public BinaryBodyReader(XmlDictionaryReader reader)
{
reader.ReadStartElement(BinaryElementName);
_data = reader.ReadContentAsBase64();
if (reader.NodeType == XmlNodeType.Text) reader.Read();
reader.ReadEndElement();
}
public void ReadXml( XmlDictionaryReader reader )
{
if ( reader == null )
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "reader" );
}
reader.MoveToContent();
if ( !reader.IsStartElement( XmlEncryptionConstants.Elements.CipherData, XmlEncryptionConstants.Namespace ) )
{
throw DiagnosticUtility.ThrowHelperXml( reader, SR.GetString( SR.ID4188 ) );
}
reader.ReadStartElement( XmlEncryptionConstants.Elements.CipherData, XmlEncryptionConstants.Namespace );
reader.ReadStartElement( XmlEncryptionConstants.Elements.CipherValue, XmlEncryptionConstants.Namespace );
_cipherText = reader.ReadContentAsBase64();
_iv = null;
// <CipherValue>
reader.MoveToContent();
reader.ReadEndElement();
// <CipherData>
reader.MoveToContent();
reader.ReadEndElement();
}
public override object ReadObject(XmlDictionaryReader reader, bool verifyObjectName)
{
reader.ReadStartElement("Data");
var data = reader.ReadContentAsBase64();
reader.ReadEndElement();
return DecodeObject(data);
}
/// <summary>
/// Reads the body of an object
/// </summary>
public override object ReadObject(System.Xml.XmlDictionaryReader reader, bool verifyObjectName)
{
if (reader == null)
{
throw new ArgumentNullException("reader");
}
reader.MoveToContent();
bool isSelfClosed = reader.IsEmptyElement, isNil = reader.GetAttribute("nil") == "true";
reader.ReadStartElement(PROTO_ELEMENT);
// explicitly null
if (isNil)
{
if (!isSelfClosed)
{
reader.ReadEndElement();
}
return(null);
}
if (isSelfClosed) // no real content
{
if (isList || isEnum)
{
return(model.Deserialize(Stream.Null, null, type, null));
}
using (ProtoReader protoReader = new ProtoReader(Stream.Null, model, null))
{
return(model.Deserialize(key, null, protoReader));
}
}
object result;
Helpers.DebugAssert(reader.CanReadBinaryContent, "CanReadBinaryContent");
using (MemoryStream ms = new MemoryStream(reader.ReadContentAsBase64()))
{
if (isList || isEnum)
{
result = model.Deserialize(ms, null, type, null);
}
else
{
using (ProtoReader protoReader = new ProtoReader(ms, model, null))
{
result = model.Deserialize(key, null, protoReader);
}
}
}
reader.ReadEndElement();
return(result);
}
public override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore(XmlDictionaryReader reader)
{
string encryptionMethod = null;
string carriedKeyName = null;
SecurityKeyIdentifier encryptingKeyIdentifier = null;
byte[] encryptedKey = null;
reader.ReadStartElement(XD.XmlEncryptionDictionary.EncryptedKey, NamespaceUri);
if (reader.IsStartElement(XD.XmlEncryptionDictionary.EncryptionMethod, NamespaceUri))
{
encryptionMethod = reader.GetAttribute(XD.XmlEncryptionDictionary.AlgorithmAttribute, null);
bool isEmptyElement = reader.IsEmptyElement;
reader.ReadStartElement();
if (!isEmptyElement)
{
while (reader.IsStartElement())
{
reader.Skip();
}
reader.ReadEndElement();
}
}
if (this.securityTokenSerializer.CanReadKeyIdentifier(reader))
{
encryptingKeyIdentifier = this.securityTokenSerializer.ReadKeyIdentifier(reader);
}
reader.ReadStartElement(XD.XmlEncryptionDictionary.CipherData, NamespaceUri);
reader.ReadStartElement(XD.XmlEncryptionDictionary.CipherValue, NamespaceUri);
encryptedKey = reader.ReadContentAsBase64();
reader.ReadEndElement();
reader.ReadEndElement();
if (reader.IsStartElement(XD.XmlEncryptionDictionary.CarriedKeyName, NamespaceUri))
{
reader.ReadStartElement();
carriedKeyName = reader.ReadString();
reader.ReadEndElement();
}
reader.ReadEndElement();
return new EncryptedKeyIdentifierClause(encryptedKey, encryptionMethod, encryptingKeyIdentifier, carriedKeyName);
}
public static Claim DeserializeClaim(XmlDictionaryReader reader, SctClaimDictionary dictionary, XmlObjectSerializer serializer)
{
if (reader.IsStartElement(dictionary.NullValue, dictionary.EmptyString))
{
reader.ReadElementString();
return null;
}
else if (reader.IsStartElement(dictionary.WindowsSidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] sidBytes = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Sid, new SecurityIdentifier(sidBytes, 0), right);
}
else if (reader.IsStartElement(dictionary.DenyOnlySidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] sidBytes = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.DenyOnlySid, new SecurityIdentifier(sidBytes, 0), right);
}
else if (reader.IsStartElement(dictionary.X500DistinguishedNameClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] rawData = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.X500DistinguishedName, new X500DistinguishedName(rawData), right);
}
else if (reader.IsStartElement(dictionary.X509ThumbprintClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] thumbprint = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Thumbprint, thumbprint, right);
}
else if (reader.IsStartElement(dictionary.NameClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string name = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Name, name, right);
}
else if (reader.IsStartElement(dictionary.DnsClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string dns = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Dns, dns, right);
}
else if (reader.IsStartElement(dictionary.RsaClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string rsaXml = reader.ReadString();
reader.ReadEndElement();
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.FromXmlString(rsaXml);
return new Claim(ClaimTypes.Rsa, rsa, right);
}
else if (reader.IsStartElement(dictionary.MailAddressClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string address = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Email, new System.Net.Mail.MailAddress(address), right);
}
else if (reader.IsStartElement(dictionary.SystemClaim, dictionary.EmptyString))
{
reader.ReadElementString();
return Claim.System;
}
else if (reader.IsStartElement(dictionary.HashClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] hash = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Hash, hash, right);
}
else if (reader.IsStartElement(dictionary.SpnClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string spn = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Spn, spn, right);
}
else if (reader.IsStartElement(dictionary.UpnClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string upn = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Upn, upn, right);
}
else if (reader.IsStartElement(dictionary.UrlClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string url = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Uri, new Uri(url), right);
}
else
{
return (Claim)serializer.ReadObject(reader);
}
}
protected override void ReadCipherData(XmlDictionaryReader reader)
{
this.cipherText = reader.ReadContentAsBase64();
}
public static Claim DeserializeClaim(XmlDictionaryReader reader, SctClaimDictionary dictionary, XmlObjectSerializer serializer)
{
if (reader.IsStartElement(dictionary.NullValue, dictionary.EmptyString))
{
reader.ReadElementString();
return null;
}
if (reader.IsStartElement(dictionary.WindowsSidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] binaryForm = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Sid, new SecurityIdentifier(binaryForm, 0), right);
}
if (reader.IsStartElement(dictionary.DenyOnlySidClaim, dictionary.EmptyString))
{
string str2 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] buffer2 = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.DenyOnlySid, new SecurityIdentifier(buffer2, 0), str2);
}
if (reader.IsStartElement(dictionary.X500DistinguishedNameClaim, dictionary.EmptyString))
{
string str3 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] encodedDistinguishedName = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.X500DistinguishedName, new X500DistinguishedName(encodedDistinguishedName), str3);
}
if (reader.IsStartElement(dictionary.X509ThumbprintClaim, dictionary.EmptyString))
{
string str4 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] resource = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Thumbprint, resource, str4);
}
if (reader.IsStartElement(dictionary.NameClaim, dictionary.EmptyString))
{
string str5 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string str6 = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Name, str6, str5);
}
if (reader.IsStartElement(dictionary.DnsClaim, dictionary.EmptyString))
{
string str7 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string str8 = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Dns, str8, str7);
}
if (reader.IsStartElement(dictionary.RsaClaim, dictionary.EmptyString))
{
string str9 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string xmlString = reader.ReadString();
reader.ReadEndElement();
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(xmlString);
return new Claim(ClaimTypes.Rsa, provider, str9);
}
if (reader.IsStartElement(dictionary.MailAddressClaim, dictionary.EmptyString))
{
string str11 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string address = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Email, new MailAddress(address), str11);
}
if (reader.IsStartElement(dictionary.SystemClaim, dictionary.EmptyString))
{
reader.ReadElementString();
return Claim.System;
}
if (reader.IsStartElement(dictionary.HashClaim, dictionary.EmptyString))
{
string str13 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] buffer5 = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Hash, buffer5, str13);
}
if (reader.IsStartElement(dictionary.SpnClaim, dictionary.EmptyString))
{
string str14 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string str15 = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Spn, str15, str14);
}
if (reader.IsStartElement(dictionary.UpnClaim, dictionary.EmptyString))
{
string str16 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string str17 = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Upn, str17, str16);
}
if (reader.IsStartElement(dictionary.UrlClaim, dictionary.EmptyString))
{
string str18 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string uriString = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Uri, new Uri(uriString), str18);
}
return (Claim) serializer.ReadObject(reader);
}
// xml format
//<DerivedKeyToken wsu:Id="..." wsse:Algorithm="..."> id required, alg optional (curr disallowed)
// <SecurityTokenReference>...</SecurityTokenReference> - required
// <Properties>...</Properties> - disallowed (optional in spec, but we disallow it)
// choice begin - (schema requires a choice - we allow neither on read - we always write one)
// <Generation>...</Generation> - optional
// <Offset>...</Offset> - optional
// choice end
// <Length>...</Length> - optional - default 32 on read (default specified in spec, not in schema - we always write it)
// <Label>...</Label> - optional
// <Nonce>...</Nonce> - required (optional in spec, but we require it)
//</DerivedKeyToken>
public virtual void ReadDerivedKeyTokenParameters(XmlDictionaryReader reader, SecurityTokenResolver tokenResolver, out string id, out string derivationAlgorithm, out string label, out int length, out byte[] nonce, out int offset, out int generation, out SecurityKeyIdentifierClause tokenToDeriveIdentifier, out SecurityToken tokenToDerive)
{
if (tokenResolver == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenResolver");
}
id = reader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace);
derivationAlgorithm = reader.GetAttribute(XD.XmlSignatureDictionary.Algorithm, null);
if (derivationAlgorithm == null)
{
derivationAlgorithm = parent.DerivationAlgorithm;
}
reader.ReadStartElement();
tokenToDeriveIdentifier = null;
tokenToDerive = null;
if (reader.IsStartElement(XD.SecurityJan2004Dictionary.SecurityTokenReference, XD.SecurityJan2004Dictionary.Namespace))
{
tokenToDeriveIdentifier = parent.WSSecurityTokenSerializer.ReadKeyIdentifierClause(reader);
tokenResolver.TryResolveToken(tokenToDeriveIdentifier, out tokenToDerive);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyTokenRequiresTokenReference)));
}
// no support for properties
generation = -1;
if (reader.IsStartElement(parent.SerializerDictionary.Generation, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
generation = reader.ReadContentAsInt();
reader.ReadEndElement();
if (generation < 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyInvalidGenerationSpecified, generation)));
}
offset = -1;
if (reader.IsStartElement(parent.SerializerDictionary.Offset, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
offset = reader.ReadContentAsInt();
reader.ReadEndElement();
if (offset < 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyInvalidOffsetSpecified, offset)));
}
length = DerivedKeySecurityToken.DefaultDerivedKeyLength;
if (reader.IsStartElement(parent.SerializerDictionary.Length, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
length = reader.ReadContentAsInt();
reader.ReadEndElement();
}
if ((offset == -1) && (generation == -1))
offset = 0;
// verify that the offset is not larger than the max allowed
DerivedKeySecurityToken.EnsureAcceptableOffset(offset, generation, length, this.maxKeyDerivationOffset);
label = null;
if (reader.IsStartElement(parent.SerializerDictionary.Label, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
label = reader.ReadString();
reader.ReadEndElement();
}
if (label != null && label.Length > this.maxKeyDerivationLabelLength)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.DerivedKeyTokenLabelTooLong, label.Length, this.maxKeyDerivationLabelLength)));
}
nonce = null;
reader.ReadStartElement(parent.SerializerDictionary.Nonce, parent.SerializerDictionary.Namespace);
nonce = reader.ReadContentAsBase64();
reader.ReadEndElement();
if (nonce != null && nonce.Length > this.maxKeyDerivationNonceLength)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.DerivedKeyTokenNonceTooLong, nonce.Length, this.maxKeyDerivationNonceLength)));
}
reader.ReadEndElement();
}
public static byte[] ReadPropagationTokenElement(XmlDictionaryReader reader)
{
reader.ReadFullStartElement(XD.OleTxTransactionExternalDictionary.PropagationToken,
XD.OleTxTransactionExternalDictionary.Namespace);
byte[] propagationToken = reader.ReadContentAsBase64();
if (propagationToken.Length == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.InvalidPropagationToken)));
}
reader.ReadEndElement();
return propagationToken;
}
public override SecurityKeyIdentifierClause ReadClause(XmlDictionaryReader reader, byte[] derivationNonce, int derivationLength, string tokenType)
{
byte[] bytes;
string attribute = reader.GetAttribute(XD.SecurityJan2004Dictionary.EncodingType, null);
if (attribute == null)
{
attribute = this.DefaultEncodingType;
}
reader.ReadStartElement();
if (attribute == "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary")
{
bytes = reader.ReadContentAsBase64();
}
else if (attribute == "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#HexBinary")
{
bytes = SoapHexBinary.Parse(reader.ReadContentAsString()).Value;
}
else
{
if (attribute != "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text")
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnknownEncodingInKeyIdentifier")));
}
bytes = new UTF8Encoding().GetBytes(reader.ReadContentAsString());
}
reader.ReadEndElement();
return this.CreateClause(bytes, derivationNonce, derivationLength);
}
public override SecurityKeyIdentifierClause ReadClause(XmlDictionaryReader reader, byte[] derivationNonce, int derivationLength, string tokenType)
{
string encodingType = reader.GetAttribute(XD.SecurityJan2004Dictionary.EncodingType, null);
if (encodingType == null)
{
encodingType = DefaultEncodingType;
}
reader.ReadStartElement();
byte[] bytes;
if (encodingType == EncodingTypeValueBase64Binary)
{
bytes = reader.ReadContentAsBase64();
}
else if (encodingType == EncodingTypeValueHexBinary)
{
bytes = HexBinary.Parse(reader.ReadContentAsString()).Value;
}
else if (encodingType == EncodingTypeValueText)
{
bytes = new UTF8Encoding().GetBytes(reader.ReadContentAsString());
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityMessageSerializationException(SR.GetString(SR.UnknownEncodingInKeyIdentifier)));
}
reader.ReadEndElement();
return CreateClause(bytes, derivationNonce, derivationLength);
}
/// <summary>
/// Reads a single ClaimsIdentity from a XmlDictionaryReader.
/// </summary>
/// <param name="dictionaryReader">XmlDictionaryReader positioned at dictionary.Identity.</param>
/// <param name="dictionary">SessionDictionary to provide dictionary strings.</param>
/// <exception cref="ArgumentNullException">The input argument 'dictionaryReader' or 'dictionary' is null.</exception>
/// <exception cref="SecurityTokenException">The dictionaryReader is not positioned a SessionDictionary.Identity.</exception>
/// <returns>ClaimsIdentity</returns>
ClaimsIdentity ReadIdentity(XmlDictionaryReader dictionaryReader, SessionDictionary dictionary)
{
if (dictionaryReader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("dictionaryReader");
}
if (dictionary == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("dictionary");
}
dictionaryReader.MoveToContent();
ClaimsIdentity identity = null;
if (!dictionaryReader.IsStartElement(dictionary.Identity, dictionary.EmptyString))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID3007, dictionaryReader.LocalName, dictionaryReader.NamespaceURI)));
}
// @NameClaimType
string nameClaimType = dictionaryReader.GetAttribute(dictionary.NameClaimType, dictionary.EmptyString);
// @RoleClaimType
string roleClaimType = dictionaryReader.GetAttribute(dictionary.RoleClaimType, dictionary.EmptyString);
// @WindowsLogonName (optional) => windows claims identity
string logonName = dictionaryReader.GetAttribute(dictionary.WindowsLogonName, dictionary.EmptyString);
string authenticationType = dictionaryReader.GetAttribute(dictionary.AuthenticationType, dictionary.EmptyString);
if (string.IsNullOrEmpty(logonName))
{
identity = new ClaimsIdentity(authenticationType, nameClaimType, roleClaimType);
}
else
{
// The WindowsIdentity(string, string) c'tor does not set the Auth type. Hence we use that c'tor to get a intPtr and
// call the other c'tor that actually sets the authType passed in.
// DevDiv 279196 tracks the issue and in WindowsIdentity c'tor. Its too late to fix it in 4.5 cycle as we are in Beta and would not be
// able to complete the analysis of the change for the current release. This should be investigated in 5.0
WindowsIdentity winId = new WindowsIdentity(GetUpn(logonName));
identity = new WindowsIdentity(winId.Token, authenticationType);
}
// @Label
identity.Label = dictionaryReader.GetAttribute(dictionary.Label, dictionary.EmptyString);
dictionaryReader.ReadFullStartElement();
// <ClaimCollection>
if (dictionaryReader.IsStartElement(dictionary.ClaimCollection, dictionary.EmptyString))
{
dictionaryReader.ReadStartElement();
Collection<Claim> claims = new Collection<Claim>();
ReadClaims(dictionaryReader, dictionary, claims);
identity.AddClaims(claims);
dictionaryReader.ReadEndElement();
}
// <Actor>
if (dictionaryReader.IsStartElement(dictionary.Actor, dictionary.EmptyString))
{
dictionaryReader.ReadStartElement();
identity.Actor = ReadIdentity(dictionaryReader, dictionary);
dictionaryReader.ReadEndElement();
}
if (dictionaryReader.IsStartElement(dictionary.BootstrapToken, dictionary.EmptyString))
{
dictionaryReader.ReadStartElement();
byte[] bytes = dictionaryReader.ReadContentAsBase64();
using (MemoryStream ms = new MemoryStream(bytes))
{
BinaryFormatter formatter = new BinaryFormatter();
identity.BootstrapContext = (BootstrapContext)formatter.Deserialize(ms);
}
dictionaryReader.ReadEndElement();
}
dictionaryReader.ReadEndElement(); // Identity
return identity;
}
/// <summary>
/// Deserializes a WCF claim.
/// </summary>
/// <param name="reader">XmlReader to the WCF Claim.</param>
/// <returns>Instance of <see cref="System.IdentityModel.Claims.Claim"/></returns>
private SysClaim DeserializeSysClaim(XmlDictionaryReader reader)
{
SessionDictionary dictionary = SessionDictionary.Instance;
if (reader.IsStartElement(dictionary.NullValue, dictionary.EmptyString))
{
reader.ReadElementString();
return null;
}
else if (reader.IsStartElement(dictionary.WindowsSidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] sidBytes = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Sid, new SecurityIdentifier(sidBytes, 0), right);
}
else if (reader.IsStartElement(dictionary.DenyOnlySidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] sidBytes = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.DenyOnlySid, new SecurityIdentifier(sidBytes, 0), right);
}
else if (reader.IsStartElement(dictionary.X500DistinguishedNameClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] rawData = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.X500DistinguishedName, new X500DistinguishedName(rawData), right);
}
else if (reader.IsStartElement(dictionary.X509ThumbprintClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] thumbprint = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Thumbprint, thumbprint, right);
}
else if (reader.IsStartElement(dictionary.NameClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string name = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Name, name, right);
}
else if (reader.IsStartElement(dictionary.DnsClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string dns = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Dns, dns, right);
}
else if (reader.IsStartElement(dictionary.RsaClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string rsaXml = reader.ReadString();
reader.ReadEndElement();
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.FromXmlString(rsaXml);
return new SysClaim(SysClaimTypes.Rsa, rsa, right);
}
else if (reader.IsStartElement(dictionary.MailAddressClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string address = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Email, new System.Net.Mail.MailAddress(address), right);
}
else if (reader.IsStartElement(dictionary.SystemClaim, dictionary.EmptyString))
{
reader.ReadElementString();
return SysClaim.System;
}
else if (reader.IsStartElement(dictionary.HashClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] hash = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Hash, hash, right);
}
else if (reader.IsStartElement(dictionary.SpnClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string spn = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Spn, spn, right);
}
else if (reader.IsStartElement(dictionary.UpnClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string upn = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Upn, upn, right);
}
else if (reader.IsStartElement(dictionary.UrlClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string url = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Uri, new Uri(url), right);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4289, reader.LocalName, reader.NamespaceURI)));
}
}
public static ClaimSet DeserializeClaimSet(XmlDictionaryReader reader, SctClaimDictionary dictionary, XmlObjectSerializer serializer, XmlObjectSerializer claimSerializer)
{
if (reader.IsStartElement(dictionary.NullValue, dictionary.EmptyString))
{
reader.ReadElementString();
return null;
}
else if (reader.IsStartElement(dictionary.X509CertificateClaimSet, dictionary.EmptyString))
{
reader.ReadStartElement();
byte[] rawData = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new X509CertificateClaimSet(new X509Certificate2(rawData), false);
}
else if (reader.IsStartElement(dictionary.SystemClaimSet, dictionary.EmptyString))
{
reader.ReadElementString();
return ClaimSet.System;
}
else if (reader.IsStartElement(dictionary.WindowsClaimSet, dictionary.EmptyString))
{
reader.ReadElementString();
return ClaimSet.Windows;
}
else if (reader.IsStartElement(dictionary.AnonymousClaimSet, dictionary.EmptyString))
{
reader.ReadElementString();
return ClaimSet.Anonymous;
}
else if (reader.IsStartElement(dictionary.ClaimSet, dictionary.EmptyString))
{
ClaimSet issuer = null;
List<Claim> claims = new List<Claim>();
reader.ReadStartElement();
if (reader.IsStartElement(dictionary.PrimaryIssuer, dictionary.EmptyString))
{
reader.ReadStartElement();
issuer = DeserializeClaimSet(reader, dictionary, serializer, claimSerializer);
reader.ReadEndElement();
}
while (reader.IsStartElement())
{
reader.ReadStartElement();
claims.Add(DeserializeClaim(reader, dictionary, claimSerializer));
reader.ReadEndElement();
}
reader.ReadEndElement();
return issuer != null ? new DefaultClaimSet(issuer, claims) : new DefaultClaimSet(claims);
}
else
{
return (ClaimSet)serializer.ReadObject(reader);
}
}
internal static byte[] GetRequiredBase64Attribute(XmlDictionaryReader reader, XmlDictionaryString name, XmlDictionaryString ns)
{
if (!reader.MoveToAttribute(name.Value, ns == null ? null : ns.Value))
{
OnRequiredAttributeMissing(name.Value, ns == null ? null : ns.Value);
}
byte[] value = reader.ReadContentAsBase64();
if (value == null || value.Length == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new XmlException(SR.Format(SR.EmptyBase64Attribute, name, ns)));
}
return value;
}
protected override void ReadCipherData(XmlDictionaryReader reader)
{
this.wrappedKey = reader.ReadContentAsBase64();
}
public static byte[] ReadPropagationTokenElement(XmlDictionaryReader reader)
{
reader.ReadFullStartElement(XD.OleTxTransactionExternalDictionary.PropagationToken, XD.OleTxTransactionExternalDictionary.Namespace);
byte[] buffer = reader.ReadContentAsBase64();
if (buffer.Length == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(System.ServiceModel.SR.GetString("InvalidPropagationToken")));
}
reader.ReadEndElement();
return buffer;
}
public BinaryBodyReader(XmlDictionaryReader reader)
{
reader.ReadStartElement(BinaryElementName);
_data = reader.ReadContentAsBase64();
reader.ReadEndElement();
}
