/// <summary>
        /// Validates a SAML WSS user token.
        /// </summary>
        private SecurityToken ParseAndVerifySamlToken(byte[] tokenData)
        {
            XmlDocument document = new XmlDocument();
            XmlNodeReader reader = null;

            try
            {      
                string text = new UTF8Encoding().GetString(tokenData);
                document.InnerXml = text.Trim();
                
                if (document.DocumentElement.NamespaceURI != "urn:oasis:names:tc:SAML:1.0:assertion")
                {
                    throw new ServiceResultException(StatusCodes.BadNotSupported);
                }

                reader = new XmlNodeReader(document.DocumentElement);
                  
                SecurityToken samlToken = new SamlSerializer().ReadToken(
                    reader, 
                    m_tokenSerializer, 
                    m_tokenResolver);

                return samlToken;
            }
            catch (Exception e)
            {
                // construct translation object with default text.
                TranslationInfo info = new TranslationInfo(
                    "InvalidSamlToken",
                    "en-US",
                    "'{0}' is not a valid SAML token.",
                    document.DocumentElement.LocalName);

                // create an exception with a vendor defined sub-code.
                throw new ServiceResultException(new ServiceResult(
                    e,
                    StatusCodes.BadIdentityTokenRejected,
                    "InvalidSamlToken",
                    "http://opcfoundation.org/UA/Sample/",
                    new LocalizedText(info)));
            }
            finally
            {
                if (reader != null)
                {
                    reader.Close();
                }
            }
        }     
Example #2
0
        /// <summary>
        /// Initializes the object with a UA identity token
        /// </summary>
        private void Initialize(IssuedIdentityToken token, SecurityTokenSerializer serializer, SecurityTokenResolver resolver)
        {
            if (token == null) throw new ArgumentNullException("token");          
     
            string text = new UTF8Encoding().GetString(token.DecryptedTokenData);

            XmlDocument document = new XmlDocument();
            document.InnerXml = text.Trim();
            XmlNodeReader reader = new XmlNodeReader(document.DocumentElement);
                          
            try
            {      
                if (document.DocumentElement.NamespaceURI == "urn:oasis:names:tc:SAML:1.0:assertion")
                {
                    SecurityToken samlToken = new SamlSerializer().ReadToken(reader, serializer, resolver);
                    Initialize(samlToken);
                }
                else
                {
                    SecurityToken securityToken = serializer.ReadToken(reader, resolver);
                    Initialize(securityToken);
                }
            }
            finally
            {
                reader.Close();
            }
        }