/// <summary> /// Checks if Audience Enforcement checks are required for the given token /// based on this SamlSecurityTokenRequirement settings. /// </summary> /// <param name="audienceUriMode"> /// The <see cref="AudienceUriMode"/> defining the audience requirement. /// </param> /// <param name="token">The Security token to be tested for Audience /// Enforcement.</param> /// <returns>True if Audience Enforcement should be applied.</returns> /// <exception cref="ArgumentNullException">The input argument 'token' is null.</exception> public virtual bool ShouldEnforceAudienceRestriction(AudienceUriMode audienceUriMode, SecurityToken token) { if (null == token) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token"); } // // Use AudienceUriMode to determine whether the audience // should be enforced // switch (audienceUriMode) { case AudienceUriMode.Always: return(true); case AudienceUriMode.Never: return(false); case AudienceUriMode.BearerKeyOnly: #pragma warning suppress 56506 return(null == token.SecurityKeys || 0 == token.SecurityKeys.Count); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4025, audienceUriMode))); } }
internal static void Validate(AudienceUriMode value) { if (!IsDefined(value)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidEnumArgumentException("value", (int) value, typeof(AudienceUriMode))); } }
internal static void Validate(AudienceUriMode value) { if (!IsDefined(value)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidEnumArgumentException("value", (int)value, typeof(AudienceUriMode))); } }
public static bool IsDefined(AudienceUriMode validationMode) { if ((validationMode != AudienceUriMode.Never) && (validationMode != AudienceUriMode.Always)) { return (validationMode == AudienceUriMode.BearerKeyOnly); } return true; }
public static bool IsDefined(AudienceUriMode validationMode) { if ((validationMode != AudienceUriMode.Never) && (validationMode != AudienceUriMode.Always)) { return(validationMode == AudienceUriMode.BearerKeyOnly); } return(true); }
internal IssuedTokenServiceCredential(IssuedTokenServiceCredential other) { this.audienceUriMode = other.audienceUriMode; this.allowedAudienceUris = new List<string>(other.allowedAudienceUris); this.samlSerializer = other.samlSerializer; this.knownCertificates = new List<X509Certificate2>(other.knownCertificates); this.certificateValidationMode = other.certificateValidationMode; this.customCertificateValidator = other.customCertificateValidator; this.trustedStoreLocation = other.trustedStoreLocation; this.revocationMode = other.revocationMode; this.allowUntrustedRsaIssuers = other.allowUntrustedRsaIssuers; this.isReadOnly = other.isReadOnly; }
internal IssuedTokenServiceCredential(IssuedTokenServiceCredential other) { _audienceUriMode = other._audienceUriMode; _allowedAudienceUris = new List <string>(other._allowedAudienceUris); _samlSerializer = other._samlSerializer; _knownCertificates = new List <X509Certificate2>(other._knownCertificates); _certificateValidationMode = other._certificateValidationMode; _customCertificateValidator = other._customCertificateValidator; _trustedStoreLocation = other._trustedStoreLocation; _revocationMode = other._revocationMode; _allowUntrustedRsaIssuers = other._allowUntrustedRsaIssuers; _isReadOnly = other._isReadOnly; }
internal IssuedTokenServiceCredential(IssuedTokenServiceCredential other) { this.audienceUriMode = other.audienceUriMode; this.allowedAudienceUris = new List <string>(other.allowedAudienceUris); this.samlSerializer = other.samlSerializer; this.knownCertificates = new List <X509Certificate2>(other.knownCertificates); this.certificateValidationMode = other.certificateValidationMode; this.customCertificateValidator = other.customCertificateValidator; this.trustedStoreLocation = other.trustedStoreLocation; this.revocationMode = other.revocationMode; this.allowUntrustedRsaIssuers = other.allowUntrustedRsaIssuers; this.isReadOnly = other.isReadOnly; }
public SamlSecurityTokenAuthenticator(IList<SecurityTokenAuthenticator> supportingAuthenticators, TimeSpan maxClockSkew) { if (supportingAuthenticators == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("supportingAuthenticators"); this.supportingAuthenticators = new List<SecurityTokenAuthenticator>(supportingAuthenticators.Count); for (int i = 0; i < supportingAuthenticators.Count; ++i) { this.supportingAuthenticators.Add(supportingAuthenticators[i]); } this.maxClockSkew = maxClockSkew; this.audienceUriMode = AudienceUriMode.Always; this.allowedAudienceUris = new Collection<string>(); }
public SamlSecurityTokenAuthenticator(IList <SecurityTokenAuthenticator> supportingAuthenticators, TimeSpan maxClockSkew) { if (supportingAuthenticators == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("supportingAuthenticators"); } this.supportingAuthenticators = new List <SecurityTokenAuthenticator>(supportingAuthenticators.Count); for (int i = 0; i < supportingAuthenticators.Count; ++i) { this.supportingAuthenticators.Add(supportingAuthenticators[i]); } this.maxClockSkew = maxClockSkew; this.audienceUriMode = AudienceUriMode.Always; this.allowedAudienceUris = new Collection <string>(); }
/// <summary> /// Checks if Audience Enforcement checks are required for the given token /// based on this SamlSecurityTokenRequirement settings. /// </summary> /// <param name="audienceUriMode"> /// The <see cref="AudienceUriMode"/> defining the audience requirement. /// </param> /// <param name="token">The Security token to be tested for Audience /// Enforcement.</param> /// <returns>True if Audience Enforcement should be applied.</returns> /// <exception cref="ArgumentNullException">The input argument 'token' is null.</exception> public virtual bool ShouldEnforceAudienceRestriction(AudienceUriMode audienceUriMode, SecurityToken token) { if (null == token) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token"); } // // Use AudienceUriMode to determine whether the audience // should be enforced // switch (audienceUriMode) { case AudienceUriMode.Always: return true; case AudienceUriMode.Never: return false; case AudienceUriMode.BearerKeyOnly: #pragma warning suppress 56506 return (null == token.SecurityKeys || 0 == token.SecurityKeys.Count); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4025, audienceUriMode))); } }
public AudienceRestriction (AudienceUriMode audienceMode) : this () { AudienceMode = audienceMode; }
public AudienceRestriction(AudienceUriMode audienceMode) { AudienceMode = audienceMode; }
public static bool IsDefined(AudienceUriMode validationMode) { return validationMode == AudienceUriMode.Never || validationMode == AudienceUriMode.Always || validationMode == AudienceUriMode.BearerKeyOnly; }
public static bool IsDefined(AudienceUriMode validationMode) { return(validationMode == AudienceUriMode.Never || validationMode == AudienceUriMode.Always || validationMode == AudienceUriMode.BearerKeyOnly); }
/// <summary> /// Creates an instance of <see cref="AudienceRestriction"/> /// </summary> /// <param name="audienceMode">Specifies the mode in which AudienceUri restriction is applied.</param> public AudienceRestriction( AudienceUriMode audienceMode ) { _audienceMode = audienceMode; }