public void TransformClaims(
ref SecurityPropertyCollection incomingClaims,
ref SecurityPropertyCollection corporateClaims,
ref SecurityPropertyCollection outgoingClaims,
ClaimTransformStage transformStage,
string strIssuer,
string strTargetURI)
{
if (m_rules == null)
// no processing rules have been configured
return;
if (incomingClaims != null)
// we are not an Account Partner, but a resource partner
return;
if (transformStage != ClaimTransformStage.PostProcessing)
// we are not (yet) in the right phase
return;
foreach (MappingConfigurationElement e in m_rules.GlobalMappings)
{
if (outgoingClaims == null) outgoingClaims = new SecurityPropertyCollection();
outgoingClaims.Add(SecurityProperty.CreateCustomClaimProperty(e.Name, e.Value));
}
if (corporateClaims == null)
return;
if (m_rules.GroupAuthorization != null)
{
bool hasMatch = false;
foreach (SecurityProperty securityProperty in corporateClaims)
{
foreach (GroupAuthorizationConfigurationElement e in m_rules.GroupAuthorization)
{
if (securityProperty.Equals(SecurityProperty.CreateGroupProperty(e.Group)))
{
hasMatch = true;
}
}
}
if (m_rules.GroupAuthorization.Mode == "include")
{
if (hasMatch == false) throw new ApplicationException(m_rules.GroupAuthorization.Message);
}
else if (m_rules.GroupAuthorization.Mode == "exclude")
{
if (hasMatch == true) throw new ApplicationException(m_rules.GroupAuthorization.Message);
}
}
foreach (SecurityProperty securityProperty in corporateClaims)
{
foreach (GroupMappingConfigurationElement e in m_rules.GroupMappings)
{
if (securityProperty.Equals(SecurityProperty.CreateGroupProperty(e.Group)))
{
if (outgoingClaims == null) outgoingClaims = new SecurityPropertyCollection();
outgoingClaims.Add(SecurityProperty.CreateCustomClaimProperty(e.Name, e.Value));
}
}
foreach (PrefixConfigurationElement e in m_rules.Prefixes)
{
if (securityProperty.Name.Equals(e.Name))
{
string value = e.Value + securityProperty.Value;
outgoingClaims.Add(
SecurityProperty.CreateCustomClaimProperty(e.Name, value));
}
}
}
//Build a new claim with configured claimattributes and strings
string claimbuilderValue = string.Empty;
foreach (ClaimbuilderConfigurationElement e in m_rules.Claimbuilder)
{
if (!string.IsNullOrEmpty(e.ClaimValue))
{
//check if the claim uri exists in the collection.
SecurityPropertyCollection tempCollection = corporateClaims.GetCustomProperties(e.ClaimValue);
//claim found extract value and add to claimbuilderValue.
if (tempCollection.Count == 1)
{
claimbuilderValue = claimbuilderValue + tempCollection[0].Value;
}
}
else if (!string.IsNullOrEmpty(e.StringValue))
{
claimbuilderValue = claimbuilderValue + e.StringValue;
}
}
if (!string.IsNullOrEmpty(claimbuilderValue)) {
outgoingClaims.Add(
SecurityProperty.CreateCustomClaimProperty(m_rules.Claimbuilder.ClaimName, claimbuilderValue));
}
}
public void TransformClaims(
ref SecurityPropertyCollection incomingClaims,
ref SecurityPropertyCollection corporateClaims,
ref SecurityPropertyCollection outgoingClaims,
ClaimTransformStage transformStage,
string strIssuer,
string strTargetURI)
{
if (m_rules == null)
{
// no processing rules have been configured
return;
}
if (incomingClaims != null)
{
// we are not an Account Partner, but a resource partner
return;
}
if (transformStage != ClaimTransformStage.PostProcessing)
{
// we are not (yet) in the right phase
return;
}
foreach (MappingConfigurationElement e in m_rules.GlobalMappings)
{
if (outgoingClaims == null)
{
outgoingClaims = new SecurityPropertyCollection();
}
outgoingClaims.Add(SecurityProperty.CreateCustomClaimProperty(e.Name, e.Value));
}
if (corporateClaims == null)
{
return;
}
if (m_rules.GroupAuthorization != null)
{
bool hasMatch = false;
foreach (SecurityProperty securityProperty in corporateClaims)
{
foreach (GroupAuthorizationConfigurationElement e in m_rules.GroupAuthorization)
{
if (securityProperty.Equals(SecurityProperty.CreateGroupProperty(e.Group)))
{
hasMatch = true;
}
}
}
if (m_rules.GroupAuthorization.Mode == "include")
{
if (hasMatch == false)
{
throw new ApplicationException(m_rules.GroupAuthorization.Message);
}
}
else if (m_rules.GroupAuthorization.Mode == "exclude")
{
if (hasMatch == true)
{
throw new ApplicationException(m_rules.GroupAuthorization.Message);
}
}
}
foreach (SecurityProperty securityProperty in corporateClaims)
{
foreach (GroupMappingConfigurationElement e in m_rules.GroupMappings)
{
if (securityProperty.Equals(SecurityProperty.CreateGroupProperty(e.Group)))
{
if (outgoingClaims == null)
{
outgoingClaims = new SecurityPropertyCollection();
}
outgoingClaims.Add(SecurityProperty.CreateCustomClaimProperty(e.Name, e.Value));
}
}
foreach (PrefixConfigurationElement e in m_rules.Prefixes)
{
if (securityProperty.Name.Equals(e.Name))
{
string value = e.Value + securityProperty.Value;
outgoingClaims.Add(
SecurityProperty.CreateCustomClaimProperty(e.Name, value));
}
}
}
//Build a new claim with configured claimattributes and strings
string claimbuilderValue = string.Empty;
foreach (ClaimbuilderConfigurationElement e in m_rules.Claimbuilder)
{
if (!string.IsNullOrEmpty(e.ClaimValue))
{
//check if the claim uri exists in the collection.
SecurityPropertyCollection tempCollection = corporateClaims.GetCustomProperties(e.ClaimValue);
//claim found extract value and add to claimbuilderValue.
if (tempCollection.Count == 1)
{
claimbuilderValue = claimbuilderValue + tempCollection[0].Value;
}
}
else if (!string.IsNullOrEmpty(e.StringValue))
{
claimbuilderValue = claimbuilderValue + e.StringValue;
}
}
if (!string.IsNullOrEmpty(claimbuilderValue))
{
outgoingClaims.Add(
SecurityProperty.CreateCustomClaimProperty(m_rules.Claimbuilder.ClaimName, claimbuilderValue));
}
}
