public static StsTokenServiceConfiguration CreateConfiguration(Configuration wscConfiguration)
{
var tokenServiceConfiguration = new StsTokenServiceConfiguration
{
ClientCertificate = CertificateUtil.GetCertificate(wscConfiguration.ClientCertificate),
StsCertificate = CertificateUtil.GetCertificate(wscConfiguration.StsCertificate),
SendTimeout = wscConfiguration.DebugMode ? TimeSpan.FromDays(1) : (TimeSpan?)null,
StsEndpointAddress = wscConfiguration.StsEndpointAddress,
TokenLifeTimeInMinutes = wscConfiguration.TokenLifeTimeInMinutes,
WspEndpointId = wscConfiguration.WspEndpointID
};
if (wscConfiguration.CacheClockSkewInSeconds.HasValue)
{
tokenServiceConfiguration.CacheClockSkew =
TimeSpan.FromSeconds((double)wscConfiguration.CacheClockSkewInSeconds);
}
return(tokenServiceConfiguration);
}
public void StsEndpointAddressMissingInConfigurationTest()
{
// Arrange
var tokenServiceConfiguration = new StsTokenServiceConfiguration();
tokenServiceConfiguration.ClientCertificate = new X509Certificate2();
tokenServiceConfiguration.StsCertificate = new X509Certificate2();
tokenServiceConfiguration.WspEndpointId = "https://saml.nnit001.dmz.inttest";
// Act
try
{
new StsTokenServiceCache(tokenServiceConfiguration);
Assert.Fail("Should fail due to wrong configuration");
}
// Assert
catch (ArgumentException e)
{
Assert.AreEqual("StsEndpointAddress", e.Message);
}
}
public void WspEndpointIDMissingInConfigurationTest()
{
// Arrange
var tokenServiceConfiguration = new StsTokenServiceConfiguration();
tokenServiceConfiguration.ClientCertificate = new X509Certificate2();
tokenServiceConfiguration.StsCertificate = new X509Certificate2();
tokenServiceConfiguration.StsEndpointAddress =
"https://SecureTokenService.test-nemlog-in.dk/SecurityTokenService.svc";
// Act
try
{
new StsTokenServiceCache(tokenServiceConfiguration);
Assert.Fail("Should fail due to wrong configuration");
}
// Assert
catch (ArgumentException e)
{
Assert.AreEqual("WspEndpointId", e.Message);
}
}
/// <summary>
/// Used in the signature case scenario
/// </summary>
public OioIdwsClient(OioIdwsClientSettings settings)
{
Settings = settings;
if (settings == null)
{
throw new ArgumentNullException(nameof(settings));
}
if (settings.ClientCertificate == null)
{
throw new ArgumentNullException(nameof(settings.ClientCertificate));
}
if (!settings.ClientCertificate.HasPrivateKey)
{
throw new ArgumentException("You must have access to the private key of the ClientCertificate", nameof(settings.ClientCertificate));
}
if (settings.SecurityTokenService == null)
{
throw new ArgumentNullException(nameof(settings.SecurityTokenService));
}
if (settings.SecurityTokenService.Certificate == null)
{
throw new ArgumentNullException(nameof(settings.SecurityTokenService.Certificate), "Certificate for the SecurityTokenService must be set");
}
var tokenServiceConfiguration = new StsTokenServiceConfiguration
{
ClientCertificate = Settings.ClientCertificate,
StsCertificate = Settings.SecurityTokenService.Certificate,
StsEndpointAddress = Settings.SecurityTokenService.EndpointAddress.ToString(),
TokenLifeTimeInMinutes = (int?)Settings.SecurityTokenService.TokenLifeTime.GetValueOrDefault().TotalMinutes,
SendTimeout = Settings.SecurityTokenService.SendTimeout,
WspEndpointId = Settings.AudienceUri.ToString()
};
if (settings.SecurityTokenService.CacheClockSkew.HasValue)
{
tokenServiceConfiguration.CacheClockSkew = settings.SecurityTokenService.CacheClockSkew.Value;
}
if (settings.SecurityTokenService.UseTokenCache)
{
_stsTokenService = new StsTokenServiceCache(tokenServiceConfiguration);
}
else
{
_stsTokenService = new StsTokenService(tokenServiceConfiguration);
}
if (settings.UseTokenCache)
{
_accessTokenService = new AccessTokenServiceCache(this);
}
else
{
_accessTokenService = new AccessTokenService(Settings);
}
}
