private static void ChallengeCertificate(IdentityManager.CredentialRequestInfos credentialRequestInfos, Action <IdentityManager.Credential, Exception> callback) { var store = new X509Store(StoreName.My, StoreLocation.CurrentUser); X509Certificate2Collection certificates; try { const string clientAuthOid = "1.3.6.1.5.5.7.3.2"; // Client Authentication OID store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); // Find Client Authentication certificate certificates = store.Certificates.Find(X509FindType.FindByApplicationPolicy, clientAuthOid, true); // todo true); } catch (Exception) { certificates = null; } finally { store.Close(); } if (certificates != null && certificates.Count >= 1) { // Let the user select/validate the certificate string url = credentialRequestInfos.Url; string resourceName = GetResourceName(url); IdentityManager.ServerInfo serverInfo = IdentityManager.Current.FindServerInfo(url); string server = serverInfo == null?Regex.Match(url, "http.?//[^/]*").ToString() : serverInfo.ServerUrl; string message = string.Format(Properties.Resources.SignInDialog_CertificateRequired, resourceName, server); // certicate required to access {0} on {1} certificates = X509Certificate2UI.SelectFromCollection(certificates, null, message, X509SelectionFlag.SingleSelection); } IdentityManager.Credential credential = null; Exception error = null; if (certificates != null && certificates.Count > 0) { credential = new IdentityManager.Credential { ClientCertificate = certificates[0] }; } else { // Note : Error type is not that important since the error returned to the user is the initial HTTP error (Authorization Error) error = new System.Security.Authentication.AuthenticationException(); } callback(credential, error); }
private static void ChallengeCertificate(IdentityManager.CredentialRequestInfos credentialRequestInfos, Action<IdentityManager.Credential, Exception> callback) { var store = new X509Store(StoreName.My, StoreLocation.CurrentUser); X509Certificate2Collection certificates; try { const string clientAuthOid = "1.3.6.1.5.5.7.3.2"; // Client Authentication OID store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); // Find Client Authentication certificate certificates = store.Certificates.Find(X509FindType.FindByApplicationPolicy, clientAuthOid, true); // todo true); } catch (Exception) { certificates = null; } finally { store.Close(); } if (certificates != null && certificates.Count >= 1) { // Let the user select/validate the certificate string url = credentialRequestInfos.Url; string resourceName = GetResourceName(url); IdentityManager.ServerInfo serverInfo = IdentityManager.Current.FindServerInfo(url); string server = serverInfo == null ? Regex.Match(url, "http.?//[^/]*").ToString() : serverInfo.ServerUrl; string message = string.Format(Properties.Resources.SignInDialog_CertificateRequired, resourceName, server); // certicate required to access {0} on {1} certificates = X509Certificate2UI.SelectFromCollection(certificates, null, message, X509SelectionFlag.SingleSelection); } IdentityManager.Credential credential = null; Exception error = null; if (certificates != null && certificates.Count > 0) { credential = new IdentityManager.Credential {ClientCertificate = certificates[0]}; } else { // Note : Error type is not that important since the error returned to the user is the initial HTTP error (Authorization Error) error = new System.Security.Authentication.AuthenticationException(); } callback(credential, error); }