/// <summary>
        /// Deserializes an RSTR and returns a RequestSecurityTokenRespone object.
        /// </summary>
        /// <param name="reader">Reader over the RSTR.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <returns>RequestSecurityTokenResponse object if deserialization was successful.</returns>
        /// <exception cref="ArgumentNullException">The given reader or context parameter is null</exception>
        public override RequestSecurityTokenResponse ReadXml(XmlReader reader, WSTrustSerializationContext context)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            bool isFinal = false;
            if (reader.IsStartElement(WSTrust13Constants.ElementNames.RequestSecurityTokenResponseCollection, WSTrust13Constants.NamespaceURI))
            {
                reader.ReadStartElement(WSTrust13Constants.ElementNames.RequestSecurityTokenResponseCollection, WSTrust13Constants.NamespaceURI);
                isFinal = true;
            }

            RequestSecurityTokenResponse rstr = WSTrustSerializationHelper.CreateResponse(reader, context, this, WSTrustConstantsAdapter.Trust13);
            rstr.IsFinal = isFinal;

            if (isFinal)
            {
                reader.ReadEndElement();
            }

            return rstr;
        }
        /// <summary>
        /// Override of the base class that Reads a specific child element inside the RSTR.
        /// </summary>
        /// <param name="reader">Reader pointing at an element to read inside the RSTR.</param>
        /// <param name="rstr">The RequestSecurityTokenResponse element that is being populated from the reader.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either reader or rstr or context parameter is null.</exception>
        /// <exception cref="WSTrustSerializationException">Unable to deserialize the current parameter.</exception>
        public override void ReadXmlElement(XmlReader reader, RequestSecurityTokenResponse rstr, WSTrustSerializationContext context)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (rstr == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (reader.IsStartElement(WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI))
            {
                rstr.KeyWrapAlgorithm = reader.ReadElementContentAsString();
                return;
            }

            WSTrustSerializationHelper.ReadRSTRXml(reader, rstr, context, WSTrustConstantsAdapter.Trust13);
        }
        /// <summary>
        /// Override of the base class that reads a child element inside the RST
        /// </summary>
        /// <param name="reader">Reader pointing at an element to read inside the RST.</param>
        /// <param name="rst">The RequestSecurityToken element that is being populated from the reader.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either reader or rst or context parameter is null.</exception>
        /// <exception cref="WSTrustSerializationException">Unable to deserialize the current parameter.</exception>
        public override void ReadXmlElement(XmlReader reader, RequestSecurityToken rst, WSTrustSerializationContext context)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            // special case SecondaryParameters, they cannot be embeded as per WS-Trust 1.3
            if (reader.IsStartElement(WSTrust13Constants.ElementNames.SecondaryParameters, WSTrust13Constants.NamespaceURI))
            {
                rst.SecondaryParameters = this.ReadSecondaryParameters(reader, context);
                return;
            }

            if (reader.IsStartElement(WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI))
            {
                rst.KeyWrapAlgorithm = reader.ReadElementContentAsString();
                if (!UriUtil.CanCreateValidUri(rst.KeyWrapAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI, rst.KeyWrapAlgorithm)));
                }

                return;
            }

            if (reader.IsStartElement(WSTrust13Constants.ElementNames.ValidateTarget, WSTrust13Constants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rst.ValidateTarget = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlers);
                }

                if (rst.ValidateTarget == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3221)));
                }

                return;
            }

            WSTrustSerializationHelper.ReadRSTXml(reader, rst, context, WSTrustConstantsAdapter.Trust13);
        }
        /// <summary>
        /// Deserializes the RST from the XmlReader to a RequestSecurityToken object.
        /// </summary>
        /// <param name="reader">XML reader over the RST</param>
        /// <param name="context">Current Serialization context.</param>
        /// <returns>RequestSecurityToken object if the deserialization was successful</returns>
        /// <exception cref="ArgumentNullException">The reader or context parameter is null</exception>
        /// <exception cref="WSTrustSerializationException">There was an error parsing the RST</exception>
        public override RequestSecurityToken ReadXml(XmlReader reader, WSTrustSerializationContext context)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            return WSTrustSerializationHelper.CreateRequest(reader, context, this, WSTrustConstantsAdapter.TrustFeb2005);
        }
        public static RequestSecurityToken CreateRequest(XmlReader reader, WSTrustSerializationContext context, WSTrustRequestSerializer requestSerializer, WSTrustConstantsAdapter trustConstants)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (requestSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestSerializer");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            if (!reader.IsStartElement(trustConstants.Elements.RequestSecurityToken, trustConstants.NamespaceURI))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3032, reader.LocalName, reader.NamespaceURI, trustConstants.Elements.RequestSecurityToken, trustConstants.NamespaceURI)));
            }

            bool isEmptyElement = reader.IsEmptyElement;
            RequestSecurityToken rst = requestSerializer.CreateRequestSecurityToken();
            rst.Context = reader.GetAttribute(trustConstants.Attributes.Context);
            reader.Read();
            if (!isEmptyElement)
            {
                while (reader.IsStartElement())
                {
                    requestSerializer.ReadXmlElement(reader, rst, context);
                }

                reader.ReadEndElement();
            }

            requestSerializer.Validate(rst);

            return rst;
        }
        /// <summary>
        /// Writes out the supported elements on the request object. Override this method if someone 
        /// has sub-class the RequestSecurityToken class and added more property to it.
        /// </summary>
        /// <param name="rst">The request instance</param>
        /// <param name="writer">The writer to write to</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either rst or writer or context parameter is null.</exception>
        public override void WriteKnownRequestElement(RequestSecurityToken rst, XmlWriter writer, WSTrustSerializationContext context)
        {
            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            WSTrustSerializationHelper.WriteKnownRequestElement(rst, writer, context, this, WSTrustConstantsAdapter.TrustFeb2005);
        }
        /// <summary>
        /// Override of the base class that reads a child element inside the RST
        /// </summary>
        /// <param name="reader">Reader pointing at an element to read inside the RST.</param>
        /// <param name="rst">The RequestSecurityToken element that is being populated from the reader.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either reader or rst or context parameter is null.</exception>
        /// <exception cref="WSTrustSerializationException">Unable to deserialize the current parameter.</exception>
        public override void ReadXmlElement(XmlReader reader, RequestSecurityToken rst, WSTrustSerializationContext context)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            WSTrustSerializationHelper.ReadRSTXml(reader, rst, context, WSTrustConstantsAdapter.TrustFeb2005);
        }
        /// <summary>
        /// Constructor for the WSTrustRequestBodyWriter.
        /// </summary>
        /// <param name="requestSecurityToken">The RequestSecurityToken object to be serialized in the outgoing Message.</param>
        /// <param name="serializer">Serializer is responsible for writting the requestSecurityToken into a XmlDictionaryWritter.</param>
        /// <param name="serializationContext">Context for the serialization.</param>
        /// <exception cref="ArgumentNullException">The 'requestSecurityToken' is null.</exception>
        /// <exception cref="ArgumentNullException">The 'serializer' is null.</exception>
        /// <exception cref="ArgumentNullException">The 'serializationContext' is null.</exception>
        public WSTrustRequestBodyWriter(System.IdentityModel.Protocols.WSTrust.RequestSecurityToken requestSecurityToken, WSTrustRequestSerializer serializer, WSTrustSerializationContext serializationContext)
            : base(true)
        {
            if (requestSecurityToken == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestSecurityToken");
            }

            if (serializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("serializer");
            }

            if (serializationContext == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("serializationContext");
            }

            _requestSecurityToken = requestSecurityToken;
            _serializer = serializer;
            _serializationContext = serializationContext;
        }
        /// <summary>
        /// Initializes an instance of <see cref="WSTrustResponseBodyWriter"/>
        /// </summary>
        /// <param name="requestSecurityTokenResponse">The Response object that can write the body contents.</param>
        /// <param name="serializer">Serializer to use for serializing the RSTR.</param>
        /// <param name="context">The <see cref="WSTrustSerializationContext"/> of this request.</param>
        /// <exception cref="ArgumentNullException">serializer parameter is null.</exception>
        public WSTrustResponseBodyWriter(RSTR requestSecurityTokenResponse, WSTrustResponseSerializer serializer, WSTrustSerializationContext context)
            : base( true )
        {
            if ( serializer == null )
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "serializer" );
            }

            if ( requestSecurityTokenResponse == null )
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestSecurityTokenResponse");
            }

            if ( context == null )
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "context" );
            }

            _serializer = serializer;
            _rstr = requestSecurityTokenResponse;
            _context = context;
        }
        /// <summary>
        /// Override of the Base class method that writes a specific RSTR parameter to the outgoing stream.
        /// </summary>
        /// <param name="writer">Writer to which the RSTR is serialized</param>
        /// <param name="elementName">The Local name of the element to be written.</param>
        /// <param name="elementValue">The value of the element.</param>
        /// <param name="rstr">The entire RSTR object that is being serialized.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either writer or rstr or context is null.</exception>
        /// <exception cref="ArgumentException">elementName is null or an empty string.</exception>
        public override void WriteXmlElement(XmlWriter writer, string elementName, object elementValue, RequestSecurityTokenResponse rstr, WSTrustSerializationContext context)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (string.IsNullOrEmpty(elementName))
            {
                throw DiagnosticUtility.ThrowHelperArgumentNullOrEmptyString("elementName");
            }

            if (rstr == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (StringComparer.Ordinal.Equals(elementName, WSTrust13Constants.ElementNames.KeyWrapAlgorithm))
            {
                writer.WriteElementString(WSTrust13Constants.Prefix, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI, (string)elementValue);
                return;
            }

            WSTrustSerializationHelper.WriteRSTRXml(writer, elementName, elementValue, context, WSTrustConstantsAdapter.Trust13);
        }
Esempio n. 11
0
        /// <summary>
        /// Override of the base class that reads a child element inside the RST
        /// </summary>
        /// <param name="reader">Reader pointing at an element to read inside the RST.</param>
        /// <param name="rst">The RequestSecurityToken element that is being populated from the reader.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either reader or rst or context parameter is null.</exception>
        /// <exception cref="WSTrustSerializationException">Unable to deserialize the current parameter.</exception>
        public override void ReadXmlElement(XmlReader reader, RequestSecurityToken rst, WSTrustSerializationContext context)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            // special case SecondaryParameters, they cannot be embeded as per WS-Trust 1.3
            if (reader.IsStartElement(WSTrust13Constants.ElementNames.SecondaryParameters, WSTrust13Constants.NamespaceURI))
            {
                rst.SecondaryParameters = this.ReadSecondaryParameters(reader, context);
                return;
            }

            if (reader.IsStartElement(WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI))
            {
                rst.KeyWrapAlgorithm = reader.ReadElementContentAsString();
                if (!UriUtil.CanCreateValidUri(rst.KeyWrapAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI, rst.KeyWrapAlgorithm)));
                }

                return;
            }

            if (reader.IsStartElement(WSTrust13Constants.ElementNames.ValidateTarget, WSTrust13Constants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rst.ValidateTarget = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlers);
                }

                if (rst.ValidateTarget == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3221)));
                }

                return;
            }

            WSTrustSerializationHelper.ReadRSTXml(reader, rst, context, WSTrustConstantsAdapter.Trust13);
        }
Esempio n. 12
0
        /// <summary>
        /// Serializes the given RequestSecurityToken into the XmlWriter
        /// </summary>
        /// <param name="request">RequestSecurityToken object to be serialized</param>
        /// <param name="writer">XML writer to serialize into</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">The request or writer or context parameter is null.</exception>
        public override void WriteXml(RequestSecurityToken request, XmlWriter writer, WSTrustSerializationContext context)
        {
            if (request == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("request");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            WSTrustSerializationHelper.WriteRequest(request, writer, context, this, WSTrustConstantsAdapter.Trust13);
        }
Esempio n. 13
0
        private string SerializeResponse(RequestSecurityTokenResponse response)
        {
            var serializer = new WSTrust13ResponseSerializer();
            var context =
                new WSTrustSerializationContext(
                    FederatedAuthentication.FederationConfiguration.IdentityConfiguration
                        .SecurityTokenHandlerCollectionManager);
            var sb = new StringBuilder(128);

            using (var writer = XmlWriter.Create(new StringWriter(sb)))
            {
                serializer.WriteXml(response, writer, context);
                return sb.ToString();
            }
        }
Esempio n. 14
0
 /// <summary>
 /// When overriden in the derived class serializes the given RequestSecurityToken into the XmlWriter
 /// </summary>
 /// <param name="request">RequestSecurityToken object to be serialized</param>
 /// <param name="writer">XML writer to serialize into</param>
 /// <param name="context">Current Serialization context.</param>
 public abstract void WriteXml(RequestSecurityToken request, XmlWriter writer, WSTrustSerializationContext context);
        /// <summary>
        /// Override of the Base class method that writes a specific RST parameter to the outgoing stream.
        /// </summary>
        /// <param name="writer">Writer to which the </param>
        /// <param name="elementName">The Local name of the element to be written.</param>
        /// <param name="elementValue">The value of the element.</param>
        /// <param name="rst">The entire RST object that is being serialized.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either writer or rst or context is null.</exception>
        /// <exception cref="ArgumentException">elementName is null or an empty string.</exception>
        public override void WriteXmlElement(XmlWriter writer, string elementName, object elementValue, RequestSecurityToken rst, WSTrustSerializationContext context)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (string.IsNullOrEmpty(elementName))
            {
                throw DiagnosticUtility.ThrowHelperArgumentNullOrEmptyString("elementName");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            // Write out the WSTrust13 specific elements
            if (StringComparer.Ordinal.Equals(elementName, WSTrust13Constants.ElementNames.SecondaryParameters))
            {
                RequestSecurityToken secondaryParameters = elementValue as RequestSecurityToken;

                if (secondaryParameters == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID2064, WSTrust13Constants.ElementNames.SecondaryParameters)));
                }

                // WS-Trust 13 spec does not allow this
                if (secondaryParameters.SecondaryParameters != null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID2055)));
                }

                writer.WriteStartElement(WSTrust13Constants.Prefix, WSTrust13Constants.ElementNames.SecondaryParameters, WSTrust13Constants.NamespaceURI);

                // write out the known elements inside the rst.SecondaryParameters
                this.WriteKnownRequestElement(secondaryParameters, writer, context);

                // Write the custom elements here from the rst.SecondaryParameters.Elements bag
                foreach (KeyValuePair<string, object> messageParam in secondaryParameters.Properties)
                {
                    this.WriteXmlElement(writer, messageParam.Key, messageParam.Value, rst, context);
                }

                // close out the SecondaryParameters element
                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, WSTrust13Constants.ElementNames.KeyWrapAlgorithm))
            {
                writer.WriteElementString(WSTrust13Constants.Prefix, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, WSTrust13Constants.ElementNames.ValidateTarget))
            {
                SecurityTokenElement tokenElement = elementValue as SecurityTokenElement;

                if (tokenElement == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, WSTrust13Constants.ElementNames.ValidateTarget, WSTrust13Constants.NamespaceURI, typeof(SecurityTokenElement), elementValue));
                }

                writer.WriteStartElement(WSTrust13Constants.Prefix, WSTrust13Constants.ElementNames.ValidateTarget, WSTrust13Constants.NamespaceURI);
                if (tokenElement.SecurityTokenXml != null)
                {
                    tokenElement.SecurityTokenXml.WriteTo(writer);
                }
                else
                {
                    context.SecurityTokenHandlers.WriteToken(writer, tokenElement.GetSecurityToken());
                }

                writer.WriteEndElement();
                return;
            }

            WSTrustSerializationHelper.WriteRSTXml(writer, elementName, elementValue, context, WSTrustConstantsAdapter.Trust13);
        }
Esempio n. 16
0
 /// <summary>
 /// When overriden in the derived classs writes out the supported elements on the request object.
 /// </summary>
 /// <param name="requestSecurityToken">The request instance</param>
 /// <param name="writer">The writer to write to</param>
 /// <param name="context">Current Serialization context.</param>
 public abstract void WriteKnownRequestElement(RequestSecurityToken requestSecurityToken, XmlWriter writer, WSTrustSerializationContext context);
        public static void WriteRSTRXml(XmlWriter writer, string elementName, object elementValue, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (string.IsNullOrEmpty(elementName))
            {
                throw DiagnosticUtility.ThrowHelperArgumentNullOrEmptyString("elementName");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Entropy))
            {
                Entropy entropy = elementValue as Entropy;
                if (entropy != null)
                {
                    writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.Entropy, trustConstants.NamespaceURI);
                    WriteProtectedKey(writer, entropy, context, trustConstants);
                    writer.WriteEndElement();
                }

                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.KeySize))
            {
                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.KeySize, trustConstants.NamespaceURI, Convert.ToString((int)elementValue, CultureInfo.InvariantCulture));
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Lifetime))
            {
                Lifetime lifeTime = (Lifetime)elementValue;
                WSTrustSerializationHelper.WriteLifetime(writer, lifeTime, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, WSPolicyConstants.ElementNames.AppliesTo))
            {
                EndpointReference appliesTo = elementValue as EndpointReference;
                WSTrustSerializationHelper.WriteAppliesTo(writer, appliesTo, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.RequestedSecurityToken))
            {
                RequestedSecurityToken requestedToken = (RequestedSecurityToken)elementValue;

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.RequestedSecurityToken, trustConstants.NamespaceURI);

                if (requestedToken.SecurityTokenXml != null)
                {
                    requestedToken.SecurityTokenXml.WriteTo(writer);
                }
                else
                {
                    context.SecurityTokenHandlers.WriteToken(writer, requestedToken.SecurityToken);
                }

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.RequestedProofToken))
            {
                RequestedProofToken proofToken = (RequestedProofToken)elementValue;
                if (string.IsNullOrEmpty(proofToken.ComputedKeyAlgorithm) && proofToken.ProtectedKey == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID3021)));
                }

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.RequestedProofToken, trustConstants.NamespaceURI);

                if (!string.IsNullOrEmpty(proofToken.ComputedKeyAlgorithm))
                {
                    WriteComputedKeyAlgorithm(writer, trustConstants.Elements.ComputedKey, proofToken.ComputedKeyAlgorithm, trustConstants);
                }
                else
                {
                    WriteProtectedKey(writer, proofToken.ProtectedKey, context, trustConstants);
                }

                writer.WriteEndElement();

                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.RequestedAttachedReference))
            {
                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.RequestedAttachedReference, trustConstants.NamespaceURI);
                context.SecurityTokenHandlers.WriteKeyIdentifierClause(writer, (SecurityKeyIdentifierClause)elementValue);
                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.RequestedUnattachedReference))
            {
                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.RequestedUnattachedReference, trustConstants.NamespaceURI);
                context.SecurityTokenHandlers.WriteKeyIdentifierClause(writer, (SecurityKeyIdentifierClause)elementValue);
                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.TokenType))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.TokenType, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.TokenType, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.RequestType))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.RequestType, trustConstants.NamespaceURI, (string)elementValue)));
                }

                WSTrustSerializationHelper.WriteRequestType(writer, (string)elementValue, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.KeyType))
            {
                WSTrustSerializationHelper.WriteKeyType(writer, (string)elementValue, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.AuthenticationType))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.EncryptionAlgorithm))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.CanonicalizationAlgorithm))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.SignatureAlgorithm))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.SignWith))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.SignWith, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.SignWith, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.EncryptWith))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.EncryptWith, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.EncryptWith, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.BinaryExchange))
            {
                WriteBinaryExchange(writer, elementValue as BinaryExchange, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Status))
            {
                WriteStatus(writer, elementValue as Status, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.RequestedTokenCancelled))
            {
                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.RequestedTokenCancelled, trustConstants.NamespaceURI);
                writer.WriteEndElement();
                return;
            }

            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3013, elementName, elementValue.GetType())));
        }
        public static void WriteKnownResponseElement(RequestSecurityTokenResponse rstr, XmlWriter writer, WSTrustSerializationContext context, WSTrustResponseSerializer responseSerializer, WSTrustConstantsAdapter trustConstants)
        {
            if (rstr == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (responseSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("responseSerializer");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            if (rstr.Entropy != null)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.Entropy, rstr.Entropy, rstr, context);
            }

            if (rstr.KeySizeInBits.HasValue)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.KeySize, rstr.KeySizeInBits, rstr, context);
            }

            if (rstr.Lifetime != null)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.Lifetime, rstr.Lifetime, rstr, context);
            }

            if (rstr.AppliesTo != null)
            {
                responseSerializer.WriteXmlElement(writer, WSPolicyConstants.ElementNames.AppliesTo, rstr.AppliesTo, rstr, context);
            }

            if (rstr.RequestedSecurityToken != null)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.RequestedSecurityToken, rstr.RequestedSecurityToken, rstr, context);
            }

            if (rstr.RequestedProofToken != null)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.RequestedProofToken, rstr.RequestedProofToken, rstr, context);
            }

            if (rstr.RequestedAttachedReference != null)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.RequestedAttachedReference, rstr.RequestedAttachedReference, rstr, context);
            }

            if (rstr.RequestedUnattachedReference != null)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.RequestedUnattachedReference, rstr.RequestedUnattachedReference, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.SignWith))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.SignWith, rstr.SignWith, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.EncryptWith))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.EncryptWith, rstr.EncryptWith, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.TokenType))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.TokenType, rstr.TokenType, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.RequestType))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.RequestType, rstr.RequestType, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.KeyType))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.KeyType, rstr.KeyType, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.AuthenticationType))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.AuthenticationType, rstr.AuthenticationType, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.EncryptionAlgorithm))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.EncryptionAlgorithm, rstr.EncryptionAlgorithm, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.CanonicalizationAlgorithm))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.CanonicalizationAlgorithm, rstr.CanonicalizationAlgorithm, rstr, context);
            }

            if (!string.IsNullOrEmpty(rstr.SignatureAlgorithm))
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.SignatureAlgorithm, rstr.SignatureAlgorithm, rstr, context);
            }

            if (rstr.BinaryExchange != null)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.BinaryExchange, rstr.BinaryExchange, rstr, context);
            }

            if (rstr.Status != null)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.Status, rstr.Status, rstr, context);
            }

            if (rstr.RequestedTokenCancelled)
            {
                responseSerializer.WriteXmlElement(writer, trustConstants.Elements.RequestedTokenCancelled, rstr.RequestedTokenCancelled, rstr, context);
            }
        }
        public static void WriteResponse(RequestSecurityTokenResponse response, XmlWriter writer, WSTrustSerializationContext context, WSTrustResponseSerializer responseSerializer, WSTrustConstantsAdapter trustConstants)
        {
            if (response == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("response");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (responseSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("responseSerializer");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            responseSerializer.Validate(response);

            // Step 1: Write RSTR start element
            writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.RequestSecurityTokenResponse, trustConstants.NamespaceURI);

            // Step 2: Write known RSTR attributes, i.e. Context
            if (!string.IsNullOrEmpty(response.Context))
            {
                writer.WriteAttributeString(trustConstants.Attributes.Context, response.Context);
            }

            // Step 3: Write known RSTR elements
            responseSerializer.WriteKnownResponseElement(response, writer, context);

            // Step 4: Write custom RSTR elements
            foreach (KeyValuePair<string, object> messageParam in response.Properties)
            {
                responseSerializer.WriteXmlElement(writer, messageParam.Key, messageParam.Value, response, context);
            }

            // Step 5: Write RSTR end element to close it
            writer.WriteEndElement();
        }
        public static void ReadRSTRXml(XmlReader reader, RequestSecurityTokenResponse rstr, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (rstr == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            if (reader.IsStartElement(trustConstants.Elements.Entropy, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    reader.ReadStartElement(trustConstants.Elements.Entropy, trustConstants.NamespaceURI);

                    ProtectedKey protectedKey = ReadProtectedKey(reader, context, trustConstants);
                    if (protectedKey == null)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3026)));
                    }

                    rstr.Entropy = new Entropy(protectedKey);

                    reader.ReadEndElement();
                }

                if (rstr.Entropy == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3026)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.KeySize, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rstr.KeySizeInBits = Convert.ToInt32(reader.ReadElementContentAsString(), CultureInfo.InvariantCulture);
                }

                if (rstr.KeySizeInBits == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3154)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.RequestType, trustConstants.NamespaceURI))
            {
                rstr.RequestType = WSTrustSerializationHelper.ReadRequestType(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Lifetime, trustConstants.NamespaceURI))
            {
                rstr.Lifetime = WSTrustSerializationHelper.ReadLifetime(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.RequestedSecurityToken, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rstr.RequestedSecurityToken = new RequestedSecurityToken(WSTrustSerializationHelper.ReadInnerXml(reader));
                }

                if (rstr.RequestedSecurityToken == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3158)));
                }

                return;
            }

            if (reader.IsStartElement(WSPolicyConstants.ElementNames.AppliesTo, WSPolicyConstants.NamespaceURI))
            {
                rstr.AppliesTo = WSTrustSerializationHelper.ReadAppliesTo(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.RequestedProofToken, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    reader.ReadStartElement();

                    if ((reader.LocalName == trustConstants.Elements.ComputedKey) && (reader.NamespaceURI == trustConstants.NamespaceURI))
                    {
                        rstr.RequestedProofToken = new RequestedProofToken(ReadComputedKeyAlgorithm(reader, trustConstants));
                    }
                    else
                    {
                        ProtectedKey protectedKey = ReadProtectedKey(reader, context, trustConstants);

                        if (protectedKey == null)
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3025)));
                        }

                        rstr.RequestedProofToken = new RequestedProofToken(protectedKey);
                    }

                    reader.ReadEndElement();
                }

                if (rstr.RequestedProofToken == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3025)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.RequestedAttachedReference, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    reader.ReadStartElement();
                    rstr.RequestedAttachedReference = context.SecurityTokenHandlers.ReadKeyIdentifierClause(reader);
                    reader.ReadEndElement();
                }

                if (rstr.RequestedAttachedReference == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3159)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.RequestedUnattachedReference, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    reader.ReadStartElement();
                    rstr.RequestedUnattachedReference = context.SecurityTokenHandlers.ReadKeyIdentifierClause(reader);
                    reader.ReadEndElement();
                }

                if (rstr.RequestedUnattachedReference == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3160)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.TokenType, trustConstants.NamespaceURI))
            {
                rstr.TokenType = reader.ReadElementContentAsString();
                if (!UriUtil.CanCreateValidUri(rstr.TokenType, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.TokenType, trustConstants.NamespaceURI, rstr.TokenType)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.KeyType, trustConstants.NamespaceURI))
            {
                rstr.KeyType = WSTrustSerializationHelper.ReadKeyType(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI))
            {
                rstr.AuthenticationType = reader.ReadElementContentAsString(trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI);
                if (!UriUtil.CanCreateValidUri(rstr.AuthenticationType, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI, rstr.AuthenticationType)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI))
            {
                rstr.EncryptionAlgorithm = reader.ReadElementContentAsString(trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI);
                if (!UriUtil.CanCreateValidUri(rstr.EncryptionAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI, rstr.EncryptionAlgorithm)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI))
            {
                rstr.CanonicalizationAlgorithm = reader.ReadElementContentAsString(trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI);
                if (!UriUtil.CanCreateValidUri(rstr.CanonicalizationAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI, rstr.CanonicalizationAlgorithm)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI))
            {
                rstr.SignatureAlgorithm = reader.ReadElementContentAsString(trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI);
                if (!UriUtil.CanCreateValidUri(rstr.SignatureAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI, rstr.SignatureAlgorithm)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.SignWith, trustConstants.NamespaceURI))
            {
                rstr.SignWith = reader.ReadElementContentAsString();
                if (!UriUtil.CanCreateValidUri(rstr.SignWith, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.SignWith, trustConstants.NamespaceURI, rstr.SignWith)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.EncryptWith, trustConstants.NamespaceURI))
            {
                rstr.EncryptWith = reader.ReadElementContentAsString();
                if (!UriUtil.CanCreateValidUri(rstr.EncryptWith, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.EncryptWith, trustConstants.NamespaceURI, rstr.EncryptWith)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.BinaryExchange, trustConstants.NamespaceURI))
            {
                rstr.BinaryExchange = WSTrustSerializationHelper.ReadBinaryExchange(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Status, trustConstants.NamespaceURI))
            {
                rstr.Status = WSTrustSerializationHelper.ReadStatus(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.RequestedTokenCancelled, trustConstants.NamespaceURI))
            {
                rstr.RequestedTokenCancelled = true;
                reader.ReadStartElement();
                return;
            }

            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3007, reader.LocalName, reader.NamespaceURI)));
        }
 /// <summary>
 /// When overriden in the derived classs reads a custom element. 
 /// </summary>
 /// <param name="reader">The reader on the current element.</param>
 /// <param name="context">Current Serialization context.</param>
 protected virtual void ReadCustomElement(XmlReader reader, WSTrustSerializationContext context)
 {
     throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.ID2072, reader.LocalName)));
 }
        /// <summary>
        /// Override of the base class that reads a child element inside the RST
        /// </summary>
        /// <param name="reader">Reader pointing at an element to read inside the RST.</param>
        /// <param name="rst">The RequestSecurityToken element that is being populated from the reader.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either reader or rst or context parameter is null.</exception>
        /// <exception cref="WSTrustSerializationException">Unable to deserialize the current parameter.</exception>
        public override void ReadXmlElement(XmlReader reader, RequestSecurityToken rst, WSTrustSerializationContext context)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            WSTrustSerializationHelper.ReadRSTXml(reader, rst, context, WSTrustConstantsAdapter.TrustFeb2005);
        }
        /// <summary>
        /// Writes out the supported elements on the response object.
        /// </summary>
        /// <param name="rstr">The response instance</param>
        /// <param name="writer">The writer to write to</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either rstr or writer or context parameter is null.</exception>
        public override void WriteKnownResponseElement(RequestSecurityTokenResponse rstr, XmlWriter writer, WSTrustSerializationContext context)
        {
            if (rstr == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            // Write out the exisiting ones
            WSTrustSerializationHelper.WriteKnownResponseElement(rstr, writer, context, this, WSTrustConstantsAdapter.Trust13);

            // Specific to WS-Trust 13
            if (!string.IsNullOrEmpty(rstr.KeyWrapAlgorithm))
            {
                this.WriteXmlElement(writer, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, rstr.KeyWrapAlgorithm, rstr, context);
            }
        }
Esempio n. 24
0
 /// <summary>
 /// When overriden in the derived classs reads a custom element.
 /// </summary>
 /// <param name="reader">The reader on the current element.</param>
 /// <param name="context">Current Serialization context.</param>
 protected virtual void ReadCustomElement(XmlReader reader, WSTrustSerializationContext context)
 {
     throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.ID2072, reader.LocalName)));
 }
        // This method reads the binary secret or encrypted key 
        public static ProtectedKey ReadProtectedKey(XmlReader reader, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            ProtectedKey protectedKey = null;

            if (!reader.IsEmptyElement)
            {
                if (reader.IsStartElement(trustConstants.Elements.BinarySecret, trustConstants.NamespaceURI))
                {
                    // BinarySecret case
                    BinarySecretSecurityToken token = ReadBinarySecretSecurityToken(reader, trustConstants);
                    byte[] secret = token.GetKeyBytes();
                    protectedKey = new ProtectedKey(secret);
                }
                else if (context.SecurityTokenHandlers.CanReadKeyIdentifierClause(reader))
                {
                    // EncryptedKey case
                    EncryptedKeyIdentifierClause encryptedKeyClause = context.SecurityTokenHandlers.ReadKeyIdentifierClause(reader) as EncryptedKeyIdentifierClause;

                    if (encryptedKeyClause != null)
                    {
                        SecurityKey wrappingKey = null;
                        byte[] secret;

                        foreach (SecurityKeyIdentifierClause wrappingKeyClause in encryptedKeyClause.EncryptingKeyIdentifier)
                        {
                            if (context.TokenResolver.TryResolveSecurityKey(wrappingKeyClause, out wrappingKey))
                            {
                                break;
                            }
                        }

                        if (wrappingKey == null)
                        {
                            // We can't resolve the ski, throw
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3027, "the SecurityHeaderTokenResolver or OutOfBandTokenResolver")));
                        }

                        secret = wrappingKey.DecryptKey(encryptedKeyClause.EncryptionMethod, encryptedKeyClause.GetEncryptedKey());
                        EncryptingCredentials wrappingCredentials = new EncryptingCredentials(wrappingKey, encryptedKeyClause.EncryptingKeyIdentifier, encryptedKeyClause.EncryptionMethod);

                        protectedKey = new ProtectedKey(secret, wrappingCredentials);
                    }
                }
            }

            return protectedKey;
        }
        /// <summary>
        /// Override of the Base class method that writes a specific RST parameter to the outgoing stream.
        /// </summary>
        /// <param name="writer">Writer to which the RST is serialized. </param>
        /// <param name="elementName">The Local name of the element to be written.</param>
        /// <param name="elementValue">The value of the element.</param>
        /// <param name="rst">The entire RST object that is being serialized.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either writer or rst or context is null.</exception>
        /// <exception cref="ArgumentException">elementName is null or an empty string.</exception>
        public override void WriteXmlElement(XmlWriter writer, string elementName, object elementValue, RequestSecurityToken rst, WSTrustSerializationContext context)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (string.IsNullOrEmpty(elementName))
            {
                throw DiagnosticUtility.ThrowHelperArgumentNullOrEmptyString("elementName");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            WSTrustSerializationHelper.WriteRSTXml(writer, elementName, elementValue, context, WSTrustConstantsAdapter.TrustFeb2005);
        }
        public static void WriteProtectedKey(XmlWriter writer, ProtectedKey protectedKey, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (protectedKey == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("protectedKey");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            if (protectedKey.WrappingCredentials != null)
            {
                byte[] encryptedKey = protectedKey.WrappingCredentials.SecurityKey.EncryptKey(protectedKey.WrappingCredentials.Algorithm, protectedKey.GetKeyBytes());
                EncryptedKeyIdentifierClause clause = new EncryptedKeyIdentifierClause(encryptedKey, protectedKey.WrappingCredentials.Algorithm, protectedKey.WrappingCredentials.SecurityKeyIdentifier);
                context.SecurityTokenHandlers.WriteKeyIdentifierClause(writer, clause);
            }
            else
            {
                BinarySecretSecurityToken entropyToken = new BinarySecretSecurityToken(protectedKey.GetKeyBytes());
                WriteBinarySecretSecurityToken(writer, entropyToken, trustConstants);
            }
        }
        /// <summary>
        /// Special case for reading SecondaryParameters inside a WS-Trust 1.3 RST.  The specification states that a SecondaryParameters element
        /// cannot be inside a SecondaryParameters element.  Override this method to provide custom processing.
        /// </summary>
        /// <param name="reader">Reader pointing at the SecondaryParameters element inside the RST.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either reader or context parameter is null.</exception>
        /// <exception cref="WSTrustSerializationException">An inner 'SecondaryParameter' element was found while processing the outer 'SecondaryParameter'.</exception>
        /// <returns>RequestSecurityToken that contains the SecondaryParameters found in the RST</returns>
        protected virtual RequestSecurityToken ReadSecondaryParameters(
                                                  XmlReader reader,
                                                  WSTrustSerializationContext context)
        {
            RequestSecurityToken secondaryParameters = CreateRequestSecurityToken();

            if (reader.IsEmptyElement)
            {
                reader.Read();
                reader.MoveToContent();
                return secondaryParameters;
            }

            reader.ReadStartElement();
            while (reader.IsStartElement())
            {
                if (reader.IsStartElement(
                    WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI))
                {
                    secondaryParameters.KeyWrapAlgorithm = reader.ReadElementContentAsString();
                    if (!UriUtil.CanCreateValidUri(secondaryParameters.KeyWrapAlgorithm, UriKind.Absolute))
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                            new WSTrustSerializationException(
                                SR.GetString(
                                    SR.ID3135,
                                    WSTrust13Constants.ElementNames.KeyWrapAlgorithm,
                                    WSTrust13Constants.NamespaceURI,
                                    secondaryParameters.KeyWrapAlgorithm)));
                    }
                }
                else if (reader.IsStartElement(
                    WSTrust13Constants.ElementNames.SecondaryParameters, WSTrust13Constants.NamespaceURI))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                        new WSTrustSerializationException(SR.GetString(SR.ID3130)));
                }
                else
                {
                    WSTrustSerializationHelper.ReadRSTXml(
                        reader,
                        secondaryParameters,
                        context,
                        WSTrustConstantsAdapter.GetConstantsAdapter(reader.NamespaceURI) ?? WSTrustConstantsAdapter.TrustFeb2005);
                }
            }

            reader.ReadEndElement();

            return secondaryParameters;
        }
        /// <summary>
        /// This method is currently called when serializing ActAs and OBO elements.  Factored shared code.
        /// </summary>
        /// <param name="tokenElement">The <see cref="SecurityTokenElement"/> to write.</param>
        /// <param name="usage">A string defining the SecurityTokenCollection to use.</param>
        /// <param name="context">The <see cref="WSTrustSerializationContext"/> of the request.</param>
        /// <param name="writer">The <see cref="XmlWriter"/> to use.</param>
        private static void WriteTokenElement(SecurityTokenElement tokenElement, string usage, WSTrustSerializationContext context, XmlWriter writer)
        {
            if (tokenElement.SecurityTokenXml != null)
            {
                tokenElement.SecurityTokenXml.WriteTo(writer);
            }
            else
            {
                SecurityTokenHandlerCollection tokenHandlerCollection = null;
                if (context.SecurityTokenHandlerCollectionManager.ContainsKey(usage))
                {
                    tokenHandlerCollection = context.SecurityTokenHandlerCollectionManager[usage];
                }
                else
                {
                    // by default this is the default handler collection, review the WSTrustSerializationContext
                    tokenHandlerCollection = context.SecurityTokenHandlers;
                }

                SecurityToken token = tokenElement.GetSecurityToken();
                bool tokenWritten = false;

                if (tokenHandlerCollection != null && tokenHandlerCollection.CanWriteToken(token))
                {
                    tokenHandlerCollection.WriteToken(writer, token);
                    tokenWritten = true;
                }

                if (!tokenWritten)
                {
                    // by default this is the default handler collection, review the WSTrustSerializationContext
                    context.SecurityTokenHandlers.WriteToken(writer, token);
                }
            }
        }
Esempio n. 30
0
        private string SerializeRequest(RequestSecurityToken request)
        {
            var serializer = new WSTrust13RequestSerializer();
            var context = new WSTrustSerializationContext();
            var sb = new StringBuilder(128);

            using (var writer = XmlWriter.Create(new StringWriter(sb)))
            {
                serializer.WriteXml(request, writer, context);
                return sb.ToString();
            }
        }
        public static void WriteRequest(RequestSecurityToken rst, XmlWriter writer, WSTrustSerializationContext context, WSTrustRequestSerializer requestSerializer, WSTrustConstantsAdapter trustConstants)
        {
            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (requestSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestSerializer");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            requestSerializer.Validate(rst);

            writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.RequestSecurityToken, trustConstants.NamespaceURI);

            // Step 2: Write the first class attribute, i.e. Context
            // IDFX beta work item: use the handler to write out the context as well
            if (rst.Context != null)
            {
                writer.WriteAttributeString(trustConstants.Attributes.Context, (string)rst.Context);
            }

            // Step 3: Write the custom attributes here from the Attributes bag.
            // IDFX beta work item bug 878

            // Step 4: Write the first class Element here
            requestSerializer.WriteKnownRequestElement(rst, writer, context);

            // Step 5: Write the custom elements here from the Elements bag
            foreach (KeyValuePair<string, object> messageParam in rst.Properties)
            {
                requestSerializer.WriteXmlElement(writer, messageParam.Key, messageParam.Value, rst, context);
            }

            // Step 6: close the RST element
            writer.WriteEndElement();
        }
Esempio n. 32
0
        /// <summary>
        /// Writes out the supported elements on the request object. Override this method if someone
        /// has sub-class the RequestSecurityToken class and added more property to it.
        /// </summary>
        /// <param name="rst">The request instance</param>
        /// <param name="writer">The writer to write to</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either rst or writer or context parameter is null.</exception>
        public override void WriteKnownRequestElement(RequestSecurityToken rst, XmlWriter writer, WSTrustSerializationContext context)
        {
            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            // Write out the exisiting ones
            WSTrustSerializationHelper.WriteKnownRequestElement(rst, writer, context, this, WSTrustConstantsAdapter.Trust13);

            // Specific to WS-Trust 13
            if (!string.IsNullOrEmpty(rst.KeyWrapAlgorithm))
            {
                if (!UriUtil.CanCreateValidUri(rst.KeyWrapAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI, rst.KeyWrapAlgorithm)));
                }

                this.WriteXmlElement(writer, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, rst.KeyWrapAlgorithm, rst, context);
            }

            if (rst.SecondaryParameters != null)
            {
                this.WriteXmlElement(writer, WSTrust13Constants.ElementNames.SecondaryParameters, rst.SecondaryParameters, rst, context);
            }

            if (rst.ValidateTarget != null)
            {
                this.WriteXmlElement(writer, WSTrust13Constants.ElementNames.ValidateTarget, rst.ValidateTarget, rst, context);
            }
        }
        public static void ReadRSTXml(XmlReader reader, RequestSecurityToken rst, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            bool isEmptyElement = false;

            if (reader.IsStartElement(trustConstants.Elements.TokenType, trustConstants.NamespaceURI))
            {
                rst.TokenType = reader.ReadElementContentAsString();
                if (!UriUtil.CanCreateValidUri(rst.TokenType, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.TokenType, trustConstants.NamespaceURI, rst.TokenType)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.RequestType, trustConstants.NamespaceURI))
            {
                rst.RequestType = WSTrustSerializationHelper.ReadRequestType(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(WSPolicyConstants.ElementNames.AppliesTo, WSPolicyConstants.NamespaceURI))
            {
                rst.AppliesTo = WSTrustSerializationHelper.ReadAppliesTo(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Issuer, trustConstants.NamespaceURI))
            {
                rst.Issuer = WSTrustSerializationHelper.ReadOnBehalfOfIssuer(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.ProofEncryption, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rst.ProofEncryption = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlers);
                }

                if (rst.ProofEncryption == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3218)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Encryption, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rst.Encryption = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlers);
                }

                if (rst.Encryption == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3268)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.DelegateTo, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rst.DelegateTo = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlers);
                }

                if (rst.DelegateTo == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3219)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Claims, trustConstants.NamespaceURI))
            {
                // According to trust specification, Trust13 requires Claims\@Dialect attribute but not TrustFeb2005.
                // Even for Trust13, the Dialect Uri is open.  After research, "http://schemas.xmlsoap.org/ws/2005/05/identity"
                // seems to be the most common and IDFx will use that if none defined.
                // Our implementation is, for reading/writing, we will be looking specifically for 
                // "http://docs.oasis-open.org/wsfed/authorization/200706/authclaims" (as defined in ws-federation)
                // and fallback to "http://schemas.xmlsoap.org/ws/2005/05/identity" for others.
                // This would also tolerate WCF Orcas which send us "http://schemas.xmlsoap.org/ws/2005/05/IdentityClaims" 
                // as dialect.
                rst.Claims.Dialect = reader.GetAttribute(trustConstants.Attributes.Dialect);
                if ((rst.Claims.Dialect != null) && !UriUtil.CanCreateValidUri(rst.Claims.Dialect, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3136, trustConstants.Attributes.Dialect, reader.LocalName, reader.NamespaceURI, rst.Claims.Dialect)));
                }

                string ns = WSTrustSerializationHelper.GetRequestClaimNamespace(rst.Claims.Dialect);

                isEmptyElement = reader.IsEmptyElement;
                reader.ReadStartElement(trustConstants.Elements.Claims, trustConstants.NamespaceURI);
                if (!isEmptyElement)
                {
                    while (reader.IsStartElement(WSIdentityConstants.Elements.ClaimType, ns))
                    {
                        isEmptyElement = reader.IsEmptyElement;
                        string claimType = reader.GetAttribute(WSIdentityConstants.Attributes.Uri);
                        if (string.IsNullOrEmpty(claimType))
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3009)));
                        }

                        bool isOptional = false;

                        string optionalAttributeVal = reader.GetAttribute(WSIdentityConstants.Attributes.Optional);
                        if (!string.IsNullOrEmpty(optionalAttributeVal))
                        {
                            isOptional = XmlConvert.ToBoolean(optionalAttributeVal);
                        }

                        reader.Read();
                        reader.MoveToContent();

                        string value = null;
                        if (!isEmptyElement)
                        {
                            if (reader.IsStartElement(WSAuthorizationConstants.Elements.Value, ns))
                            {
                                if (!StringComparer.Ordinal.Equals(rst.Claims.Dialect, WSAuthorizationConstants.Dialect))
                                {
                                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3258, rst.Claims.Dialect, WSAuthorizationConstants.Dialect)));
                                }
                                else
                                {
                                    // Value only supported for ws-federation authclaims
                                    value = reader.ReadElementContentAsString(WSAuthorizationConstants.Elements.Value, ns);
                                }
                            }

                            reader.ReadEndElement();
                        }

                        rst.Claims.Add(new RequestClaim(claimType, isOptional, value));
                    }

                    reader.ReadEndElement();
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Entropy, trustConstants.NamespaceURI))
            {
                isEmptyElement = reader.IsEmptyElement;

                reader.ReadStartElement(trustConstants.Elements.Entropy, trustConstants.NamespaceURI);
                if (!isEmptyElement)
                {
                    ProtectedKey protectedKey = ReadProtectedKey(reader, context, trustConstants);

                    if (protectedKey == null)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3026)));
                    }

                    rst.Entropy = new Entropy(protectedKey);

                    reader.ReadEndElement();
                }

                if (rst.Entropy == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3026)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.BinaryExchange, trustConstants.NamespaceURI))
            {
                rst.BinaryExchange = ReadBinaryExchange(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Lifetime, trustConstants.NamespaceURI))
            {
                rst.Lifetime = WSTrustSerializationHelper.ReadLifetime(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.RenewTarget, trustConstants.NamespaceURI))
            {
                isEmptyElement = reader.IsEmptyElement;

                if (!isEmptyElement)
                {
                    rst.RenewTarget = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlers);
                }

                if (rst.RenewTarget == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3151)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.OnBehalfOf, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    // Check that we have the SecurityTokenHandlerCollection that we need for OnBehalfOf. If not, then fail now.
                    if (context.SecurityTokenHandlerCollectionManager.ContainsKey(SecurityTokenHandlerCollectionManager.Usage.OnBehalfOf))
                    {
                        rst.OnBehalfOf = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlerCollectionManager[SecurityTokenHandlerCollectionManager.Usage.OnBehalfOf]);
                    }
                    else
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3264)));
                    }
                }

                if (rst.OnBehalfOf == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3152)));
                }

                return;
            }

            if (reader.IsStartElement(WSTrust14Constants.ElementNames.ActAs, WSTrust14Constants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    // Check that we have the SecurityTokenHandlerCollection that we need for ActAs. If not, then fail now.
                    if (context.SecurityTokenHandlerCollectionManager.ContainsKey(SecurityTokenHandlerCollectionManager.Usage.ActAs))
                    {
                        rst.ActAs = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlerCollectionManager[SecurityTokenHandlerCollectionManager.Usage.ActAs]);
                    }
                    else
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3265)));
                    }
                }

                if (rst.ActAs == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3153)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.KeyType, trustConstants.NamespaceURI))
            {
                rst.KeyType = WSTrustSerializationHelper.ReadKeyType(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.KeySize, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rst.KeySizeInBits = int.Parse(reader.ReadElementContentAsString(), CultureInfo.InvariantCulture);
                }

                if (rst.KeySizeInBits == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3154)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.UseKey, trustConstants.NamespaceURI))
            {
                isEmptyElement = reader.IsEmptyElement;
                reader.ReadStartElement();

                if (!isEmptyElement)
                {
                    if (!context.SecurityTokenHandlers.CanReadToken(reader))
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3165)));
                    }

                    SecurityToken originalUseKeyToken = context.SecurityTokenHandlers.ReadToken(reader);
                    SecurityKeyIdentifier useKeySki = new SecurityKeyIdentifier();

                    if (originalUseKeyToken.CanCreateKeyIdentifierClause<RsaKeyIdentifierClause>())
                    {
                        useKeySki.Add(originalUseKeyToken.CreateKeyIdentifierClause<RsaKeyIdentifierClause>());
                    }
                    else if (originalUseKeyToken.CanCreateKeyIdentifierClause<X509RawDataKeyIdentifierClause>())
                    {
                        useKeySki.Add(originalUseKeyToken.CreateKeyIdentifierClause<X509RawDataKeyIdentifierClause>());
                    }
                    else
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3166)));
                    }

                    // Ensure that the provided UseKey SKI can be resolved by the UseKeyTokenResolver.
                    // This provides proof of possession because the keys in that resolver are ones that the client has used for signature.
                    SecurityToken resolvedUseKeyToken;

                    if (!context.UseKeyTokenResolver.TryResolveToken(useKeySki, out resolvedUseKeyToken))
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidRequestException(SR.GetString(SR.ID3092, useKeySki)));
                    }

                    rst.UseKey = new UseKey(useKeySki, resolvedUseKeyToken);

                    reader.ReadEndElement();
                }

                if (rst.UseKey == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3155)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.SignWith, trustConstants.NamespaceURI))
            {
                rst.SignWith = reader.ReadElementContentAsString();
                if (!UriUtil.CanCreateValidUri(rst.SignWith, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.SignWith, trustConstants.NamespaceURI, rst.SignWith)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.EncryptWith, trustConstants.NamespaceURI))
            {
                rst.EncryptWith = reader.ReadElementContentAsString();
                if (!UriUtil.CanCreateValidUri(rst.EncryptWith, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.EncryptWith, trustConstants.NamespaceURI, rst.EncryptWith)));
                }
                
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.ComputedKeyAlgorithm, trustConstants.NamespaceURI))
            {
                rst.ComputedKeyAlgorithm = ReadComputedKeyAlgorithm(reader, trustConstants);
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI))
            {
                rst.AuthenticationType = reader.ReadElementContentAsString(trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI);
                if (!UriUtil.CanCreateValidUri(rst.AuthenticationType, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI, rst.AuthenticationType)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI))
            {
                rst.EncryptionAlgorithm = reader.ReadElementContentAsString(trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI);
                if (!UriUtil.CanCreateValidUri(rst.EncryptionAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI, rst.EncryptionAlgorithm)));
                }
                
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI))
            {
                rst.CanonicalizationAlgorithm = reader.ReadElementContentAsString(trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI);
                if (!UriUtil.CanCreateValidUri(rst.CanonicalizationAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI, rst.CanonicalizationAlgorithm)));
                }
                
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI))
            {
                rst.SignatureAlgorithm = reader.ReadElementContentAsString(trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI);
                if (!UriUtil.CanCreateValidUri(rst.SignatureAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI, rst.SignatureAlgorithm)));
                }
                
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Forwardable, trustConstants.NamespaceURI))
            {
                rst.Forwardable = reader.ReadElementContentAsBoolean();
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Delegatable, trustConstants.NamespaceURI))
            {
                rst.Delegatable = reader.ReadElementContentAsBoolean();
                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.AllowPostdating, trustConstants.NamespaceURI))
            {
                rst.AllowPostdating = true;
                isEmptyElement = reader.IsEmptyElement;
                reader.Read();
                reader.MoveToContent();
                if (!isEmptyElement)
                {
                    reader.ReadEndElement();
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Renewing, trustConstants.NamespaceURI))
            {
                isEmptyElement = reader.IsEmptyElement;
                string attrValue = reader.GetAttribute(trustConstants.Attributes.Allow);
                bool allowRenewal = true;
                bool renewalAfterExpiration = false;
                if (!string.IsNullOrEmpty(attrValue))
                {
                    allowRenewal = XmlConvert.ToBoolean(attrValue);
                }

                attrValue = reader.GetAttribute(trustConstants.Attributes.OK);
                if (!string.IsNullOrEmpty(attrValue))
                {
                    renewalAfterExpiration = XmlConvert.ToBoolean(attrValue);
                }

                rst.Renewing = new Renewing(allowRenewal, renewalAfterExpiration);

                reader.Read();
                reader.MoveToContent();
                if (!isEmptyElement)
                {
                    reader.ReadEndElement();
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.CancelTarget, trustConstants.NamespaceURI))
            {
                if (!reader.IsEmptyElement)
                {
                    rst.CancelTarget = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlers);
                }

                if (rst.CancelTarget == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3220)));
                }

                return;
            }

            if (reader.IsStartElement(trustConstants.Elements.Participants, trustConstants.NamespaceURI))
            {
                EndpointReference primary = null;
                List<EndpointReference> participants = new List<EndpointReference>();

                isEmptyElement = reader.IsEmptyElement;

                reader.Read();
                reader.MoveToContent();

                if (!isEmptyElement)
                {
                    if (reader.IsStartElement(trustConstants.Elements.Primary, trustConstants.NamespaceURI))
                    {
                        reader.ReadStartElement(trustConstants.Elements.Primary, trustConstants.NamespaceURI);
                        primary = EndpointReference.ReadFrom(XmlDictionaryReader.CreateDictionaryReader(reader));
                        reader.ReadEndElement();
                    }

                    while (reader.IsStartElement(trustConstants.Elements.Participant, trustConstants.NamespaceURI))
                    {
                        reader.ReadStartElement(trustConstants.Elements.Participant, trustConstants.NamespaceURI);
                        participants.Add(EndpointReference.ReadFrom(XmlDictionaryReader.CreateDictionaryReader(reader)));
                        reader.ReadEndElement();
                    }

                    if (reader.IsStartElement())
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3223, trustConstants.Elements.Participants, trustConstants.NamespaceURI, reader.LocalName, reader.NamespaceURI)));
                    }

                    rst.Participants = new Participants();
                    rst.Participants.Primary = primary;
                    rst.Participants.Participant.AddRange(participants);

                    reader.ReadEndElement();
                }

                return;
            }

            if (reader.IsStartElement(WSAuthorizationConstants.Elements.AdditionalContext, WSAuthorizationConstants.Namespace))
            {
                rst.AdditionalContext = new AdditionalContext();

                isEmptyElement = reader.IsEmptyElement;
                reader.Read();
                reader.MoveToContent();

                if (!isEmptyElement)
                {
                    while (reader.IsStartElement(WSAuthorizationConstants.Elements.ContextItem, WSAuthorizationConstants.Namespace))
                    {
                        Uri name = null;
                        Uri scope = null;
                        string value = null;
                        string attrValue = reader.GetAttribute(WSAuthorizationConstants.Attributes.Name);
                        if (string.IsNullOrEmpty(attrValue) || !UriUtil.TryCreateValidUri(attrValue, UriKind.Absolute, out name))
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(
                                SR.GetString(SR.ID3136, WSAuthorizationConstants.Attributes.Name, reader.LocalName, reader.NamespaceURI, attrValue)));
                        }

                        attrValue = reader.GetAttribute(WSAuthorizationConstants.Attributes.Scope);
                        if (!string.IsNullOrEmpty(attrValue) && !UriUtil.TryCreateValidUri(attrValue, UriKind.Absolute, out scope))
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(
                                SR.GetString(SR.ID3136, WSAuthorizationConstants.Attributes.Scope, reader.LocalName, reader.NamespaceURI, attrValue)));
                        }

                        if (reader.IsEmptyElement)
                        {
                            reader.Read();
                        }
                        else
                        {
                            reader.Read();
                            if (reader.IsStartElement(WSAuthorizationConstants.Elements.Value, WSAuthorizationConstants.Namespace))
                            {
                                value = reader.ReadElementContentAsString(WSAuthorizationConstants.Elements.Value, WSAuthorizationConstants.Namespace);
                            }

                            reader.ReadEndElement();
                        }

                        rst.AdditionalContext.Items.Add(new ContextItem(name, value, scope));
                    }

                    if (reader.IsStartElement())
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3223, WSAuthorizationConstants.Elements.AdditionalContext, WSAuthorizationConstants.Namespace, reader.LocalName, reader.NamespaceURI)));
                    }

                    reader.ReadEndElement();
                }

                return;
            }

            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3007, reader.LocalName, reader.NamespaceURI)));
        }
Esempio n. 34
0
        /// <summary>
        /// Override of the Base class method that writes a specific RST parameter to the outgoing stream.
        /// </summary>
        /// <param name="writer">Writer to which the </param>
        /// <param name="elementName">The Local name of the element to be written.</param>
        /// <param name="elementValue">The value of the element.</param>
        /// <param name="rst">The entire RST object that is being serialized.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either writer or rst or context is null.</exception>
        /// <exception cref="ArgumentException">elementName is null or an empty string.</exception>
        public override void WriteXmlElement(XmlWriter writer, string elementName, object elementValue, RequestSecurityToken rst, WSTrustSerializationContext context)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (string.IsNullOrEmpty(elementName))
            {
                throw DiagnosticUtility.ThrowHelperArgumentNullOrEmptyString("elementName");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            // Write out the WSTrust13 specific elements
            if (StringComparer.Ordinal.Equals(elementName, WSTrust13Constants.ElementNames.SecondaryParameters))
            {
                RequestSecurityToken secondaryParameters = elementValue as RequestSecurityToken;

                if (secondaryParameters == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID2064, WSTrust13Constants.ElementNames.SecondaryParameters)));
                }

                // WS-Trust 13 spec does not allow this
                if (secondaryParameters.SecondaryParameters != null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID2055)));
                }

                writer.WriteStartElement(WSTrust13Constants.Prefix, WSTrust13Constants.ElementNames.SecondaryParameters, WSTrust13Constants.NamespaceURI);

                // write out the known elements inside the rst.SecondaryParameters
                this.WriteKnownRequestElement(secondaryParameters, writer, context);

                // Write the custom elements here from the rst.SecondaryParameters.Elements bag
                foreach (KeyValuePair <string, object> messageParam in secondaryParameters.Properties)
                {
                    this.WriteXmlElement(writer, messageParam.Key, messageParam.Value, rst, context);
                }

                // close out the SecondaryParameters element
                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, WSTrust13Constants.ElementNames.KeyWrapAlgorithm))
            {
                writer.WriteElementString(WSTrust13Constants.Prefix, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, WSTrust13Constants.ElementNames.ValidateTarget))
            {
                SecurityTokenElement tokenElement = elementValue as SecurityTokenElement;

                if (tokenElement == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, WSTrust13Constants.ElementNames.ValidateTarget, WSTrust13Constants.NamespaceURI, typeof(SecurityTokenElement), elementValue));
                }

                writer.WriteStartElement(WSTrust13Constants.Prefix, WSTrust13Constants.ElementNames.ValidateTarget, WSTrust13Constants.NamespaceURI);
                if (tokenElement.SecurityTokenXml != null)
                {
                    tokenElement.SecurityTokenXml.WriteTo(writer);
                }
                else
                {
                    context.SecurityTokenHandlers.WriteToken(writer, tokenElement.GetSecurityToken());
                }

                writer.WriteEndElement();
                return;
            }

            WSTrustSerializationHelper.WriteRSTXml(writer, elementName, elementValue, context, WSTrustConstantsAdapter.Trust13);
        }
Esempio n. 35
0
 /// <summary>
 /// When overridden in the derived class writes a child element inside the RST.
 /// </summary>
 /// <param name="writer">Writer to which the RST is serialized. </param>
 /// <param name="elementName">The Local name of the element to be written.</param>
 /// <param name="elementValue">The value of the element.</param>
 /// <param name="requestSecurityToken">The entire RST object that is being serialized.</param>
 /// <param name="context">Current Serialization context.</param>
 public abstract void WriteXmlElement(XmlWriter writer, string elementName, object elementValue, RequestSecurityToken requestSecurityToken, WSTrustSerializationContext context);
        /// <summary>
        /// Serializes a RequestSecurityTokenResponse object to the given XmlWriter
        /// stream.
        /// </summary>
        /// <param name="response">RequestSecurityTokenResponse object that needs to be serialized to the writer.</param>
        /// <param name="writer">XmlWriter into which the object will be serialized</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">The given response or writer or context parameter is null</exception>
        public override void WriteXml(RequestSecurityTokenResponse response, XmlWriter writer, WSTrustSerializationContext context)
        {
            if (response == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("response");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (response.IsFinal)
            {
                writer.WriteStartElement(WSTrust13Constants.Prefix, WSTrust13Constants.ElementNames.RequestSecurityTokenResponseCollection, WSTrust13Constants.NamespaceURI);
            }

            WSTrustSerializationHelper.WriteResponse(response, writer, context, this, WSTrustConstantsAdapter.Trust13);

            if (response.IsFinal)
            {
                writer.WriteEndElement();
            }
        }
Esempio n. 37
0
 /// <summary>
 /// When overridden in the derived class reads a child element inside RST.
 /// </summary>
 /// <param name="reader">Reader pointing at an element to read inside the RST.</param>
 /// <param name="requestSecurityToken">The RequestSecurityToken element that is being populated from the reader.</param>
 /// <param name="context">Current Serialization context.</param>
 public abstract void ReadXmlElement(XmlReader reader, RequestSecurityToken requestSecurityToken, WSTrustSerializationContext context);
        /// <summary>
        /// Override of the base class that Reads a specific child element inside the RSTR.
        /// </summary>
        /// <param name="reader">Reader pointing at an element to read inside the RSTR.</param>
        /// <param name="rstr">The RequestSecurityTokenResponse element that is being populated from the reader.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either reader or rstr or context parameter is null.</exception>
        /// <exception cref="WSTrustSerializationException">Unable to deserialize the current parameter.</exception>
        public override void ReadXmlElement(XmlReader reader, RequestSecurityTokenResponse rstr, WSTrustSerializationContext context)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (rstr == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (reader.IsStartElement(WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI))
            {
                rstr.KeyWrapAlgorithm = reader.ReadElementContentAsString();
                return;
            }

            WSTrustSerializationHelper.ReadRSTRXml(reader, rstr, context, WSTrustConstantsAdapter.Trust13);
        }
            public ProcessCoreAsyncResult(WSTrustServiceContract contract,
                                           DispatchContext dispatchContext,
                                           MessageVersion messageVersion,
                                           WSTrustResponseSerializer responseSerializer,
                                           WSTrustSerializationContext serializationContext,
                                           AsyncCallback asyncCallback,
                                           object asyncState)
                : base(asyncCallback, asyncState)
            {
                if (contract == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("contract");
                }

                if (dispatchContext == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("dispatchContext");
                }

                if (responseSerializer == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("responseSerializer");
                }

                if (serializationContext == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("serializationContext");
                }

                _trustServiceContract = contract;
                _dispatchContext = dispatchContext;
                _messageVersion = messageVersion;
                _responseSerializer = responseSerializer;
                _serializationContext = serializationContext;

                contract.BeginDispatchRequest(dispatchContext, OnDispatchRequestCompleted, null);
            }
        public string Serialize(RequestSecurityTokenResponse securityTokenResponse)
        {
            XmlWriterSettings xmlWriterSettings = new XmlWriterSettings();
            xmlWriterSettings.OmitXmlDeclaration = true;

            using (MemoryStream memoryStream = new MemoryStream())
            using (XmlWriter xmlWriter = XmlWriter.Create(memoryStream, xmlWriterSettings))
            {
                WSTrust13ResponseSerializer serializer = new WSTrust13ResponseSerializer();
                WSTrustSerializationContext context = new WSTrustSerializationContext();
                serializer.WriteXml(securityTokenResponse, xmlWriter, context);
                xmlWriter.Flush();
                var encoding = new System.Text.UTF8Encoding(false);
                return encoding.GetString(memoryStream.ToArray());

            }
        }
        /// <summary>
        /// Creates a <see cref="DispatchContext"/> object for use by the <see cref="DispatchRequest"/> method.
        /// </summary>
        /// <param name="requestMessage">The incoming request message.</param>
        /// <param name="requestAction">The SOAP action of the request.</param>
        /// <param name="responseAction">The default SOAP action of the response.</param>
        /// <param name="trustNamespace">Namespace URI of the trust version of the incoming request.</param>
        /// <param name="requestSerializer">The <see cref="WSTrustRequestSerializer"/> used to deserialize 
        /// incoming RST messages.</param>
        /// <param name="responseSerializer">The <see cref="WSTrustResponseSerializer"/> used to deserialize 
        /// incoming RSTR messages.</param>
        /// <param name="serializationContext">The <see cref="WSTrustSerializationContext"/> to use 
        /// when deserializing incoming messages.</param>
        /// <returns>A <see cref="DispatchContext"/> object.</returns>
        protected virtual DispatchContext CreateDispatchContext(Message requestMessage,
                                                                 string requestAction,
                                                                 string responseAction,
                                                                 string trustNamespace,
                                                                 WSTrustRequestSerializer requestSerializer,
                                                                 WSTrustResponseSerializer responseSerializer,
                                                                 WSTrustSerializationContext serializationContext)
        {
            DispatchContext dispatchContext = new DispatchContext()
            {
                Principal = OperationContext.Current.ClaimsPrincipal as ClaimsPrincipal,
                RequestAction = requestAction,
                ResponseAction = responseAction,
                TrustNamespace = trustNamespace
            };

            XmlReader requestBodyReader = requestMessage.GetReaderAtBodyContents();
            //
            // Take a peek at the request with the serializers to figure out if this is a standard incoming
            // RST or if this is an instance of a challenge-response style message pattern where an RSTR comes in.
            //
            if (requestSerializer.CanRead(requestBodyReader))
            {
                dispatchContext.RequestMessage = requestSerializer.ReadXml(requestBodyReader, serializationContext);
            }
            else if (responseSerializer.CanRead(requestBodyReader))
            {
                dispatchContext.RequestMessage = responseSerializer.ReadXml(requestBodyReader, serializationContext);
            }
            else
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
                    new InvalidRequestException(SR.GetString(SR.ID3114)));
            }

            //
            // CAUTION: Don't create the STS until after the RST or RSTR is deserialized or the test team
            //          has major infrastructure problems.
            //          
            dispatchContext.SecurityTokenService = CreateSTS();
            return dispatchContext;
        }
        /// <summary>
        /// Override of the Base class method that writes a specific RST parameter to the outgoing stream.
        /// </summary>
        /// <param name="writer">Writer to which the RST is serialized. </param>
        /// <param name="elementName">The Local name of the element to be written.</param>
        /// <param name="elementValue">The value of the element.</param>
        /// <param name="rst">The entire RST object that is being serialized.</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either writer or rst or context is null.</exception>
        /// <exception cref="ArgumentException">elementName is null or an empty string.</exception>
        public override void WriteXmlElement(XmlWriter writer, string elementName, object elementValue, RequestSecurityToken rst, WSTrustSerializationContext context)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (string.IsNullOrEmpty(elementName))
            {
                throw DiagnosticUtility.ThrowHelperArgumentNullOrEmptyString("elementName");
            }

            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            WSTrustSerializationHelper.WriteRSTXml(writer, elementName, elementValue, context, WSTrustConstantsAdapter.TrustFeb2005);
        }
        /// <summary>
        /// Writes out the supported elements on the request object. Override this method if someone 
        /// has sub-class the RequestSecurityToken class and added more property to it.
        /// </summary>
        /// <param name="rst">The request instance</param>
        /// <param name="writer">The writer to write to</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either rst or writer or context parameter is null.</exception>
        public override void WriteKnownRequestElement(RequestSecurityToken rst, XmlWriter writer, WSTrustSerializationContext context)
        {
            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            // Write out the exisiting ones
            WSTrustSerializationHelper.WriteKnownRequestElement(rst, writer, context, this, WSTrustConstantsAdapter.Trust13);

            // Specific to WS-Trust 13
            if (!string.IsNullOrEmpty(rst.KeyWrapAlgorithm))
            {
                if (!UriUtil.CanCreateValidUri(rst.KeyWrapAlgorithm, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI, rst.KeyWrapAlgorithm)));
                }

                this.WriteXmlElement(writer, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, rst.KeyWrapAlgorithm, rst, context);
            }

            if (rst.SecondaryParameters != null)
            {
                this.WriteXmlElement(writer, WSTrust13Constants.ElementNames.SecondaryParameters, rst.SecondaryParameters, rst, context);
            }

            if (rst.ValidateTarget != null)
            {
                this.WriteXmlElement(writer, WSTrust13Constants.ElementNames.ValidateTarget, rst.ValidateTarget, rst, context);
            }
        }
        public static void WriteKnownRequestElement(RequestSecurityToken rst, XmlWriter writer, WSTrustSerializationContext context, WSTrustRequestSerializer requestSerializer, WSTrustConstantsAdapter trustConstants)
        {
            if (rst == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (requestSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestSerializer");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            if (rst.AppliesTo != null)
            {
                requestSerializer.WriteXmlElement(writer, WSPolicyConstants.ElementNames.AppliesTo, rst.AppliesTo, rst, context);
            }

            if (rst.Claims.Count > 0)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Claims, rst.Claims, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.ComputedKeyAlgorithm))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.ComputedKeyAlgorithm, rst.ComputedKeyAlgorithm, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.SignWith))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.SignWith, rst.SignWith, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.EncryptWith))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.EncryptWith, rst.EncryptWith, rst, context);
            }

            if (rst.Entropy != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Entropy, rst.Entropy, rst, context);
            }

            if (rst.KeySizeInBits.HasValue)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.KeySize, rst.KeySizeInBits, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.KeyType))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.KeyType, rst.KeyType, rst, context);
            }

            if (rst.Lifetime != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Lifetime, rst.Lifetime, rst, context);
            }

            if (rst.RenewTarget != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.RenewTarget, rst.RenewTarget, rst, context);
            }

            if (rst.OnBehalfOf != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.OnBehalfOf, rst.OnBehalfOf, rst, context);
            }

            if (rst.ActAs != null)
            {
                requestSerializer.WriteXmlElement(writer, WSTrust14Constants.ElementNames.ActAs, rst.ActAs, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.RequestType))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.RequestType, rst.RequestType, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.TokenType))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.TokenType, rst.TokenType, rst, context);
            }

            if (rst.UseKey != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.UseKey, rst.UseKey, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.AuthenticationType))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.AuthenticationType, rst.AuthenticationType, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.EncryptionAlgorithm))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.EncryptionAlgorithm, rst.EncryptionAlgorithm, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.CanonicalizationAlgorithm))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.CanonicalizationAlgorithm, rst.CanonicalizationAlgorithm, rst, context);
            }

            if (!string.IsNullOrEmpty(rst.SignatureAlgorithm))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.SignatureAlgorithm, rst.SignatureAlgorithm, rst, context);
            }

            if (rst.BinaryExchange != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.BinaryExchange, rst.BinaryExchange, rst, context);
            }

            if (rst.Issuer != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Issuer, rst.Issuer, rst, context);
            }

            if (rst.ProofEncryption != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.ProofEncryption, rst.ProofEncryption, rst, context);
            }

            if (rst.Encryption != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Encryption, rst.Encryption, rst, context);
            }

            if (rst.DelegateTo != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.DelegateTo, rst.DelegateTo, rst, context);
            }

            if (rst.Forwardable != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Forwardable, rst.Forwardable.Value, rst, context);
            }

            if (rst.Delegatable != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Delegatable, rst.Delegatable.Value, rst, context);
            }

            if (rst.AllowPostdating)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.AllowPostdating, rst.AllowPostdating, rst, context);
            }

            if (rst.Renewing != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Renewing, rst.Renewing, rst, context);
            }

            if (rst.CancelTarget != null)
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.CancelTarget, rst.CancelTarget, rst, context);
            }

            if ((rst.Participants != null) && ((rst.Participants.Primary != null) || (rst.Participants.Participant.Count > 0)))
            {
                requestSerializer.WriteXmlElement(writer, trustConstants.Elements.Participants, rst.Participants, rst, context);
            }

            if (rst.AdditionalContext != null)
            {
                requestSerializer.WriteXmlElement(writer, WSAuthorizationConstants.Elements.AdditionalContext, rst.AdditionalContext, rst, context);
            }
        }
Esempio n. 45
0
        /// <summary>
        /// Writes out the supported elements on the response object.
        /// </summary>
        /// <param name="rstr">The response instance</param>
        /// <param name="writer">The writer to write to</param>
        /// <param name="context">Current Serialization context.</param>
        /// <exception cref="ArgumentNullException">Either rstr or writer or context parameter is null.</exception>
        public override void WriteKnownResponseElement(RequestSecurityTokenResponse rstr, XmlWriter writer, WSTrustSerializationContext context)
        {
            if (rstr == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rstr");
            }

            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            WSTrustSerializationHelper.WriteKnownResponseElement(rstr, writer, context, this, WSTrustConstantsAdapter.TrustFeb2005);
        }
        public static void WriteRSTXml(XmlWriter writer, string elementName, object elementValue, WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (string.IsNullOrEmpty(elementName))
            {
                throw DiagnosticUtility.ThrowHelperArgumentNullOrEmptyString("elementName");
            }

            if (context == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
            }

            if (trustConstants == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("trustConstants");
            }

            if (StringComparer.Ordinal.Equals(elementName, WSPolicyConstants.ElementNames.AppliesTo))
            {
                EndpointReference appliesTo = elementValue as EndpointReference;
                WSTrustSerializationHelper.WriteAppliesTo(writer, appliesTo, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Claims))
            {
                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.Claims, trustConstants.NamespaceURI);
                RequestClaimCollection claims = (RequestClaimCollection)elementValue;
                if ((claims.Dialect != null) && !UriUtil.CanCreateValidUri(claims.Dialect, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3136, trustConstants.Attributes.Dialect, trustConstants.Elements.Claims, trustConstants.NamespaceURI, claims.Dialect)));
                }

                string ns = WSTrustSerializationHelper.GetRequestClaimNamespace(claims.Dialect);
                string prefix = writer.LookupPrefix(ns);
                if (string.IsNullOrEmpty(prefix))
                {
                    prefix = WSTrustSerializationHelper.GetRequestClaimPrefix(claims.Dialect);
                    writer.WriteAttributeString("xmlns", prefix, null, ns);
                }
                
                writer.WriteAttributeString(trustConstants.Attributes.Dialect, !string.IsNullOrEmpty(claims.Dialect) ? claims.Dialect : WSIdentityConstants.Dialect);
                foreach (RequestClaim claim in claims)
                {
                    writer.WriteStartElement(prefix, WSIdentityConstants.Elements.ClaimType, ns);
                    writer.WriteAttributeString(WSIdentityConstants.Attributes.Uri, claim.ClaimType);
                    writer.WriteAttributeString(WSIdentityConstants.Attributes.Optional, claim.IsOptional ? "true" : "false");
                    if (claim.Value != null)
                    {
                        if (StringComparer.Ordinal.Equals(claims.Dialect, WSAuthorizationConstants.Dialect))
                        {
                            writer.WriteElementString(prefix, WSAuthorizationConstants.Elements.Value, ns, claim.Value);
                        }
                        else
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3257, claims.Dialect, WSAuthorizationConstants.Dialect)));
                        }
                    }

                    writer.WriteEndElement();
                }

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.ComputedKeyAlgorithm))
            {
                WriteComputedKeyAlgorithm(writer, trustConstants.Elements.ComputedKeyAlgorithm, (string)elementValue, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.BinaryExchange))
            {
                WriteBinaryExchange(writer, elementValue as BinaryExchange, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Issuer))
            {
                WriteOnBehalfOfIssuer(writer, elementValue as EndpointReference, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.SignWith))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.SignWith, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.SignWith, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.EncryptWith))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.EncryptWith, trustConstants.NamespaceURI, (string)elementValue)));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.EncryptWith, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Entropy))
            {
                Entropy entropy = elementValue as Entropy;
                if (entropy != null)
                {
                    writer.WriteStartElement(trustConstants.Elements.Entropy, trustConstants.NamespaceURI);
                    WriteProtectedKey(writer, entropy, context, trustConstants);
                    writer.WriteEndElement();
                }

                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.KeySize))
            {
                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.KeySize, trustConstants.NamespaceURI, Convert.ToString(((int)elementValue), CultureInfo.InvariantCulture));
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.KeyType))
            {
                WSTrustSerializationHelper.WriteKeyType(writer, ((string)elementValue), trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Lifetime))
            {
                Lifetime lifeTime = (Lifetime)elementValue;
                WSTrustSerializationHelper.WriteLifetime(writer, lifeTime, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.RenewTarget))
            {
                SecurityTokenElement tokenElement = elementValue as SecurityTokenElement;
                if (tokenElement == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, trustConstants.Elements.RenewTarget, trustConstants.NamespaceURI, typeof(SecurityTokenElement), elementValue));
                }

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.RenewTarget, trustConstants.NamespaceURI);

                if (tokenElement.SecurityTokenXml != null)
                {
                    tokenElement.SecurityTokenXml.WriteTo(writer);
                }
                else
                {
                    context.SecurityTokenHandlers.WriteToken(writer, tokenElement.GetSecurityToken());
                }

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.OnBehalfOf))
            {
                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.OnBehalfOf, trustConstants.NamespaceURI);
                WriteTokenElement((SecurityTokenElement)elementValue, SecurityTokenHandlerCollectionManager.Usage.OnBehalfOf, context, writer);
                writer.WriteEndElement();

                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, WSTrust14Constants.ElementNames.ActAs))
            {
                writer.WriteStartElement(WSTrust14Constants.Prefix, WSTrust14Constants.ElementNames.ActAs, WSTrust14Constants.NamespaceURI);
                WriteTokenElement((SecurityTokenElement)elementValue, SecurityTokenHandlerCollectionManager.Usage.ActAs, context, writer);
                writer.WriteEndElement();

                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.RequestType))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.RequestType, trustConstants.NamespaceURI, (string)elementValue)));
                }

                WSTrustSerializationHelper.WriteRequestType(writer, (string)elementValue, trustConstants);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.TokenType))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.TokenType, trustConstants.NamespaceURI, ((string)elementValue))));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.TokenType, trustConstants.NamespaceURI, ((string)elementValue));
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.UseKey))
            {
                UseKey useKey = (UseKey)elementValue;

                if (useKey.Token == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3012)));
                }

                if (!context.SecurityTokenHandlers.CanWriteToken(useKey.Token))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3017)));
                }

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.UseKey, trustConstants.NamespaceURI);

                context.SecurityTokenHandlers.WriteToken(writer, useKey.Token);

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.AuthenticationType))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI, ((string)elementValue))));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.AuthenticationType, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.EncryptionAlgorithm))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI, ((string)elementValue))));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.EncryptionAlgorithm, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.CanonicalizationAlgorithm))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI, ((string)elementValue))));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.CanonicalizationAlgorithm, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.SignatureAlgorithm))
            {
                if (!UriUtil.CanCreateValidUri((string)elementValue, UriKind.Absolute))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI, ((string)elementValue))));
                }

                writer.WriteElementString(trustConstants.Prefix, trustConstants.Elements.SignatureAlgorithm, trustConstants.NamespaceURI, (string)elementValue);
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Encryption))
            {
                SecurityTokenElement token = (SecurityTokenElement)elementValue;

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.Encryption, trustConstants.NamespaceURI);

                if (token.SecurityTokenXml != null)
                {
                    token.SecurityTokenXml.WriteTo(writer);
                }
                else
                {
                    context.SecurityTokenHandlers.WriteToken(writer, token.GetSecurityToken());
                }

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.ProofEncryption))
            {
                SecurityTokenElement token = (SecurityTokenElement)elementValue;

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.ProofEncryption, trustConstants.NamespaceURI);

                if (token.SecurityTokenXml != null)
                {
                    token.SecurityTokenXml.WriteTo(writer);
                }
                else
                {
                    context.SecurityTokenHandlers.WriteToken(writer, token.GetSecurityToken());
                }

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.DelegateTo))
            {
                SecurityTokenElement token = (SecurityTokenElement)elementValue;

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.DelegateTo, trustConstants.NamespaceURI);

                if (token.SecurityTokenXml != null)
                {
                    token.SecurityTokenXml.WriteTo(writer);
                }
                else
                {
                    context.SecurityTokenHandlers.WriteToken(writer, token.GetSecurityToken());
                }

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Forwardable))
            {
                if (!(elementValue is bool))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, trustConstants.Elements.Forwardable, trustConstants.NamespaceURI, typeof(bool), elementValue));
                }

                writer.WriteStartElement(trustConstants.Elements.Forwardable, trustConstants.NamespaceURI);
                writer.WriteString(XmlConvert.ToString((bool)elementValue));
                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Delegatable))
            {
                if (!(elementValue is bool))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, trustConstants.Elements.Delegatable, trustConstants.NamespaceURI, typeof(bool), elementValue));
                }

                writer.WriteStartElement(trustConstants.Elements.Delegatable, trustConstants.NamespaceURI);
                writer.WriteString(XmlConvert.ToString((bool)elementValue));
                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.AllowPostdating))
            {
                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.AllowPostdating, trustConstants.NamespaceURI);
                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Renewing))
            {
                Renewing renewing = elementValue as Renewing;
                if (renewing == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, trustConstants.Elements.Renewing, trustConstants.NamespaceURI, typeof(Renewing), elementValue));
                }

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.Renewing, trustConstants.NamespaceURI);
                writer.WriteAttributeString(trustConstants.Attributes.Allow, XmlConvert.ToString(renewing.AllowRenewal));
                writer.WriteAttributeString(trustConstants.Attributes.OK, XmlConvert.ToString(renewing.OkForRenewalAfterExpiration));
                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.CancelTarget))
            {
                SecurityTokenElement tokenElement = elementValue as SecurityTokenElement;

                if (tokenElement == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, trustConstants.Elements.CancelTarget, trustConstants.NamespaceURI, typeof(SecurityTokenElement), elementValue));
                }

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.CancelTarget, trustConstants.NamespaceURI);

                if (tokenElement.SecurityTokenXml != null)
                {
                    tokenElement.SecurityTokenXml.WriteTo(writer);
                }
                else
                {
                    context.SecurityTokenHandlers.WriteToken(writer, tokenElement.GetSecurityToken());
                }

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, trustConstants.Elements.Participants))
            {
                Participants participants = elementValue as Participants;

                if (participants == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, trustConstants.Elements.Participant, trustConstants.NamespaceURI, typeof(Participants), elementValue));
                }

                writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.Participants, trustConstants.NamespaceURI);

                if (participants.Primary != null)
                {
                    writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.Primary, trustConstants.NamespaceURI);
                    participants.Primary.WriteTo(writer);
                    writer.WriteEndElement();
                }

                foreach (EndpointReference participant in participants.Participant)
                {
                    writer.WriteStartElement(trustConstants.Prefix, trustConstants.Elements.Participant, trustConstants.NamespaceURI);
                    participant.WriteTo(writer);
                    writer.WriteEndElement();
                }

                writer.WriteEndElement();
                return;
            }

            if (StringComparer.Ordinal.Equals(elementName, WSAuthorizationConstants.Elements.AdditionalContext))
            {
                AdditionalContext additionalContext = elementValue as AdditionalContext;

                if (additionalContext == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("elementValue", SR.GetString(SR.ID3222, WSAuthorizationConstants.Elements.AdditionalContext, WSAuthorizationConstants.Namespace, typeof(AdditionalContext), elementValue));
                }

                writer.WriteStartElement(WSAuthorizationConstants.Prefix, WSAuthorizationConstants.Elements.AdditionalContext, WSAuthorizationConstants.Namespace);
                foreach (ContextItem item in additionalContext.Items)
                {
                    writer.WriteStartElement(WSAuthorizationConstants.Prefix, WSAuthorizationConstants.Elements.ContextItem, WSAuthorizationConstants.Namespace);
                    writer.WriteAttributeString(WSAuthorizationConstants.Attributes.Name, item.Name.AbsoluteUri);
                    if (item.Scope != null)
                    {
                        writer.WriteAttributeString(WSAuthorizationConstants.Attributes.Scope, item.Scope.AbsoluteUri);
                    }

                    if (item.Value != null)
                    {
                        writer.WriteElementString(WSAuthorizationConstants.Elements.Value, WSAuthorizationConstants.Namespace, item.Value);
                    }

                    writer.WriteEndElement();
                }

                writer.WriteEndElement();
                return;
            }

            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3013, elementName, elementValue.GetType())));
        }
Esempio n. 47
0
 /// <summary>
 /// When overriden in the derived class deserializes the RST from the XmlReader to a RequestSecurityToken object.
 /// </summary>
 /// <param name="reader">XML reader over the RST</param>
 /// <param name="context">Current Serialization context.</param>
 /// <returns>RequestSecurityToken object if the deserialization was successful</returns>
 public abstract RequestSecurityToken ReadXml(XmlReader reader, WSTrustSerializationContext context);