Esempio n. 1
0
	public static void Main ()
	{
		AsymmetricSecurityBindingElement sbe =
			new AsymmetricSecurityBindingElement ();
		//sbe.SecurityHeaderLayout = SecurityHeaderLayout.Lax;
		//sbe.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11;
		//sbe.RequireSignatureConfirmation = true;

		//sbe.LocalServiceSettings.DetectReplays = false;
		//sbe.IncludeTimestamp = false;

		sbe.RecipientTokenParameters =
			new X509SecurityTokenParameters (X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.Never);
		sbe.InitiatorTokenParameters = 
			new X509SecurityTokenParameters (X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.AlwaysToRecipient);
		X509SecurityTokenParameters p =
			new X509SecurityTokenParameters (X509KeyIdentifierClauseType.IssuerSerial, SecurityTokenInclusionMode.AlwaysToRecipient);
		p.RequireDerivedKeys = false;
		//sbe.EndpointSupportingTokenParameters.Endorsing.Add (p);
		UserNameSecurityTokenParameters up =
			new UserNameSecurityTokenParameters ();
		sbe.EndpointSupportingTokenParameters.Signed.Add (up);
		sbe.SetKeyDerivation (false);
		sbe.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt;
		ServiceHost host = new ServiceHost (typeof (Foo));
		HttpTransportBindingElement hbe =
			new HttpTransportBindingElement ();
		CustomBinding binding = new CustomBinding (sbe, hbe);
		binding.ReceiveTimeout = TimeSpan.FromSeconds (5);
		host.AddServiceEndpoint ("IFoo",
			binding, new Uri ("http://localhost:8080"));
		ServiceCredentials cred = new ServiceCredentials ();
		cred.ServiceCertificate.Certificate =
			new X509Certificate2 ("test.pfx", "mono");
		cred.ClientCertificate.Authentication.CertificateValidationMode =
			X509CertificateValidationMode.None;
		cred.UserNameAuthentication.UserNamePasswordValidationMode =
			UserNamePasswordValidationMode.Custom;
		cred.UserNameAuthentication.CustomUserNamePasswordValidator =
			UserNamePasswordValidator.None;
		host.Description.Behaviors.Add (cred);
		host.Description.Behaviors.Find<ServiceDebugBehavior> ()
			.IncludeExceptionDetailInFaults = true;
		foreach (ServiceEndpoint se in host.Description.Endpoints)
			se.Behaviors.Add (new StdErrInspectionBehavior ());
		ServiceMetadataBehavior smb = new ServiceMetadataBehavior ();
		smb.HttpGetEnabled = true;
		smb.HttpGetUrl = new Uri ("http://localhost:8080/wsdl");
		host.Description.Behaviors.Add (smb);
		host.Open ();
		Console.WriteLine ("Hit [CR] key to close ...");
		Console.ReadLine ();
		host.Close ();
	}
        public virtual bool TryImportWsspUsernameTokenAssertion(MetadataImporter importer, XmlElement assertion, out SecurityTokenParameters parameters)
        {
            parameters = null;

            SecurityTokenInclusionMode inclusionMode;
            Collection<Collection<XmlElement>> alternatives;

            if (IsWsspAssertion(assertion, UsernameTokenName)
                && TryGetIncludeTokenValue(assertion, out inclusionMode))
            {
                if (TryGetNestedPolicyAlternatives(importer, assertion, out alternatives))
                {
                    foreach (Collection<XmlElement> alternative in alternatives)
                    {
                        if (TryImportWsspAssertion(alternative, WssUsernameToken10Name)
                            && alternative.Count == 0)
                        {
                            parameters = new UserNameSecurityTokenParameters();
                            parameters.InclusionMode = inclusionMode;
                            break;
                        }
                    }
                }
                else
                {
                    parameters = new UserNameSecurityTokenParameters();
                    parameters.InclusionMode = inclusionMode;
                }
            }

            return parameters != null;
        }
 public virtual XmlElement CreateWsspUsernameTokenAssertion(MetadataExporter exporter, UserNameSecurityTokenParameters parameters)
 {
     XmlElement result = CreateWsspAssertion(UsernameTokenName);
     SetIncludeTokenValue(result, parameters.InclusionMode);
     result.AppendChild(
         CreateWspPolicyWrapper(
             exporter,
             CreateWsspAssertion(WssUsernameToken10Name)
     ));
     return result;
 }
        private SecurityBindingElement CreateSecurityBindingElement()
        {
            SymmetricSecurityBindingElement secBindingElement = new SymmetricSecurityBindingElement();

            secBindingElement.SecurityHeaderLayout = SecurityHeaderLayout.Strict;

            // TEST
            //secBindingElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256Rsa15;
            secBindingElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256;

            secBindingElement.MessageProtectionOrder = MessageProtectionOrder.SignBeforeEncrypt;
            secBindingElement.IncludeTimestamp = true;
            secBindingElement.SetKeyDerivation(false);
            //secBindingElement.RequireSignatureConfirmation = true;
            //secBindingElement.AllowInsecureTransport = true;

            //////////////////////////////////////////////////////////
            SecurityBindingElement ssbe = (SecurityBindingElement)secBindingElement;

            // Set the Custom IdentityVerifier
            //ssbe.LocalClientSettings.IdentityVerifier = new Common.CustomIdentityVerifier();
            //////////////////////////////////////////////////////////


            X509SecurityTokenParameters protectTokenParameters = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.Thumbprint,
                SecurityTokenInclusionMode.Never);

            protectTokenParameters.X509ReferenceStyle = X509KeyIdentifierClauseType.Thumbprint;

            //X509SecurityTokenParameters protectTokenParameters = new X509SecurityTokenParameters(X509KeyIdentifierClauseType.IssuerSerial,
            //    SecurityTokenInclusionMode.Never);

            protectTokenParameters.RequireDerivedKeys = false;

            //protectTokenParameters.InclusionMode = SecurityTokenInclusionMode.Never;
            //protectTokenParameters.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient;

            secBindingElement.ProtectionTokenParameters = protectTokenParameters;

            UserNameSecurityTokenParameters userNameToken = new UserNameSecurityTokenParameters();
            userNameToken.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient;

            secBindingElement.EndpointSupportingTokenParameters.SignedEncrypted.Add(userNameToken);
            //secBindingElement.EndpointSupportingTokenParameters.Signed.Add(userNameToken);


            //secBindingElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12;
            secBindingElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;


            return secBindingElement;
        }
 protected UserNameSecurityTokenParameters(UserNameSecurityTokenParameters other)
     : base(other)
 {
     base.RequireDerivedKeys = false;
 }
 protected UserNameSecurityTokenParameters(UserNameSecurityTokenParameters other)
     : base(other)
 {
 }
		public void GetPropertySecurityCapabilities ()
		{
			ISecurityCapabilities c;
			RsaSecurityTokenParameters rsa =
				new RsaSecurityTokenParameters ();
			UserNameSecurityTokenParameters user =
				new UserNameSecurityTokenParameters ();
			X509SecurityTokenParameters x509 =
				new X509SecurityTokenParameters ();
			SecureConversationSecurityTokenParameters sc1 =
				new SecureConversationSecurityTokenParameters ();
			sc1.BootstrapSecurityBindingElement =
				new SymmetricSecurityBindingElement (); // empty
			SecureConversationSecurityTokenParameters sc2 =
				new SecureConversationSecurityTokenParameters ();
			sc2.BootstrapSecurityBindingElement =
				new SymmetricSecurityBindingElement (x509);
			SecureConversationSecurityTokenParameters sc3 =
				new SecureConversationSecurityTokenParameters ();
			sc3.BootstrapSecurityBindingElement =
				new AsymmetricSecurityBindingElement (null, x509);
			SecureConversationSecurityTokenParameters sc4 =
				new SecureConversationSecurityTokenParameters ();
			sc4.BootstrapSecurityBindingElement =
				new AsymmetricSecurityBindingElement (x509, null);

			// no parameters
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement ());
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				false, false, false, c, "#1");

			// x509 parameters for both
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (x509));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, true, c, "#2");

			// no initiator parameters
			c = GetSecurityCapabilities (
				new AsymmetricSecurityBindingElement (x509, null));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				false, false, true, c, "#3");

			// no recipient parameters
			c = GetSecurityCapabilities (
				new AsymmetricSecurityBindingElement (null, x509));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, false, c, "#4");

			// initiator does not support identity
			c = GetSecurityCapabilities (
				new AsymmetricSecurityBindingElement (x509, rsa));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, false, true, c, "#5");

			// recipient does not support server auth
			c = GetSecurityCapabilities (
				new AsymmetricSecurityBindingElement (user, x509));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, false, c, "#6");

			// secureconv with no symm. bootstrap params
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (sc1));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				false, false, false, c, "#7");

			// secureconv with x509 symm. bootstrap params
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (sc2));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, true, c, "#8");

			// secureconv with x509 initiator bootstrap params
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (sc3));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				true, true, false, c, "#9");

			// secureconv with x509 recipient bootstrap params
			c = GetSecurityCapabilities (
				new SymmetricSecurityBindingElement (sc4));
			AssertSecurityCapabilities (
				ProtectionLevel.EncryptAndSign,
				ProtectionLevel.EncryptAndSign,
				false, false, true, c, "#10");

			// FIXME: find out such cases that returns other ProtectionLevel values.
		}
        /// <summary>
        /// 
        /// </summary>
        /// <param name="accountCredentials"></param>
        /// <returns>A disposable object you should wrap in using() statement</returns>
        public static DocuSignWeb.APIServiceSoap CreateApiProxy(AccountCredentials accountCredentials)
        {
            #if true
            // the envelope is finally constructed we are ready to send it in
            DocuSignWeb.APIServiceSoapClient apiService = new DocuSignWeb.APIServiceSoapClient("APIServiceSoap", accountCredentials.ApiUrl);

            apiService.ClientCredentials.UserName.UserName = accountCredentials.UserName;
            apiService.ClientCredentials.UserName.Password = accountCredentials.Password;

            return apiService;

            #else       // this is a security token configuration
            // this is required for certain calls like RequestRecipientToken
            // you need to get a certificate from Thawte or VeriSign first and install it
            DocuSignWeb.APIServiceSoapClient apiService = new DocuSignWeb.APIServiceSoapClient("APIServiceSoap1", accountCredentials.ApiUrl);
            apiService.ClientCredentials.UserName.UserName = "******"+ConfigurationManager.AppSettings["IntegratorsKey"]+"]"+ConfigurationManager.AppSettings["APIUserEmail"];
            apiService.ClientCredentials.UserName.Password = ConfigurationManager.AppSettings["Password"];

            //
            // need to add the supporting token since DocuSign uses dual authentication for
            // for critical calls
            CustomBinding binding = (CustomBinding)apiService.Endpoint.Binding;
            BindingElementCollection elements = binding.CreateBindingElements();
            SecurityBindingElement security = elements.Find<SecurityBindingElement>();
            UserNameSecurityTokenParameters tokenParameters = new UserNameSecurityTokenParameters();
            tokenParameters.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient;
            tokenParameters.RequireDerivedKeys = false;
            security.EndpointSupportingTokenParameters.SignedEncrypted.Add(
              tokenParameters);
            apiService.Endpoint.Binding = new CustomBinding(elements.ToArray()); ;
            return apiService;
            #endif
        }
 public virtual XmlElement CreateWsspUsernameTokenAssertion(MetadataExporter exporter, UserNameSecurityTokenParameters parameters)
 {
     XmlElement tokenAssertion = this.CreateWsspAssertion("UsernameToken");
     this.SetIncludeTokenValue(tokenAssertion, parameters.InclusionMode);
     tokenAssertion.AppendChild(this.CreateWspPolicyWrapper(exporter, new XmlElement[] { this.CreateWsspAssertion("WssUsernameToken10") }));
     return tokenAssertion;
 }
 public virtual bool TryImportWsspUsernameTokenAssertion(MetadataImporter importer, XmlElement assertion, out SecurityTokenParameters parameters)
 {
     SecurityTokenInclusionMode mode;
     parameters = null;
     if (this.IsWsspAssertion(assertion, "UsernameToken") && this.TryGetIncludeTokenValue(assertion, out mode))
     {
         Collection<Collection<XmlElement>> collection;
         if (this.TryGetNestedPolicyAlternatives(importer, assertion, out collection))
         {
             foreach (Collection<XmlElement> collection2 in collection)
             {
                 if (this.TryImportWsspAssertion(collection2, "WssUsernameToken10") && (collection2.Count == 0))
                 {
                     parameters = new UserNameSecurityTokenParameters();
                     parameters.InclusionMode = mode;
                     break;
                 }
             }
         }
         else
         {
             parameters = new UserNameSecurityTokenParameters();
             parameters.InclusionMode = mode;
         }
     }
     return (parameters != null);
 }
 protected UserNameSecurityTokenParameters(UserNameSecurityTokenParameters other)
 {
   Contract.Ensures(!this.RequireDerivedKeys);
 }
 protected UserNameSecurityTokenParameters(UserNameSecurityTokenParameters other)
     : base(other)
 {
     base.RequireDerivedKeys = false;
 }
 protected UserNameSecurityTokenParameters(UserNameSecurityTokenParameters other)
 {
     Contract.Ensures(!this.RequireDerivedKeys);
 }
		protected UserNameSecurityTokenParameters (UserNameSecurityTokenParameters source)
			: base (source)
		{
		}
Esempio n. 15
0
 protected UserNameSecurityTokenParameters(UserNameSecurityTokenParameters source)
     : base(source)
 {
 }