//SamlSecurityTokenAuthenticator CreateSamlTokenAuthenticator(RecipientServiceModelSecurityTokenRequirement recipientRequirement, out SecurityTokenResolver outOfBandTokenResolver)
//{
// if (recipientRequirement == null)
// throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(recipientRequirement));
// Collection<SecurityToken> outOfBandTokens = new Collection<SecurityToken>();
// if (parent.ServiceCertificate.Certificate != null)
// {
// outOfBandTokens.Add(new X509SecurityToken(parent.ServiceCertificate.Certificate));
// }
// List<SecurityTokenAuthenticator> supportingAuthenticators = new List<SecurityTokenAuthenticator>();
// if ((parent.IssuedTokenAuthentication.KnownCertificates != null) && (parent.IssuedTokenAuthentication.KnownCertificates.Count > 0))
// {
// for (int i = 0; i < parent.IssuedTokenAuthentication.KnownCertificates.Count; ++i)
// {
// outOfBandTokens.Add(new X509SecurityToken(parent.IssuedTokenAuthentication.KnownCertificates[i]));
// }
// }
// X509CertificateValidator validator = parent.IssuedTokenAuthentication.GetCertificateValidator();
// supportingAuthenticators.Add(new X509SecurityTokenAuthenticator(validator));
// if (parent.IssuedTokenAuthentication.AllowUntrustedRsaIssuers)
// {
// supportingAuthenticators.Add(new RsaSecurityTokenAuthenticator());
// }
// outOfBandTokenResolver = (outOfBandTokens.Count > 0) ? SecurityTokenResolver.CreateDefaultSecurityTokenResolver(new ReadOnlyCollection<SecurityToken>(outOfBandTokens), false) : null;
// SamlSecurityTokenAuthenticator ssta;
// if ((recipientRequirement.SecurityBindingElement == null) || (recipientRequirement.SecurityBindingElement.LocalServiceSettings == null))
// {
// ssta = new SamlSecurityTokenAuthenticator(supportingAuthenticators);
// }
// else
// {
// ssta = new SamlSecurityTokenAuthenticator(supportingAuthenticators, recipientRequirement.SecurityBindingElement.LocalServiceSettings.MaxClockSkew);
// }
// // set audience uri restrictions
// ssta.AudienceUriMode = parent.IssuedTokenAuthentication.AudienceUriMode;
// IList<string> allowedAudienceUris = ssta.AllowedAudienceUris;
// if (parent.IssuedTokenAuthentication.AllowedAudienceUris != null)
// {
// for (int i = 0; i < parent.IssuedTokenAuthentication.AllowedAudienceUris.Count; i++)
// allowedAudienceUris.Add(parent.IssuedTokenAuthentication.AllowedAudienceUris[i]);
// }
// if (recipientRequirement.ListenUri != null)
// {
// allowedAudienceUris.Add(recipientRequirement.ListenUri.AbsoluteUri);
// }
// return ssta;
//}
private X509SecurityTokenProvider CreateServerX509TokenProvider()
{
if (ServiceCredentials.ServiceCertificate.Certificate == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.ServiceCertificateNotProvidedOnServiceCredentials));
}
SecurityUtils.EnsureCertificateCanDoKeyExchange(ServiceCredentials.ServiceCertificate.Certificate);
return(new ServiceX509SecurityTokenProvider(ServiceCredentials.ServiceCertificate.Certificate));
}