public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
var securityTokenSerializer = base.CreateSecurityTokenSerializer(version);
return(new Saml2InitiatorSecurityTokenSerializer(securityTokenSerializer));
}
/// <summary>
/// There is a
internal static SecurityVersion GetSecurityVersion(SecurityTokenVersion tokenVersion)
{
if (tokenVersion == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenVersion");
}
//
// Workaround for WCF
if (tokenVersion is MessageSecurityTokenVersion)
{
SecurityVersion sv = (tokenVersion as MessageSecurityTokenVersion).SecurityVersion;
if (sv != null)
{
return(sv);
}
}
else
{
if (tokenVersion.GetSecuritySpecifications().Contains(WSSecurity11Constants.Namespace))
{
return(SecurityVersion.WSSecurity11);
}
else if (tokenVersion.GetSecuritySpecifications().Contains(WSSecurity10Constants.Namespace))
{
return(SecurityVersion.WSSecurity10);
}
}
return(SecurityVersion.WSSecurity11);
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("version");
}
MessageSecurityTokenVersion wsVersion = version as MessageSecurityTokenVersion;
if (wsVersion != null)
{
SamlSerializer samlSerializer = null;
if (parent.IssuedTokenAuthentication != null)
{
samlSerializer = parent.IssuedTokenAuthentication.SamlSerializer;
}
else
{
samlSerializer = new SamlSerializer();
}
return(new WSSecurityTokenSerializer(wsVersion.SecurityVersion, wsVersion.TrustVersion, wsVersion.SecureConversationVersion, wsVersion.EmitBspRequiredAttributes, samlSerializer, parent.SecureConversationAuthentication.SecurityStateEncoder, parent.SecureConversationAuthentication.SecurityContextClaimTypes));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SecurityTokenManagerCannotCreateSerializerForVersion, version)));
}
}
IssuedSecurityTokenProvider CreateIssuedProviderBase(SecurityTokenRequirement r)
{
IssuedSecurityTokenProvider p =
new IssuedSecurityTokenProvider();
p.TargetAddress = r.GetProperty <EndpointAddress> (ReqType.TargetAddressProperty);
// FIXME: use it somewhere, probably to build
// IssuerBinding. However, there is also IssuerBinding
// property. SecureConversationSecurityBindingElement
// as well.
SecurityBindingElement sbe =
r.GetProperty <SecurityBindingElement> (ReqType.SecurityBindingElementProperty);
// I doubt the binding is acquired this way ...
Binding binding;
if (!r.TryGetProperty <Binding> (ReqType.IssuerBindingProperty, out binding))
{
binding = new CustomBinding(sbe,
new TextMessageEncodingBindingElement(),
new HttpTransportBindingElement());
}
p.IssuerBinding = binding;
// not sure if it is used only for this purpose though ...
BindingContext ctx = r.GetProperty <BindingContext> (ReqType.IssuerBindingContextProperty);
foreach (IEndpointBehavior b in ctx.BindingParameters.FindAll <IEndpointBehavior> ())
{
p.IssuerChannelBehaviors.Add(b);
}
SecurityTokenVersion ver =
r.GetProperty <SecurityTokenVersion> (ReqType.MessageSecurityVersionProperty);
p.SecurityTokenSerializer =
CreateSecurityTokenSerializer(ver);
// seems like they are optional here ... (but possibly
// used later)
EndpointAddress address;
if (!r.TryGetProperty <EndpointAddress> (ReqType.IssuerAddressProperty, out address))
{
address = p.TargetAddress;
}
p.IssuerAddress = address;
// It is somehow not checked as mandatory ...
SecurityAlgorithmSuite suite = null;
r.TryGetProperty <SecurityAlgorithmSuite> (ReqType.SecurityAlgorithmSuiteProperty, out suite);
p.SecurityAlgorithmSuite = suite;
return(p);
}
internal override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(version));
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.SecurityTokenManagerCannotCreateSerializerForVersion, version)));
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
bool bsp = version.GetSecuritySpecifications().Contains(Constants.WSBasicSecurityProfileCore1);
SecurityVersion ver =
version.GetSecuritySpecifications().Contains(Constants.Wss11Namespace) ?
SecurityVersion.WSSecurity11 :
SecurityVersion.WSSecurity10;
return(new WSSecurityTokenSerializer(ver, bsp));
}
/// <summary>
/// Overriden from the base class. Creates the requested Token Serializer.
/// Returns a Security Token Serializer that is wraps the list of token
/// hanlders registerd and also the serializers from the inner token manager.
/// </summary>
/// <param name="version">SecurityTokenVersion of the serializer to be created.</param>
/// <returns>Instance of SecurityTokenSerializer.</returns>
/// <exception cref="ArgumentNullException">Input parameter is null.</exception>
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("version");
}
TrustVersion trustVersion = null;
SecureConversationVersion scVersion = null;
foreach (string securitySpecification in version.GetSecuritySpecifications())
{
if (StringComparer.Ordinal.Equals(securitySpecification, WSTrustFeb2005Constants.NamespaceURI))
{
trustVersion = TrustVersion.WSTrustFeb2005;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, WSTrust13Constants.NamespaceURI))
{
trustVersion = TrustVersion.WSTrust13;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, WSSecureConversationFeb2005Constants.Namespace))
{
scVersion = SecureConversationVersion.WSSecureConversationFeb2005;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, WSSecureConversation13Constants.Namespace))
{
scVersion = SecureConversationVersion.WSSecureConversation13;
}
if (trustVersion != null && scVersion != null)
{
break;
}
}
if (trustVersion == null)
{
trustVersion = TrustVersion.WSTrust13;
}
if (scVersion == null)
{
scVersion = SecureConversationVersion.WSSecureConversation13;
}
WsSecurityTokenSerializerAdapter adapter = new WsSecurityTokenSerializerAdapter(_securityTokenHandlerCollection,
GetSecurityVersion(version), trustVersion, scVersion, false, this.ServiceCredentials.IssuedTokenAuthentication.SamlSerializer,
this.ServiceCredentials.SecureConversationAuthentication.SecurityStateEncoder,
this.ServiceCredentials.SecureConversationAuthentication.SecurityContextClaimTypes);
adapter.MapExceptionsToSoapFaults = true;
adapter.ExceptionMapper = _exceptionMapper;
return(adapter);
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (this.delegateManager != null)
{
return(this.delegateManager.CreateSecurityTokenSerializer(version));
}
MessageSecurityTokenVersion version2 = version as MessageSecurityTokenVersion;
if (version2 == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("SecurityTokenManagerCannotCreateSerializerForVersion", new object[] { version })));
}
return(new WSSecurityTokenSerializer(version2.SecurityVersion, version2.TrustVersion, version2.SecureConversationVersion, version2.EmitBspRequiredAttributes, null, null, null));
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
bool bsp = version.GetSecuritySpecifications().Contains(Constants.WSBasicSecurityProfileCore1);
SecurityVersion ver =
version.GetSecuritySpecifications().Contains(Constants.Wss11Namespace) ?
SecurityVersion.WSSecurity11 :
SecurityVersion.WSSecurity10;
// FIXME: pass correct arguments.
return(new WSSecurityTokenSerializer(ver, bsp, null,
ServiceCredentials.SecureConversationAuthentication.SecurityStateEncoder,
Type.EmptyTypes,
int.MaxValue, int.MaxValue, int.MaxValue));
}
void InitializeAuthenticatorCommunicationObject(AuthenticatorCommunicationObject p, SecurityTokenRequirement r)
{
p.ListenUri = r.GetProperty <Uri> (ReqType.ListenUriProperty);
// FIXME: use it somewhere, probably to build
// IssuerBinding. However, there is also IssuerBinding
// property. SecureConversationSecurityBindingElement
// as well.
SecurityBindingElement sbe =
r.GetProperty <SecurityBindingElement> (ReqType.SecurityBindingElementProperty);
p.SecurityBindingElement = sbe;
/*
* // I doubt the binding is acquired this way ...
* Binding binding;
* if (!r.TryGetProperty<Binding> (ReqType.IssuerBindingProperty, out binding))
* binding = new CustomBinding (
* new TextMessageEncodingBindingElement (),
* new HttpTransportBindingElement ());
* p.IssuerBinding = binding;
*
* // not sure if it is used only for this purpose though ...
* BindingContext ctx = r.GetProperty<BindingContext> (ReqType.IssuerBindingContextProperty);
* foreach (IEndpointBehavior b in ctx.BindingParameters.FindAll<IEndpointBehavior> ())
* p.IssuerChannelBehaviors.Add (b);
*/
SecurityTokenVersion ver =
r.GetProperty <SecurityTokenVersion> (ReqType.MessageSecurityVersionProperty);
p.SecurityTokenSerializer =
CreateSecurityTokenSerializer(ver);
/*
* // seems like they are optional here ... (but possibly
* // used later)
* EndpointAddress address;
* if (!r.TryGetProperty<EndpointAddress> (ReqType.IssuerAddressProperty, out address))
* address = p.TargetAddress;
* p.IssuerAddress = address;
*/
// It is somehow not checked as mandatory ...
SecurityAlgorithmSuite suite = null;
r.TryGetProperty <SecurityAlgorithmSuite> (ReqType.SecurityAlgorithmSuiteProperty, out suite);
p.SecurityAlgorithmSuite = suite;
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(version));
}
MessageSecurityTokenVersion wsVersion = version as MessageSecurityTokenVersion;
if (wsVersion != null)
{
return(new WSSecurityTokenSerializer(wsVersion.SecurityVersion, wsVersion.TrustVersion, wsVersion.SecureConversationVersion, wsVersion.EmitBspRequiredAttributes, null, null, null));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.SecurityTokenManagerCannotCreateSerializerForVersion, version)));
}
}
internal override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(version));
}
if (version is MessageSecurityTokenVersion wsVersion)
{
SamlSerializer samlSerializer = null;
//TODO this will be implemented when we add WS-Federation support
//if (parent.IssuedTokenAuthentication != null)
// samlSerializer = parent.IssuedTokenAuthentication.SamlSerializer;
//else
// samlSerializer = new SamlSerializer();
return(new WSSecurityTokenSerializer(wsVersion.SecurityVersion, wsVersion.TrustVersion, wsVersion.SecureConversationVersion, wsVersion.EmitBspRequiredAttributes, samlSerializer, ServiceCredentials.SecureConversationAuthentication.SecurityStateEncoder, ServiceCredentials.SecureConversationAuthentication.SecurityContextClaimTypes));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.Format(SR.SecurityTokenManagerCannotCreateSerializerForVersion, version)));
}
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("version");
}
if (this._parent != null && this._parent.UseIdentityConfiguration)
{
throw new NotImplementedException("WrapTokenHandlersAsSecurityTokenSerializer not supported in .NET Core");
//return this.WrapTokenHandlersAsSecurityTokenSerializer(version);
}
MessageSecurityTokenVersion securityTokenVersion = version as MessageSecurityTokenVersion;
if (securityTokenVersion != null)
{
Console.WriteLine("Using SamlSerializer1 - need to fix.");
return((SecurityTokenSerializer) new WSSecurityTokenSerializer(securityTokenVersion.SecurityVersion, securityTokenVersion.TrustVersion, securityTokenVersion.SecureConversationVersion, securityTokenVersion.EmitBspRequiredAttributes, (SamlSerializer1)null, (SecurityStateEncoder)null, (IEnumerable <System.Type>)null));
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError((Exception) new NotSupportedException(SR.GetString("SecurityTokenManagerCannotCreateSerializerForVersion", new object[1]
{
(object)version
})));
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("version");
}
if (this.parent != null && this.parent.UseIdentityConfiguration)
{
return(this.WrapTokenHandlersAsSecurityTokenSerializer(version));
}
MessageSecurityTokenVersion wsVersion = version as MessageSecurityTokenVersion;
if (wsVersion != null)
{
return(new WSSecurityTokenSerializer(wsVersion.SecurityVersion, wsVersion.TrustVersion, wsVersion.SecureConversationVersion, wsVersion.EmitBspRequiredAttributes, null, null, null));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SecurityTokenManagerCannotCreateSerializerForVersion, version)));
}
}
private SecurityTokenSerializer WrapTokenHandlersAsSecurityTokenSerializer(SecurityTokenVersion version)
{
TrustVersion trustVersion = TrustVersion.WSTrust13;
SecureConversationVersion scVersion = SecureConversationVersion.WSSecureConversation13;
SecurityVersion securityVersion = SecurityVersion.WSSecurity11;
foreach (string securitySpecification in version.GetSecuritySpecifications())
{
if (StringComparer.Ordinal.Equals(securitySpecification, WSTrustFeb2005Constants.NamespaceURI))
{
trustVersion = TrustVersion.WSTrustFeb2005;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, WSTrust13Constants.NamespaceURI))
{
trustVersion = TrustVersion.WSTrust13;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, System.IdentityModel.WSSecureConversationFeb2005Constants.Namespace))
{
scVersion = SecureConversationVersion.WSSecureConversationFeb2005;
}
else if (StringComparer.Ordinal.Equals(securitySpecification, System.IdentityModel.WSSecureConversation13Constants.Namespace))
{
scVersion = SecureConversationVersion.WSSecureConversation13;
}
}
securityVersion = FederatedSecurityTokenManager.GetSecurityVersion(version);
//
//
SecurityTokenHandlerCollectionManager sthcm = this.parent.SecurityTokenHandlerCollectionManager;
WsSecurityTokenSerializerAdapter adapter = new WsSecurityTokenSerializerAdapter(sthcm[SecurityTokenHandlerCollectionManager.Usage.Default], securityVersion, trustVersion, scVersion, false, null, null, null);
return(adapter);
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
if (version == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("version");
}
MessageSecurityTokenVersion version2 = version as MessageSecurityTokenVersion;
if (version2 == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("SecurityTokenManagerCannotCreateSerializerForVersion", new object[] { version })));
}
SamlSerializer samlSerializer = null;
if (this.parent.IssuedTokenAuthentication != null)
{
samlSerializer = this.parent.IssuedTokenAuthentication.SamlSerializer;
}
else
{
samlSerializer = new SamlSerializer();
}
return(new WSSecurityTokenSerializer(version2.SecurityVersion, version2.TrustVersion, version2.SecureConversationVersion, version2.EmitBspRequiredAttributes, samlSerializer, this.parent.SecureConversationAuthentication.SecurityStateEncoder, this.parent.SecureConversationAuthentication.SecurityContextClaimTypes));
}
/// <summary>
/// There is a bug in WCF where the version obtained from the public SecurityTokenVersion strings is wrong.
/// The internal MessageSecurityTokenVersion has the right version.
/// </summary>
internal static SecurityVersion GetSecurityVersion(SecurityTokenVersion tokenVersion)
{
if (tokenVersion == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenVersion");
}
//
// Workaround for WCF bug.
// In .NET 3.5 WCF returns the wrong Token Specification. We need to reflect on the
// internal code so we can access the SecurityVersion directly instead of depending
// on the security specification.
//
if (tokenVersion is MessageSecurityTokenVersion)
{
SecurityVersion sv = (tokenVersion as MessageSecurityTokenVersion).SecurityVersion;
if (sv != null)
{
return(sv);
}
}
else
{
if (tokenVersion.GetSecuritySpecifications().Contains(WSSecurity11Constants.Namespace))
{
return(SecurityVersion.WSSecurity11);
}
else if (tokenVersion.GetSecuritySpecifications().Contains(WSSecurity10Constants.Namespace))
{
return(SecurityVersion.WSSecurity10);
}
}
return(SecurityVersion.WSSecurity11);
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
// not referenced anywhere in current code, but must implement abstract.
throw ExceptionHelper.PlatformNotSupported("CreateSecurityTokenSerializer(SecurityTokenVersion version) not supported");
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion ver)
{
return(new MySecurityTokenSerializer());
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
return(new CreditCardSecurityTokenSerializer(version));
}
public CreditCardSecurityTokenSerializer(SecurityTokenVersion version) : base()
{
}
internal abstract SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version);
public abstract SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version);
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
// Return your implementation of the SecurityTokenSerializer, if required.
// This implementation delegates to the base class.
return(base.CreateSecurityTokenSerializer(version));
}
internal SecurityTokenSerializer(SecurityTokenVersion version)
{
}
public CustomSecurityTokenSerializer(SecurityTokenVersion version) : base()
{
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
return(new UsernameSecurityTokenSerializer(version));
}
public EchoSecurityTokenSerializer(SecurityTokenVersion version)
{
_version = version;
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
MessageSecurityTokenVersion version2 = (MessageSecurityTokenVersion)version;
return(new WSSecurityTokenSerializer(version2.SecurityVersion, version2.TrustVersion, version2.SecureConversationVersion, version2.EmitBspRequiredAttributes, null, null, null));
}
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version)
{
return(new P6TokenSerializer(System.ServiceModel.Security.SecurityVersion.WSSecurity11));
}
