private TokenServiceMetadata GetMetadata() { TokenServiceMetadata metadata = null; try { metadata = TryGetMetadata(); } catch (Exception e) { TraceSource.WriteWarning( TraceType, "GetMetadata failed with exception: {0}", e.Message); throw new FabricTransientException(e.Message, e, FabricErrorCode.CommunicationError); } TraceSource.WriteNoise( TraceType, "DSTS Service metadata: ServiceName:{0}, ServiceDNSName:{1}, Metadata:{2}", metadata.ServiceName, metadata.ServiceDnsName, metadata.Metadata); return(metadata); }
internal SecurityToken GetSecurityTokenInternal() { TokenServiceMetadata gatewayMetadata = GetMetadata(); AuthenticationMetadata dSTSMetadata = new AuthenticationMetadata(TVSSerializerUtility.Deserialize(gatewayMetadata.Metadata)); if (cloudServiceName != null && cloudServiceName != gatewayMetadata.ServiceName) { string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceName", cloudServiceName, gatewayMetadata.ServiceName); TraceSource.WriteWarning( TraceType, warning); throw new FabricException(warning); } if (cloudServiceDnsNames != null && cloudServiceDnsNames.FirstOrDefault(name => name == gatewayMetadata.ServiceDnsName) == null) { string warning = string.Format(StringResources.Error_dSTSMismatchInMetadata, "CloudServiceDNSNames", string.Join(",", cloudServiceDnsNames), gatewayMetadata.ServiceDnsName); TraceSource.WriteWarning( TraceType, warning); throw new FabricException(warning); } SecurityTokenIssuanceResponse rstr; try { rstr = authenticationClient.GetSecurityToken( gatewayMetadata.ServiceName, gatewayMetadata.ServiceDnsName, dSTSMetadata); } catch (SecurityTokenIssuanceException e) { TraceSource.WriteWarning( TraceType, "GetSecurityToken failed with exception: {0}", e.Message); throw new FabricException(e.Message); } return(rstr.SecurityToken); }
/// <summary> /// Serializes the object to JSON. /// </summary> /// <param name="writer">The <see cref="T: Newtonsoft.Json.JsonWriter" /> to write to.</param> /// <param name="obj">The object to serialize to JSON.</param> internal static void Serialize(JsonWriter writer, TokenServiceMetadata obj) { // Required properties are always serialized, optional properties are serialized when not null. writer.WriteStartObject(); if (obj.Metadata != null) { writer.WriteProperty(obj.Metadata, "Metadata", JsonWriterExtensions.WriteStringValue); } if (obj.ServiceName != null) { writer.WriteProperty(obj.ServiceName, "ServiceName", JsonWriterExtensions.WriteStringValue); } if (obj.ServiceDnsName != null) { writer.WriteProperty(obj.ServiceDnsName, "ServiceDnsName", JsonWriterExtensions.WriteStringValue); } writer.WriteEndObject(); }
/// <summary> /// Gets Access token from Dsts secure token service. For internal use only by Service Fabric tooling. /// </summary> /// <param name="metadata">Token Service metadata used for secured connection to cluster.</param> /// <param name="interactive">Flag to indicate interactive logon.</param> /// <param name="cancellationToken">Cancellation Token to cancel the operation.</param> /// <returns>Access Token from DSTS.</returns> public static Task <string> GetAccessTokenFromDstsAsync(TokenServiceMetadata metadata, bool interactive, CancellationToken cancellationToken = default(CancellationToken)) { if (cancellationToken.IsCancellationRequested) { throw new OperationCanceledException(); } Assembly module; var assembly = Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location), DstsClientLibraryName); try { module = Assembly.LoadFrom(assembly); } catch (FileNotFoundException e) { throw new InvalidOperationException(SR.ErrorDstsNotSupported, e); } var dstsHelper = module.GetType(DstsHelperClassName, false); if (dstsHelper == null) { throw new InvalidOperationException(SR.ErrorDstsNotSupported); } var getAuthorizationHeaderMetod = dstsHelper.GetMethod(GetSecurityTokenMethodName, BindingFlags.Static | BindingFlags.Public); if (getAuthorizationHeaderMetod == null) { throw new InvalidOperationException(SR.ErrorDstsNotSupported); } var authHeader = getAuthorizationHeaderMetod.Invoke(null, new object[] { metadata.ServiceName, metadata.ServiceDnsName, metadata.Metadata, interactive }); return(Task.FromResult((string)authHeader)); }
public DstsTokenHandler(TokenServiceMetadata aadMetaData) { this.metaData = aadMetaData; }
public static Task <string> GetAccessTokenDstsAsync(TokenServiceMetadata metadata, CancellationToken cancellationToken) { return(DstsTokenHelper.GetAccessTokenFromDstsAsync(metadata, true, cancellationToken)); }