internal override async Task <HttpClient> GetHttpClientAsync(EndpointAddress to, Uri via, TimeoutHelper timeoutHelper) { SecurityTokenContainer clientCertificateToken = Factory.GetCertificateSecurityToken(_certificateProvider, to, via, this.ChannelParameters, ref timeoutHelper); HttpClient httpClient = await base.GetHttpClientAsync(to, via, clientCertificateToken, timeoutHelper); return(httpClient); }
internal SecurityTokenContainer GetCertificateSecurityToken(SecurityTokenProvider certificateProvider, EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, ref TimeoutHelper timeoutHelper) { SecurityToken token = null; SecurityTokenContainer tokenContainer = null; SecurityTokenProvider requestCertificateProvider; if (ManualAddressing && RequireClientCertificate) { requestCertificateProvider = CreateAndOpenCertificateTokenProvider(to, via, channelParameters, timeoutHelper.RemainingTime()); } else { requestCertificateProvider = certificateProvider; } if (requestCertificateProvider != null) { token = requestCertificateProvider.GetTokenAsync(timeoutHelper.GetCancellationToken()).GetAwaiter().GetResult(); } if (ManualAddressing && RequireClientCertificate) { SecurityUtils.AbortTokenProviderIfRequired(requestCertificateProvider); } if (token != null) { tokenContainer = new SecurityTokenContainer(token); } return(tokenContainer); }
private SecurityTokenContainer GetCertificateSecurityToken(SecurityTokenProvider certificateProvider, EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, ref TimeoutHelper timeoutHelper) { SecurityToken token = null; SecurityTokenContainer container = null; SecurityTokenProvider provider; if (base.ManualAddressing && this.RequireClientCertificate) { provider = this.CreateAndOpenCertificateTokenProvider(to, via, channelParameters, timeoutHelper.RemainingTime()); } else { provider = certificateProvider; } if (provider != null) { token = provider.GetToken(timeoutHelper.RemainingTime()); } if (base.ManualAddressing && this.RequireClientCertificate) { System.ServiceModel.Security.SecurityUtils.AbortTokenProviderIfRequired(provider); } if (token != null) { container = new SecurityTokenContainer(token); } return(container); }
public override HttpWebRequest GetWebRequest(EndpointAddress to, Uri via, ref TimeoutHelper timeoutHelper) { SecurityTokenContainer clientCertificateToken = Factory.GetCertificateSecurityToken(this.certificateProvider, to, via, this.ChannelParameters, ref timeoutHelper); HttpWebRequest request = base.GetWebRequest(to, via, clientCertificateToken, ref timeoutHelper); this.factory.AddServerCertMappingOrSetRemoteCertificateValidationCallback(request, to); return(request); }
static void SetCertificate(HttpWebRequest request, SecurityTokenContainer clientCertificateToken) { if (clientCertificateToken != null) { X509SecurityToken x509Token = (X509SecurityToken)clientCertificateToken.Token; request.ClientCertificates.Add(x509Token.Certificate); } }
public override HttpWebRequest GetWebRequest(EndpointAddress to, Uri via, ref TimeoutHelper timeoutHelper) { SecurityTokenContainer clientCertificateToken = this.Factory.GetCertificateSecurityToken(this.certificateProvider, to, via, base.ChannelParameters, ref timeoutHelper); HttpWebRequest request = base.GetWebRequest(to, via, clientCertificateToken, ref timeoutHelper); HttpTransportSecurityHelpers.AddServerCertMapping(request, to); return(request); }
private static void SetCertificate(HttpClientHandler handler, SecurityTokenContainer clientCertificateToken) { if (clientCertificateToken != null) { X509SecurityToken x509Token = (X509SecurityToken)clientCertificateToken.Token; ValidateClientCertificate(x509Token.Certificate); handler.ClientCertificateOptions = ClientCertificateOption.Manual; handler.ClientCertificates.Add(x509Token.Certificate); } }
void OnGetToken(IAsyncResult result) { SecurityToken token = this.certificateProvider.EndGetToken(result); if (token != null) { this.tokenContainer = new SecurityTokenContainer(token); } CloseCertificateProviderIfRequired(); }
internal override HttpClientHandler GetHttpClientHandler(EndpointAddress to, SecurityTokenContainer clientCertificateToken) { HttpClientHandler handler = base.GetHttpClientHandler(to, clientCertificateToken); if (RequireClientCertificate) { SetCertificate(handler, clientCertificateToken); } AddServerCertMappingOrSetRemoteCertificateValidationCallback(handler, to); return(handler); }
private static void SetCertificate(ServiceModelHttpMessageHandler handler, SecurityTokenContainer clientCertificateToken) { if (clientCertificateToken != null) { if (!handler.SupportsClientCertificates) { throw ExceptionHelper.PlatformNotSupported("Client certificates not supported yet"); } X509SecurityToken x509Token = (X509SecurityToken)clientCertificateToken.Token; handler.ClientCertificates.Add(x509Token.Certificate); } }
HttpWebRequest CreateHttpWebRequest(TimeSpan timeout) { TimeoutHelper helper = new TimeoutHelper(timeout); ChannelParameterCollection channelParameterCollection = new ChannelParameterCollection(); HttpWebRequest request; if (HttpChannelFactory <IDuplexSessionChannel> .MapIdentity(this.RemoteAddress, this.channelFactory.AuthenticationScheme)) { lock (ThisLock) { this.cleanupIdentity = HttpTransportSecurityHelpers.AddIdentityMapping(Via, RemoteAddress); } } this.channelFactory.CreateAndOpenTokenProviders( this.RemoteAddress, this.Via, channelParameterCollection, helper.RemainingTime(), out this.webRequestTokenProvider, out this.webRequestProxyTokenProvider); SecurityTokenContainer clientCertificateToken = null; HttpsChannelFactory <IDuplexSessionChannel> httpsChannelFactory = this.channelFactory as HttpsChannelFactory <IDuplexSessionChannel>; if (httpsChannelFactory != null && httpsChannelFactory.RequireClientCertificate) { SecurityTokenProvider certificateProvider = httpsChannelFactory.CreateAndOpenCertificateTokenProvider(this.RemoteAddress, this.Via, channelParameterCollection, helper.RemainingTime()); clientCertificateToken = httpsChannelFactory.GetCertificateSecurityToken(certificateProvider, this.RemoteAddress, this.Via, channelParameterCollection, ref helper); } request = this.channelFactory.GetWebRequest(this.RemoteAddress, this.Via, this.webRequestTokenProvider, this.webRequestProxyTokenProvider, clientCertificateToken, helper.RemainingTime(), true); // If a web socket connection factory is specified (for example, when using web sockets on pre-Win8 OS), // we're going to use the protocol version from it. At the moment, on pre-Win8 OS, the HttpWebRequest // created above doesn't have the version header specified. if (this.connectionFactory != null) { this.UseWebSocketVersionFromFactory(request); } this.webSocketKey = request.Headers[WebSocketHelper.SecWebSocketKey]; this.ConfigureHttpWebRequestHeader(request); request.Timeout = (int)helper.RemainingTime().TotalMilliseconds; return(request); }
public IAsyncResult BeginBaseGetWebRequest(EndpointAddress to, Uri via, SecurityTokenContainer clientCertificateToken, ref TimeoutHelper timeoutHelper, AsyncCallback callback, object state) { return(base.BeginGetWebRequest(to, via, clientCertificateToken, ref timeoutHelper, callback, state)); }
protected override string OnGetConnectionGroupPrefix(HttpWebRequest httpWebRequest, SecurityTokenContainer clientCertificateToken) { System.Text.StringBuilder inputStringBuilder = new System.Text.StringBuilder(); string delimiter = "\0"; // nonprintable characters are invalid for SSPI Domain/UserName/Password if (this.RequireClientCertificate) { HttpsChannelFactory <TChannel> .SetCertificate(httpWebRequest, clientCertificateToken); X509CertificateCollection certificateCollection = httpWebRequest.ClientCertificates; for (int i = 0; i < certificateCollection.Count; i++) { inputStringBuilder.AppendFormat("{0}{1}", certificateCollection[i].GetCertHashString(), delimiter); } } return(inputStringBuilder.ToString()); }
protected override string OnGetConnectionGroupPrefix(HttpWebRequest httpWebRequest, SecurityTokenContainer clientCertificateToken) { StringBuilder builder = new StringBuilder(); string str = "\0"; if (this.RequireClientCertificate) { SetCertificate(httpWebRequest, clientCertificateToken); X509CertificateCollection clientCertificates = httpWebRequest.ClientCertificates; for (int i = 0; i < clientCertificates.Count; i++) { builder.AppendFormat("{0}{1}", clientCertificates[i].GetCertHashString(), str); } } return(builder.ToString()); }