiveTime,
                                                      DateTime tokenExpirationTime, UniqueId keyGeneration, DateTime keyEffectiveTime, DateTime keyExpirationTime,
                                                      ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies)
        {
            if (contextId == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("contextId");
            }

            if (key == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("key");
            }

            MemoryStream        stream = new MemoryStream();
            XmlDictionaryWriter writer = XmlDictionaryWriter.CreateBinaryWriter(stream, SctClaimDictionary.Instance, null);

            SctClaimDictionary dictionary = SctClaimDictionary.Instance;

            writer.WriteStartElement(dictionary.SecurityContextSecurityToken, dictionary.EmptyString);
            writer.WriteStartElement(dictionary.Version, dictionary.EmptyString);
            writer.WriteValue(SupportedPersistanceVersion);
            writer.WriteEndElement();
            if (id != null)
            {
                writer.WriteElementString(dictionary.Id, dictionary.EmptyString, id);
            }
            XmlHelper.WriteElementStringAsUniqueId(writer, dictionary.ContextId, dictionary.EmptyString, contextId);

            writer.WriteStartElement(dictionary.Key, dictionary.EmptyString);
            writer.WriteBase64(key, 0, key.Length);
            writer.WriteEndElement();

            if (keyGeneration != null)
            {
                XmlHelper.WriteElementStringAsUniqueId(writer, dictionary.KeyGeneration, dictionary.EmptyString, keyGeneration);
            }

            XmlHelper.WriteElementContentAsInt64(writer, dictionary.EffectiveTime, dictionary.EmptyString, tokenEffectiveTime.ToUniversalTime().Ticks);
            XmlHelper.WriteElementContentAsInt64(writer, dictionary.ExpiryTime, dictionary.EmptyString, tokenExpirationTime.ToUniversalTime().Ticks);
            XmlHelper.WriteElementContentAsInt64(writer, dictionary.KeyEffectiveTime, dictionary.EmptyString, keyEffectiveTime.ToUniversalTime().Ticks);
            XmlHelper.WriteElementContentAsInt64(writer, dictionary.KeyExpiryTime, dictionary.EmptyString, keyExpirationTime.ToUniversalTime().Ticks);

            AuthorizationContext authContext = null;

            if (authorizationPolicies != null)
            {
                authContext = AuthorizationContext.CreateDefaultAuthorizationContext(authorizationPolicies);
            }

            if (authContext != null && authContext.ClaimSets.Count != 0)
            {
                DataContractSerializer identitySerializer = DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), this.knownTypes, int.MaxValue);
                DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), this.knownTypes, int.MaxValue);
                DataContractSerializer claimSerializer    = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), this.knownTypes, int.MaxValue);
                SctClaimSerializer.SerializeIdentities(authContext, dictionary, writer, identitySerializer);

                writer.WriteStartElement(dictionary.ClaimSets, dictionary.EmptyString);
                for (int i = 0; i < authContext.ClaimSets.Count; i++)
                {
                    SctClaimSerializer.SerializeClaimSet(authContext.ClaimSets[i], dictionary, writer, claimSetSerializer, claimSerializer);
                }
                writer.WriteEndElement();
            }

            writer.WriteEndElement();
            writer.Flush();

            byte[] serializedContext = stream.ToArray();
            return(this.securityStateEncoder.EncodeSecurityState(serializedContext));
        }
Example #9
0
        private SecurityContextSecurityToken DeserializeContext(byte[] serializedContext, byte[] cookieBlob, string id, XmlDictionaryReaderQuotas quotas)
        {
            SctClaimDictionary  dictionary = SctClaimDictionary.Instance;
            XmlDictionaryReader reader     = XmlDictionaryReader.CreateBinaryReader(serializedContext, 0, serializedContext.Length, dictionary, quotas, null, null);
            int      cookieVersion         = -1;
            UniqueId cookieContextId       = null;
            DateTime effectiveTime         = SecurityUtils.MinUtcDateTime;
            DateTime expiryTime            = SecurityUtils.MaxUtcDateTime;

            byte[]            key               = null;
            string            localId           = null;
            UniqueId          keyGeneration     = null;
            DateTime          keyEffectiveTime  = SecurityUtils.MinUtcDateTime;
            DateTime          keyExpirationTime = SecurityUtils.MaxUtcDateTime;
            List <ClaimSet>   claimSets         = null;
            IList <IIdentity> identities        = null;
            bool isCookie = true;

            reader.ReadFullStartElement(dictionary.SecurityContextSecurityToken, dictionary.EmptyString);

            while (reader.IsStartElement())
            {
                if (reader.IsStartElement(dictionary.Version, dictionary.EmptyString))
                {
                    cookieVersion = reader.ReadElementContentAsInt();
                }
                else if (reader.IsStartElement(dictionary.ContextId, dictionary.EmptyString))
                {
                    cookieContextId = reader.ReadElementContentAsUniqueId();
                }
                else if (reader.IsStartElement(dictionary.Id, dictionary.EmptyString))
                {
                    localId = reader.ReadElementContentAsString();
                }
                else if (reader.IsStartElement(dictionary.EffectiveTime, dictionary.EmptyString))
                {
                    effectiveTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                }
                else if (reader.IsStartElement(dictionary.ExpiryTime, dictionary.EmptyString))
                {
                    expiryTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                }
                else if (reader.IsStartElement(dictionary.Key, dictionary.EmptyString))
                {
                    key = reader.ReadElementContentAsBase64();
                }
                else if (reader.IsStartElement(dictionary.KeyGeneration, dictionary.EmptyString))
                {
                    keyGeneration = reader.ReadElementContentAsUniqueId();
                }
                else if (reader.IsStartElement(dictionary.KeyEffectiveTime, dictionary.EmptyString))
                {
                    keyEffectiveTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                }
                else if (reader.IsStartElement(dictionary.KeyExpiryTime, dictionary.EmptyString))
                {
                    keyExpirationTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                }
                else if (reader.IsStartElement(dictionary.Identities, dictionary.EmptyString))
                {
                    identities = SctClaimSerializer.DeserializeIdentities(reader, dictionary, DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), this.knownTypes, int.MaxValue));
                }
                else if (reader.IsStartElement(dictionary.ClaimSets, dictionary.EmptyString))
                {
                    reader.ReadStartElement();

                    DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), this.knownTypes, int.MaxValue);
                    DataContractSerializer claimSerializer    = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), this.knownTypes, int.MaxValue);
                    claimSets = new List <ClaimSet>(1);
                    while (reader.IsStartElement())
                    {
                        claimSets.Add(SctClaimSerializer.DeserializeClaimSet(reader, dictionary, claimSetSerializer, claimSerializer));
                    }

                    reader.ReadEndElement();
                }
                else if (reader.IsStartElement(dictionary.IsCookieMode, dictionary.EmptyString))
                {
                    isCookie = reader.ReadElementString() == "1" ? true : false;
                }
                else
                {
                    OnInvalidCookieFailure(SR.Format(SR.SctCookieXmlParseError));
                }
            }
            reader.ReadEndElement();
            if (cookieVersion != SupportedPersistanceVersion)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.SerializedTokenVersionUnsupported, cookieVersion)));
            }
            if (cookieContextId == null)
            {
                OnInvalidCookieFailure(SR.Format(SR.SctCookieValueMissingOrIncorrect, nameof(cookieContextId)));
            }
            if (key == null || key.Length == 0)
            {
                OnInvalidCookieFailure(SR.Format(SR.SctCookieValueMissingOrIncorrect, nameof(key)));
            }
            if (localId != id)
            {
                OnInvalidCookieFailure(SR.Format(SR.SctCookieValueMissingOrIncorrect, nameof(id)));
            }
            List <IAuthorizationPolicy> authorizationPolicies;

            if (claimSets != null)
            {
                authorizationPolicies = new List <IAuthorizationPolicy>(1);
                authorizationPolicies.Add(new SctUnconditionalPolicy(identities, claimSets, expiryTime));
            }
            else
            {
                authorizationPolicies = null;
            }
            return(new SecurityContextSecurityToken(cookieContextId, localId, key, effectiveTime, expiryTime,
                                                    authorizationPolicies != null ? authorizationPolicies.AsReadOnly() : null, isCookie, cookieBlob, keyGeneration, keyEffectiveTime, keyExpirationTime));
        }
Example #10
0
 public static AddressHeader CreateAddressHeader(object value)
 {
     System.Type objectType = GetObjectType(value);
     return(CreateAddressHeader(value, DataContractSerializerDefaults.CreateSerializer(objectType, 0x7fffffff)));
 }
Example #11
0
 public T GetValue <T>()
 {
     return(this.GetValue <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), this.Name, this.Namespace, 0x7fffffff)));
 }
Example #12
0
        static IAuthorizationPolicy RetrievePolicyFromBlob(byte[] contextBlob, string id, DateTime expirationTime, IList <Type> knownTypes)
        {
            if (contextBlob == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("contextBlob");
            }

            if (id == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");
            }

            SctClaimDictionary  claimDictionary = SctClaimDictionary.Instance;
            XmlDictionaryReader reader          = XmlDictionaryReader.CreateBinaryReader(contextBlob, 0, contextBlob.Length, claimDictionary, XmlDictionaryReaderQuotas.Max, null, null);
            IList <IIdentity>   identities      = null;
            IList <ClaimSet>    claimSets       = null;
            int versionNumber = -1;

            reader.ReadFullStartElement(claimDictionary.SecurityContextSecurityToken, claimDictionary.EmptyString);

            while (reader.IsStartElement())
            {
                if (reader.IsStartElement(claimDictionary.Version, claimDictionary.EmptyString))
                {
                    versionNumber = reader.ReadElementContentAsInt();

                    if (versionNumber != 1)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR2.GetString(SR2.SerializedAuthorizationContextVersionUnsupported, versionNumber)));
                    }
                }
                else
                {
                    if (reader.IsStartElement(claimDictionary.Identities, claimDictionary.EmptyString))
                    {
                        identities = SctClaimSerializer.DeserializeIdentities(reader, claimDictionary, DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), knownTypes, 0x7fffffff));
                        continue;
                    }
                    if (reader.IsStartElement(claimDictionary.ClaimSets, claimDictionary.EmptyString))
                    {
                        reader.ReadStartElement();
                        DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), knownTypes, 0x7fffffff);
                        DataContractSerializer claimSerializer    = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), knownTypes, 0x7fffffff);
                        claimSets = new List <ClaimSet>(1);

                        while (reader.IsStartElement())
                        {
                            claimSets.Add(SctClaimSerializer.DeserializeClaimSet(reader, claimDictionary, claimSetSerializer, claimSerializer));
                        }

                        reader.ReadEndElement();
                        continue;
                    }
                }
            }
            reader.ReadEndElement();
            return(new SctUnconditionalPolicy(identities, id, claimSets, expirationTime));
        }
Example #13
0
        public static void SerializeRecord(XmlWriter xmlWriter, object o)
        {
            DataContractSerializer serializer = DataContractSerializerDefaults.CreateSerializer(((o == null) ? typeof(object) : o.GetType()), DataContractSerializerDefaults.MaxItemsInObjectGraph);

            serializer.WriteObject(xmlWriter, o);
        }
Example #14
0
            protected override BodyWriter GetFirstOutgoingMessageBody(FederatedTokenProviderState negotiationState, out MessageProperties messageProperties)
            {
                messageProperties = null;
                RequestSecurityToken rst = new RequestSecurityToken(this.StandardsManager);

                if (this.addTargetServiceAppliesTo)
                {
                    if (this.MessageVersion.Addressing == AddressingVersion.WSAddressing10)
                    {
                        rst.SetAppliesTo <EndpointAddress10>(
                            EndpointAddress10.FromEndpointAddress(negotiationState.TargetAddress),
                            DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), DataContractSerializerDefaults.MaxItemsInObjectGraph));
                    }
                    else if (this.MessageVersion.Addressing == AddressingVersion.WSAddressingAugust2004)
                    {
                        rst.SetAppliesTo <EndpointAddressAugust2004>(
                            EndpointAddressAugust2004.FromEndpointAddress(negotiationState.TargetAddress),
                            DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), DataContractSerializerDefaults.MaxItemsInObjectGraph));
                    }
                    else
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                                  new ProtocolException(SR.GetString(SR.AddressingVersionNotSupported, this.MessageVersion.Addressing)));
                    }
                }
                rst.Context = negotiationState.Context;
                if (!this.isKeySizePresentInRstProperties)
                {
                    rst.KeySize = this.keySize;
                }
                Collection <XmlElement> newRequestProperties = new Collection <XmlElement>();

                if (this.requestProperties != null)
                {
                    for (int i = 0; i < this.requestProperties.Count; ++i)
                    {
                        newRequestProperties.Add(this.requestProperties[i]);
                    }
                }
                if (!isKeyTypePresentInRstProperties)
                {
                    XmlElement keyTypeElement = this.StandardsManager.TrustDriver.CreateKeyTypeElement(this.keyType);
                    newRequestProperties.Insert(0, keyTypeElement);
                }
                if (this.keyType == SecurityKeyType.SymmetricKey)
                {
                    byte[] requestorEntropy = negotiationState.GetRequestorEntropy();
                    rst.SetRequestorEntropy(requestorEntropy);
                }
                else if (this.keyType == SecurityKeyType.AsymmetricKey)
                {
                    RsaKeyIdentifierClause rsaClause     = new RsaKeyIdentifierClause(negotiationState.Rsa);
                    SecurityKeyIdentifier  keyIdentifier = new SecurityKeyIdentifier(rsaClause);
                    newRequestProperties.Add(this.StandardsManager.TrustDriver.CreateUseKeyElement(keyIdentifier, this.StandardsManager));
                    RsaSecurityTokenParameters rsaParameters = new RsaSecurityTokenParameters();
                    rsaParameters.InclusionMode      = SecurityTokenInclusionMode.Never;
                    rsaParameters.RequireDerivedKeys = false;
                    SupportingTokenSpecification rsaSpec = new SupportingTokenSpecification(negotiationState.RsaSecurityToken, EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance, SecurityTokenAttachmentMode.Endorsing, rsaParameters);
                    messageProperties = new MessageProperties();
                    SecurityMessageProperty security = new SecurityMessageProperty();
                    security.OutgoingSupportingTokens.Add(rsaSpec);
                    messageProperties.Security = security;
                }
                if (this.keyType == SecurityKeyType.SymmetricKey && this.KeyEntropyMode == SecurityKeyEntropyMode.CombinedEntropy)
                {
                    newRequestProperties.Add(this.StandardsManager.TrustDriver.CreateComputedKeyAlgorithmElement(this.StandardsManager.TrustDriver.ComputedKeyAlgorithm));
                }
                rst.RequestProperties = newRequestProperties;
                rst.MakeReadOnly();
                return(rst);
            }