public void GetTokenWithoutProtectionTokenParameters() { IssuedSecurityTokenProvider p = SetupProvider(CreateIssuerBinding(null, false)); try { p.Open(); p.GetToken(TimeSpan.FromSeconds(10)); } finally { if (p.State == CommunicationState.Opened) { p.Close(); } } }
public void GetTokenUnsignedReply() { IssuedSecurityTokenProvider p = SetupProvider(CreateIssuerBinding(new RequestSender(OnGetTokenUnsignedReply), true)); try { p.Open(TimeSpan.FromSeconds(5)); p.GetToken(TimeSpan.FromSeconds(10)); } finally { if (p.State == CommunicationState.Opened) { p.Close(); } } }
public void GetTokenNoSecureBinding() { IssuedSecurityTokenProvider p = SetupProvider(new BasicHttpBinding()); try { p.Open(); p.GetToken(TimeSpan.FromSeconds(10)); } finally { if (p.State == CommunicationState.Opened) { p.Close(); } } }
public static void Main() { IssuedSecurityTokenProvider p = new IssuedSecurityTokenProvider(); p.SecurityTokenSerializer = WSSecurityTokenSerializer.DefaultInstance; p.IssuerAddress = new EndpointAddress("http://localhost:8080"); WSHttpBinding binding = new WSHttpBinding(); //binding.Security.Mode = SecurityMode.Message; p.IssuerBinding = binding; p.SecurityAlgorithmSuite = SecurityAlgorithmSuite.Default; p.TargetAddress = new EndpointAddress("http://localhost:8080"); p.Open(); p.GetToken(TimeSpan.FromSeconds(10)); p.Close(); }
public void GetTokenWithoutServiceCertificate() { IssuedSecurityTokenProvider p = SetupProvider(CreateIssuerBinding(null, true)); p.IssuerAddress = new EndpointAddress("stream:dummy"); try { p.Open(TimeSpan.FromSeconds(5)); p.GetToken(TimeSpan.FromSeconds(10)); } finally { if (p.State == CommunicationState.Opened) { p.Close(); } } }
public static void Main(string [] args) { bool no_nego = false, no_sc = false; foreach (string arg in args) { if (arg == "--no-nego") { no_nego = true; } else if (arg == "--no-sc") { no_sc = true; } else { Console.WriteLine("Unrecognized option '{0}'", arg); return; } } X509Certificate2 cert = new X509Certificate2("test.pfx", "mono"); IssuedSecurityTokenProvider p = new IssuedSecurityTokenProvider(); p.IssuerAddress = new EndpointAddress(new Uri("http://localhost:8080"), new X509CertificateEndpointIdentity(cert)); p.TargetAddress = new EndpointAddress("http://localhost:8080"); WSHttpBinding binding = new WSHttpBinding(); // the following lines are required to not depend on // MessageCredentialType.Windows (which uses SSPI). binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate; ClientCredentials cred = new ClientCredentials(); cred.ClientCertificate.Certificate = cert; cred.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None; p.IssuerChannelBehaviors.Add(cred); if (no_sc) { binding.Security.Message.EstablishSecurityContext = false; } if (no_nego) { binding.Security.Message.NegotiateServiceCredential = false; } p.IssuerBinding = binding; p.SecurityTokenSerializer = new WSSecurityTokenSerializer(); p.SecurityAlgorithmSuite = SecurityAlgorithmSuite.Default; p.KeyEntropyMode = SecurityKeyEntropyMode.ClientEntropy; p.Open(); SecurityToken token = p.GetToken(TimeSpan.FromSeconds(10)); p.Close(); XmlWriter writer = XmlWriter.Create(Console.Out); new ClientCredentialsSecurityTokenManager(cred).CreateSecurityTokenSerializer(MessageSecurityVersion.Default.SecurityTokenVersion).WriteToken(writer, token); writer.Close(); }
public static eHtalkMessage GetResponseSync(eHtalkMessage msg, X509Certificate2 extInterfaCertificate, string esbEndpoint, string relyingParty, string identityProviderURL, X509Certificate2 userCertificate, string wsaddressingTo, Stopwatch stopw) { #if !CC IssuedSecurityTokenProvider provider = new IssuedSecurityTokenProvider(); provider.SecurityTokenSerializer = new WSSecurityTokenSerializer(); provider.TargetAddress = new EndpointAddress(new Uri(relyingParty), new AddressHeader[0]); provider.IssuerAddress = new EndpointAddress(new Uri(identityProviderURL), new AddressHeader[0]); provider.SecurityAlgorithmSuite = SecurityAlgorithmSuite.Basic256; provider.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; ClientCredentials credentials = new ClientCredentials { ClientCertificate = { Certificate = userCertificate } }; provider.IssuerChannelBehaviors.Add(credentials); HttpsTransportBindingElement tbe = new HttpsTransportBindingElement { AuthenticationScheme = AuthenticationSchemes.Digest, RequireClientCertificate = true, KeepAliveEnabled = false }; CustomBinding stsBinding = new CustomBinding(new BindingElement[] { tbe }); provider.IssuerBinding = stsBinding; provider.Open(); var token = provider.GetToken(TimeSpan.FromSeconds(30.0)) as GenericXmlSecurityToken; #endif #if CC var cc = new EhealthCryptoController(); var token = cc.GetSamlTokenForHealthProfessional(relyingParty); #endif if (token == null) { throw new ApplicationException("No AT token received"); } Console.WriteLine(string.Format("Ziskany AT token in {0}", stopw.ElapsedMilliseconds)); CustomBinding binding = new CustomBinding(); SecurityBindingElement sbe = SecurityBindingElement.CreateIssuedTokenForCertificateBindingElement(new IssuedSecurityTokenParameters() { RequireDerivedKeys = true, KeyType = SecurityKeyType.SymmetricKey }); sbe.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10; sbe.SecurityHeaderLayout = SecurityHeaderLayout.Strict; sbe.IncludeTimestamp = true; //sbe.AllowInsecureTransport = true; sbe.SetKeyDerivation(true); sbe.KeyEntropyMode = SecurityKeyEntropyMode.ClientEntropy; binding.Elements.Add(sbe); binding.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap12WSAddressing10, System.Text.Encoding.UTF8)); binding.Elements.Add(new HttpsTransportBindingElement() { RequireClientCertificate = true, KeepAliveEnabled = true }); var regEx = new Regex(@"https?://([^/]+)"); var dnsIdentity = regEx.Match(wsaddressingTo).Groups[1].Captures[0].Value; var channelFactory = new ChannelFactory <IeHealthSyncService>(binding, new EndpointAddress( new Uri(wsaddressingTo), new DnsEndpointIdentity(dnsIdentity), new AddressHeader[] { })); channelFactory.Credentials.SupportInteractive = false; channelFactory.Credentials.ClientCertificate.Certificate = userCertificate; channelFactory.Credentials.ServiceCertificate.DefaultCertificate = extInterfaCertificate; channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None; channelFactory.ConfigureChannelFactory <IeHealthSyncService>(); channelFactory.Endpoint.Behaviors.Add(new ClientViaBehavior(new Uri(esbEndpoint))); var channel = channelFactory.CreateChannelWithIssuedToken(token); Console.WriteLine(string.Format("vytvoreny kanal: {0}", stopw.ElapsedMilliseconds)); var stopw1 = new Stopwatch(); eHtalkMessage data = null; int wait = 1; for (int i = 0; i < 20; i++) { stopw1.Reset(); stopw1.Start(); msg.Header.MessageInfo.MessageID = Guid.NewGuid().ToString("D"); Debug.WriteLine("Start calling", "MyCustom"); try { data = channel.GetData(msg); } catch (CommunicationException ex) { data = channel.GetData(msg); } Console.WriteLine(string.Format("po {1} sekundach: {0}", stopw1.ElapsedMilliseconds, wait)); Thread.Sleep(wait * 1000); wait = wait * 2; } return(data); }
/// <summary> /// CacheSecurityTokenProvider /// </summary> public CacheSecurityTokenProvider(SecurityTokenRequirement requirement, IssuedSecurityTokenProvider federatedSecurityTokenProvider) : base( ) { innerProvider = federatedSecurityTokenProvider; innerProvider.Open(); }