public static StringBuilder BuildMessage(string appliesTo, WsTrustAddress wsTrustAddress,
UserCredential credential)
{
// securityHeader will be empty string for Kerberos.
StringBuilder securityHeaderBuilder = new StringBuilder(MaxExpectedMessageSize);
string guid = Guid.NewGuid().ToString();
StringBuilder messageBuilder = new StringBuilder(MaxExpectedMessageSize);
string schemaLocation = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
string soapAction = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue";
string rstTrustNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
string keyType = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";
string requestType = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue";
if (wsTrustAddress.Version == WsTrustVersion.WsTrust2005)
{
soapAction = "http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue";
rstTrustNamespace = "http://schemas.xmlsoap.org/ws/2005/02/trust";
keyType = "http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey";
requestType = "http://schemas.xmlsoap.org/ws/2005/02/trust/Issue";
}
messageBuilder.AppendFormat(CultureInfo.InvariantCulture, WsTrustEnvelopeTemplate,
schemaLocation, soapAction,
guid, wsTrustAddress.Uri, securityHeaderBuilder,
rstTrustNamespace, appliesTo, keyType,
requestType);
securityHeaderBuilder.SecureClear();
return(messageBuilder);
}
public static async Task <WsTrustResponse> SendRequestAsync(WsTrustAddress wsTrustAddress, UserCredential credential, CallState callState)
{
HttpClientWrapper request = new HttpClientWrapper(wsTrustAddress.Uri.AbsoluteUri, callState);
request.ContentType = "application/soap+xml";
if (credential.UserAuthType == UserAuthType.IntegratedAuth)
{
SetKerberosOption(request);
}
StringBuilder messageBuilder = BuildMessage(DefaultAppliesTo, wsTrustAddress, credential);
WsTrustResponse wstResponse;
try
{
request.BodyParameters = new StringRequestParameters(messageBuilder);
IHttpWebResponse response = await request.GetResponseAsync().ConfigureAwait(false);
wstResponse = WsTrustResponse.CreateFromResponse(response.ResponseStream, wsTrustAddress.Version);
}
catch (WebException ex)
{
PlatformPlugin.Logger.Error(callState, ex);
string errorMessage;
try
{
XDocument responseDocument = WsTrustResponse.ReadDocumentFromResponse(ex.Response.GetResponseStream());
errorMessage = WsTrustResponse.ReadErrorResponse(responseDocument, callState);
}
catch (MsalException)
{
errorMessage = "See inner exception for detail.";
}
throw new MsalServiceException(
MsalError.FederatedServiceReturnedError,
string.Format(MsalErrorMessage.FederatedServiceReturnedErrorTemplate, wsTrustAddress.Uri, errorMessage),
null,
ex);
}
return(wstResponse);
}
public static async Task<WsTrustResponse> SendRequestAsync(WsTrustAddress wsTrustAddress, UserCredential credential, CallState callState)
{
HttpClientWrapper request = new HttpClientWrapper(wsTrustAddress.Uri.AbsoluteUri, callState);
request.ContentType = "application/soap+xml";
if (credential.UserAuthType == UserAuthType.IntegratedAuth)
{
SetKerberosOption(request);
}
StringBuilder messageBuilder = BuildMessage(DefaultAppliesTo, wsTrustAddress, credential);
WsTrustResponse wstResponse;
try
{
request.BodyParameters = new StringRequestParameters(messageBuilder);
IHttpWebResponse response = await request.GetResponseAsync().ConfigureAwait(false);
wstResponse = WsTrustResponse.CreateFromResponse(response.ResponseStream, wsTrustAddress.Version);
}
catch (WebException ex)
{
PlatformPlugin.Logger.Error(callState, ex);
string errorMessage;
try
{
XDocument responseDocument = WsTrustResponse.ReadDocumentFromResponse(ex.Response.GetResponseStream());
errorMessage = WsTrustResponse.ReadErrorResponse(responseDocument, callState);
}
catch (MsalException)
{
errorMessage = "See inner exception for detail.";
}
throw new MsalServiceException(
MsalError.FederatedServiceReturnedError,
string.Format(MsalErrorMessage.FederatedServiceReturnedErrorTemplate, wsTrustAddress.Uri, errorMessage),
null,
ex);
}
return wstResponse;
}
internal static WsTrustAddress ExtractWsTrustAddressFromMex(XDocument mexDocument, UserAuthType userAuthType, CallState callState)
{
WsTrustAddress address = null;
MexPolicy policy = null;
try
{
Dictionary <string, MexPolicy> policies = ReadPolicies(mexDocument);
Dictionary <string, MexPolicy> bindings = ReadPolicyBindings(mexDocument, policies);
SetPolicyEndpointAddresses(mexDocument, bindings);
Random random = new Random();
//try ws-trust 1.3 first
policy = policies.Values.Where(p => p.Url != null && p.AuthType == userAuthType && p.Version == WsTrustVersion.WsTrust13).OrderBy(p => random.Next()).FirstOrDefault() ??
policies.Values.Where(p => p.Url != null && p.AuthType == userAuthType).OrderBy(p => random.Next()).FirstOrDefault();
if (policy != null)
{
address = new WsTrustAddress();
address.Uri = policy.Url;
address.Version = policy.Version;
}
else if (userAuthType == UserAuthType.IntegratedAuth)
{
throw new MsalException(MsalError.IntegratedAuthFailed, new MsalException(MsalError.WsTrustEndpointNotFoundInMetadataDocument));
}
else
{
throw new MsalException(MsalError.WsTrustEndpointNotFoundInMetadataDocument);
}
}
catch (XmlException ex)
{
PlatformPlugin.Logger.Error(callState, ex);
throw new MsalException(MsalError.ParsingWsMetadataExchangeFailed, ex);
}
return(address);
}
internal static WsTrustAddress ExtractWsTrustAddressFromMex(XDocument mexDocument, UserAuthType userAuthType, CallState callState)
{
WsTrustAddress address = null;
MexPolicy policy = null;
try
{
Dictionary<string, MexPolicy> policies = ReadPolicies(mexDocument);
Dictionary<string, MexPolicy> bindings = ReadPolicyBindings(mexDocument, policies);
SetPolicyEndpointAddresses(mexDocument, bindings);
Random random = new Random();
//try ws-trust 1.3 first
policy = policies.Values.Where(p => p.Url != null && p.AuthType == userAuthType && p.Version == WsTrustVersion.WsTrust13).OrderBy(p => random.Next()).FirstOrDefault() ??
policies.Values.Where(p => p.Url != null && p.AuthType == userAuthType).OrderBy(p => random.Next()).FirstOrDefault();
if (policy != null)
{
address = new WsTrustAddress();
address.Uri = policy.Url;
address.Version = policy.Version;
}
else if (userAuthType == UserAuthType.IntegratedAuth)
{
throw new MsalException(MsalError.IntegratedAuthFailed, new MsalException(MsalError.WsTrustEndpointNotFoundInMetadataDocument));
}
else
{
throw new MsalException(MsalError.WsTrustEndpointNotFoundInMetadataDocument);
}
}
catch (XmlException ex)
{
PlatformPlugin.Logger.Error(callState, ex);
throw new MsalException(MsalError.ParsingWsMetadataExchangeFailed, ex);
}
return address;
}
public static StringBuilder BuildMessage(string appliesTo, WsTrustAddress wsTrustAddress,
UserCredential credential)
{
// securityHeader will be empty string for Kerberos.
StringBuilder securityHeaderBuilder = new StringBuilder(MaxExpectedMessageSize);
string guid = Guid.NewGuid().ToString();
StringBuilder messageBuilder = new StringBuilder(MaxExpectedMessageSize);
string schemaLocation = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
string soapAction = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue";
string rstTrustNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512";
string keyType = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer";
string requestType = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue";
if (wsTrustAddress.Version == WsTrustVersion.WsTrust2005)
{
soapAction = "http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue";
rstTrustNamespace = "http://schemas.xmlsoap.org/ws/2005/02/trust";
keyType = "http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey";
requestType = "http://schemas.xmlsoap.org/ws/2005/02/trust/Issue";
}
messageBuilder.AppendFormat(CultureInfo.InvariantCulture,WsTrustEnvelopeTemplate,
schemaLocation, soapAction,
guid, wsTrustAddress.Uri, securityHeaderBuilder,
rstTrustNamespace, appliesTo, keyType,
requestType);
securityHeaderBuilder.SecureClear();
return messageBuilder;
}
