/// <summary>
/// Creates a new transport channel that supports the IRegistrationChannel service contract.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
// create a UA binary channel.
ITransportChannel channel = CreateUaBinaryChannel(
configuration,
description,
endpointConfiguration,
clientCertificate,
messageContext);
// create a WCF XML channel.
if (channel == null)
{
Uri endpointUrl = new Uri(description.EndpointUrl);
channel = new RegistrationChannel();
TransportChannelSettings settings = new TransportChannelSettings();
settings.Configuration = endpointConfiguration;
settings.Description = description;
settings.ClientCertificate = clientCertificate;
channel.Initialize(endpointUrl, settings);
}
return channel;
}
/// <summary>
/// Initializes a new instance with the specified property values.
/// </summary>
/// <param name="secureChannelId">The secure channel identifier.</param>
/// <param name="endpointDescription">The endpoint description.</param>
/// <param name="messageEncoding">The message encoding.</param>
public SecureChannelContext(
string secureChannelId,
EndpointDescription endpointDescription,
RequestEncoding messageEncoding)
{
m_secureChannelId = secureChannelId;
m_endpointDescription = endpointDescription;
m_messageEncoding = messageEncoding;
}
/// <summary>
/// Creates a new transport channel that supports the ISessionChannel service contract.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
// create a UA binary channel.
ITransportChannel channel = CreateUaBinaryChannel(
configuration,
description,
endpointConfiguration,
clientCertificate,
messageContext);
return channel;
}
/// <summary>
/// Creates a binding for to use for discovering servers.
/// </summary>
/// <param name="configuration">The configuration.</param>
/// <param name="description">The description.</param>
/// <param name="endpointConfiguration">The endpoint configuration.</param>
/// <param name="instanceCertificate">The instance certificate.</param>
/// <returns></returns>
public static RegistrationClient Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 instanceCertificate)
{
if (configuration == null) throw new ArgumentNullException("configuration");
if (description == null) throw new ArgumentNullException("description");
ITransportChannel channel = RegistrationChannel.Create(
configuration,
description,
endpointConfiguration,
instanceCertificate,
new ServiceMessageContext());
return new RegistrationClient(channel);
}
/// <summary>
/// Creates a new transport channel that supports the ISessionChannel service contract.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
// create a UA binary channel.
ITransportChannel channel = CreateUaBinaryChannel(
configuration,
description,
endpointConfiguration,
clientCertificate,
messageContext);
#if !SILVERLIGHT
// create a WCF XML channel.
if (channel == null)
{
Uri endpointUrl = new Uri(description.EndpointUrl);
BindingFactory bindingFactory = BindingFactory.Create(configuration, messageContext);
Binding binding = bindingFactory.Create(endpointUrl.Scheme, description, endpointConfiguration);
SessionChannel wcfXmlChannel = new SessionChannel();
wcfXmlChannel.Initialize(
configuration,
description,
endpointConfiguration,
binding,
clientCertificate,
null);
channel = wcfXmlChannel;
}
#endif
return(channel);
}
/// <summary>
/// Creates a new transport channel that supports the ISessionChannel service contract.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
// create a UA binary channel.
ITransportChannel channel = CreateUaBinaryChannel(
configuration,
description,
endpointConfiguration,
clientCertificate,
messageContext);
#if !SILVERLIGHT
// create a WCF XML channel.
if (channel == null)
{
Uri endpointUrl = new Uri(description.EndpointUrl);
BindingFactory bindingFactory = BindingFactory.Create(configuration, messageContext);
Binding binding = bindingFactory.Create(endpointUrl.Scheme, description, endpointConfiguration);
SessionChannel wcfXmlChannel = new SessionChannel();
wcfXmlChannel.Initialize(
configuration,
description,
endpointConfiguration,
binding,
clientCertificate,
null);
channel = wcfXmlChannel;
}
#endif
return channel;
}
/// <summary>
/// Throws exceptions if the endpoint is not valid.
/// </summary>
private static void ValidateEndpoint(EndpointDescription endpoint)
{
if (endpoint == null)
{
throw new ArgumentException("Endpoint must not be null.");
}
if (String.IsNullOrEmpty(endpoint.EndpointUrl))
{
throw new ArgumentException("Endpoint must have a valid URL.");
}
if (endpoint.Server == null)
{
endpoint.Server = new ApplicationDescription();
endpoint.Server.ApplicationType = ApplicationType.Server;
}
if (String.IsNullOrEmpty(endpoint.Server.ApplicationUri))
{
endpoint.Server.ApplicationUri = endpoint.EndpointUrl;
}
}
/// <summary>
/// Creates a new transport channel that supports the ISessionChannel service contract.
/// </summary>
/// <param name="discoveryUrl">The discovery url.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel Create(
Uri discoveryUrl,
EndpointConfiguration endpointConfiguration,
ServiceMessageContext messageContext)
{
// create a dummy description.
EndpointDescription endpoint = new EndpointDescription();
endpoint.EndpointUrl = discoveryUrl.ToString();
endpoint.SecurityMode = MessageSecurityMode.None;
endpoint.SecurityPolicyUri = SecurityPolicies.None;
endpoint.Server.ApplicationUri = endpoint.EndpointUrl;
endpoint.Server.ApplicationType = ApplicationType.DiscoveryServer;
ITransportChannel channel = CreateUaBinaryChannel(
null,
endpoint,
endpointConfiguration,
(System.Security.Cryptography.X509Certificates.X509Certificate2)null,
messageContext);
return(channel);
}
/// <summary>
/// Updates the endpoint description.
/// </summary>
public void Update(EndpointDescription description)
{
if (description == null)
{
throw new ArgumentNullException("description");
}
m_description = (EndpointDescription)description.MemberwiseClone();
// normalize transport profile uri.
if (m_description.TransportProfileUri != null)
{
m_description.TransportProfileUri = Profiles.NormalizeUri(m_description.TransportProfileUri);
}
// set the proxy url.
if (m_collection != null && m_description.EndpointUrl != null)
{
if (m_description.EndpointUrl.StartsWith(Utils.UriSchemeOpcTcp, StringComparison.Ordinal))
{
m_description.ProxyUrl = m_collection.TcpProxyUrl;
}
}
}
/// <summary>
/// Creates a binding for to use for discovering servers.
/// </summary>
/// <param name="configuration">The configuration.</param>
/// <param name="description">The description.</param>
/// <param name="endpointConfiguration">The endpoint configuration.</param>
/// <param name="instanceCertificate">The instance certificate.</param>
/// <returns></returns>
public static RegistrationClient Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 instanceCertificate)
{
if (configuration == null)
{
throw new ArgumentNullException("configuration");
}
if (description == null)
{
throw new ArgumentNullException("description");
}
ITransportChannel channel = RegistrationChannel.Create(
configuration,
description,
endpointConfiguration,
instanceCertificate,
new ServiceMessageContext());
return(new RegistrationClient(channel));
}
/// <summary>
/// Begins processing a request received via a binary encoded channel.
/// </summary>
/// <param name="channeId">A unique identifier for the secure channel which is the source of the request.</param>
/// <param name="endpointDescription">The description of the endpoint which the secure channel is using.</param>
/// <param name="request">The incoming request.</param>
/// <param name="callback">The callback.</param>
/// <param name="callbackData">The callback data.</param>
/// <returns>
/// The result which must be passed to the EndProcessRequest method.
/// </returns>
/// <seealso cref="EndProcessRequest"/>
/// <seealso cref="ITransportListener"/>
public IAsyncResult BeginProcessRequest(
string channeId,
EndpointDescription endpointDescription,
IServiceRequest request,
AsyncCallback callback,
object callbackData)
{
if (channeId == null) throw new ArgumentNullException("channeId");
if (request == null) throw new ArgumentNullException("request");
// create operation.
ProcessRequestAsyncResult result = new ProcessRequestAsyncResult(this, callback, callbackData, 0);
SecureChannelContext context = new SecureChannelContext(
channeId,
endpointDescription,
RequestEncoding.Binary);
// begin invoke service.
return result.BeginProcessRequest(context, request);
}
public static DiscoveryChannel Create(
Uri discoveryUrl,
EndpointConfiguration configuration,
Binding binding,
string configurationName)
{
// create a dummy description.
EndpointDescription endpoint = new EndpointDescription();
endpoint.EndpointUrl = discoveryUrl.ToString();
endpoint.SecurityMode = MessageSecurityMode.None;
endpoint.SecurityPolicyUri = SecurityPolicies.None;
endpoint.Server.ApplicationUri = endpoint.EndpointUrl;
endpoint.Server.ApplicationType = ApplicationType.DiscoveryServer;
DiscoveryChannel channel = new DiscoveryChannel();
channel.Initialize(
endpoint,
configuration,
binding,
configurationName);
return channel;
}
/// <summary>
/// Add the endpoint description to the cache.
/// </summary>
public ConfiguredEndpoint Add(EndpointDescription endpoint)
{
return(Add(endpoint, null));
}
/// <summary>
/// Creates a new UA-binary transport channel if requested. Null otherwise.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel CreateUaBinaryChannel(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
bool useUaTcp = description.EndpointUrl.StartsWith(Utils.UriSchemeOpcTcp);
bool useHttps = description.EndpointUrl.StartsWith(Utils.UriSchemeHttps);
switch (description.TransportProfileUri)
{
case Profiles.UaTcpTransport:
{
useUaTcp = true;
break;
}
case Profiles.HttpsBinaryTransport:
{
useHttps = true;
break;
}
}
// note: WCF channels are not supported
if (!useUaTcp && !useHttps)
{
throw ServiceResultException.Create(
StatusCodes.BadServiceUnsupported,
"Unsupported transport profile\r\n");
}
// initialize the channel which will be created with the server.
ITransportChannel channel = null;
// create a UA-TCP channel.
TransportChannelSettings settings = new TransportChannelSettings();
settings.Description = description;
settings.Configuration = endpointConfiguration;
settings.ClientCertificate = clientCertificate;
if (description.ServerCertificate != null && description.ServerCertificate.Length > 0)
{
settings.ServerCertificate = Utils.ParseCertificateBlob(description.ServerCertificate);
}
if (configuration != null)
{
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
}
settings.NamespaceUris = messageContext.NamespaceUris;
settings.Factory = messageContext.Factory;
if (useUaTcp)
{
if (g_CustomTransportChannel != null)
{
channel = g_CustomTransportChannel.Create();
}
else
{
channel = new TcpTransportChannel();
}
}
else if (useHttps)
{
channel = new HttpsTransportChannel();
}
channel.Initialize(new Uri(description.EndpointUrl), settings);
channel.Open();
return channel;
}
/// <summary>
/// Returns the UserTokenPolicies supported by the server.
/// </summary>
/// <param name="configuration">The configuration.</param>
/// <param name="description">The description.</param>
/// <returns>Returns a collection of UserTokenPolicy objects, the return type is <seealso cref="UserTokenPolicyCollection"/> . </returns>
public virtual UserTokenPolicyCollection GetUserTokenPolicies(ApplicationConfiguration configuration, EndpointDescription description)
{
UserTokenPolicyCollection policies = new UserTokenPolicyCollection();
if (configuration.ServerConfiguration == null || configuration.ServerConfiguration.UserTokenPolicies == null)
{
return(policies);
}
foreach (UserTokenPolicy policy in configuration.ServerConfiguration.UserTokenPolicies)
{
// ensure a security policy is specified for user tokens.
if (description.SecurityMode == MessageSecurityMode.None)
{
if (String.IsNullOrEmpty(policy.SecurityPolicyUri))
{
UserTokenPolicy clone = (UserTokenPolicy)policy.MemberwiseClone();
clone.SecurityPolicyUri = SecurityPolicies.Basic256;
policies.Add(clone);
continue;
}
}
policies.Add(policy);
}
// ensure each policy has a unique id.
for (int ii = 0; ii < policies.Count; ii++)
{
if (String.IsNullOrEmpty(policies[ii].PolicyId))
{
policies[ii].PolicyId = Utils.Format("{0}", ii);
}
}
return(policies);
}
/// <summary>
/// Sets the available user tokens.
/// </summary>
/// <param name="endpointDescription">The endpoint description.</param>
private void SetAvailableUserTokens(EndpointDescription endpointDescription)
{
AnonymousTAB.Enabled = false;
UserNameTAB.Enabled = false;
CertificateTAB.Enabled = false;
KerberosTAB.Enabled = false;
if (endpointDescription == null)
{
return;
}
foreach (UserTokenPolicy policy in endpointDescription.UserIdentityTokens)
{
if (policy.TokenType == UserTokenType.Anonymous)
{
if (!AnonymousTAB.Enabled)
{
AnonymousTAB.Tag = policy;
AnonymousTAB.Enabled = true;
}
}
if (policy.TokenType == UserTokenType.UserName)
{
if (!UserNameTAB.Enabled)
{
UserNameTAB.Tag = policy;
UserNameTAB.Enabled = true;
}
}
if (policy.TokenType == UserTokenType.Certificate)
{
if (!CertificateTAB.Enabled)
{
CertificateTAB.Tag = policy;
CertificateTAB.Enabled = true;
}
}
if (policy.TokenType == UserTokenType.IssuedToken)
{
if (!KerberosTAB.Enabled)
{
if (policy.IssuedTokenType == "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1")
{
KerberosTAB.Tag = policy;
KerberosTAB.Enabled = true;
}
}
}
}
}
/// <summary>
/// Create a new service host for UA TCP.
/// </summary>
protected List<EndpointDescription> CreateUaTcpServiceHost(
IDictionary<string, ServiceHost> hosts,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
IList<string> baseAddresses,
ApplicationDescription serverDescription,
List<ServerSecurityPolicy> securityPolicies)
{
// generate a unique host name.
string hostName = String.Empty;
if (hosts.ContainsKey(hostName))
{
hostName = "/Tcp";
}
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", hosts.Count);
}
// check if the server if configured to use the ANSI C stack.
bool useAnsiCStack = configuration.UseNativeStack;
// build list of uris.
List<Uri> uris = new List<Uri>();
EndpointDescriptionCollection endpoints = new EndpointDescriptionCollection();
// create the endpoint configuration to use.
EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(configuration);
string computerName = System.Net.Dns.GetHostName();
for (int ii = 0; ii < baseAddresses.Count; ii++)
{
// UA TCP and HTTPS endpoints support multiple policies.
if (!baseAddresses[ii].StartsWith(Utils.UriSchemeOpcTcp, StringComparison.Ordinal))
{
continue;
}
UriBuilder uri = new UriBuilder(baseAddresses[ii]);
if (String.Compare(uri.Host, "localhost", StringComparison.OrdinalIgnoreCase) == 0)
{
uri.Host = computerName;
}
uris.Add(uri.Uri);
foreach (ServerSecurityPolicy policy in securityPolicies)
{
// create the endpoint description.
EndpointDescription description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.Server = serverDescription;
description.SecurityMode = policy.SecurityMode;
description.SecurityPolicyUri = policy.SecurityPolicyUri;
description.SecurityLevel = policy.SecurityLevel;
description.UserIdentityTokens = GetUserTokenPolicies( configuration, description );
description.TransportProfileUri = Profiles.UaTcpTransport;
bool requireEncryption = RequireEncryption(description);
if (!requireEncryption)
{
foreach (UserTokenPolicy userTokenPolicy in description.UserIdentityTokens)
{
if (userTokenPolicy.SecurityPolicyUri != SecurityPolicies.None)
{
requireEncryption = true;
break;
}
}
}
if (requireEncryption)
{
description.ServerCertificate = InstanceCertificate.RawData;
//if (InstanceCertificateChain != null)
//{
// List<byte> certificateChainList = new List<byte>();
// for (int i = 0; i < InstanceCertificateChain.Count; i++)
// {
// certificateChainList.AddRange(InstanceCertificateChain[i].RawData);
// }
// description.ServerCertificate = certificateChainList.ToArray();
//}
}
endpoints.Add( description );
}
// create the UA-TCP stack listener.
try
{
TransportListenerSettings settings = new TransportListenerSettings();
settings.Descriptions = endpoints;
settings.Configuration = endpointConfiguration;
settings.ServerCertificate = this.InstanceCertificate;
//settings.ServerCertificateChain = this.InstanceCertificateChain;
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
settings.NamespaceUris = this.MessageContext.NamespaceUris;
settings.Factory = this.MessageContext.Factory;
ITransportListener listener = null;
Type type = null;
if (useAnsiCStack)
{
type = Type.GetType("Opc.Ua.NativeStack.NativeStackListener,Opc.Ua.NativeStackWrapper");
}
if (useAnsiCStack && type != null)
{
listener = (ITransportListener)Activator.CreateInstance(type);
}
else
{
listener = new Opc.Ua.Bindings.UaTcpChannelListener();
}
listener.Open(
uri.Uri,
settings,
GetEndpointInstance(this));
TransportListeners.Add(listener);
}
catch (Exception e)
{
Utils.Trace(e, "Could not load UA-TCP Stack Listener.");
throw;
}
}
return endpoints;
}
public static RegistrationChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
Binding binding,
X509Certificate2 clientCertificate,
string configurationName)
{
RegistrationChannel channel = new RegistrationChannel();
channel.Initialize(
configuration,
description,
endpointConfiguration,
binding,
clientCertificate,
configurationName);
return channel;
}
/// <summary>
/// Returns the UserTokenPolicies supported by the server.
/// </summary>
/// <param name="configuration">The configuration.</param>
/// <param name="description">The description.</param>
/// <returns>Returns a collection of UserTokenPolicy objects, the return type is <seealso cref="UserTokenPolicyCollection"/> . </returns>
public virtual UserTokenPolicyCollection GetUserTokenPolicies(ApplicationConfiguration configuration, EndpointDescription description)
{
int policyId = 0;
UserTokenPolicyCollection policies = new UserTokenPolicyCollection();
if (configuration.ServerConfiguration == null || configuration.ServerConfiguration.UserTokenPolicies == null)
{
return(policies);
}
foreach (UserTokenPolicy policy in configuration.ServerConfiguration.UserTokenPolicies)
{
UserTokenPolicy clone = (UserTokenPolicy)policy.MemberwiseClone();
if (String.IsNullOrEmpty(policy.SecurityPolicyUri))
{
// ensure each policy has a unique id.
if (description.SecurityMode == MessageSecurityMode.None)
{
// ensure a security policy is specified for user tokens.
clone.SecurityPolicyUri = SecurityPolicies.Basic256;
clone.PolicyId = Utils.Format("{0}", ++policyId);
}
else
{
clone.PolicyId = Utils.Format("{0}", policyId++);
}
policyId++;
}
else
{
clone.PolicyId = Utils.Format("{0}", policyId++);
}
policies.Add(clone);
}
return(policies);
}
public static SessionChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
BindingFactory bindingFactory,
X509Certificate2 clientCertificate,
string configurationName)
{
if (description == null) throw new ArgumentNullException("description");
if (configuration == null) throw new ArgumentNullException("configuration");
if (bindingFactory == null) throw new ArgumentNullException("bindingFactory");
Uri uri = new Uri(description.EndpointUrl);
Binding binding = bindingFactory.Create(uri.Scheme, description, endpointConfiguration);
return Create(configuration, description, endpointConfiguration, binding, clientCertificate, configurationName);
}
public static SessionChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate)
{
return Create(configuration, description, endpointConfiguration, BindingFactory.Default, clientCertificate, null);
}
public static SessionChannel Create(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
string configurationName)
{
return Create(configuration, description, endpointConfiguration, BindingFactory.Default, null, configurationName);
}
/// <summary>
/// Initializes the message encodings dropdown.
/// </summary>
private void InitializeEncodings(EndpointDescription endpoint)
{
// preserve the existing value.
Encoding currentEncoding = Encoding.Default;
if (EncodingCB.SelectedIndex != -1)
{
currentEncoding = (Encoding)EncodingCB.SelectedItem;
}
EncodingCB.Items.Clear();
if (endpoint != null)
{
switch (endpoint.EncodingSupport)
{
case BinaryEncodingSupport.None:
{
EncodingCB.Items.Add(Encoding.Xml);
break;
}
case BinaryEncodingSupport.Required:
{
EncodingCB.Items.Add(Encoding.Binary);
break;
}
case BinaryEncodingSupport.Optional:
{
EncodingCB.Items.Add(Encoding.Binary);
EncodingCB.Items.Add(Encoding.Xml);
break;
}
}
}
// add at least one encoding.
if (EncodingCB.Items.Count == 0)
{
EncodingCB.Items.Add(Encoding.Default);
}
// set the current value.
int index = EncodingCB.Items.IndexOf(currentEncoding);
if (index == -1)
{
index = 0;
}
EncodingCB.SelectedIndex = index;
}
/// <summary>
/// Initializes the user token types dropdown.
/// </summary>
private void InitializeUserTokenTypes(EndpointDescription endpoint)
{
// preserve the existing value.
UserTokenItem currentTokenType = new UserTokenItem(UserTokenType.Anonymous);
if (UserTokenTypeCB.SelectedIndex != -1)
{
currentTokenType = (UserTokenItem)UserTokenTypeCB.SelectedItem;
}
UserTokenTypeCB.Items.Clear();
// show all options.
if (m_showAllOptions)
{
UserTokenTypeCB.Items.Add(new UserTokenItem(UserTokenType.Anonymous));
UserTokenTypeCB.Items.Add(new UserTokenItem(UserTokenType.UserName));
UserTokenTypeCB.Items.Add(new UserTokenItem(UserTokenType.Certificate));
UserTokenTypeCB.Items.Add(new UserTokenItem(UserTokenType.IssuedToken));
}
// find all unique token types.
else
{
if (endpoint != null)
{
foreach (UserTokenPolicy policy in endpoint.UserIdentityTokens)
{
UserTokenTypeCB.Items.Add(new UserTokenItem(policy));
}
}
// add at least one policy.
if (UserTokenTypeCB.Items.Count == 0)
{
UserTokenTypeCB.Items.Add(new UserTokenItem(UserTokenType.Anonymous));
}
}
int index = -1;
// try to match policy id.
for (int ii = 0; ii < UserTokenTypeCB.Items.Count; ii++)
{
UserTokenItem item = (UserTokenItem)UserTokenTypeCB.Items[ii];
if (item.Policy.PolicyId == currentTokenType.Policy.PolicyId)
{
index = ii;
break;
}
}
// match user token type.
if (index == -1)
{
index = 0;
for (int ii = 0; ii < UserTokenTypeCB.Items.Count; ii++)
{
UserTokenItem item = (UserTokenItem)UserTokenTypeCB.Items[ii];
if (item.Policy.TokenType == currentTokenType.Policy.TokenType)
{
index = ii;
break;
}
}
}
UserTokenTypeCB.SelectedIndex = index;
}
/// <summary>
/// Creates a new transport channel that supports the IDiscoveryChannel service contract.
/// </summary>
/// <param name="discoveryUrl">The discovery URL.</param>
/// <param name="bindingFactory">The binding factory.</param>
/// <param name="endpointConfiguration">The endpoint configuration.</param>
/// <param name="messageContext">The message context.</param>
/// <returns></returns>
public static ITransportChannel Create(
Uri discoveryUrl,
BindingFactory bindingFactory,
EndpointConfiguration endpointConfiguration,
ServiceMessageContext messageContext)
{
// create a dummy description.
EndpointDescription endpoint = new EndpointDescription();
endpoint.EndpointUrl = discoveryUrl.ToString();
endpoint.SecurityMode = MessageSecurityMode.None;
endpoint.SecurityPolicyUri = SecurityPolicies.None;
endpoint.Server.ApplicationUri = endpoint.EndpointUrl;
endpoint.Server.ApplicationType = ApplicationType.DiscoveryServer;
ITransportChannel channel = CreateUaBinaryChannel(
null,
endpoint,
endpointConfiguration,
(System.Security.Cryptography.X509Certificates.X509Certificate2)null,
messageContext);
// create a WCF XML channel.
if (channel == null)
{
Binding binding = bindingFactory.Create(discoveryUrl.Scheme, endpointConfiguration);
DiscoveryChannel wcfXmlChannel = new DiscoveryChannel();
wcfXmlChannel.Initialize(
endpoint,
endpointConfiguration,
binding,
null);
channel = wcfXmlChannel;
}
return channel;
}
/// <summary>
/// Specifies if the server requires encryption; if so the server needs to send its certificate to the clients and validate the client certificates
/// </summary>
/// <param name="description">The description.</param>
/// <returns></returns>
public static bool RequireEncryption(EndpointDescription description)
{
bool requireEncryption = description.SecurityPolicyUri != SecurityPolicies.None;
if (!requireEncryption)
{
foreach (UserTokenPolicy userTokenPolicy in description.UserIdentityTokens)
{
if (userTokenPolicy.SecurityPolicyUri != SecurityPolicies.None)
{
requireEncryption = true;
break;
}
}
}
return requireEncryption;
}
/// <summary>
/// Creates a new UA-binary transport channel if requested. Null otherwise.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel CreateUaBinaryChannel(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
// check if the server if configured to use the ANSI C stack.
bool useUaTcp = description.EndpointUrl.StartsWith(Utils.UriSchemeOpcTcp);
bool useHttps = description.EndpointUrl.StartsWith(Utils.UriSchemeHttps);
bool useAnsiCStack = false;
switch (description.TransportProfileUri)
{
case Profiles.UaTcpTransport:
{
useUaTcp = true;
if (configuration != null)
{
useAnsiCStack = configuration.UseNativeStack;
}
break;
}
case Profiles.HttpsXmlTransport:
case Profiles.HttpsBinaryTransport:
case Profiles.HttpsXmlOrBinaryTransport:
{
useHttps = true;
break;
}
}
// note: WCF channels are not supported
if (!useUaTcp && !useHttps)
{
throw ServiceResultException.Create(
StatusCodes.BadServiceUnsupported,
"Unsupported transport profile\r\n");
}
// initialize the channel which will be created with the server.
ITransportChannel channel = null;
// create a UA-TCP channel.
TransportChannelSettings settings = new TransportChannelSettings();
settings.Description = description;
settings.Configuration = endpointConfiguration;
settings.ClientCertificate = clientCertificate;
if (description.ServerCertificate != null && description.ServerCertificate.Length > 0)
{
settings.ServerCertificate = Utils.ParseCertificateBlob(description.ServerCertificate);
}
if (configuration != null)
{
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
}
settings.NamespaceUris = messageContext.NamespaceUris;
settings.Factory = messageContext.Factory;
if (useUaTcp)
{
Type type = null;
if (useAnsiCStack)
{
type = Type.GetType("Opc.Ua.NativeStack.NativeStackChannel,Opc.Ua.NativeStackWrapper");
}
if (useAnsiCStack && type != null)
{
channel = (ITransportChannel)Activator.CreateInstance(type);
}
else
{
channel = new Opc.Ua.Bindings.TcpTransportChannel();
}
}
else if (useHttps)
{
channel = new Opc.Ua.Bindings.HttpsTransportChannel();
}
channel.Initialize(new Uri(description.EndpointUrl), settings);
channel.Open();
return channel;
}
public void InitializeSinglePolicy(
Type contractType,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
EndpointConfiguration endpointConfiguration,
List <EndpointDescription> endpoints,
MessageSecurityMode securityMode,
string securityPolicyUri)
{
// allow any url to match.
System.ServiceModel.ServiceBehaviorAttribute behavoir = this.Description.Behaviors.Find <System.ServiceModel.ServiceBehaviorAttribute>();
behavoir.AddressFilterMode = System.ServiceModel.AddressFilterMode.Any;
// specify service credentials
ServiceCredentials credentials = new ServiceCredentials();
credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom;
credentials.ClientCertificate.Authentication.TrustedStoreLocation = StoreLocation.LocalMachine;
credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
credentials.ClientCertificate.Authentication.CustomCertificateValidator = configuration.CertificateValidator.GetChannelValidator();
if (configuration.SecurityConfiguration.ApplicationCertificate != null)
{
X509Certificate2 certificate = configuration.SecurityConfiguration.ApplicationCertificate.Find(true);
if (certificate != null)
{
credentials.ServiceCertificate.Certificate = CertificateFactory.Load(certificate, true);
}
}
this.Description.Behaviors.Add(credentials);
// check if explicitly specified.
ServiceThrottlingBehavior throttle = this.Description.Behaviors.Find <ServiceThrottlingBehavior>();
if (throttle == null)
{
throttle = new ServiceThrottlingBehavior();
throttle.MaxConcurrentCalls = 1000;
throttle.MaxConcurrentInstances = 100;
throttle.MaxConcurrentSessions = 100;
this.Description.Behaviors.Add(throttle);
}
// add the endpoints for each base address.
foreach (Uri baseAddress in this.BaseAddresses)
{
ServiceEndpoint endpoint = null;
// find endpoint configuration.
EndpointDescription description = null;
foreach (EndpointDescription current in endpoints)
{
if (new Uri(current.EndpointUrl) == baseAddress)
{
description = current;
break;
}
}
// skip endpoints without a matching base address.
if (description == null)
{
continue;
}
// set the supported profiles.
description.TransportProfileUri = Profiles.WsHttpXmlOrBinaryTransport;
// create the SOAP XML binding
Binding binding = bindingFactory.Create(baseAddress.Scheme, description, endpointConfiguration);
// add the session endpoint.
endpoint = this.AddServiceEndpoint(contractType, binding, baseAddress, baseAddress);
// set the protection level
if (securityMode == MessageSecurityMode.Sign)
{
endpoint.Contract.ProtectionLevel = System.Net.Security.ProtectionLevel.Sign;
}
// update the max items in graph (set to an low value by default).
foreach (OperationDescription operation in endpoint.Contract.Operations)
{
operation.Behaviors.Find <DataContractSerializerOperationBehavior>().MaxItemsInObjectGraph = Int32.MaxValue;
}
}
}
public Protocol(EndpointDescription url)
{
Url = Utils.ParseUri(url.EndpointUrl);
if (Url.Scheme == Utils.UriSchemeHttp)
{
switch (url.TransportProfileUri)
{
case Profiles.HttpsXmlTransport:
case Profiles.HttpsBinaryTransport:
case Profiles.HttpsXmlOrBinaryTransport:
{
Profile = "REST";
break;
}
case Profiles.WsHttpXmlTransport:
case Profiles.WsHttpXmlOrBinaryTransport:
{
Profile = "WS-*";
break;
}
}
}
}
/// <summary>
/// Translates the endpoint descriptions based on the client url and profiles provided.
/// </summary>
/// <param name="clientUrl">The client URL.</param>
/// <param name="baseAddresses">The base addresses.</param>
/// <param name="endpoints">The endpoints.</param>
/// <param name="application">The application to use with the endpoints.</param>
/// <returns>The translated list of endpoints.</returns>
protected EndpointDescriptionCollection TranslateEndpointDescriptions(
Uri clientUrl,
IList <BaseAddress> baseAddresses,
IList <EndpointDescription> endpoints,
ApplicationDescription application)
{
EndpointDescriptionCollection translations = new EndpointDescriptionCollection();
// process endpoints
foreach (EndpointDescription endpoint in endpoints)
{
UriBuilder endpointUrl = new UriBuilder(endpoint.EndpointUrl);
// find matching base address.
foreach (BaseAddress baseAddress in baseAddresses)
{
bool translateHttpsEndpoint = false;
if (endpoint.TransportProfileUri == Profiles.HttpsBinaryTransport && baseAddress.ProfileUri == Profiles.HttpsBinaryTransport)
{
translateHttpsEndpoint = true;
}
if (endpoint.TransportProfileUri != baseAddress.ProfileUri && !translateHttpsEndpoint)
{
continue;
}
if (endpointUrl.Scheme != baseAddress.Url.Scheme)
{
continue;
}
EndpointDescription translation = new EndpointDescription();
translation.EndpointUrl = baseAddress.Url.ToString();
if (endpointUrl.Path.StartsWith(baseAddress.Url.PathAndQuery) && endpointUrl.Path.Length > baseAddress.Url.PathAndQuery.Length)
{
string suffix = endpointUrl.Path.Substring(baseAddress.Url.PathAndQuery.Length);
translation.EndpointUrl += suffix;
}
translation.ProxyUrl = endpoint.ProxyUrl;
translation.SecurityLevel = endpoint.SecurityLevel;
translation.SecurityMode = endpoint.SecurityMode;
translation.SecurityPolicyUri = endpoint.SecurityPolicyUri;
translation.ServerCertificate = endpoint.ServerCertificate;
translation.TransportProfileUri = endpoint.TransportProfileUri;
translation.UserIdentityTokens = endpoint.UserIdentityTokens;
translation.Server = application;
// skip duplicates.
bool duplicateFound = false;
foreach (EndpointDescription existingTranslation in translations)
{
if (existingTranslation.IsEqual(translation))
{
duplicateFound = true;
break;
}
}
if (!duplicateFound)
{
translations.Add(translation);
}
}
}
return(translations);
}
/// <summary>
/// Creates a new UA-binary transport channel if requested. Null otherwise.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="clientCertificateChain">The client certificate chain.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel CreateUaBinaryChannel(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
X509Certificate2Collection clientCertificateChain,
ServiceMessageContext messageContext)
{
bool useUaTcp = description.EndpointUrl.StartsWith(Utils.UriSchemeOpcTcp);
bool useHttps = description.EndpointUrl.StartsWith(Utils.UriSchemeHttps);
switch (description.TransportProfileUri)
{
case Profiles.UaTcpTransport:
{
useUaTcp = true;
break;
}
case Profiles.HttpsBinaryTransport:
{
useHttps = true;
break;
}
}
// note: WCF channels are not supported
if (!useUaTcp
#if !NO_HTTPS
&& !useHttps
#endif
)
{
throw ServiceResultException.Create(
StatusCodes.BadProtocolVersionUnsupported,
"Unsupported transport profile\r\n");
}
// initialize the channel which will be created with the server.
ITransportChannel channel = null;
// create a UA-TCP channel.
TransportChannelSettings settings = new TransportChannelSettings();
settings.Description = description;
settings.Configuration = endpointConfiguration;
settings.ClientCertificate = clientCertificate;
settings.ClientCertificateChain = clientCertificateChain;
if (description.ServerCertificate != null && description.ServerCertificate.Length > 0)
{
settings.ServerCertificate = Utils.ParseCertificateBlob(description.ServerCertificate);
}
if (configuration != null)
{
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
}
settings.NamespaceUris = messageContext.NamespaceUris;
settings.Factory = messageContext.Factory;
if (useUaTcp)
{
if (g_CustomTransportChannel != null)
{
channel = g_CustomTransportChannel.Create();
}
else
{
channel = new TcpTransportChannel();
}
}
else if (useHttps)
{
#if !NO_HTTPS
channel = new HttpsTransportChannel();
#endif
}
channel.Initialize(new Uri(description.EndpointUrl), settings);
channel.Open();
return(channel);
}
/// <summary>
/// Creates a new transport channel that supports the ISessionChannel service contract.
/// </summary>
/// <param name="discoveryUrl">The discovery url.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel Create(
Uri discoveryUrl,
EndpointConfiguration endpointConfiguration,
ServiceMessageContext messageContext)
{
// create a dummy description.
EndpointDescription endpoint = new EndpointDescription();
endpoint.EndpointUrl = discoveryUrl.ToString();
endpoint.SecurityMode = MessageSecurityMode.None;
endpoint.SecurityPolicyUri = SecurityPolicies.None;
endpoint.Server.ApplicationUri = endpoint.EndpointUrl;
endpoint.Server.ApplicationType = ApplicationType.DiscoveryServer;
ITransportChannel channel = CreateUaBinaryChannel(
null,
endpoint,
endpointConfiguration,
(System.Security.Cryptography.X509Certificates.X509Certificate2)null,
messageContext);
return channel;
}
/// <summary>
/// Caches application description and list of available endpoints.
/// </summary>
private void InitializeApplicationDescription()
{
// this method is caches the information the first time a client connects.
if (m_application == null)
{
// the serviceCertificate element in the app.config file controls what certificate is loaded.
m_serverCertificate = OperationContext.Current.Host.Credentials.ServiceCertificate.Certificate;
// the URL may be the discovery or the session endpoint. need to store the session endpoint.
string endpointUrl = OperationContext.Current.Channel.LocalAddress.ToString();
if (endpointUrl.EndsWith("/discovery", StringComparison.InvariantCulture))
{
endpointUrl = endpointUrl.Substring(0, endpointUrl.Length - "/discovery".Length);
}
// The EndpointDescription stores the information specified in the ISessionEndpoint binding.
// This structure is used in the UA discovery services and allows client applications to
// discover what security settings are used by the server.
EndpointDescription endpoint = new EndpointDescription();
endpoint.EndpointUrl = endpointUrl;
endpoint.SecurityMode = MessageSecurityMode.SignAndEncrypt_3;
endpoint.SecurityPolicyUri = SecurityPolicies.Basic128Rsa15;
endpoint.ServerCertificate = m_serverCertificate.GetRawCertData();
endpoint.TransportProfileUri = Profiles.WsHttpXmlTransport;
endpoint.Server = new ApplicationDescription();
endpoint.Server.ApplicationUri = ApplicationUri;
endpoint.Server.ApplicationType = ApplicationType.Server_0;
endpoint.Server.DiscoveryUrls = new ListOfString();
endpoint.Server.DiscoveryUrls.Add(endpointUrl + "/discovery");
// no authorization supported at this time.
UserTokenPolicy userTokenPolicy = new UserTokenPolicy();
userTokenPolicy.TokenType = UserTokenType.Anonymous_0;
endpoint.UserIdentityTokens = new ListOfUserTokenPolicy();
endpoint.UserIdentityTokens.Add(userTokenPolicy);
m_application = endpoint.Server;
// If the server supports multiple bindings it will need multiple EndpointDescriptions. These
// structures can be constructed automatically from the bindings in the OperationContext object
// This example simply hard codes the settings so a mismatch between the app.config could cause
// problems.
m_endpoints = new ListOfEndpointDescription();
m_endpoints.Add(endpoint);
}
}
/// <summary>
/// Creates a new UA-binary transport channel if requested. Null otherwise.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="clientCertificateChain">The client certificate chain.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel CreateUaBinaryChannel(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
X509Certificate2Collection clientCertificateChain,
IServiceMessageContext messageContext)
{
string uriScheme = new Uri(description.EndpointUrl).Scheme;
switch (description.TransportProfileUri)
{
case Profiles.UaTcpTransport:
{
uriScheme = Utils.UriSchemeOpcTcp;
break;
}
case Profiles.HttpsBinaryTransport:
{
uriScheme = Utils.UriSchemeHttps;
break;
}
case Profiles.UaWssTransport:
{
uriScheme = Utils.UriSchemeOpcWss;
break;
}
}
// initialize the channel which will be created with the server.
ITransportChannel channel = TransportBindings.Channels.GetChannel(uriScheme);
if (channel == null)
{
throw ServiceResultException.Create(
StatusCodes.BadProtocolVersionUnsupported,
"Unsupported transport profile for scheme {0}.", uriScheme);
}
// create a UA-TCP channel.
TransportChannelSettings settings = new TransportChannelSettings {
Description = description,
Configuration = endpointConfiguration,
ClientCertificate = clientCertificate,
ClientCertificateChain = clientCertificateChain
};
if (description.ServerCertificate != null && description.ServerCertificate.Length > 0)
{
settings.ServerCertificate = Utils.ParseCertificateBlob(description.ServerCertificate);
}
if (configuration != null)
{
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
}
settings.NamespaceUris = messageContext.NamespaceUris;
settings.Factory = messageContext.Factory;
channel.Initialize(new Uri(description.EndpointUrl), settings);
channel.Open();
return(channel);
}
/// <summary>
/// Creates a new UA-binary transport channel if requested. Null otherwise.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel CreateUaBinaryChannel(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
// check if the server if configured to use the ANSI C stack.
bool useUaTcp = description.EndpointUrl.StartsWith(Utils.UriSchemeOpcTcp);
bool useHttps = description.EndpointUrl.StartsWith(Utils.UriSchemeHttps);
bool useAnsiCStack = false;
switch (description.TransportProfileUri)
{
case Profiles.UaTcpTransport:
{
useUaTcp = true;
if (configuration != null)
{
useAnsiCStack = configuration.UseNativeStack;
}
break;
}
case Profiles.HttpsXmlTransport:
case Profiles.HttpsBinaryTransport:
case Profiles.HttpsXmlOrBinaryTransport:
{
useHttps = true;
break;
}
}
// note: WCF channels are not supported
if (!useUaTcp && !useHttps)
{
throw ServiceResultException.Create(
StatusCodes.BadServiceUnsupported,
"Unsupported transport profile\r\n");
}
// initialize the channel which will be created with the server.
ITransportChannel channel = null;
// create a UA-TCP channel.
TransportChannelSettings settings = new TransportChannelSettings();
settings.Description = description;
settings.Configuration = endpointConfiguration;
settings.ClientCertificate = clientCertificate;
if (description.ServerCertificate != null && description.ServerCertificate.Length > 0)
{
settings.ServerCertificate = Utils.ParseCertificateBlob(description.ServerCertificate);
}
if (configuration != null)
{
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
}
settings.NamespaceUris = messageContext.NamespaceUris;
settings.Factory = messageContext.Factory;
if (useUaTcp)
{
Type type = null;
if (useAnsiCStack)
{
type = Type.GetType("Opc.Ua.NativeStack.NativeStackChannel,Opc.Ua.NativeStackWrapper");
}
if (useAnsiCStack && type != null)
{
channel = (ITransportChannel)Activator.CreateInstance(type);
}
else
{
channel = new Opc.Ua.Bindings.TcpTransportChannel();
}
}
else if (useHttps)
{
channel = new Opc.Ua.Bindings.HttpsTransportChannel();
}
channel.Initialize(new Uri(description.EndpointUrl), settings);
channel.Open();
return(channel);
}
/// <summary>
/// Creates a new UA-binary transport channel if requested. Null otherwise.
/// </summary>
/// <param name="configuration">The application configuration.</param>
/// <param name="description">The description for the endpoint.</param>
/// <param name="endpointConfiguration">The configuration to use with the endpoint.</param>
/// <param name="clientCertificate">The client certificate.</param>
/// <param name="messageContext">The message context to use when serializing the messages.</param>
/// <returns></returns>
public static ITransportChannel CreateUaBinaryChannel(
ApplicationConfiguration configuration,
EndpointDescription description,
EndpointConfiguration endpointConfiguration,
X509Certificate2 clientCertificate,
ServiceMessageContext messageContext)
{
// check if the server if configured to use the ANSI C stack.
bool useUaTcp = description.EndpointUrl.StartsWith(Utils.UriSchemeOpcTcp);
bool useHttps = description.EndpointUrl.StartsWith(Utils.UriSchemeHttps);
#if !SILVERLIGHT
bool useAnsiCStack = false;
#else
useHttps = description.EndpointUrl.StartsWith(Utils.UriSchemeHttp);
#endif
switch (description.TransportProfileUri)
{
case Profiles.UaTcpTransport:
{
useUaTcp = true;
#if !SILVERLIGHT
if (configuration != null)
{
useAnsiCStack = configuration.UseNativeStack;
}
#endif
break;
}
case Profiles.HttpsXmlTransport:
case Profiles.HttpsBinaryTransport:
case Profiles.HttpsXmlOrBinaryTransport:
{
useHttps = true;
break;
}
}
#if !SILVERLIGHT
// check for a WCF channel.
if (!useUaTcp && !useHttps)
{
// binary channels only need the base class.
if (endpointConfiguration.UseBinaryEncoding)
{
Uri endpointUrl = new Uri(description.EndpointUrl);
BindingFactory bindingFactory = BindingFactory.Create(configuration, messageContext);
Binding binding = bindingFactory.Create(endpointUrl.Scheme, description, endpointConfiguration);
WcfChannelBase<IChannelBase> wcfChannel = new WcfChannelBase<IChannelBase>();
// create regular binding.
if (configuration != null)
{
wcfChannel.Initialize(
configuration,
description,
endpointConfiguration,
binding,
clientCertificate,
null);
}
// create no-security discovery binding.
else
{
wcfChannel.Initialize(
description,
endpointConfiguration,
binding,
null);
}
return wcfChannel;
}
return null;
}
#endif
// initialize the channel which will be created with the server.
ITransportChannel channel = null;
// create a UA-TCP channel.
TransportChannelSettings settings = new TransportChannelSettings();
settings.Description = description;
settings.Configuration = endpointConfiguration;
settings.ClientCertificate = clientCertificate;
if (description.ServerCertificate != null && description.ServerCertificate.Length > 0)
{
settings.ServerCertificate = Utils.ParseCertificateBlob(description.ServerCertificate);
}
#if !SILVERLIGHT
if (configuration != null)
{
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
}
#endif
settings.NamespaceUris = messageContext.NamespaceUris;
settings.Factory = messageContext.Factory;
if (useUaTcp)
{
#if !SILVERLIGHT
Type type = null;
if (useAnsiCStack)
{
type = Type.GetType("Opc.Ua.NativeStack.NativeStackChannel,Opc.Ua.NativeStackWrapper");
}
if (useAnsiCStack && type != null)
{
channel = (ITransportChannel)Activator.CreateInstance(type);
}
else
{
channel = new Opc.Ua.Bindings.TcpTransportChannel();
}
#endif
}
else if (useHttps)
{
channel = new Opc.Ua.Bindings.HttpsTransportChannel();
}
channel.Initialize(new Uri(description.EndpointUrl), settings);
channel.Open();
return channel;
}
/// <summary>
/// Creates a session binding for the specified URI scheme.
/// </summary>
/// <param name="uriScheme">The URI scheme.</param>
/// <param name="description">The description.</param>
/// <param name="configuration">The configuration.</param>
/// <returns></returns>
public virtual Binding Create(
string uriScheme,
EndpointDescription description,
EndpointConfiguration configuration)
{
if (uriScheme == null) throw new ArgumentNullException("uriScheme");
Type bindingType = null;
if (!m_bindings.TryGetValue(uriScheme, out bindingType))
{
throw ServiceResultException.Create(StatusCodes.BadInvalidArgument, "Could not find binding type for scheme: '{0}'.", uriScheme);
}
try
{
return (Binding)Activator.CreateInstance(bindingType, m_namespaceUris, m_factory, configuration, description);
}
catch (Exception e)
{
throw ServiceResultException.Create(StatusCodes.BadInvalidArgument, e, "An session binding for type '{0}' could not be created from the EndpointDescription and the EndpointConfiguration.", bindingType.FullName);
}
}
/// <summary>
/// Updates an endpoint with information from the server's discovery endpoint.
/// </summary>
public void UpdateFromServer(
Uri endpointUrl,
MessageSecurityMode securityMode,
string securityPolicyUri)
{
// get the a discovery url.
Uri discoveryUrl = GetDiscoveryUrl(endpointUrl);
// create the discovery client.
DiscoveryClient client = DiscoveryClient.Create(discoveryUrl, m_configuration);
try
{
// get the endpoints.
EndpointDescriptionCollection collection = client.GetEndpoints(null);
if (collection == null || collection.Count == 0)
{
throw ServiceResultException.Create(
StatusCodes.BadUnknownResponse,
"Server does not have any endpoints defined.");
}
// find list of matching endpoints.
EndpointDescriptionCollection matches = new EndpointDescriptionCollection();
// first pass - match on the requested security parameters.
foreach (EndpointDescription description in collection)
{
// check for match on security policy.
if (!String.IsNullOrEmpty(securityPolicyUri))
{
if (securityPolicyUri != description.SecurityPolicyUri)
{
continue;
}
}
// check for match on security mode.
if (securityMode != MessageSecurityMode.Invalid)
{
if (securityMode != description.SecurityMode)
{
continue;
}
}
// add to list of matches.
matches.Add(description);
}
// no matches (security parameters may have changed).
if (matches.Count == 0)
{
matches = collection;
}
// check if list has to be narrowed down further.
if (matches.Count > 1)
{
collection = matches;
matches = new EndpointDescriptionCollection();
// second pass - match on the url scheme.
foreach (EndpointDescription description in collection)
{
// parse the endpoint url.
Uri sessionUrl = Utils.ParseUri(description.EndpointUrl);
if (sessionUrl == null)
{
continue;
}
// check for matching protocol.
if (sessionUrl.Scheme != endpointUrl.Scheme)
{
continue;
}
matches.Add(description);
}
}
// no matches (protocol may not be supported).
if (matches.Count == 0)
{
matches = collection;
}
// choose first in list by default.
EndpointDescription match = matches[0];
// check if list has to be narrowed down further.
if (matches.Count > 1)
{
// third pass - match based on security level.
foreach (EndpointDescription description in matches)
{
if (description.SecurityMode > match.SecurityMode)
{
match = description;
}
}
}
// check if the endpoint url matches the endpoint used in the request.
Uri matchUrl = Utils.ParseUri(match.EndpointUrl);
if (matchUrl == null || String.Compare(discoveryUrl.DnsSafeHost, matchUrl.DnsSafeHost, StringComparison.OrdinalIgnoreCase) != 0)
{
UriBuilder uri = new UriBuilder(matchUrl);
uri.Host = discoveryUrl.DnsSafeHost;
uri.Port = discoveryUrl.Port;
match.EndpointUrl = uri.ToString();
// need to update the discovery urls.
match.Server.DiscoveryUrls.Clear();
match.Server.DiscoveryUrls.Add(discoveryUrl.ToString());
}
// update the endpoint.
Update(match);
}
finally
{
client.Close();
}
}
/// <summary>
/// Finds the best match for the current protocol and security selections.
/// </summary>
private int FindBestUserTokenPolicy(EndpointDescription endpoint)
{
// filter by the current token type.
UserTokenItem currentTokenType = new UserTokenItem(UserTokenType.Anonymous);
if (UserTokenTypeCB.SelectedIndex != -1)
{
currentTokenType = (UserTokenItem)UserTokenTypeCB.SelectedItem;
}
// filter by issued token type.
string currentIssuedTokenType = (string)IssuedTokenTypeCB.SelectedItem;
// find all matching descriptions.
UserTokenPolicyCollection matches = new UserTokenPolicyCollection();
if (endpoint != null)
{
for (int ii = 0; ii < endpoint.UserIdentityTokens.Count; ii++)
{
UserTokenPolicy policy = endpoint.UserIdentityTokens[ii];
if (currentTokenType.Policy.PolicyId == policy.PolicyId)
{
return ii;
}
}
for (int ii = 0; ii < endpoint.UserIdentityTokens.Count; ii++)
{
UserTokenPolicy policy = endpoint.UserIdentityTokens[ii];
if (currentTokenType.Policy.TokenType != policy.TokenType)
{
continue;
}
if (policy.TokenType == UserTokenType.IssuedToken)
{
if (currentIssuedTokenType != policy.IssuedTokenType)
{
continue;
}
}
return ii;
}
}
return -1;
}
/// <summary>
/// Creates a new endpoint from a url that is not part of the collection.
/// </summary>
/// <remarks>
/// Call the Add() method to add it to the collection.
/// </remarks>
public ConfiguredEndpoint Create(string url)
{
// check for security parameters appended to the URL
string parameters = null;
int index = url.IndexOf("- [", StringComparison.Ordinal);
if (index != -1)
{
parameters = url.Substring(index + 3);
url = url.Substring(0, index).Trim();
}
MessageSecurityMode securityMode = MessageSecurityMode.SignAndEncrypt;
string securityPolicyUri = SecurityPolicies.Basic128Rsa15;
bool useBinaryEncoding = true;
if (!String.IsNullOrEmpty(parameters))
{
string[] fields = parameters.Split(new char[] { '-', '[', ':', ']' }, StringSplitOptions.RemoveEmptyEntries);
try
{
if (fields.Length > 0)
{
securityMode = (MessageSecurityMode)Enum.Parse(typeof(MessageSecurityMode), fields[0], false);
}
else
{
securityMode = MessageSecurityMode.None;
}
}
catch
{
securityMode = MessageSecurityMode.None;
}
try
{
if (fields.Length > 1)
{
securityPolicyUri = SecurityPolicies.GetUri(fields[1]);
}
else
{
securityPolicyUri = SecurityPolicies.None;
}
}
catch
{
securityPolicyUri = SecurityPolicies.None;
}
try
{
if (fields.Length > 2)
{
useBinaryEncoding = fields[2] == "Binary";
}
else
{
useBinaryEncoding = false;
}
}
catch
{
useBinaryEncoding = false;
}
}
Uri uri = new Uri(url);
EndpointDescription description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.SecurityMode = securityMode;
description.SecurityPolicyUri = securityPolicyUri;
description.Server.ApplicationUri = Utils.UpdateInstanceUri(uri.ToString());
description.Server.ApplicationName = uri.AbsolutePath;
if (description.EndpointUrl.StartsWith(Utils.UriSchemeOpcTcp, StringComparison.Ordinal))
{
description.TransportProfileUri = Profiles.UaTcpTransport;
description.Server.DiscoveryUrls.Add(description.EndpointUrl);
}
else if (description.EndpointUrl.StartsWith(Utils.UriSchemeHttps, StringComparison.Ordinal))
{
description.TransportProfileUri = Profiles.HttpsBinaryTransport;
description.Server.DiscoveryUrls.Add(description.EndpointUrl);
}
ConfiguredEndpoint endpoint = new ConfiguredEndpoint(this, description, null);
endpoint.Configuration.UseBinaryEncoding = useBinaryEncoding;
endpoint.UpdateBeforeConnect = true;
return(endpoint);
}
/// <summary>
/// Returns the UserTokenPolicies supported by the server.
/// </summary>
/// <param name="configuration">The configuration.</param>
/// <param name="description">The description.</param>
/// <returns>Returns a collection of UserTokenPolicy objects, the return type is <seealso cref="UserTokenPolicyCollection"/> . </returns>
protected virtual UserTokenPolicyCollection GetUserTokenPolicies(ApplicationConfiguration configuration, EndpointDescription description)
{
UserTokenPolicyCollection policies = new UserTokenPolicyCollection();
if (configuration.ServerConfiguration == null || configuration.ServerConfiguration.UserTokenPolicies == null)
{
return policies;
}
foreach (UserTokenPolicy policy in configuration.ServerConfiguration.UserTokenPolicies)
{
// ensure a security policy is specified for user tokens.
if (description.SecurityMode == MessageSecurityMode.None)
{
if (String.IsNullOrEmpty(policy.SecurityPolicyUri))
{
UserTokenPolicy clone = (UserTokenPolicy)policy.Clone();
clone.SecurityPolicyUri = SecurityPolicies.Basic256;
policies.Add(clone);
continue;
}
}
policies.Add(policy);
}
// ensure each policy has a unique id.
for (int ii = 0; ii < policies.Count; ii++)
{
if (String.IsNullOrEmpty(policies[ii].PolicyId))
{
policies[ii].PolicyId = Utils.Format("{0}", ii);
}
}
return policies;
}
/// <summary>
/// Translates the endpoint descriptions based on the client url and profiles provided.
/// </summary>
/// <param name="clientUrl">The client URL.</param>
/// <param name="baseAddresses">The base addresses.</param>
/// <param name="endpoints">The endpoints.</param>
/// <param name="application">The application to use with the endpoints.</param>
/// <returns>The translated list of endpoints.</returns>
protected EndpointDescriptionCollection TranslateEndpointDescriptions(
Uri clientUrl,
IList<BaseAddress> baseAddresses,
IList<EndpointDescription> endpoints,
ApplicationDescription application)
{
EndpointDescriptionCollection translations = new EndpointDescriptionCollection();
// process endpoints
foreach (EndpointDescription endpoint in endpoints)
{
UriBuilder endpointUrl = new UriBuilder(endpoint.EndpointUrl);
// find matching base address.
foreach (BaseAddress baseAddress in baseAddresses)
{
bool translateHttpsEndpoint = false;
if ((endpoint.TransportProfileUri == Profiles.HttpsBinaryTransport && baseAddress.ProfileUri == Profiles.HttpsXmlOrBinaryTransport)
|| endpoint.TransportProfileUri == Profiles.HttpsBinaryTransport && baseAddress.ProfileUri == Profiles.HttpsBinaryTransport)
{
translateHttpsEndpoint = true;
}
if ((endpoint.TransportProfileUri == Profiles.HttpsXmlTransport && baseAddress.ProfileUri == Profiles.HttpsXmlOrBinaryTransport)
|| endpoint.TransportProfileUri == Profiles.HttpsXmlTransport && baseAddress.ProfileUri == Profiles.HttpsXmlTransport)
{
translateHttpsEndpoint = true;
}
if (endpoint.TransportProfileUri != baseAddress.ProfileUri && !translateHttpsEndpoint)
{
continue;
}
if (endpointUrl.Scheme != baseAddress.Url.Scheme)
{
continue;
}
EndpointDescription translation = new EndpointDescription();
translation.EndpointUrl = baseAddress.Url.ToString();
if (endpointUrl.Path.StartsWith(baseAddress.Url.PathAndQuery) && endpointUrl.Path.Length > baseAddress.Url.PathAndQuery.Length)
{
string suffix = endpointUrl.Path.Substring(baseAddress.Url.PathAndQuery.Length);
translation.EndpointUrl += suffix;
}
translation.ProxyUrl = endpoint.ProxyUrl;
translation.SecurityLevel = endpoint.SecurityLevel;
translation.SecurityMode = endpoint.SecurityMode;
translation.SecurityPolicyUri = endpoint.SecurityPolicyUri;
translation.ServerCertificate = endpoint.ServerCertificate;
translation.TransportProfileUri = endpoint.TransportProfileUri;
translation.UserIdentityTokens = endpoint.UserIdentityTokens;
translation.Server = application;
translations.Add(translation);
}
}
return translations;
}
/// <summary>
/// Create a new service host for protocols that support only one policy per host.
/// </summary>
/// <param name="hosts">The hosts.</param>
/// <param name="configuration">The configuration.</param>
/// <param name="bindingFactory">The binding factory.</param>
/// <param name="baseAddresses">The base addresses.</param>
/// <param name="serverDescription">The server description.</param>
/// <param name="securityMode">The security mode.</param>
/// <param name="securityPolicyUri">The security policy URI.</param>
/// <param name="basePath">The base path to use when constructing the hosts.</param>
/// <returns>Returns list of descriptions for the EndpointDescription DataType, return type is list of <seealso cref="EndpointDescription"/>.</returns>
protected List<EndpointDescription> CreateSinglePolicyServiceHost(
IDictionary<string, ServiceHost> hosts,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
IList<string> baseAddresses,
ApplicationDescription serverDescription,
MessageSecurityMode securityMode,
string securityPolicyUri,
string basePath)
{
// generate a unique host name.
string hostName = basePath;
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", SecurityPolicies.GetDisplayName(securityPolicyUri));
}
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", securityMode);
}
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", hosts.Count);
}
// build list of uris.
List<Uri> uris = new List<Uri>();
List<EndpointDescription> endpoints = new List<EndpointDescription>();
string computerName = System.Net.Dns.GetHostName();
for (int ii = 0; ii < baseAddresses.Count; ii++)
{
// UA TCP and HTTPS endpoints have their own host.
if (baseAddresses[ii].StartsWith(Utils.UriSchemeOpcTcp, StringComparison.Ordinal) ||
baseAddresses[ii].StartsWith(Utils.UriSchemeHttps, StringComparison.Ordinal) ||
baseAddresses[ii].StartsWith(Utils.UriSchemeNoSecurityHttp, StringComparison.Ordinal))
{
continue;
}
UriBuilder uri = new UriBuilder(baseAddresses[ii]);
if (String.Compare(uri.Host, "localhost", StringComparison.OrdinalIgnoreCase) == 0)
{
uri.Host = computerName;
}
uri.Path += hostName;
uris.Add(uri.Uri);
// create the endpoint description.
EndpointDescription description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.Server = serverDescription;
description.SecurityMode = securityMode;
description.SecurityPolicyUri = securityPolicyUri;
description.TransportProfileUri = Profiles.WsHttpXmlTransport;
description.UserIdentityTokens = GetUserTokenPolicies(configuration, description);
bool requireEncryption = RequireEncryption(description);
if (!requireEncryption)
{
foreach (UserTokenPolicy userTokenPolicy in description.UserIdentityTokens)
{
if (userTokenPolicy.SecurityPolicyUri != SecurityPolicies.None)
{
requireEncryption = true;
break;
}
}
}
if (requireEncryption)
{
if (InstanceCertificate == null)
{
throw new ServiceResultException( StatusCodes.BadConfigurationError,
"Server does not have an instance certificate assigned." );
}
description.ServerCertificate = InstanceCertificate.RawData;
//if (InstanceCertificateChain != null)
//{
// List<byte> certificateChainList = new List<byte>();
// for (int i = 0; i < InstanceCertificateChain.Count; i++)
// {
// certificateChainList.AddRange(InstanceCertificateChain[i].RawData);
// }
// description.ServerCertificate = certificateChainList.ToArray();
//}
}
endpoints.Add(description);
}
// check if nothing to do.
if (uris.Count == 0)
{
return endpoints;
}
// create the host.
ServiceHost serviceHost = CreateServiceHost(this, uris.ToArray());
// create the endpoint configuration to use.
EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(configuration);
// initialize the host.
serviceHost.InitializeSinglePolicy(
GetServiceContract(),
configuration,
bindingFactory,
endpointConfiguration,
endpoints,
securityMode,
securityPolicyUri);
if (String.IsNullOrEmpty(hostName))
{
serviceHost.InitializeDiscovery(configuration, serverDescription.DiscoveryUrls);
}
// save in server list.
hosts[hostName] = serviceHost;
return endpoints;
}
/// <summary>
/// Create a new service host for UA HTTPS.
/// </summary>
protected List<EndpointDescription> CreateHttpsServiceHost(
IDictionary<string, ServiceHost> hosts,
ApplicationConfiguration configuration,
BindingFactory bindingFactory,
IList<string> baseAddresses,
ApplicationDescription serverDescription,
List<ServerSecurityPolicy> securityPolicies)
{
// generate a unique host name.
string hostName = String.Empty;
if (hosts.ContainsKey(hostName))
{
hostName = "/Https";
}
if (hosts.ContainsKey(hostName))
{
hostName += Utils.Format("/{0}", hosts.Count);
}
// build list of uris.
List<Uri> uris = new List<Uri>();
EndpointDescriptionCollection endpoints = new EndpointDescriptionCollection();
// create the endpoint configuration to use.
EndpointConfiguration endpointConfiguration = EndpointConfiguration.Create(configuration);
string computerName = System.Net.Dns.GetHostName();
for (int ii = 0; ii < baseAddresses.Count; ii++)
{
if (!baseAddresses[ii].StartsWith(Utils.UriSchemeHttps, StringComparison.Ordinal) &&
!baseAddresses[ii].StartsWith(Utils.UriSchemeNoSecurityHttp, StringComparison.Ordinal))
{
continue;
}
UriBuilder uri = new UriBuilder(baseAddresses[ii]);
if (uri.Scheme == Utils.UriSchemeNoSecurityHttp)
{
uri.Scheme = Utils.UriSchemeHttp;
}
if (uri.Path[uri.Path.Length-1] != '/')
{
uri.Path += "/";
}
if (String.Compare(uri.Host, "localhost", StringComparison.OrdinalIgnoreCase) == 0)
{
uri.Host = computerName;
}
uris.Add(uri.Uri);
if (uri.Scheme == Utils.UriSchemeHttps)
{
// can only support one policy with HTTPS so pick the best one.
ServerSecurityPolicy bestPolicy = null;
foreach (ServerSecurityPolicy policy in securityPolicies)
{
if (bestPolicy == null)
{
bestPolicy = policy;
continue;
}
if (bestPolicy.SecurityLevel > policy.SecurityLevel)
{
bestPolicy = policy;
continue;
}
}
EndpointDescription description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.Server = serverDescription;
description.ServerCertificate = InstanceCertificate.RawData;
//if (InstanceCertificateChain != null)
//{
// List<byte> certificateChainList = new List<byte>();
// for (int i = 0; i < InstanceCertificateChain.Count; i++)
// {
// certificateChainList.AddRange(InstanceCertificateChain[i].RawData);
// }
// description.ServerCertificate = certificateChainList.ToArray();
//}
description.SecurityMode = bestPolicy.SecurityMode;
description.SecurityPolicyUri = bestPolicy.SecurityPolicyUri;
description.SecurityLevel = bestPolicy.SecurityLevel;
description.UserIdentityTokens = GetUserTokenPolicies(configuration, description);
description.TransportProfileUri = Profiles.HttpsBinaryTransport;
endpoints.Add(description);
// create the endpoint description.
description = new EndpointDescription();
description.EndpointUrl = uri.ToString();
description.Server = serverDescription;
description.ServerCertificate = InstanceCertificate.RawData;
//if (InstanceCertificateChain != null)
//{
// List<byte> certificateChainList = new List<byte>();
// for (int i = 0; i < InstanceCertificateChain.Count; i++)
// {
// certificateChainList.AddRange(InstanceCertificateChain[i].RawData);
// }
// description.ServerCertificate = certificateChainList.ToArray();
//}
description.SecurityMode = MessageSecurityMode.None;
description.SecurityPolicyUri = SecurityPolicies.None;
description.SecurityLevel = 0;
description.UserIdentityTokens = GetUserTokenPolicies(configuration, description);
description.TransportProfileUri = Profiles.HttpsXmlTransport;
endpoints.Add(description);
}
// create the stack listener.
try
{
TransportListenerSettings settings = new TransportListenerSettings();
settings.Descriptions = endpoints;
settings.Configuration = endpointConfiguration;
settings.ServerCertificate = this.InstanceCertificate;
//settings.ServerCertificateChain = this.InstanceCertificateChain;
settings.CertificateValidator = configuration.CertificateValidator.GetChannelValidator();
settings.NamespaceUris = this.MessageContext.NamespaceUris;
settings.Factory = this.MessageContext.Factory;
ITransportListener listener = new Opc.Ua.Bindings.UaHttpsChannelListener();
listener.Open(
uri.Uri,
settings,
GetEndpointInstance(this));
TransportListeners.Add(listener);
}
catch (Exception e)
{
Utils.Trace(e, "Could not load HTTPS Stack Listener.");
throw;
}
}
return endpoints;
}
/// <summary>
/// Initializes the user identity control.
/// </summary>
private void InitializeIssuedTokenType(EndpointDescription endpoint)
{
// get the current user token type.
UserTokenItem currentTokenType = new UserTokenItem(UserTokenType.Anonymous);
if (UserTokenTypeCB.SelectedIndex != -1)
{
currentTokenType = (UserTokenItem)UserTokenTypeCB.SelectedItem;
}
// preserve the existing value.
string currentIssuedTokenType = (string)IssuedTokenTypeCB.SelectedItem;
IssuedTokenTypeCB.Items.Clear();
IssuedTokenTypeCB.IsEnabled = false;
// only applies to issued tokens.
if (currentTokenType.Policy.TokenType != UserTokenType.IssuedToken)
{
return;
}
// only one item to select.
if (currentTokenType.Policy.IssuedTokenType != null)
{
IssuedTokenTypeCB.Items.Add(currentTokenType.Policy.IssuedTokenType);
IssuedTokenTypeCB.SelectedIndex = 0;
IssuedTokenTypeCB.IsEnabled = true;
}
}