internal static bool IsEqual(ISecurityCapabilities capabilities1, ISecurityCapabilities capabilities2)
{
if (capabilities1 == null)
{
capabilities1 = None;
}
if (capabilities2 == null)
{
capabilities2 = None;
}
if (capabilities1.SupportedRequestProtectionLevel != capabilities2.SupportedRequestProtectionLevel)
{
return false;
}
if (capabilities1.SupportedResponseProtectionLevel != capabilities2.SupportedResponseProtectionLevel)
{
return false;
}
if (capabilities1.SupportsClientAuthentication != capabilities2.SupportsClientAuthentication)
{
return false;
}
if (capabilities1.SupportsClientWindowsIdentity != capabilities2.SupportsClientWindowsIdentity)
{
return false;
}
if (capabilities1.SupportsServerAuthentication != capabilities2.SupportsServerAuthentication)
{
return false;
}
return true;
}
// Binding passed to .ctor() seems to have nothing to do
// with the properties on this class.
public CustomBinding (Binding binding)
: this (binding.CreateBindingElements (),
binding.Name, binding.Namespace)
{
OpenTimeout = binding.OpenTimeout;
CloseTimeout = binding.CloseTimeout;
SendTimeout = binding.SendTimeout;
ReceiveTimeout = binding.ReceiveTimeout;
scheme = binding.Scheme;
security = binding as ISecurityCapabilities;
}
protected ConnectionOrientedTransportChannelListener(Microsoft.ServiceBus.Channels.ConnectionOrientedTransportBindingElement bindingElement, BindingContext context) : base(bindingElement, context, bindingElement.HostNameComparisonMode)
{
if (bindingElement.TransferMode == System.ServiceModel.TransferMode.Buffered)
{
if (bindingElement.MaxReceivedMessageSize > (long)2147483647)
{
throw Microsoft.ServiceBus.Diagnostics.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("bindingElement.MaxReceivedMessageSize", Microsoft.ServiceBus.SR.GetString(Resources.MaxReceivedMessageSizeMustBeInIntegerRange, new object[0])));
}
if ((long)bindingElement.MaxBufferSize != bindingElement.MaxReceivedMessageSize)
{
throw Microsoft.ServiceBus.Diagnostics.DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement", Microsoft.ServiceBus.SR.GetString(Resources.MaxBufferSizeMustMatchMaxReceivedMessageSize, new object[0]));
}
}
else if ((long)bindingElement.MaxBufferSize > bindingElement.MaxReceivedMessageSize)
{
throw Microsoft.ServiceBus.Diagnostics.DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement", Microsoft.ServiceBus.SR.GetString(Resources.MaxBufferSizeMustNotExceedMaxReceivedMessageSize, new object[0]));
}
this.connectionBufferSize = bindingElement.ConnectionBufferSize;
this.exposeConnectionProperty = bindingElement.ExposeConnectionProperty;
base.InheritBaseAddressSettings = bindingElement.InheritBaseAddressSettings;
this.channelInitializationTimeout = bindingElement.ChannelInitializationTimeout;
this.maxBufferSize = bindingElement.MaxBufferSize;
this.maxPendingConnections = bindingElement.MaxPendingConnections;
this.maxOutputDelay = bindingElement.MaxOutputDelay;
this.maxPendingAccepts = bindingElement.MaxPendingAccepts;
this.transferMode = bindingElement.TransferMode;
Collection <StreamUpgradeBindingElement> streamUpgradeBindingElements = context.BindingParameters.FindAll <StreamUpgradeBindingElement>();
if (streamUpgradeBindingElements.Count > 1)
{
throw Microsoft.ServiceBus.Diagnostics.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(Microsoft.ServiceBus.SR.GetString(Resources.MultipleStreamUpgradeProvidersInParameters, new object[0])));
}
if (streamUpgradeBindingElements.Count == 1)
{
this.upgrade = streamUpgradeBindingElements[0].BuildServerStreamUpgradeProvider(context);
this.ownUpgrade = true;
context.BindingParameters.Remove <StreamUpgradeBindingElement>();
this.securityCapabilities = streamUpgradeBindingElements[0].GetProperty <ISecurityCapabilities>(context);
}
}
static void Main()
{
// protected
// NamedPipeTransportBindingElement bElementClone =
// new NamedPipeTransportBindingElement(bElement);
// <Snippet3>
// <Snippet2>
// <Snippet0>
// <Snippet1>
NamedPipeTransportBindingElement bElement =
new NamedPipeTransportBindingElement();
// </Snippet1>
NamedPipeConnectionPoolSettings connectionPoolSettings =
bElement.ConnectionPoolSettings;
// </Snippet0>
// </Snippet2>
// </Snippet3>
// <Snippet4>
string scheme =
bElement.Scheme;
// </Snippet4>
// <Snippet5>
BindingElement bElementCopy =
bElement.Clone();
// </Snippet5>
// <Snippet8>
BasicHttpBinding binding = new BasicHttpBinding();
ISecurityCapabilities b =
binding.GetProperty <ISecurityCapabilities>
(new BindingParameterCollection());
bool SupportsServerAuthentication =
b.SupportsServerAuthentication;
// </Snippet8>
}
internal static bool IsEqual(ISecurityCapabilities capabilities1, ISecurityCapabilities capabilities2)
{
if (capabilities1 == null)
{
capabilities1 = SecurityCapabilities.None;
}
if (capabilities2 == null)
{
capabilities2 = SecurityCapabilities.None;
}
if (capabilities1.SupportedRequestProtectionLevel != capabilities2.SupportedRequestProtectionLevel)
{
return(false);
}
if (capabilities1.SupportedResponseProtectionLevel != capabilities2.SupportedResponseProtectionLevel)
{
return(false);
}
if (capabilities1.SupportsClientAuthentication != capabilities2.SupportsClientAuthentication)
{
return(false);
}
if (capabilities1.SupportsClientWindowsIdentity != capabilities2.SupportsClientWindowsIdentity)
{
return(false);
}
if (capabilities1.SupportsServerAuthentication != capabilities2.SupportsServerAuthentication)
{
return(false);
}
return(true);
}
public HttpChannelListener(HttpTransportBindingElement bindingElement, BindingContext context) : base(bindingElement, context, HttpTransportDefaults.GetDefaultMessageEncoderFactory(), bindingElement.HostNameComparisonMode)
{
if (bindingElement.TransferMode == System.ServiceModel.TransferMode.Buffered)
{
if (bindingElement.MaxReceivedMessageSize > 0x7fffffffL)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("bindingElement.MaxReceivedMessageSize", System.ServiceModel.SR.GetString("MaxReceivedMessageSizeMustBeInIntegerRange")));
}
if (bindingElement.MaxBufferSize != bindingElement.MaxReceivedMessageSize)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement", System.ServiceModel.SR.GetString("MaxBufferSizeMustMatchMaxReceivedMessageSize"));
}
}
else if (bindingElement.MaxBufferSize > bindingElement.MaxReceivedMessageSize)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement", System.ServiceModel.SR.GetString("MaxBufferSizeMustNotExceedMaxReceivedMessageSize"));
}
if ((bindingElement.AuthenticationScheme == AuthenticationSchemes.Basic) && (bindingElement.ExtendedProtectionPolicy.PolicyEnforcement == PolicyEnforcement.Always))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("ExtendedProtectionPolicyBasicAuthNotSupported")));
}
this.authenticationScheme = bindingElement.AuthenticationScheme;
this.keepAliveEnabled = bindingElement.KeepAliveEnabled;
base.InheritBaseAddressSettings = bindingElement.InheritBaseAddressSettings;
this.maxBufferSize = bindingElement.MaxBufferSize;
this.method = bindingElement.Method;
this.realm = bindingElement.Realm;
this.transferMode = bindingElement.TransferMode;
this.unsafeConnectionNtlmAuthentication = bindingElement.UnsafeConnectionNtlmAuthentication;
this.credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>();
this.acceptor = new TransportReplyChannelAcceptor(this);
this.securityCapabilities = bindingElement.GetProperty <ISecurityCapabilities>(context);
this.extendedProtectionPolicy = GetPolicyWithDefaultSpnCollection(bindingElement.ExtendedProtectionPolicy, this.authenticationScheme, base.HostNameComparisonModeInternal, base.Uri, out this.usingDefaultSpnList);
if (bindingElement.AnonymousUriPrefixMatcher != null)
{
this.anonymousUriPrefixMatcher = new HttpAnonymousUriPrefixMatcher(bindingElement.AnonymousUriPrefixMatcher);
}
}
internal ConnectionOrientedTransportChannelFactory(
ConnectionOrientedTransportBindingElement bindingElement, BindingContext context,
string connectionPoolGroupName, TimeSpan idleTimeout, int maxOutboundConnectionsPerEndpoint, bool supportsImpersonationDuringAsyncOpen)
: base(bindingElement, context)
{
if (bindingElement.TransferMode == TransferMode.Buffered && bindingElement.MaxReceivedMessageSize > int.MaxValue)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ArgumentOutOfRangeException("bindingElement.MaxReceivedMessageSize",
SR.MaxReceivedMessageSizeMustBeInIntegerRange));
}
_connectionBufferSize = bindingElement.ConnectionBufferSize;
_connectionPoolGroupName = connectionPoolGroupName;
_exposeConnectionProperty = bindingElement.ExposeConnectionProperty;
_idleTimeout = idleTimeout;
_maxBufferSize = bindingElement.MaxBufferSize;
_maxOutboundConnectionsPerEndpoint = maxOutboundConnectionsPerEndpoint;
_maxOutputDelay = bindingElement.MaxOutputDelay;
_transferMode = bindingElement.TransferMode;
Collection <StreamUpgradeBindingElement> upgradeBindingElements =
context.BindingParameters.FindAll <StreamUpgradeBindingElement>();
if (upgradeBindingElements.Count > 1)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.MultipleStreamUpgradeProvidersInParameters));
}
else if ((upgradeBindingElements.Count == 1) && this.SupportsUpgrade(upgradeBindingElements[0]))
{
_upgrade = upgradeBindingElements[0].BuildClientStreamUpgradeProvider(context);
context.BindingParameters.Remove <StreamUpgradeBindingElement>();
_securityCapabilities = upgradeBindingElements[0].GetProperty <ISecurityCapabilities>(context);
// flow the identity only if the channel factory supports impersonating during an async open AND
// there is the binding is configured with security
_flowIdentity = supportsImpersonationDuringAsyncOpen;
}
}
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context)
{
ISecurityCapabilities securityCapabilities = this.GetProperty <ISecurityCapabilities>(context);
bool requireDemuxer = RequiresChannelDemuxer();
ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer);
if (requireDemuxer)
{
ApplyPropertiesOnDemuxer(channelBuilder, context);
}
BindingContext issuerBindingContext = context.Clone();
SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialsManager == null)
{
credentialsManager = ClientCredentials.CreateDefaultCredentials();
}
SecurityProtocolFactory protocolFactory =
this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext);
return(new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory));
}
protected override IChannelFactory <IRequestChannel> GetNegotiationChannelFactory(IChannelFactory <IRequestChannel> transportChannelFactory, ChannelBuilder channelBuilder)
{
ISecurityCapabilities property = this.bootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(base.IssuerBindingContext);
SecurityCredentialsManager credentialsManager = base.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialsManager == null)
{
credentialsManager = ClientCredentials.CreateDefaultCredentials();
}
this.bootstrapSecurityBindingElement.ReaderQuotas = base.IssuerBindingContext.GetInnerProperty <XmlDictionaryReaderQuotas>();
if (this.bootstrapSecurityBindingElement.ReaderQuotas == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("EncodingBindingElementDoesNotHandleReaderQuotas")));
}
TransportBindingElement element = base.IssuerBindingContext.RemainingBindingElements.Find <TransportBindingElement>();
if (element != null)
{
this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = element.MaxReceivedMessageSize;
}
SecurityProtocolFactory protocolFactory = this.bootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(base.IssuerBindingContext.Clone(), credentialsManager, false, base.IssuerBindingContext.Clone());
MessageSecurityProtocolFactory factory2 = protocolFactory as MessageSecurityProtocolFactory;
if (factory2 != null)
{
factory2.ApplyConfidentiality = factory2.ApplyIntegrity = factory2.RequireConfidentiality = factory2.RequireIntegrity = true;
MessagePartSpecification parts = new MessagePartSpecification(true);
factory2.ProtectionRequirements.IncomingSignatureParts.AddParts(parts, this.RequestSecurityTokenAction);
factory2.ProtectionRequirements.IncomingEncryptionParts.AddParts(parts, this.RequestSecurityTokenAction);
factory2.ProtectionRequirements.OutgoingSignatureParts.AddParts(parts, this.RequestSecurityTokenResponseAction);
factory2.ProtectionRequirements.OutgoingEncryptionParts.AddParts(parts, this.RequestSecurityTokenResponseAction);
}
protocolFactory.PrivacyNoticeUri = this.PrivacyNoticeUri;
protocolFactory.PrivacyNoticeVersion = this.PrivacyNoticeVersion;
return(new SecurityChannelFactory <IRequestChannel>(property, base.IssuerBindingContext, channelBuilder, protocolFactory, transportChannelFactory));
}
public override T GetProperty <T>(BindingContext context) where T : class
{
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
}
if (typeof(T) == typeof(ISecurityCapabilities))
{
ISecurityCapabilities innerProperty = context.GetInnerProperty <ISecurityCapabilities>();
if (innerProperty != null)
{
return((T) new SecurityCapabilities(innerProperty.SupportsClientAuthentication, false, innerProperty.SupportsClientWindowsIdentity, innerProperty.SupportedRequestProtectionLevel, ProtectionLevel.None));
}
return(default(T));
}
if (!(typeof(T) == typeof(ChannelProtectionRequirements)))
{
return(context.GetInnerProperty <T>());
}
ChannelProtectionRequirements protectionRequirements = this.GetProtectionRequirements();
protectionRequirements.Add(context.GetInnerProperty <ChannelProtectionRequirements>() ?? new ChannelProtectionRequirements());
return((T)protectionRequirements);
}
public SecurityChannelFactory(ISecurityCapabilities securityCapabilities, BindingContext context, ChannelBuilder channelBuilder, SecurityProtocolFactory protocolFactory, IChannelFactory innerChannelFactory)
: this(securityCapabilities, context, channelBuilder, innerChannelFactory)
{
SecurityProtocolFactory = protocolFactory;
}
internal static ChannelProtectionRequirements CreateFromContractAndUnionResponseProtectionRequirements(ContractDescription contract, ISecurityCapabilities bindingElement, bool isForClient)
{
ChannelProtectionRequirements requirements = CreateFromContract(contract, bindingElement.SupportedRequestProtectionLevel, bindingElement.SupportedResponseProtectionLevel, isForClient);
ChannelProtectionRequirements requirements2 = new ChannelProtectionRequirements();
requirements2.OutgoingEncryptionParts.AddParts(UnionMessagePartSpecifications(requirements.OutgoingEncryptionParts), "*");
requirements2.OutgoingSignatureParts.AddParts(UnionMessagePartSpecifications(requirements.OutgoingSignatureParts), "*");
requirements.IncomingEncryptionParts.CopyTo(requirements2.IncomingEncryptionParts);
requirements.IncomingSignatureParts.CopyTo(requirements2.IncomingSignatureParts);
return(requirements2);
}
void AssertSecurityCapabilities (
ProtectionLevel request, ProtectionLevel response,
bool supportsClientAuth, bool supportsClientWinId,
bool supportsServerAuth, ISecurityCapabilities c,
string label)
{
Assert.AreEqual (request, c.SupportedRequestProtectionLevel, label + ".request");
Assert.AreEqual (response, c.SupportedResponseProtectionLevel, label + ".response");
Assert.AreEqual (supportsClientAuth, c.SupportsClientAuthentication, label + ".client-auth");
Assert.AreEqual (supportsClientWinId, c.SupportsClientWindowsIdentity, label + ".client-identity");
Assert.AreEqual (supportsServerAuth, c.SupportsServerAuthentication, label + ".server-auth");
}
public SecurityChannelFactory(ISecurityCapabilities securityCapabilities, BindingContext context, ChannelBuilder channelBuilder, SecurityProtocolFactory protocolFactory)
: this(securityCapabilities, context, channelBuilder, protocolFactory, channelBuilder.BuildChannelFactory <TChannel>())
{
}
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context)
{
ISecurityCapabilities securityCapabilities = this.GetProperty <ISecurityCapabilities>(context);
SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialsManager == null)
{
credentialsManager = ClientCredentials.CreateDefaultCredentials();
}
// This adds the demuxer element to the context. We add a demuxer element only if the binding is configured to do
// secure conversation or negotiation
bool requireDemuxer = RequiresChannelDemuxer();
ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer);
if (requireDemuxer)
{
ApplyPropertiesOnDemuxer(channelBuilder, context);
}
BindingContext issuerBindingContext = context.Clone();
SecurityChannelFactory <TChannel> channelFactory;
if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters)
{
SecureConversationSecurityTokenParameters scParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters;
if (scParameters.BootstrapSecurityBindingElement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding)));
}
BindingContext scIssuerBindingContext = issuerBindingContext.Clone();
scIssuerBindingContext.BindingParameters.Remove <ChannelProtectionRequirements>();
scIssuerBindingContext.BindingParameters.Add(scParameters.BootstrapProtectionRequirements);
if (scParameters.RequireCancellation)
{
SessionSymmetricMessageSecurityProtocolFactory sessionFactory = new SessionSymmetricMessageSecurityProtocolFactory();
sessionFactory.SecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = scIssuerBindingContext;
sessionFactory.ApplyConfidentiality = true;
sessionFactory.RequireConfidentiality = true;
sessionFactory.ApplyIntegrity = true;
sessionFactory.RequireIntegrity = true;
sessionFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier;
sessionFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation;
sessionFactory.MessageProtectionOrder = this.MessageProtectionOrder;
sessionFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier;
sessionFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false));
base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding);
SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>();
sessionClientSettings.ChannelBuilder = channelBuilder;
sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval;
sessionClientSettings.CanRenewSession = scParameters.CanRenewSession;
sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval;
sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure;
sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager;
sessionClientSettings.SessionProtocolFactory = sessionFactory;
channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, sessionClientSettings);
}
else
{
SymmetricSecurityProtocolFactory protocolFactory = new SymmetricSecurityProtocolFactory();
protocolFactory.SecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)protocolFactory.SecurityTokenParameters).IssuerBindingContext = scIssuerBindingContext;
protocolFactory.ApplyConfidentiality = true;
protocolFactory.RequireConfidentiality = true;
protocolFactory.ApplyIntegrity = true;
protocolFactory.RequireIntegrity = true;
protocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier;
protocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation;
protocolFactory.MessageProtectionOrder = this.MessageProtectionOrder;
protocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false));
base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding);
channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory);
}
}
else
{
SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext);
channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory);
}
return(channelFactory);
}
internal static ChannelProtectionRequirements CreateFromContractAndUnionResponseProtectionRequirements(ContractDescription contract, ISecurityCapabilities bindingElement, bool isForClient)
{
ChannelProtectionRequirements requirements = CreateFromContract(contract, bindingElement.SupportedRequestProtectionLevel, bindingElement.SupportedResponseProtectionLevel, isForClient);
ChannelProtectionRequirements requirements2 = new ChannelProtectionRequirements();
requirements2.OutgoingEncryptionParts.AddParts(UnionMessagePartSpecifications(requirements.OutgoingEncryptionParts), "*");
requirements2.OutgoingSignatureParts.AddParts(UnionMessagePartSpecifications(requirements.OutgoingSignatureParts), "*");
requirements.IncomingEncryptionParts.CopyTo(requirements2.IncomingEncryptionParts);
requirements.IncomingSignatureParts.CopyTo(requirements2.IncomingSignatureParts);
return requirements2;
}
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context)
{
ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context);
SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialsManager == null)
{
credentialsManager = ClientCredentials.CreateDefaultCredentials();
}
SecureConversationSecurityTokenParameters item = null;
if (base.EndpointSupportingTokenParameters.Endorsing.Count > 0)
{
item = base.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters;
}
bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer();
ChannelBuilder builder = new ChannelBuilder(context, addChannelDemuxerIfRequired);
if (addChannelDemuxerIfRequired)
{
base.ApplyPropertiesOnDemuxer(builder, context);
}
BindingContext issuerBindingContext = context.Clone();
if (item != null)
{
if (item.BootstrapSecurityBindingElement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding")));
}
item.IssuerBindingContext = issuerBindingContext;
if (item.RequireCancellation)
{
SessionSymmetricTransportSecurityProtocolFactory factory2 = new SessionSymmetricTransportSecurityProtocolFactory {
SecurityTokenParameters = item.Clone()
};
((SecureConversationSecurityTokenParameters)factory2.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
base.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
base.ConfigureProtocolFactory(factory2, credentialsManager, false, issuerBindingContext, context.Binding);
}
finally
{
base.EndpointSupportingTokenParameters.Endorsing.Insert(0, item);
}
SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel> {
ChannelBuilder = builder,
KeyRenewalInterval = base.LocalClientSettings.SessionKeyRenewalInterval,
KeyRolloverInterval = base.LocalClientSettings.SessionKeyRolloverInterval,
TolerateTransportFailures = base.LocalClientSettings.ReconnectTransportOnFailure,
CanRenewSession = item.CanRenewSession,
IssuedSecurityTokenParameters = item.Clone()
};
((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
sessionClientSettings.SecurityStandardsManager = factory2.StandardsManager;
sessionClientSettings.SessionProtocolFactory = factory2;
return(new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings));
}
TransportSecurityProtocolFactory factory = new TransportSecurityProtocolFactory();
base.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
base.ConfigureProtocolFactory(factory, credentialsManager, false, issuerBindingContext, context.Binding);
SecureConversationSecurityTokenParameters parameters2 = (SecureConversationSecurityTokenParameters)item.Clone();
parameters2.IssuerBindingContext = issuerBindingContext;
factory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, parameters2);
}
finally
{
base.EndpointSupportingTokenParameters.Endorsing.Insert(0, item);
}
return(new SecurityChannelFactory <TChannel>(property, context, builder, factory));
}
return(new SecurityChannelFactory <TChannel>(property, context, builder, this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext)));
}
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context)
{
ISecurityCapabilities securityCapabilities = this.GetProperty <ISecurityCapabilities>(context);
SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialsManager == null)
{
credentialsManager = ClientCredentials.CreateDefaultCredentials();
}
SecureConversationSecurityTokenParameters scParameters = null;
if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0)
{
scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters;
}
// This adds the demuxer element to the context
bool requireDemuxer = RequiresChannelDemuxer();
ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer);
if (requireDemuxer)
{
ApplyPropertiesOnDemuxer(channelBuilder, context);
}
BindingContext issuerBindingContext = context.Clone();
SecurityChannelFactory <TChannel> channelFactory;
if (scParameters != null)
{
if (scParameters.BootstrapSecurityBindingElement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding)));
}
scParameters.IssuerBindingContext = issuerBindingContext;
if (scParameters.RequireCancellation)
{
SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory();
sessionFactory.SecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding);
}
finally
{
this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters);
}
SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>();
sessionClientSettings.ChannelBuilder = channelBuilder;
sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval;
sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval;
sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure;
sessionClientSettings.CanRenewSession = scParameters.CanRenewSession;
sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone();
((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager;
sessionClientSettings.SessionProtocolFactory = sessionFactory;
channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, sessionClientSettings);
}
else
{
TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory();
this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0);
try
{
base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding);
SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters)scParameters.Clone();
acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext;
protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters);
}
finally
{
this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters);
}
channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory);
}
}
else
{
SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory <TChannel>(
context, credentialsManager, false, issuerBindingContext);
channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory);
}
return(channelFactory);
}
internal static ChannelProtectionRequirements CreateFromContract(ContractDescription contract, ISecurityCapabilities bindingElement, bool isForClient)
{
return(CreateFromContract(contract, bindingElement.SupportedRequestProtectionLevel, bindingElement.SupportedResponseProtectionLevel, isForClient));
}
/*internal override bool RequiresChannelDemuxer()
* {
* if (!base.RequiresChannelDemuxer())
* return this.RequiresChannelDemuxer(this.ProtectionTokenParameters);
* return true;
* }*/
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context)
{
ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context);
SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>() ?? (SecurityCredentialsManager)ClientCredentials.CreateDefaultCredentials();
bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer();
ChannelBuilder channelBuilder = new ChannelBuilder(context, addChannelDemuxerIfRequired);
if (addChannelDemuxerIfRequired)
{
#if FEATURE_CORECLR
throw new NotImplementedException("ApplyPropertiesOnDemuxer is not supported in .NET Core");
#else
this.ApplyPropertiesOnDemuxer(channelBuilder, context);
#endif
}
BindingContext bindingContext1 = context.Clone();
SecurityChannelFactory <TChannel> securityChannelFactory;
if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters)
{
SecureConversationSecurityTokenParameters protectionTokenParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters;
if (protectionTokenParameters.BootstrapSecurityBindingElement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError((Exception) new InvalidOperationException(SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding")));
}
BindingContext bindingContext2 = bindingContext1.Clone();
bindingContext2.BindingParameters.Remove <ChannelProtectionRequirements>();
// BootstrapProtectionRequirements not supported
// bindingContext2.BindingParameters.Add((object) protectionTokenParameters.BootstrapProtectionRequirements);
if (protectionTokenParameters.RequireCancellation)
{
SessionSymmetricMessageSecurityProtocolFactory securityProtocolFactory = new SessionSymmetricMessageSecurityProtocolFactory();
securityProtocolFactory.SecurityTokenParameters = protectionTokenParameters.Clone();
((SecureConversationSecurityTokenParameters)securityProtocolFactory.SecurityTokenParameters).IssuerBindingContext = bindingContext2;
securityProtocolFactory.ApplyConfidentiality = true;
securityProtocolFactory.RequireConfidentiality = true;
securityProtocolFactory.ApplyIntegrity = true;
securityProtocolFactory.RequireIntegrity = true;
securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier;
securityProtocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation;
securityProtocolFactory.MessageProtectionOrder = this.MessageProtectionOrder;
securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier;
securityProtocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements((SecurityBindingElement)this, context.BindingParameters, context.Binding.Elements, false));
this.ConfigureProtocolFactory((SecurityProtocolFactory)securityProtocolFactory, credentialsManager, false, bindingContext1, (Binding)context.Binding);
SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>();
sessionClientSettings.ChannelBuilder = channelBuilder;
sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval;
sessionClientSettings.CanRenewSession = protectionTokenParameters.CanRenewSession;
sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval;
sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure;
sessionClientSettings.IssuedSecurityTokenParameters = protectionTokenParameters.Clone();
((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = bindingContext1;
sessionClientSettings.SecurityStandardsManager = securityProtocolFactory.StandardsManager;
Console.WriteLine("Assigned sessionClientSettings.SessionProtocolFactory");
sessionClientSettings.SessionProtocolFactory = (SecurityProtocolFactory)securityProtocolFactory;
securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings);
}
else
{
#if FEATURE_CORECLR
throw new NotImplementedException("SymmetricSecurityProtocolFactory not supported in .NET Core");
#else
SymmetricSecurityProtocolFactory securityProtocolFactory = new SymmetricSecurityProtocolFactory();
securityProtocolFactory.SecurityTokenParameters = protectionTokenParameters.Clone();
((SecureConversationSecurityTokenParameters)securityProtocolFactory.SecurityTokenParameters).IssuerBindingContext = bindingContext2;
securityProtocolFactory.ApplyConfidentiality = true;
securityProtocolFactory.RequireConfidentiality = true;
securityProtocolFactory.ApplyIntegrity = true;
securityProtocolFactory.RequireIntegrity = true;
securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier;
securityProtocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation;
securityProtocolFactory.MessageProtectionOrder = this.MessageProtectionOrder;
securityProtocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements((SecurityBindingElement)this, context.BindingParameters, context.Binding.Elements, false));
this.ConfigureProtocolFactory((SecurityProtocolFactory)securityProtocolFactory, credentialsManager, false, bindingContext1, (Binding)context.Binding);
securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, channelBuilder, (SecurityProtocolFactory)securityProtocolFactory);
#endif
}
}
else
{
SecurityProtocolFactory securityProtocolFactory = this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, bindingContext1);
securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, channelBuilder, securityProtocolFactory);
}
return((IChannelFactory <TChannel>)securityChannelFactory);
}
internal static ChannelProtectionRequirements CreateFromContract(ContractDescription contract, ISecurityCapabilities bindingElement, bool isForClient)
{
return CreateFromContract(contract, bindingElement.SupportedRequestProtectionLevel, bindingElement.SupportedResponseProtectionLevel, isForClient);
}
public SecurityChannelFactory(ISecurityCapabilities securityCapabilities, BindingContext context, System.ServiceModel.Channels.ChannelBuilder channelBuilder, System.ServiceModel.Security.SecurityProtocolFactory protocolFactory) : this(securityCapabilities, context, channelBuilder, protocolFactory, channelBuilder.BuildChannelFactory <TChannel>())
{
}
internal static ChannelProtectionRequirements CreateFromContractAndUnionResponseProtectionRequirements(ContractDescription contract, ISecurityCapabilities bindingElement)
{
var contractRequirements = CreateFromContract(contract, bindingElement.SupportedRequestProtectionLevel, bindingElement.SupportedResponseProtectionLevel);
var result = new ChannelProtectionRequirements();
result.OutgoingEncryptionParts.AddParts(UnionMessagePartSpecifications(contractRequirements.OutgoingEncryptionParts), MessageHeaders.WildcardAction);
result.OutgoingSignatureParts.AddParts(UnionMessagePartSpecifications(contractRequirements.OutgoingSignatureParts), MessageHeaders.WildcardAction);
contractRequirements.IncomingEncryptionParts.CopyTo(result.IncomingEncryptionParts);
contractRequirements.IncomingSignatureParts.CopyTo(result.IncomingSignatureParts);
return(result);
}
public SecurityChannelFactory(ISecurityCapabilities securityCapabilities, BindingContext context, SecuritySessionClientSettings <TChannel> sessionClientSettings) : this(securityCapabilities, context, sessionClientSettings.ChannelBuilder, sessionClientSettings.CreateInnerChannelFactory())
{
this.sessionMode = true;
this.sessionClientSettings = sessionClientSettings;
}
internal HttpChannelFactory(HttpTransportBindingElement bindingElement, BindingContext context)
: base(bindingElement, context, HttpTransportDefaults.GetDefaultMessageEncoderFactory())
{
// validate setting interactions
if (bindingElement.TransferMode == TransferMode.Buffered)
{
if (bindingElement.MaxReceivedMessageSize > int.MaxValue)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ArgumentOutOfRangeException("bindingElement.MaxReceivedMessageSize",
SR.MaxReceivedMessageSizeMustBeInIntegerRange));
}
if (bindingElement.MaxBufferSize != bindingElement.MaxReceivedMessageSize)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement",
SR.MaxBufferSizeMustMatchMaxReceivedMessageSize);
}
}
else
{
if (bindingElement.MaxBufferSize > bindingElement.MaxReceivedMessageSize)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement",
SR.MaxBufferSizeMustNotExceedMaxReceivedMessageSize);
}
}
if (TransferModeHelper.IsRequestStreamed(bindingElement.TransferMode) &&
bindingElement.AuthenticationScheme != AuthenticationSchemes.Anonymous)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement",
SR.HttpAuthDoesNotSupportRequestStreaming);
}
_allowCookies = bindingElement.AllowCookies;
if (_allowCookies)
{
_httpCookieContainerManager = new HttpCookieContainerManager();
}
if (!bindingElement.AuthenticationScheme.IsSingleton())
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("value", SR.Format(SR.HttpRequiresSingleAuthScheme,
bindingElement.AuthenticationScheme));
}
_authenticationScheme = bindingElement.AuthenticationScheme;
_maxBufferSize = bindingElement.MaxBufferSize;
_transferMode = bindingElement.TransferMode;
_useDefaultWebProxy = bindingElement.UseDefaultWebProxy;
_channelCredentials = context.BindingParameters.Find <SecurityCredentialsManager>();
_securityCapabilities = bindingElement.GetProperty <ISecurityCapabilities>(context);
_webSocketSettings = WebSocketHelper.GetRuntimeWebSocketSettings(bindingElement.WebSocketSettings);
int webSocketBufferSize = WebSocketHelper.ComputeClientBufferSize(MaxReceivedMessageSize);
_bufferPool = new ConnectionBufferPool(webSocketBufferSize);
_clientWebSocketFactory = ClientWebSocketFactory.GetFactory();
_webSocketSoapContentType = new Lazy <string>(() => MessageEncoderFactory.CreateSessionEncoder().ContentType, LazyThreadSafetyMode.ExecutionAndPublication);
}
private SecurityChannelFactory(ISecurityCapabilities securityCapabilities, BindingContext context, System.ServiceModel.Channels.ChannelBuilder channelBuilder, IChannelFactory innerChannelFactory) : base(context.Binding, innerChannelFactory)
{
this.channelBuilder = channelBuilder;
this.messageVersion = context.Binding.MessageVersion;
this.securityCapabilities = securityCapabilities;
}
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context)
{
ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context);
SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialsManager == null)
{
credentialsManager = ClientCredentials.CreateDefaultCredentials();
}
bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer();
ChannelBuilder builder = new ChannelBuilder(context, addChannelDemuxerIfRequired);
if (addChannelDemuxerIfRequired)
{
base.ApplyPropertiesOnDemuxer(builder, context);
}
BindingContext issuerBindingContext = context.Clone();
if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters)
{
SecureConversationSecurityTokenParameters protectionTokenParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters;
if (protectionTokenParameters.BootstrapSecurityBindingElement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding")));
}
BindingContext context3 = issuerBindingContext.Clone();
context3.BindingParameters.Remove <ChannelProtectionRequirements>();
context3.BindingParameters.Add(protectionTokenParameters.BootstrapProtectionRequirements);
if (protectionTokenParameters.RequireCancellation)
{
SessionSymmetricMessageSecurityProtocolFactory factory2 = new SessionSymmetricMessageSecurityProtocolFactory {
SecurityTokenParameters = protectionTokenParameters.Clone()
};
((SecureConversationSecurityTokenParameters)factory2.SecurityTokenParameters).IssuerBindingContext = context3;
factory2.ApplyConfidentiality = true;
factory2.RequireConfidentiality = true;
factory2.ApplyIntegrity = true;
factory2.RequireIntegrity = true;
factory2.IdentityVerifier = base.LocalClientSettings.IdentityVerifier;
factory2.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation;
factory2.MessageProtectionOrder = this.MessageProtectionOrder;
factory2.IdentityVerifier = base.LocalClientSettings.IdentityVerifier;
factory2.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false));
base.ConfigureProtocolFactory(factory2, credentialsManager, false, issuerBindingContext, context.Binding);
SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel> {
ChannelBuilder = builder,
KeyRenewalInterval = base.LocalClientSettings.SessionKeyRenewalInterval,
CanRenewSession = protectionTokenParameters.CanRenewSession,
KeyRolloverInterval = base.LocalClientSettings.SessionKeyRolloverInterval,
TolerateTransportFailures = base.LocalClientSettings.ReconnectTransportOnFailure,
IssuedSecurityTokenParameters = protectionTokenParameters.Clone()
};
((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext;
sessionClientSettings.SecurityStandardsManager = factory2.StandardsManager;
sessionClientSettings.SessionProtocolFactory = factory2;
return(new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings));
}
SymmetricSecurityProtocolFactory factory = new SymmetricSecurityProtocolFactory {
SecurityTokenParameters = protectionTokenParameters.Clone()
};
((SecureConversationSecurityTokenParameters)factory.SecurityTokenParameters).IssuerBindingContext = context3;
factory.ApplyConfidentiality = true;
factory.RequireConfidentiality = true;
factory.ApplyIntegrity = true;
factory.RequireIntegrity = true;
factory.IdentityVerifier = base.LocalClientSettings.IdentityVerifier;
factory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation;
factory.MessageProtectionOrder = this.MessageProtectionOrder;
factory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false));
base.ConfigureProtocolFactory(factory, credentialsManager, false, issuerBindingContext, context.Binding);
return(new SecurityChannelFactory <TChannel>(property, context, builder, factory));
}
return(new SecurityChannelFactory <TChannel>(property, context, builder, this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext)));
}
public SecurityChannelFactory(ISecurityCapabilities securityCapabilities, BindingContext context, System.ServiceModel.Channels.ChannelBuilder channelBuilder, System.ServiceModel.Security.SecurityProtocolFactory protocolFactory, IChannelFactory innerChannelFactory) : this(securityCapabilities, context, channelBuilder, innerChannelFactory)
{
this.securityProtocolFactory = protocolFactory;
}
private void InitializeFactories()
{
IChannelFactory <IRequestChannel> factory3;
ISecurityCapabilities property = this.BootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(this.IssuerBindingContext);
SecurityCredentialsManager credentialsManager = this.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialsManager == null)
{
credentialsManager = ClientCredentials.CreateDefaultCredentials();
}
BindingContext issuerBindingContext = this.IssuerBindingContext;
this.bootstrapSecurityBindingElement.ReaderQuotas = issuerBindingContext.GetInnerProperty <XmlDictionaryReaderQuotas>();
if (this.bootstrapSecurityBindingElement.ReaderQuotas == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("EncodingBindingElementDoesNotHandleReaderQuotas")));
}
TransportBindingElement element = issuerBindingContext.RemainingBindingElements.Find <TransportBindingElement>();
if (element != null)
{
this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = element.MaxReceivedMessageSize;
}
SecurityProtocolFactory protocolFactory = this.BootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(this.IssuerBindingContext.Clone(), credentialsManager, false, this.IssuerBindingContext.Clone());
if (protocolFactory is MessageSecurityProtocolFactory)
{
MessageSecurityProtocolFactory factory2 = protocolFactory as MessageSecurityProtocolFactory;
factory2.ApplyConfidentiality = factory2.ApplyIntegrity = factory2.RequireConfidentiality = factory2.RequireIntegrity = true;
factory2.ProtectionRequirements.IncomingSignatureParts.ChannelParts.IsBodyIncluded = true;
factory2.ProtectionRequirements.OutgoingSignatureParts.ChannelParts.IsBodyIncluded = true;
MessagePartSpecification parts = new MessagePartSpecification(true);
factory2.ProtectionRequirements.IncomingSignatureParts.AddParts(parts, this.IssueAction);
factory2.ProtectionRequirements.IncomingEncryptionParts.AddParts(parts, this.IssueAction);
factory2.ProtectionRequirements.IncomingSignatureParts.AddParts(parts, this.RenewAction);
factory2.ProtectionRequirements.IncomingEncryptionParts.AddParts(parts, this.RenewAction);
factory2.ProtectionRequirements.OutgoingSignatureParts.AddParts(parts, this.IssueResponseAction);
factory2.ProtectionRequirements.OutgoingEncryptionParts.AddParts(parts, this.IssueResponseAction);
factory2.ProtectionRequirements.OutgoingSignatureParts.AddParts(parts, this.RenewResponseAction);
factory2.ProtectionRequirements.OutgoingEncryptionParts.AddParts(parts, this.RenewResponseAction);
}
protocolFactory.PrivacyNoticeUri = this.PrivacyNoticeUri;
protocolFactory.PrivacyNoticeVersion = this.privacyNoticeVersion;
if (this.localAddress != null)
{
MessageFilter filter = new SessionActionFilter(this.standardsManager, new string[] { this.IssueResponseAction.Value, this.RenewResponseAction.Value });
issuerBindingContext.BindingParameters.Add(new LocalAddressProvider(this.localAddress, filter));
}
ChannelBuilder channelBuilder = new ChannelBuilder(issuerBindingContext, true);
if (channelBuilder.CanBuildChannelFactory <IRequestChannel>())
{
factory3 = channelBuilder.BuildChannelFactory <IRequestChannel>();
this.requiresManualReplyAddressing = true;
}
else
{
ClientRuntime clientRuntime = new ClientRuntime("RequestSecuritySession", "http://tempuri.org/")
{
UseSynchronizationContext = false,
AddTransactionFlowProperties = false,
ValidateMustUnderstand = false
};
ServiceChannelFactory serviceChannelFactory = ServiceChannelFactory.BuildChannelFactory(channelBuilder, clientRuntime);
ClientOperation item = new ClientOperation(serviceChannelFactory.ClientRuntime, "Issue", this.IssueAction.Value)
{
Formatter = operationFormatter
};
serviceChannelFactory.ClientRuntime.Operations.Add(item);
ClientOperation operation2 = new ClientOperation(serviceChannelFactory.ClientRuntime, "Renew", this.RenewAction.Value)
{
Formatter = operationFormatter
};
serviceChannelFactory.ClientRuntime.Operations.Add(operation2);
factory3 = new RequestChannelFactory(serviceChannelFactory);
this.requiresManualReplyAddressing = false;
}
SecurityChannelFactory <IRequestChannel> factory5 = new SecurityChannelFactory <IRequestChannel>(property, this.IssuerBindingContext, channelBuilder, protocolFactory, factory3);
if ((element != null) && (factory5.SecurityProtocolFactory != null))
{
factory5.SecurityProtocolFactory.ExtendedProtectionPolicy = element.GetProperty <ExtendedProtectionPolicy>(issuerBindingContext);
}
this.rstChannelFactory = factory5;
this.messageVersion = factory5.MessageVersion;
}
internal static ChannelProtectionRequirements CreateFromContractAndUnionResponseProtectionRequirements(ContractDescription contract, ISecurityCapabilities bindingElement, bool isForClient)
{
ChannelProtectionRequirements contractRequirements = CreateFromContract(contract, bindingElement.SupportedRequestProtectionLevel, bindingElement.SupportedResponseProtectionLevel, isForClient);
// union all the protection requirements for the response actions
ChannelProtectionRequirements result = new ChannelProtectionRequirements();
if (isForClient)
{
result.IncomingEncryptionParts.AddParts(UnionMessagePartSpecifications(contractRequirements.IncomingEncryptionParts), MessageHeaders.WildcardAction);
result.IncomingSignatureParts.AddParts(UnionMessagePartSpecifications(contractRequirements.IncomingSignatureParts), MessageHeaders.WildcardAction);
contractRequirements.OutgoingEncryptionParts.CopyTo(result.OutgoingEncryptionParts);
contractRequirements.OutgoingSignatureParts.CopyTo(result.OutgoingSignatureParts);
}
else
{
result.OutgoingEncryptionParts.AddParts(UnionMessagePartSpecifications(contractRequirements.OutgoingEncryptionParts), MessageHeaders.WildcardAction);
result.OutgoingSignatureParts.AddParts(UnionMessagePartSpecifications(contractRequirements.OutgoingSignatureParts), MessageHeaders.WildcardAction);
contractRequirements.IncomingEncryptionParts.CopyTo(result.IncomingEncryptionParts);
contractRequirements.IncomingSignatureParts.CopyTo(result.IncomingSignatureParts);
}
return result;
}
private void InitializeFactories()
{
ISecurityCapabilities securityCapabilities = BootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(IssuerBindingContext);
SecurityCredentialsManager securityCredentials = IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>();
if (securityCredentials == null)
{
securityCredentials = ClientCredentials.CreateDefaultCredentials();
}
BindingContext context = IssuerBindingContext;
_bootstrapSecurityBindingElement.ReaderQuotas = context.GetInnerProperty <XmlDictionaryReaderQuotas>();
if (_bootstrapSecurityBindingElement.ReaderQuotas == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.EncodingBindingElementDoesNotHandleReaderQuotas));
}
TransportBindingElement transportBindingElement = context.RemainingBindingElements.Find <TransportBindingElement>();
if (transportBindingElement != null)
{
_bootstrapSecurityBindingElement.MaxReceivedMessageSize = transportBindingElement.MaxReceivedMessageSize;
}
SecurityProtocolFactory securityProtocolFactory = BootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(IssuerBindingContext.Clone(), securityCredentials, false, IssuerBindingContext.Clone());
if (_localAddress != null)
{
MessageFilter issueAndRenewFilter = new SessionActionFilter(_standardsManager, IssueResponseAction.Value, RenewResponseAction.Value);
context.BindingParameters.Add(new LocalAddressProvider(_localAddress, issueAndRenewFilter));
}
ChannelBuilder channelBuilder = new ChannelBuilder(context, true);
IChannelFactory innerChannelFactory;
// if the underlying transport does not support request/reply, wrap it inside
// a service channel factory.
if (channelBuilder.CanBuildChannelFactory <IRequestChannel>())
{
innerChannelFactory = channelBuilder.BuildChannelFactory <IRequestChannel>();
_requiresManualReplyAddressing = true;
}
else
{
ClientRuntime clientRuntime = new ClientRuntime("RequestSecuritySession", NamingHelper.DefaultNamespace);
clientRuntime.UseSynchronizationContext = false;
clientRuntime.AddTransactionFlowProperties = false;
clientRuntime.ValidateMustUnderstand = false;
ServiceChannelFactory serviceChannelFactory = ServiceChannelFactory.BuildChannelFactory(channelBuilder, clientRuntime);
ClientOperation issueOperation = new ClientOperation(serviceChannelFactory.ClientRuntime, "Issue", IssueAction.Value);
issueOperation.Formatter = s_operationFormatter;
serviceChannelFactory.ClientRuntime.Operations.Add(issueOperation);
ClientOperation renewOperation = new ClientOperation(serviceChannelFactory.ClientRuntime, "Renew", RenewAction.Value);
renewOperation.Formatter = s_operationFormatter;
serviceChannelFactory.ClientRuntime.Operations.Add(renewOperation);
innerChannelFactory = new RequestChannelFactory(serviceChannelFactory);
_requiresManualReplyAddressing = false;
}
SecurityChannelFactory <IAsyncRequestChannel> securityChannelFactory = new SecurityChannelFactory <IAsyncRequestChannel>(
securityCapabilities, IssuerBindingContext, channelBuilder, securityProtocolFactory, innerChannelFactory);
// attach the ExtendedProtectionPolicy to the securityProtcolFactory so it will be
// available when building the channel.
if (transportBindingElement != null)
{
if (securityChannelFactory.SecurityProtocolFactory != null)
{
securityChannelFactory.SecurityProtocolFactory.ExtendedProtectionPolicy = transportBindingElement.GetProperty <ExtendedProtectionPolicy>(context);
}
}
_rstChannelFactory = securityChannelFactory;
MessageVersion = securityChannelFactory.MessageVersion;
}
internal static ChannelProtectionRequirements CreateFromContractAndUnionResponseProtectionRequirements(ContractDescription contract, ISecurityCapabilities bindingElement, bool isForClient)
{
ChannelProtectionRequirements contractRequirements = CreateFromContract(contract, bindingElement.SupportedRequestProtectionLevel, bindingElement.SupportedResponseProtectionLevel, isForClient);
// union all the protection requirements for the response actions
ChannelProtectionRequirements result = new ChannelProtectionRequirements();
if (isForClient)
{
result.IncomingEncryptionParts.AddParts(UnionMessagePartSpecifications(contractRequirements.IncomingEncryptionParts), MessageHeaders.WildcardAction);
result.IncomingSignatureParts.AddParts(UnionMessagePartSpecifications(contractRequirements.IncomingSignatureParts), MessageHeaders.WildcardAction);
contractRequirements.OutgoingEncryptionParts.CopyTo(result.OutgoingEncryptionParts);
contractRequirements.OutgoingSignatureParts.CopyTo(result.OutgoingSignatureParts);
}
else
{
result.OutgoingEncryptionParts.AddParts(UnionMessagePartSpecifications(contractRequirements.OutgoingEncryptionParts), MessageHeaders.WildcardAction);
result.OutgoingSignatureParts.AddParts(UnionMessagePartSpecifications(contractRequirements.OutgoingSignatureParts), MessageHeaders.WildcardAction);
contractRequirements.IncomingEncryptionParts.CopyTo(result.IncomingEncryptionParts);
contractRequirements.IncomingSignatureParts.CopyTo(result.IncomingSignatureParts);
}
return(result);
}
void InitializeFactories()
{
ISecurityCapabilities securityCapabilities = this.BootstrapSecurityBindingElement.GetProperty <ISecurityCapabilities>(this.IssuerBindingContext);
SecurityCredentialsManager securityCredentials = this.IssuerBindingContext.BindingParameters.Find <SecurityCredentialsManager>();
if (securityCredentials == null)
{
securityCredentials = ClientCredentials.CreateDefaultCredentials();
}
BindingContext context = this.IssuerBindingContext;
this.bootstrapSecurityBindingElement.ReaderQuotas = context.GetInnerProperty <XmlDictionaryReaderQuotas>();
if (this.bootstrapSecurityBindingElement.ReaderQuotas == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.EncodingBindingElementDoesNotHandleReaderQuotas)));
}
TransportBindingElement transportBindingElement = context.RemainingBindingElements.Find <TransportBindingElement>();
if (transportBindingElement != null)
{
this.bootstrapSecurityBindingElement.MaxReceivedMessageSize = transportBindingElement.MaxReceivedMessageSize;
}
SecurityProtocolFactory securityProtocolFactory = this.BootstrapSecurityBindingElement.CreateSecurityProtocolFactory <IRequestChannel>(this.IssuerBindingContext.Clone(), securityCredentials, false, this.IssuerBindingContext.Clone());
if (securityProtocolFactory is MessageSecurityProtocolFactory)
{
MessageSecurityProtocolFactory soapBindingFactory = securityProtocolFactory as MessageSecurityProtocolFactory;
soapBindingFactory.ApplyConfidentiality = soapBindingFactory.ApplyIntegrity
= soapBindingFactory.RequireConfidentiality = soapBindingFactory.RequireIntegrity = true;
soapBindingFactory.ProtectionRequirements.IncomingSignatureParts.ChannelParts.IsBodyIncluded = true;
soapBindingFactory.ProtectionRequirements.OutgoingSignatureParts.ChannelParts.IsBodyIncluded = true;
MessagePartSpecification bodyPart = new MessagePartSpecification(true);
soapBindingFactory.ProtectionRequirements.IncomingSignatureParts.AddParts(bodyPart, IssueAction);
soapBindingFactory.ProtectionRequirements.IncomingEncryptionParts.AddParts(bodyPart, IssueAction);
soapBindingFactory.ProtectionRequirements.IncomingSignatureParts.AddParts(bodyPart, RenewAction);
soapBindingFactory.ProtectionRequirements.IncomingEncryptionParts.AddParts(bodyPart, RenewAction);
soapBindingFactory.ProtectionRequirements.OutgoingSignatureParts.AddParts(bodyPart, IssueResponseAction);
soapBindingFactory.ProtectionRequirements.OutgoingEncryptionParts.AddParts(bodyPart, IssueResponseAction);
soapBindingFactory.ProtectionRequirements.OutgoingSignatureParts.AddParts(bodyPart, RenewResponseAction);
soapBindingFactory.ProtectionRequirements.OutgoingEncryptionParts.AddParts(bodyPart, RenewResponseAction);
}
securityProtocolFactory.PrivacyNoticeUri = this.PrivacyNoticeUri;
securityProtocolFactory.PrivacyNoticeVersion = this.privacyNoticeVersion;
if (this.localAddress != null)
{
MessageFilter issueAndRenewFilter = new SessionActionFilter(this.standardsManager, this.IssueResponseAction.Value, this.RenewResponseAction.Value);
context.BindingParameters.Add(new LocalAddressProvider(localAddress, issueAndRenewFilter));
}
ChannelBuilder channelBuilder = new ChannelBuilder(context, true);
IChannelFactory <IRequestChannel> innerChannelFactory;
// if the underlying transport does not support request/reply, wrap it inside
// a service channel factory.
if (channelBuilder.CanBuildChannelFactory <IRequestChannel>())
{
innerChannelFactory = channelBuilder.BuildChannelFactory <IRequestChannel>();
requiresManualReplyAddressing = true;
}
else
{
ClientRuntime clientRuntime = new ClientRuntime("RequestSecuritySession", NamingHelper.DefaultNamespace);
clientRuntime.UseSynchronizationContext = false;
clientRuntime.AddTransactionFlowProperties = false;
clientRuntime.ValidateMustUnderstand = false;
ServiceChannelFactory serviceChannelFactory = ServiceChannelFactory.BuildChannelFactory(channelBuilder, clientRuntime);
ClientOperation issueOperation = new ClientOperation(serviceChannelFactory.ClientRuntime, "Issue", IssueAction.Value);
issueOperation.Formatter = operationFormatter;
serviceChannelFactory.ClientRuntime.Operations.Add(issueOperation);
ClientOperation renewOperation = new ClientOperation(serviceChannelFactory.ClientRuntime, "Renew", RenewAction.Value);
renewOperation.Formatter = operationFormatter;
serviceChannelFactory.ClientRuntime.Operations.Add(renewOperation);
innerChannelFactory = new RequestChannelFactory(serviceChannelFactory);
requiresManualReplyAddressing = false;
}
SecurityChannelFactory <IRequestChannel> securityChannelFactory = new SecurityChannelFactory <IRequestChannel>(
securityCapabilities, this.IssuerBindingContext, channelBuilder, securityProtocolFactory, innerChannelFactory);
// attach the ExtendedProtectionPolicy to the securityProtcolFactory so it will be
// available when building the channel.
if (transportBindingElement != null)
{
if (securityChannelFactory.SecurityProtocolFactory != null)
{
securityChannelFactory.SecurityProtocolFactory.ExtendedProtectionPolicy = transportBindingElement.GetProperty <ExtendedProtectionPolicy>(context);
}
}
this.rstChannelFactory = securityChannelFactory;
this.messageVersion = securityChannelFactory.MessageVersion;
}