Esempio n. 1
0
        private SecurityContextSecurityToken DeserializeContext(byte[] serializedContext, byte[] cookieBlob, string id, XmlDictionaryReaderQuotas quotas)
        {
            List <IAuthorizationPolicy> list3;
            SctClaimDictionary          instance = SctClaimDictionary.Instance;
            XmlDictionaryReader         reader   = XmlDictionaryReader.CreateBinaryReader(serializedContext, 0, serializedContext.Length, instance, quotas, null, null);
            int      num            = -1;
            UniqueId contextId      = null;
            DateTime minUtcDateTime = System.ServiceModel.Security.SecurityUtils.MinUtcDateTime;
            DateTime maxUtcDateTime = System.ServiceModel.Security.SecurityUtils.MaxUtcDateTime;

            byte[]            key               = null;
            string            str               = null;
            UniqueId          keyGeneration     = null;
            DateTime          keyEffectiveTime  = System.ServiceModel.Security.SecurityUtils.MinUtcDateTime;
            DateTime          keyExpirationTime = System.ServiceModel.Security.SecurityUtils.MaxUtcDateTime;
            List <ClaimSet>   claimSets         = null;
            IList <IIdentity> identities        = null;
            bool isCookieMode = true;

            reader.ReadFullStartElement(instance.SecurityContextSecurityToken, instance.EmptyString);
            while (reader.IsStartElement())
            {
                if (reader.IsStartElement(instance.Version, instance.EmptyString))
                {
                    num = reader.ReadElementContentAsInt();
                }
                else
                {
                    if (reader.IsStartElement(instance.ContextId, instance.EmptyString))
                    {
                        contextId = reader.ReadElementContentAsUniqueId();
                        continue;
                    }
                    if (reader.IsStartElement(instance.Id, instance.EmptyString))
                    {
                        str = reader.ReadElementContentAsString();
                        continue;
                    }
                    if (reader.IsStartElement(instance.EffectiveTime, instance.EmptyString))
                    {
                        minUtcDateTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                        continue;
                    }
                    if (reader.IsStartElement(instance.ExpiryTime, instance.EmptyString))
                    {
                        maxUtcDateTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                        continue;
                    }
                    if (reader.IsStartElement(instance.Key, instance.EmptyString))
                    {
                        key = reader.ReadElementContentAsBase64();
                        continue;
                    }
                    if (reader.IsStartElement(instance.KeyGeneration, instance.EmptyString))
                    {
                        keyGeneration = reader.ReadElementContentAsUniqueId();
                        continue;
                    }
                    if (reader.IsStartElement(instance.KeyEffectiveTime, instance.EmptyString))
                    {
                        keyEffectiveTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                        continue;
                    }
                    if (reader.IsStartElement(instance.KeyExpiryTime, instance.EmptyString))
                    {
                        keyExpirationTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                        continue;
                    }
                    if (reader.IsStartElement(instance.Identities, instance.EmptyString))
                    {
                        identities = SctClaimSerializer.DeserializeIdentities(reader, instance, DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), this.knownTypes, 0x7fffffff));
                        continue;
                    }
                    if (reader.IsStartElement(instance.ClaimSets, instance.EmptyString))
                    {
                        reader.ReadStartElement();
                        DataContractSerializer serializer      = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), this.knownTypes, 0x7fffffff);
                        DataContractSerializer claimSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), this.knownTypes, 0x7fffffff);
                        claimSets = new List <ClaimSet>(1);
                        while (reader.IsStartElement())
                        {
                            claimSets.Add(SctClaimSerializer.DeserializeClaimSet(reader, instance, serializer, claimSerializer));
                        }
                        reader.ReadEndElement();
                        continue;
                    }
                    if (reader.IsStartElement(instance.IsCookieMode, instance.EmptyString))
                    {
                        isCookieMode = reader.ReadElementString() == "1";
                    }
                    else
                    {
                        OnInvalidCookieFailure(System.ServiceModel.SR.GetString("SctCookieXmlParseError"));
                    }
                }
            }
            reader.ReadEndElement();
            if (num != 1)
            {
                throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("SerializedTokenVersionUnsupported", new object[] { num })));
            }
            if (contextId == null)
            {
                OnInvalidCookieFailure(System.ServiceModel.SR.GetString("SctCookieValueMissingOrIncorrect", new object[] { "ContextId" }));
            }
            if ((key == null) || (key.Length == 0))
            {
                OnInvalidCookieFailure(System.ServiceModel.SR.GetString("SctCookieValueMissingOrIncorrect", new object[] { "Key" }));
            }
            if (str != id)
            {
                OnInvalidCookieFailure(System.ServiceModel.SR.GetString("SctCookieValueMissingOrIncorrect", new object[] { "Id" }));
            }
            if (claimSets != null)
            {
                list3 = new List <IAuthorizationPolicy>(1)
                {
                    new SctUnconditionalPolicy(identities, claimSets, maxUtcDateTime)
                };
            }
            else
            {
                list3 = null;
            }
            return(new SecurityContextSecurityToken(contextId, str, key, minUtcDateTime, maxUtcDateTime, (list3 != null) ? list3.AsReadOnly() : null, isCookieMode, cookieBlob, keyGeneration, keyEffectiveTime, keyExpirationTime));
        }
        SecurityContextSecurityToken DeserializeContext(byte[] serializedContext, byte[] cookieBlob, string id, XmlDictionaryReaderQuotas quotas)
        {
            SctClaimDictionary  dictionary = SctClaimDictionary.Instance;
            XmlDictionaryReader reader     = XmlDictionaryReader.CreateBinaryReader(serializedContext, 0, serializedContext.Length, dictionary, quotas, null, null);
            int      cookieVersion         = -1;
            UniqueId cookieContextId       = null;
            DateTime effectiveTime         = SecurityUtils.MinUtcDateTime;
            DateTime expiryTime            = SecurityUtils.MaxUtcDateTime;

            byte[]            key               = null;
            string            localId           = null;
            UniqueId          keyGeneration     = null;
            DateTime          keyEffectiveTime  = SecurityUtils.MinUtcDateTime;
            DateTime          keyExpirationTime = SecurityUtils.MaxUtcDateTime;
            List <ClaimSet>   claimSets         = null;
            IList <IIdentity> identities        = null;
            bool isCookie = true;

            reader.ReadFullStartElement(dictionary.SecurityContextSecurityToken, dictionary.EmptyString);

            while (reader.IsStartElement())
            {
                if (reader.IsStartElement(dictionary.Version, dictionary.EmptyString))
                {
                    cookieVersion = reader.ReadElementContentAsInt();
                }
                else if (reader.IsStartElement(dictionary.ContextId, dictionary.EmptyString))
                {
                    cookieContextId = reader.ReadElementContentAsUniqueId();
                }
                else if (reader.IsStartElement(dictionary.Id, dictionary.EmptyString))
                {
                    localId = reader.ReadElementContentAsString();
                }
                else if (reader.IsStartElement(dictionary.EffectiveTime, dictionary.EmptyString))
                {
                    effectiveTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                }
                else if (reader.IsStartElement(dictionary.ExpiryTime, dictionary.EmptyString))
                {
                    expiryTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                }
                else if (reader.IsStartElement(dictionary.Key, dictionary.EmptyString))
                {
                    key = reader.ReadElementContentAsBase64();
                }
                else if (reader.IsStartElement(dictionary.KeyGeneration, dictionary.EmptyString))
                {
                    keyGeneration = reader.ReadElementContentAsUniqueId();
                }
                else if (reader.IsStartElement(dictionary.KeyEffectiveTime, dictionary.EmptyString))
                {
                    keyEffectiveTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                }
                else if (reader.IsStartElement(dictionary.KeyExpiryTime, dictionary.EmptyString))
                {
                    keyExpirationTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
                }
                else if (reader.IsStartElement(dictionary.Identities, dictionary.EmptyString))
                {
                    identities = SctClaimSerializer.DeserializeIdentities(reader, dictionary, DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), this.knownTypes, int.MaxValue));
                }
                else if (reader.IsStartElement(dictionary.ClaimSets, dictionary.EmptyString))
                {
                    reader.ReadStartElement();

                    DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), this.knownTypes, int.MaxValue);
                    DataContractSerializer claimSerializer    = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), this.knownTypes, int.MaxValue);
                    claimSets = new List <ClaimSet>(1);
                    while (reader.IsStartElement())
                    {
                        claimSets.Add(SctClaimSerializer.DeserializeClaimSet(reader, dictionary, claimSetSerializer, claimSerializer));
                    }

                    reader.ReadEndElement();
                }
                else if (reader.IsStartElement(dictionary.IsCookieMode, dictionary.EmptyString))
                {
                    isCookie = reader.ReadElementString() == "1" ? true : false;
                }
                else
                {
                    OnInvalidCookieFailure(SR.GetString(SR.SctCookieXmlParseError));
                }
            }
            reader.ReadEndElement();
            if (cookieVersion != SupportedPersistanceVersion)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SerializedTokenVersionUnsupported, cookieVersion)));
            }
            if (cookieContextId == null)
            {
                OnInvalidCookieFailure(SR.GetString(SR.SctCookieValueMissingOrIncorrect, "ContextId"));
            }
            if (key == null || key.Length == 0)
            {
                OnInvalidCookieFailure(SR.GetString(SR.SctCookieValueMissingOrIncorrect, "Key"));
            }
            if (localId != id)
            {
                OnInvalidCookieFailure(SR.GetString(SR.SctCookieValueMissingOrIncorrect, "Id"));
            }
            List <IAuthorizationPolicy> authorizationPolicies;

            if (claimSets != null)
            {
                authorizationPolicies = new List <IAuthorizationPolicy>(1);
                authorizationPolicies.Add(new SctUnconditionalPolicy(identities, claimSets, expiryTime));
            }
            else
            {
                authorizationPolicies = null;
            }
            return(new SecurityContextSecurityToken(cookieContextId, localId, key, effectiveTime, expiryTime,
                                                    authorizationPolicies != null ? authorizationPolicies.AsReadOnly() : null, isCookie, cookieBlob, keyGeneration, keyEffectiveTime, keyExpirationTime));
        }