public static SecurityToken GetSecurityToken(RequestSecurityTokenConfiguration rstConfiguration, SecurityToken bootstrapToken) { var certificateRst = new RequestSecurityToken { AppliesTo = new EndpointReference(rstConfiguration.AppliesTo), RequestType = RequestTypes.Issue, TokenType = "urn:oasis:names:tc:SAML:2.0:assertion", KeyType = KeyTypes.Symmetric, Issuer = new EndpointReference(rstConfiguration.StsEndpointAddress.Uri.AbsoluteUri), }; if (bootstrapToken != null) { certificateRst.ActAs = new SecurityTokenElement(bootstrapToken); } if (rstConfiguration.ClientCertificate == null) { throw new IdentifyStsProcessException("Cannot execute negotiating token request to certificate endpoint withou client cerificate"); } try { var stschannel = CreateStsChannel(rstConfiguration.ClientCertificate, rstConfiguration.StsEndpointAddress); return(stschannel.Issue(certificateRst)); } catch (Exception ex) { Logging.Instance.Error(ex, "There is an error responsed from ws-trust service."); throw; } }
/// <summary> /// Creates a configuration section handler. /// </summary> public object Create(object parent, object configContext, XmlNode section) { var config = new RequestSecurityTokenConfiguration(); config.LoadConfiguration(section); return(config); }
public static SecurityToken GetSecurityToken(RequestSecurityTokenConfiguration rstConfiguration, SecurityToken bootstrapToken) { var upnRst = new RequestSecurityToken { AppliesTo = new EndpointReference(rstConfiguration.AppliesTo), RequestType = RequestTypes.Issue, TokenType = "urn:oasis:names:tc:SAML:2.0:assertion", KeyType = KeyTypes.Symmetric, Issuer = new EndpointReference(rstConfiguration.StsEndpointAddress.Uri.AbsoluteUri), }; if (bootstrapToken != null) { upnRst.ActAs = new SecurityTokenElement(bootstrapToken); } if (string.IsNullOrEmpty(rstConfiguration.ClientUsername)) { throw new IdentifyStsProcessException("Cannot execute negotiating token request to certificate endpoint without client username or password"); } if (rstConfiguration.Claims != null && rstConfiguration.Claims.Any()) { upnRst.Claims.Dialect = "http://docs.oasis-open.org/wsfed/authorization/200706/authclaims"; foreach (var claim in rstConfiguration.Claims) { upnRst.Claims.Add(new RequestClaim(claim.Type, false, claim.Value)); } } try { var stschannel = CreateStsChannel(rstConfiguration.ClientUsername, rstConfiguration.ClientPassword, rstConfiguration.StsEndpointAddress); return(stschannel.Issue(upnRst)); } catch (Exception ex) { Logging.Instance.Error(ex, "There is an error responsed from ws-trust service."); throw; } }
public static SecurityToken GetSecurityToken(RequestSecurityTokenConfiguration rstConfiguration) { return(GetSecurityToken(rstConfiguration, null)); }