public static TotalItemsCountEstimate ReadFrom(XmlDictionaryReader reader)
{
reader.ReadStartElement(ElementName, ManagementNamespaces.Namespace);
int value = XmlConvert.ToInt32(reader.ReadString());
TotalItemsCountEstimate result = new TotalItemsCountEstimate(value);
reader.ReadEndElement();
return result;
}
protected override void ReadAdditionalElements(XmlDictionaryReader reader)
{
if (reader.IsStartElement(System.ServiceModel.Security.ReferenceList.ElementName, EncryptedType.NamespaceUri))
{
this.referenceList = new System.ServiceModel.Security.ReferenceList();
this.referenceList.ReadFrom(reader);
}
if (reader.IsStartElement(CarriedKeyElementName, EncryptedType.NamespaceUri))
{
reader.ReadStartElement(CarriedKeyElementName, EncryptedType.NamespaceUri);
this.carriedKeyName = reader.ReadString();
reader.ReadEndElement();
}
}
public override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore(XmlDictionaryReader reader)
{
string encryptionMethod = null;
string carriedKeyName = null;
SecurityKeyIdentifier encryptingKeyIdentifier = null;
byte[] encryptedKey = null;
reader.ReadStartElement(XD.XmlEncryptionDictionary.EncryptedKey, this.NamespaceUri);
if (reader.IsStartElement(XD.XmlEncryptionDictionary.EncryptionMethod, this.NamespaceUri))
{
encryptionMethod = reader.GetAttribute(XD.XmlEncryptionDictionary.AlgorithmAttribute, null);
bool isEmptyElement = reader.IsEmptyElement;
reader.ReadStartElement();
if (!isEmptyElement)
{
while (reader.IsStartElement())
{
reader.Skip();
}
reader.ReadEndElement();
}
}
if (this.tokenSerializer.CanReadKeyIdentifier(reader))
{
encryptingKeyIdentifier = this.tokenSerializer.ReadKeyIdentifier(reader);
}
reader.ReadStartElement(XD.XmlEncryptionDictionary.CipherData, this.NamespaceUri);
reader.ReadStartElement(XD.XmlEncryptionDictionary.CipherValue, this.NamespaceUri);
encryptedKey = reader.ReadContentAsBase64();
reader.ReadEndElement();
reader.ReadEndElement();
if (reader.IsStartElement(XD.XmlEncryptionDictionary.CarriedKeyName, this.NamespaceUri))
{
reader.ReadStartElement();
carriedKeyName = reader.ReadString();
reader.ReadEndElement();
}
reader.ReadEndElement();
return new EncryptedKeyIdentifierClause(encryptedKey, encryptionMethod, encryptingKeyIdentifier, carriedKeyName);
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
if (!reader.IsStartElement(samlDictionary.Audience, samlDictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.AudienceRestrictionCondition.Value })));
}
reader.MoveToContent();
string str = reader.ReadString();
if (string.IsNullOrEmpty(str))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAudienceRestrictionInvalidAudienceValueOnRead")));
}
this.audiences.Add(new Uri(str));
reader.MoveToContent();
reader.ReadEndElement();
}
if (this.audiences.Count == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAudienceRestrictionShouldHaveOneAudienceOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (reader.IsStartElement(samlDictionary.Action, samlDictionary.Namespace))
{
this.ns = reader.GetAttribute(samlDictionary.ActionNamespaceAttribute, null);
reader.MoveToContent();
this.action = reader.ReadString();
if (string.IsNullOrEmpty(this.action))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLActionNameRequiredOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
this.name = reader.GetAttribute(dictionary.AttributeName, null);
if (string.IsNullOrEmpty(this.name))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeMissingNameAttributeOnRead)));
this.nameSpace = reader.GetAttribute(dictionary.AttributeNamespace, null);
if (string.IsNullOrEmpty(this.nameSpace))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeMissingNamespaceAttributeOnRead)));
this.claimType = string.IsNullOrEmpty(this.nameSpace) ? this.name : this.nameSpace + "/" + this.name;
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement(dictionary.AttributeValue, dictionary.Namespace))
{
// We will load all Attributes as a string value by default.
string attrValue = reader.ReadString();
this.attributeValues.Add(attrValue);
reader.MoveToContent();
reader.ReadEndElement();
}
if (this.attributeValues.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeShouldHaveOneValue)));
reader.MoveToContent();
reader.ReadEndElement();
}
public override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore( XmlDictionaryReader reader )
{
reader.ReadStartElement( XD.XmlSignatureDictionary.KeyValue, NamespaceUri );
reader.ReadStartElement( XD.XmlSignatureDictionary.RsaKeyValue, NamespaceUri );
reader.ReadStartElement( XD.XmlSignatureDictionary.Modulus, NamespaceUri );
byte[] modulus = Convert.FromBase64String( reader.ReadString() );
reader.ReadEndElement();
reader.ReadStartElement( XD.XmlSignatureDictionary.Exponent, NamespaceUri );
byte[] exponent = Convert.FromBase64String( reader.ReadString() );
reader.ReadEndElement();
reader.ReadEndElement();
reader.ReadEndElement();
RSA rsa = new RSACryptoServiceProvider();
RSAParameters rsaParameters = new RSAParameters();
rsaParameters.Modulus = modulus;
rsaParameters.Exponent = exponent;
rsa.ImportParameters( rsaParameters );
return new RsaKeyIdentifierClause( rsa );
}
public override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore( XmlDictionaryReader reader )
{
reader.ReadStartElement( XD.XmlSignatureDictionary.KeyName, NamespaceUri );
string name = reader.ReadString();
reader.ReadEndElement();
return new KeyNameIdentifierClause( name );
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
if (!reader.IsStartElement(samlDictionary.AssertionIdReference, samlDictionary.Namespace))
{
if (!reader.IsStartElement(samlDictionary.Assertion, samlDictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.Evidence.Value })));
}
SamlAssertion item = new SamlAssertion();
item.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.assertions.Add(item);
}
else
{
reader.MoveToContent();
this.assertionIdReferences.Add(reader.ReadString());
reader.ReadEndElement();
continue;
}
}
if ((this.assertionIdReferences.Count == 0) && (this.assertions.Count == 0))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLEvidenceShouldHaveOneAssertionOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
this.name = reader.GetAttribute(samlDictionary.AttributeName, null);
if (string.IsNullOrEmpty(this.name))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAttributeMissingNameAttributeOnRead")));
}
this.nameSpace = reader.GetAttribute(samlDictionary.AttributeNamespace, null);
if (string.IsNullOrEmpty(this.nameSpace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAttributeMissingNamespaceAttributeOnRead")));
}
this.claimType = string.IsNullOrEmpty(this.nameSpace) ? this.name : (this.nameSpace + "/" + this.name);
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement(samlDictionary.AttributeValue, samlDictionary.Namespace))
{
string item = reader.ReadString();
this.attributeValues.Add(item);
reader.MoveToContent();
reader.ReadEndElement();
}
if (this.attributeValues.Count == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAttributeShouldHaveOneValue")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
public override void ReadExtensions( XmlDictionaryReader reader )
{
reader.MoveToContent();
if ( reader.IsStartElement( XmlEncryptionConstants.Elements.ReferenceList, XmlEncryptionConstants.Namespace ) )
{
reader.ReadStartElement();
// could have data or key references. these are the only two possible elements sec 3.6 xml enc.
// 3.6 The ReferenceList Element specifies there is a choice. Once one is chosen, it is fixed.
if ( reader.IsStartElement( XmlEncryptionConstants.Elements.DataReference, XmlEncryptionConstants.Namespace ) )
{
while ( reader.IsStartElement() )
{
if ( reader.IsStartElement( XmlEncryptionConstants.Elements.DataReference, XmlEncryptionConstants.Namespace ) )
{
string dataRef = reader.GetAttribute( XmlEncryptionConstants.Attributes.Uri );
if ( !string.IsNullOrEmpty( dataRef ) )
{
_dataReferences.Add( dataRef );
}
reader.Skip();
}
else if ( reader.IsStartElement( XmlEncryptionConstants.Elements.KeyReference, XmlEncryptionConstants.Namespace ) )
{
throw DiagnosticUtility.ThrowHelperXml( reader, SR.GetString( SR.ID4189 ) );
}
else
{
string xml = reader.ReadOuterXml();
if ( DiagnosticUtility.ShouldTraceWarning )
{
TraceUtility.TraceString( System.Diagnostics.TraceEventType.Warning, SR.GetString( SR.ID8024, reader.Name, reader.NamespaceURI, xml ) );
}
}
}
}
else if ( reader.IsStartElement( XmlEncryptionConstants.Elements.KeyReference, XmlEncryptionConstants.Namespace ) )
{
while ( reader.IsStartElement() )
{
if ( reader.IsStartElement( XmlEncryptionConstants.Elements.KeyReference, XmlEncryptionConstants.Namespace ) )
{
string keyRef = reader.GetAttribute( XmlEncryptionConstants.Attributes.Uri );
if ( !string.IsNullOrEmpty( keyRef ) )
{
_keyReferences.Add( keyRef );
}
reader.Skip();
}
else if ( reader.IsStartElement( XmlEncryptionConstants.Elements.DataReference, XmlEncryptionConstants.Namespace ) )
{
throw DiagnosticUtility.ThrowHelperXml( reader, SR.GetString( SR.ID4190 ) );
}
else
{
string xml = reader.ReadOuterXml();
if ( DiagnosticUtility.ShouldTraceWarning )
{
TraceUtility.TraceString( System.Diagnostics.TraceEventType.Warning, SR.GetString( SR.ID8024, reader.Name, reader.NamespaceURI, xml ) );
}
}
}
}
else
{
// there must be at least one reference.
throw DiagnosticUtility.ThrowHelperXml( reader, SR.GetString( SR.ID4191 ) );
}
reader.MoveToContent();
if ( reader.IsStartElement( XmlEncryptionConstants.Elements.CarriedKeyName, XmlEncryptionConstants.Namespace ) )
{
reader.ReadStartElement();
_carriedName = reader.ReadString();
reader.ReadEndElement();
}
// </ReferenceList>
reader.ReadEndElement();
}
}
public void ReadFrom(XmlDictionaryReader reader, DictionaryManager dictionaryManager)
{
reader.MoveToStartElement(dictionaryManager.XmlSignatureDictionary.DigestValue, dictionaryManager.XmlSignatureDictionary.Namespace);
this.prefix = reader.Prefix;
reader.Read();
reader.MoveToContent();
this.digestText = reader.ReadString();
this.digestValue = Convert.FromBase64String(this.digestText.Trim());
reader.MoveToContent();
reader.ReadEndElement();
}
// xml format
//<DerivedKeyToken wsu:Id="..." wsse:Algorithm="..."> id required, alg optional (curr disallowed)
// <SecurityTokenReference>...</SecurityTokenReference> - required
// <Properties>...</Properties> - disallowed (optional in spec, but we disallow it)
// choice begin - (schema requires a choice - we allow neither on read - we always write one)
// <Generation>...</Generation> - optional
// <Offset>...</Offset> - optional
// choice end
// <Length>...</Length> - optional - default 32 on read (default specified in spec, not in schema - we always write it)
// <Label>...</Label> - optional
// <Nonce>...</Nonce> - required (optional in spec, but we require it)
//</DerivedKeyToken>
public virtual void ReadDerivedKeyTokenParameters(XmlDictionaryReader reader, SecurityTokenResolver tokenResolver, out string id, out string derivationAlgorithm, out string label, out int length, out byte[] nonce, out int offset, out int generation, out SecurityKeyIdentifierClause tokenToDeriveIdentifier, out SecurityToken tokenToDerive)
{
if (tokenResolver == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenResolver");
}
id = reader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace);
derivationAlgorithm = reader.GetAttribute(XD.XmlSignatureDictionary.Algorithm, null);
if (derivationAlgorithm == null)
{
derivationAlgorithm = parent.DerivationAlgorithm;
}
reader.ReadStartElement();
tokenToDeriveIdentifier = null;
tokenToDerive = null;
if (reader.IsStartElement(XD.SecurityJan2004Dictionary.SecurityTokenReference, XD.SecurityJan2004Dictionary.Namespace))
{
tokenToDeriveIdentifier = parent.WSSecurityTokenSerializer.ReadKeyIdentifierClause(reader);
tokenResolver.TryResolveToken(tokenToDeriveIdentifier, out tokenToDerive);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyTokenRequiresTokenReference)));
}
// no support for properties
generation = -1;
if (reader.IsStartElement(parent.SerializerDictionary.Generation, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
generation = reader.ReadContentAsInt();
reader.ReadEndElement();
if (generation < 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyInvalidGenerationSpecified, generation)));
}
offset = -1;
if (reader.IsStartElement(parent.SerializerDictionary.Offset, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
offset = reader.ReadContentAsInt();
reader.ReadEndElement();
if (offset < 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.DerivedKeyInvalidOffsetSpecified, offset)));
}
length = DerivedKeySecurityToken.DefaultDerivedKeyLength;
if (reader.IsStartElement(parent.SerializerDictionary.Length, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
length = reader.ReadContentAsInt();
reader.ReadEndElement();
}
if ((offset == -1) && (generation == -1))
offset = 0;
// verify that the offset is not larger than the max allowed
DerivedKeySecurityToken.EnsureAcceptableOffset(offset, generation, length, this.maxKeyDerivationOffset);
label = null;
if (reader.IsStartElement(parent.SerializerDictionary.Label, parent.SerializerDictionary.Namespace))
{
reader.ReadStartElement();
label = reader.ReadString();
reader.ReadEndElement();
}
if (label != null && label.Length > this.maxKeyDerivationLabelLength)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.DerivedKeyTokenLabelTooLong, label.Length, this.maxKeyDerivationLabelLength)));
}
nonce = null;
reader.ReadStartElement(parent.SerializerDictionary.Nonce, parent.SerializerDictionary.Namespace);
nonce = reader.ReadContentAsBase64();
reader.ReadEndElement();
if (nonce != null && nonce.Length > this.maxKeyDerivationNonceLength)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.DerivedKeyTokenNonceTooLong, nonce.Length, this.maxKeyDerivationNonceLength)));
}
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer");
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(dictionary.NameIdentifier, dictionary.Namespace))
{
this.nameFormat = reader.GetAttribute(dictionary.NameIdentifierFormat, null);
this.nameQualifier = reader.GetAttribute(dictionary.NameIdentifierNameQualifier, null);
reader.MoveToContent();
this.name = reader.ReadString();
if (this.name == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLNameIdentifierMissingIdentifierValueOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
if (reader.IsStartElement(dictionary.SubjectConfirmation, dictionary.Namespace))
{
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement(dictionary.SubjectConfirmationMethod, dictionary.Namespace))
{
string method = reader.ReadString();
if (string.IsNullOrEmpty(method))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.SubjectConfirmationMethod.Value)));
this.confirmationMethods.Add(method);
reader.MoveToContent();
reader.ReadEndElement();
}
if (this.confirmationMethods.Count == 0)
{
// A SubjectConfirmaton clause should specify at least one
// ConfirmationMethod.
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectConfirmationClauseMissingConfirmationMethodOnRead)));
}
if (reader.IsStartElement(dictionary.SubjectConfirmationData, dictionary.Namespace))
{
reader.MoveToContent();
// An Authentication protocol specified in the confirmation method might need this
// data. Just store this content value as string.
this.confirmationData = reader.ReadString();
reader.MoveToContent();
reader.ReadEndElement();
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
if (reader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.KeyInfo, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
{
XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader);
this.securityKeyIdentifier = SamlSerializer.ReadSecurityKeyIdentifier(dictionaryReader, keyInfoSerializer);
this.crypto = SamlSerializer.ResolveSecurityKey(this.securityKeyIdentifier, outOfBandTokenResolver);
if (this.crypto == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SamlUnableToExtractSubjectKey)));
}
this.subjectToken = SamlSerializer.ResolveSecurityToken(this.securityKeyIdentifier, outOfBandTokenResolver);
}
if ((this.confirmationMethods.Count == 0) && (string.IsNullOrEmpty(name)))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectRequiresNameIdentifierOrConfirmationMethodOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
reader.MoveToContent();
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
// SAML Advice is an optional element and all its child elements are optional
// too. So we may have an empty saml:Advice element in the saml token.
if (reader.IsEmptyElement)
{
// Just issue a read for the empty element.
reader.MoveToContent();
reader.Read();
return;
}
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.AssertionIdReference, dictionary.Namespace))
{
reader.MoveToContent();
this.assertionIdReferences.Add(reader.ReadString());
reader.MoveToContent();
reader.ReadEndElement();
}
else if (reader.IsStartElement(dictionary.Assertion, dictionary.Namespace))
{
SamlAssertion assertion = new SamlAssertion();
assertion.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.assertions.Add(assertion);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.Advice.Value)));
}
}
reader.MoveToContent();
reader.ReadEndElement();
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Audience, dictionary.Namespace))
{
reader.MoveToContent();
string audience = reader.ReadString();
if (string.IsNullOrEmpty(audience))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAudienceRestrictionInvalidAudienceValueOnRead)));
this.audiences.Add(new Uri(audience));
reader.MoveToContent();
reader.ReadEndElement();
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.AudienceRestrictionCondition.Value)));
}
}
if (this.audiences.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAudienceRestrictionShouldHaveOneAudienceOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
/// <summary>
/// Deserializes a WCF claim.
/// </summary>
/// <param name="reader">XmlReader to the WCF Claim.</param>
/// <returns>Instance of <see cref="System.IdentityModel.Claims.Claim"/></returns>
private SysClaim DeserializeSysClaim(XmlDictionaryReader reader)
{
SessionDictionary dictionary = SessionDictionary.Instance;
if (reader.IsStartElement(dictionary.NullValue, dictionary.EmptyString))
{
reader.ReadElementString();
return null;
}
else if (reader.IsStartElement(dictionary.WindowsSidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] sidBytes = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Sid, new SecurityIdentifier(sidBytes, 0), right);
}
else if (reader.IsStartElement(dictionary.DenyOnlySidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] sidBytes = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.DenyOnlySid, new SecurityIdentifier(sidBytes, 0), right);
}
else if (reader.IsStartElement(dictionary.X500DistinguishedNameClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] rawData = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.X500DistinguishedName, new X500DistinguishedName(rawData), right);
}
else if (reader.IsStartElement(dictionary.X509ThumbprintClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] thumbprint = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Thumbprint, thumbprint, right);
}
else if (reader.IsStartElement(dictionary.NameClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string name = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Name, name, right);
}
else if (reader.IsStartElement(dictionary.DnsClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string dns = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Dns, dns, right);
}
else if (reader.IsStartElement(dictionary.RsaClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string rsaXml = reader.ReadString();
reader.ReadEndElement();
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.FromXmlString(rsaXml);
return new SysClaim(SysClaimTypes.Rsa, rsa, right);
}
else if (reader.IsStartElement(dictionary.MailAddressClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string address = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Email, new System.Net.Mail.MailAddress(address), right);
}
else if (reader.IsStartElement(dictionary.SystemClaim, dictionary.EmptyString))
{
reader.ReadElementString();
return SysClaim.System;
}
else if (reader.IsStartElement(dictionary.HashClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] hash = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Hash, hash, right);
}
else if (reader.IsStartElement(dictionary.SpnClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string spn = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Spn, spn, right);
}
else if (reader.IsStartElement(dictionary.UpnClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string upn = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Upn, upn, right);
}
else if (reader.IsStartElement(dictionary.UrlClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string url = reader.ReadString();
reader.ReadEndElement();
return new SysClaim(SysClaimTypes.Uri, new Uri(url), right);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4289, reader.LocalName, reader.NamespaceURI)));
}
}
public override string ReadString()
{
return(reader.ReadString());
}
public static Claim DeserializeClaim(XmlDictionaryReader reader, SctClaimDictionary dictionary, XmlObjectSerializer serializer)
{
if (reader.IsStartElement(dictionary.NullValue, dictionary.EmptyString))
{
reader.ReadElementString();
return null;
}
else if (reader.IsStartElement(dictionary.WindowsSidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] sidBytes = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Sid, new SecurityIdentifier(sidBytes, 0), right);
}
else if (reader.IsStartElement(dictionary.DenyOnlySidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] sidBytes = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.DenyOnlySid, new SecurityIdentifier(sidBytes, 0), right);
}
else if (reader.IsStartElement(dictionary.X500DistinguishedNameClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] rawData = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.X500DistinguishedName, new X500DistinguishedName(rawData), right);
}
else if (reader.IsStartElement(dictionary.X509ThumbprintClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] thumbprint = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Thumbprint, thumbprint, right);
}
else if (reader.IsStartElement(dictionary.NameClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string name = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Name, name, right);
}
else if (reader.IsStartElement(dictionary.DnsClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string dns = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Dns, dns, right);
}
else if (reader.IsStartElement(dictionary.RsaClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string rsaXml = reader.ReadString();
reader.ReadEndElement();
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.FromXmlString(rsaXml);
return new Claim(ClaimTypes.Rsa, rsa, right);
}
else if (reader.IsStartElement(dictionary.MailAddressClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string address = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Email, new System.Net.Mail.MailAddress(address), right);
}
else if (reader.IsStartElement(dictionary.SystemClaim, dictionary.EmptyString))
{
reader.ReadElementString();
return Claim.System;
}
else if (reader.IsStartElement(dictionary.HashClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] hash = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Hash, hash, right);
}
else if (reader.IsStartElement(dictionary.SpnClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string spn = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Spn, spn, right);
}
else if (reader.IsStartElement(dictionary.UpnClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string upn = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Upn, upn, right);
}
else if (reader.IsStartElement(dictionary.UrlClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string url = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Uri, new Uri(url), right);
}
else
{
return (Claim)serializer.ReadObject(reader);
}
}
public static FGSMSSoapHeaderTransactionThreadIdWCF ReadHeader(XmlDictionaryReader reader)
{
string t = reader.ReadString();
if (!String.IsNullOrEmpty(t))
{
FGSMSSoapHeaderTransactionThreadIdWCF item = new FGSMSSoapHeaderTransactionThreadIdWCF();
item.id = t;
return item;
}
return null;
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.AssertionIdReference, dictionary.Namespace))
{
reader.MoveToContent();
this.assertionIdReferences.Add(reader.ReadString());
reader.ReadEndElement();
}
else if (reader.IsStartElement(dictionary.Assertion, dictionary.Namespace))
{
SamlAssertion assertion = new SamlAssertion();
assertion.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.assertions.Add(assertion);
}
else
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.Evidence.Value)));
}
if ((this.assertionIdReferences.Count == 0) && (this.assertions.Count == 0))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLEvidenceShouldHaveOneAssertionOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
if (reader.IsStartElement(dictionary.Action, dictionary.Namespace))
{
// The Namespace attribute is optional.
this.ns = reader.GetAttribute(dictionary.ActionNamespaceAttribute, null);
reader.MoveToContent();
this.action = reader.ReadString();
if (string.IsNullOrEmpty(this.action))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLActionNameRequiredOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
}
public void ReadFrom(XmlDictionaryReader reader, DictionaryManager dictionaryManager)
{
reader.MoveToStartElement(dictionaryManager.XmlSignatureDictionary.SignatureValue, dictionaryManager.XmlSignatureDictionary.Namespace);
this.prefix = reader.Prefix;
this.Id = reader.GetAttribute("Id", null);
reader.Read();
this.signatureText = reader.ReadString();
this.signatureValue = Convert.FromBase64String(this.signatureText.Trim());
reader.ReadEndElement();
}
public static Claim DeserializeClaim(XmlDictionaryReader reader, SctClaimDictionary dictionary, XmlObjectSerializer serializer)
{
if (reader.IsStartElement(dictionary.NullValue, dictionary.EmptyString))
{
reader.ReadElementString();
return null;
}
if (reader.IsStartElement(dictionary.WindowsSidClaim, dictionary.EmptyString))
{
string right = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] binaryForm = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Sid, new SecurityIdentifier(binaryForm, 0), right);
}
if (reader.IsStartElement(dictionary.DenyOnlySidClaim, dictionary.EmptyString))
{
string str2 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] buffer2 = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.DenyOnlySid, new SecurityIdentifier(buffer2, 0), str2);
}
if (reader.IsStartElement(dictionary.X500DistinguishedNameClaim, dictionary.EmptyString))
{
string str3 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] encodedDistinguishedName = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.X500DistinguishedName, new X500DistinguishedName(encodedDistinguishedName), str3);
}
if (reader.IsStartElement(dictionary.X509ThumbprintClaim, dictionary.EmptyString))
{
string str4 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] resource = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Thumbprint, resource, str4);
}
if (reader.IsStartElement(dictionary.NameClaim, dictionary.EmptyString))
{
string str5 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string str6 = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Name, str6, str5);
}
if (reader.IsStartElement(dictionary.DnsClaim, dictionary.EmptyString))
{
string str7 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string str8 = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Dns, str8, str7);
}
if (reader.IsStartElement(dictionary.RsaClaim, dictionary.EmptyString))
{
string str9 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string xmlString = reader.ReadString();
reader.ReadEndElement();
RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
provider.FromXmlString(xmlString);
return new Claim(ClaimTypes.Rsa, provider, str9);
}
if (reader.IsStartElement(dictionary.MailAddressClaim, dictionary.EmptyString))
{
string str11 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string address = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Email, new MailAddress(address), str11);
}
if (reader.IsStartElement(dictionary.SystemClaim, dictionary.EmptyString))
{
reader.ReadElementString();
return Claim.System;
}
if (reader.IsStartElement(dictionary.HashClaim, dictionary.EmptyString))
{
string str13 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
byte[] buffer5 = reader.ReadContentAsBase64();
reader.ReadEndElement();
return new Claim(ClaimTypes.Hash, buffer5, str13);
}
if (reader.IsStartElement(dictionary.SpnClaim, dictionary.EmptyString))
{
string str14 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string str15 = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Spn, str15, str14);
}
if (reader.IsStartElement(dictionary.UpnClaim, dictionary.EmptyString))
{
string str16 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string str17 = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Upn, str17, str16);
}
if (reader.IsStartElement(dictionary.UrlClaim, dictionary.EmptyString))
{
string str18 = ReadRightAttribute(reader, dictionary);
reader.ReadStartElement();
string uriString = reader.ReadString();
reader.ReadEndElement();
return new Claim(ClaimTypes.Uri, new Uri(uriString), str18);
}
return (Claim) serializer.ReadObject(reader);
}
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer");
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(samlDictionary.NameIdentifier, samlDictionary.Namespace))
{
this.nameFormat = reader.GetAttribute(samlDictionary.NameIdentifierFormat, null);
this.nameQualifier = reader.GetAttribute(samlDictionary.NameIdentifierNameQualifier, null);
reader.MoveToContent();
this.name = reader.ReadString();
if (this.name == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLNameIdentifierMissingIdentifierValueOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
if (reader.IsStartElement(samlDictionary.SubjectConfirmation, samlDictionary.Namespace))
{
reader.MoveToContent();
reader.Read();
while (reader.IsStartElement(samlDictionary.SubjectConfirmationMethod, samlDictionary.Namespace))
{
string str = reader.ReadString();
if (string.IsNullOrEmpty(str))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.SubjectConfirmationMethod.Value })));
}
this.confirmationMethods.Add(str);
reader.MoveToContent();
reader.ReadEndElement();
}
if (this.confirmationMethods.Count == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLSubjectConfirmationClauseMissingConfirmationMethodOnRead")));
}
if (reader.IsStartElement(samlDictionary.SubjectConfirmationData, samlDictionary.Namespace))
{
reader.MoveToContent();
this.confirmationData = reader.ReadString();
reader.MoveToContent();
reader.ReadEndElement();
}
if (reader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.KeyInfo, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
{
XmlDictionaryReader reader2 = XmlDictionaryReader.CreateDictionaryReader(reader);
this.securityKeyIdentifier = SamlSerializer.ReadSecurityKeyIdentifier(reader2, keyInfoSerializer);
this.crypto = SamlSerializer.ResolveSecurityKey(this.securityKeyIdentifier, outOfBandTokenResolver);
if (this.crypto == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SamlUnableToExtractSubjectKey")));
}
this.subjectToken = SamlSerializer.ResolveSecurityToken(this.securityKeyIdentifier, outOfBandTokenResolver);
}
if ((this.confirmationMethods.Count == 0) && string.IsNullOrEmpty(this.name))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLSubjectRequiresNameIdentifierOrConfirmationMethodOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
reader.MoveToContent();
reader.ReadEndElement();
}
public static LinkItem ReadLinkItem(XmlDictionaryReader reader)
{
LinkItem linkItem = new LinkItem();
if (reader.IsStartElement("Id", ns))
{
reader.MoveToContent();
linkItem.Id = int.Parse(reader.ReadString());
reader.MoveToContent();
reader.ReadEndElement();
}
else
throw new XmlException("ExpectedElementMissing: Id element was expected.");
if (reader.IsStartElement("Title", ns))
{
reader.MoveToContent();
linkItem.Title = reader.ReadString();
reader.MoveToContent();
reader.ReadEndElement();
}
else
throw new XmlException("ExpectedElementMissing: Title element was expected.");
if (reader.IsStartElement("Description", ns ))
{
reader.MoveToContent();
linkItem.Description = reader.ReadString();
reader.MoveToContent();
reader.ReadEndElement();
}
else
throw new XmlException("ExpectedElementMissing: Description element was expected.");
if (reader.IsStartElement("DateStart", ns))
{
reader.MoveToContent();
reader.Read();
linkItem.DateStart = reader.ReadContentAsDateTime();
reader.MoveToContent();
reader.ReadEndElement();
}
else
throw new XmlException("ExpectedElementMissing: DateStart element was expected.");
if (reader.IsStartElement("DateEnd", ns))
{
reader.MoveToContent();
reader.Read();
linkItem.DateEnd = reader.ReadContentAsDateTime();
reader.MoveToContent();
reader.ReadEndElement();
}
// optional
if (reader.IsStartElement("Url", ns))
{
reader.MoveToContent();
linkItem.Url = reader.ReadString();
reader.MoveToContent();
reader.ReadEndElement();
}
else
throw new XmlException("ExpectedElementMissing: Url element was expected.");
return linkItem;
}
