Esempio n. 1
0
		private Token(string tokenXml, Uri audience, TokenDecryptor decryptor) {
			Requires.NotNullOrEmpty(tokenXml, "tokenXml");
			Requires.True(decryptor != null || !IsEncrypted(tokenXml), null);
			Contract.Ensures(this.AuthorizationContext != null);

			byte[] decryptedBytes;
			string decryptedString;

			using (StringReader xmlReader = new StringReader(tokenXml)) {
				var readerSettings = MessagingUtilities.CreateUntrustedXmlReaderSettings();
				using (XmlReader tokenReader = XmlReader.Create(xmlReader, readerSettings)) {
					Contract.Assume(tokenReader != null); // BCL contract should say XmlReader.Create result != null
					if (IsEncrypted(tokenReader)) {
						Logger.InfoCard.DebugFormat("Incoming SAML token, before decryption: {0}", tokenXml);
						decryptedBytes = decryptor.DecryptToken(tokenReader);
						decryptedString = Encoding.UTF8.GetString(decryptedBytes);
						Contract.Assume(decryptedString != null); // BCL contracts should be enhanced here
					} else {
						decryptedBytes = Encoding.UTF8.GetBytes(tokenXml);
						decryptedString = tokenXml;
					}
				}
			}

			var stringReader = new StringReader(decryptedString);
			try {
				this.Xml = new XPathDocument(stringReader).CreateNavigator();
			} catch {
				stringReader.Dispose();
				throw;
			}

			Logger.InfoCard.DebugFormat("Incoming SAML token, after any decryption: {0}", this.Xml.InnerXml);
			this.AuthorizationContext = TokenUtility.AuthenticateToken(this.Xml.ReadSubtree(), audience);
		}
Esempio n. 2
0
		/// <summary>
		/// Initializes a new instance of the <see cref="Token"/> class.
		/// </summary>
		/// <param name="tokenXml">Xml token, which may be encrypted.</param>
		/// <param name="audience">The audience.  May be <c>null</c> to avoid audience checking.</param>
		/// <param name="decryptor">The decryptor to use to decrypt the token, if necessary..</param>
		/// <exception cref="InformationCardException">Thrown for any problem decoding or decrypting the token.</exception>
		private Token(string tokenXml, Uri audience, TokenDecryptor decryptor) {
			Contract.Requires<ArgumentException>(!String.IsNullOrEmpty(tokenXml));
			Contract.Requires<ArgumentException>(decryptor != null || !IsEncrypted(tokenXml));
			Contract.Ensures(this.AuthorizationContext != null);

			byte[] decryptedBytes;
			string decryptedString;

			using (XmlReader tokenReader = XmlReader.Create(new StringReader(tokenXml))) {
				Contract.Assume(tokenReader != null); // BCL contract should say XmlReader.Create result != null
				if (IsEncrypted(tokenReader)) {
					Logger.InfoCard.DebugFormat("Incoming SAML token, before decryption: {0}", tokenXml);
					decryptedBytes = decryptor.DecryptToken(tokenReader);
					decryptedString = Encoding.UTF8.GetString(decryptedBytes);
					Contract.Assume(decryptedString != null); // BCL contracts should be enhanced here
				} else {
					decryptedBytes = Encoding.UTF8.GetBytes(tokenXml);
					decryptedString = tokenXml;
				}
			}

			this.Xml = new XPathDocument(new StringReader(decryptedString)).CreateNavigator();
			Logger.InfoCard.DebugFormat("Incoming SAML token, after any decryption: {0}", this.Xml.InnerXml);
			this.AuthorizationContext = TokenUtility.AuthenticateToken(this.Xml.ReadSubtree(), audience);
		}
Esempio n. 3
0
        /// <summary>
        /// Initializes a new instance of the <see cref="Token"/> class.
        /// </summary>
        /// <param name="tokenXml">Xml token, which may be encrypted.</param>
        /// <param name="audience">The audience.  May be <c>null</c> to avoid audience checking.</param>
        /// <param name="decryptor">The decryptor to use to decrypt the token, if necessary..</param>
        /// <exception cref="InformationCardException">Thrown for any problem decoding or decrypting the token.</exception>
        private Token(string tokenXml, Uri audience, TokenDecryptor decryptor)
        {
            Contract.Requires <ArgumentException>(!String.IsNullOrEmpty(tokenXml));
            Contract.Requires <ArgumentException>(decryptor != null || !IsEncrypted(tokenXml));
            Contract.Ensures(this.AuthorizationContext != null);

            byte[] decryptedBytes;
            string decryptedString;

            using (XmlReader tokenReader = XmlReader.Create(new StringReader(tokenXml))) {
                Contract.Assume(tokenReader != null);                 // BCL contract should say XmlReader.Create result != null
                if (IsEncrypted(tokenReader))
                {
                    Logger.InfoCard.DebugFormat("Incoming SAML token, before decryption: {0}", tokenXml);
                    decryptedBytes  = decryptor.DecryptToken(tokenReader);
                    decryptedString = Encoding.UTF8.GetString(decryptedBytes);
                    Contract.Assume(decryptedString != null);                     // BCL contracts should be enhanced here
                }
                else
                {
                    decryptedBytes  = Encoding.UTF8.GetBytes(tokenXml);
                    decryptedString = tokenXml;
                }
            }

            this.Xml = new XPathDocument(new StringReader(decryptedString)).CreateNavigator();
            Logger.InfoCard.DebugFormat("Incoming SAML token, after any decryption: {0}", this.Xml.InnerXml);
            this.AuthorizationContext = TokenUtility.AuthenticateToken(this.Xml.ReadSubtree(), audience);
        }
Esempio n. 4
0
        private Token(string tokenXml, Uri audience, TokenDecryptor decryptor)
        {
            Requires.NotNullOrEmpty(tokenXml, "tokenXml");
            Requires.True(decryptor != null || !IsEncrypted(tokenXml), null);
            Contract.Ensures(this.AuthorizationContext != null);

            byte[] decryptedBytes;
            string decryptedString;

            using (StringReader xmlReader = new StringReader(tokenXml)) {
                var readerSettings = MessagingUtilities.CreateUntrustedXmlReaderSettings();
                using (XmlReader tokenReader = XmlReader.Create(xmlReader, readerSettings)) {
                    Contract.Assume(tokenReader != null);                     // BCL contract should say XmlReader.Create result != null
                    if (IsEncrypted(tokenReader))
                    {
                        Logger.InfoCard.DebugFormat("Incoming SAML token, before decryption: {0}", tokenXml);
                        decryptedBytes  = decryptor.DecryptToken(tokenReader);
                        decryptedString = Encoding.UTF8.GetString(decryptedBytes);
                        Contract.Assume(decryptedString != null);                         // BCL contracts should be enhanced here
                    }
                    else
                    {
                        decryptedBytes  = Encoding.UTF8.GetBytes(tokenXml);
                        decryptedString = tokenXml;
                    }
                }
            }

            var stringReader = new StringReader(decryptedString);

            try {
                this.Xml = new XPathDocument(stringReader).CreateNavigator();
            } catch {
                stringReader.Dispose();
                throw;
            }

            Logger.InfoCard.DebugFormat("Incoming SAML token, after any decryption: {0}", this.Xml.InnerXml);
            this.AuthorizationContext = TokenUtility.AuthenticateToken(this.Xml.ReadSubtree(), audience);
        }