Exemple #1
0
        public void WriteMetadata(WsFederationMetadataTheoryData theoryData)
        {
            TestUtilities.WriteHeader($"{this}.WriteMetadata", theoryData);
            var context = new CompareContext($"{this}.WriteMetadata, {theoryData.TestId}");

            try
            {
                var settings = new XmlWriterSettings();
                var builder  = new StringBuilder();

                if (theoryData.UseNullWriter)
                {
                    theoryData.Serializer.WriteMetadata(null, theoryData.Configuration);
                    theoryData.ExpectedException.ProcessNoException(context);
                }
                else
                {
                    using (var writer = XmlWriter.Create(builder, settings))
                    {
                        // add signingCredentials so we can created signed metadata.
                        if (theoryData.Configuration != null)
                        {
                            theoryData.Configuration.SigningCredentials = KeyingMaterial.DefaultX509SigningCreds_2048_RsaSha2_Sha2;
                        }

                        // write configuration content into metadata and sign the metadata
                        var serializer = new WsFederationMetadataSerializer();
                        serializer.WriteMetadata(writer, theoryData.Configuration);
                        writer.Flush();
                        var metadata = builder.ToString();

                        // read the created metadata into a new configuration
                        var reader        = XmlReader.Create(new StringReader(metadata));
                        var configuration = theoryData.Serializer.ReadMetadata(reader);

                        // assign signingcredentials and verify the signature of created metadata
                        configuration.SigningCredentials = theoryData.Configuration.SigningCredentials;
                        if (configuration.SigningCredentials != null)
                        {
                            configuration.Signature.Verify(configuration.SigningCredentials.Key, configuration.SigningCredentials.Key.CryptoProviderFactory);
                        }

                        // remove the signature and do the comparison
                        configuration.Signature = null;
                        theoryData.ExpectedException.ProcessNoException(context);
                        IdentityComparer.AreWsFederationConfigurationsEqual(configuration, theoryData.Configuration, context);
                    }
                }
            }
            catch (Exception ex)
            {
                theoryData.ExpectedException.ProcessException(ex, context);
            }

            TestUtilities.AssertFailIfErrors(context);
        }
        /// <summary>
        /// Executes the result operation of the action method asynchronously. This method is called by MVC to process
        /// the result of an action method.
        /// </summary>
        /// <param name="context">The context in which the result is executed. The context information includes
        /// information about the action that was executed and request information.</param>
        /// <returns>
        /// A task that represents the asynchronous execute operation.
        /// </returns>
        public Task ExecuteResultAsync(ActionContext context)
        {
            var ser = new WsFederationMetadataSerializer();

            using var ms           = new MemoryStream();
            using XmlWriter writer = XmlDictionaryWriter.CreateTextWriter(ms, Encoding.UTF8, false);
            ser.WriteMetadata(writer, _config);
            writer.Flush();
            context.HttpContext.Response.ContentType = "application/xml";
            var metaAsString = Encoding.UTF8.GetString(ms.ToArray());

            return(context.HttpContext.Response.WriteAsync(metaAsString));
        }
Exemple #3
0
        public async Task <string> GetMetadata(HttpContext context)
        {
            var configuration = new WsFederationConfiguration
            {
                Issuer             = _options.IssuerUri,
                SigningCredentials = await _keys.GetSigningCredentialsAsync(),
                TokenEndpoint      = context.GetIdentityServerOrigin() + "/wsfederation"
            };

            //For whatever reason, the Digest method isn't specified in the builder extensions for identity server.
            //Not a good solution to force the user to use the overload that takes SigningCredentials
            //IdentityServer4/Configuration/DependencyInjection/BuilderExtensions/Crypto.cs
            //Instead, it should be supported in:
            //  The overload that takes a X509Certificate2
            //  The overload that looks it up in a cert store
            //  The overload that takes an RsaSecurityKey
            //  AddDeveloperSigningCredential
            //For now, this is a workaround.
            if (configuration.SigningCredentials.Digest == null)
            {
                _logger.LogInformation($"SigningCredentials does not have a digest specified. Using default digest algorithm of {SecurityAlgorithms.Sha256Digest}");
                configuration.SigningCredentials = new SigningCredentials(configuration.SigningCredentials.Key, configuration.SigningCredentials.Algorithm ?? SecurityAlgorithms.RsaSha256Signature, SecurityAlgorithms.Sha256Digest);
            }
            configuration.KeyInfos.Add(new KeyInfo(configuration.SigningCredentials.Key));

            var serializer = new WsFederationMetadataSerializer();

            var sb       = new StringBuilder();
            var settings = new XmlWriterSettings
            {
                OmitXmlDeclaration = true
            };

            using (var writer = XmlWriter.Create(sb, settings))
            {
                serializer.WriteMetadata(writer, configuration);
            }
            var metadata = sb.ToString();

            return(metadata);
        }