public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; if (!reader.IsStartElement(samlDictionary.DoNotCacheCondition, samlDictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.DoNotCacheCondition.Value }))); } if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); } else { reader.MoveToContent(); reader.Read(); reader.ReadEndElement(); } }
public SecurityStandardsManager(System.ServiceModel.MessageSecurityVersion messageSecurityVersion, System.IdentityModel.Selectors.SecurityTokenSerializer tokenSerializer) { if (messageSecurityVersion == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("messageSecurityVersion")); } if (tokenSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenSerializer"); } this.messageSecurityVersion = messageSecurityVersion; this.tokenSerializer = tokenSerializer; if (messageSecurityVersion.SecureConversationVersion == System.ServiceModel.Security.SecureConversationVersion.WSSecureConversation13) { this.secureConversationDriver = new WSSecureConversationDec2005.DriverDec2005(); } else { this.secureConversationDriver = new WSSecureConversationFeb2005.DriverFeb2005(); } if ((this.SecurityVersion != System.ServiceModel.Security.SecurityVersion.WSSecurity10) && (this.SecurityVersion != System.ServiceModel.Security.SecurityVersion.WSSecurity11)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("messageSecurityVersion", System.ServiceModel.SR.GetString("MessageSecurityVersionOutOfRange"))); } this.idManager = System.ServiceModel.Security.WSSecurityJan2004.IdManager.Instance; this.wsUtilitySpecificationVersion = System.ServiceModel.Security.WSUtilitySpecificationVersion.Default; if (messageSecurityVersion.MessageSecurityTokenVersion.TrustVersion == System.ServiceModel.Security.TrustVersion.WSTrust13) { this.trustDriver = new WSTrustDec2005.DriverDec2005(this); } else { this.trustDriver = new WSTrustFeb2005.DriverFeb2005(this); } }
// Summary // Request a security token from the infocard system // // Parameters // endPoint - The token recipient end point. // policy - Policy stating the requirements for the token. // requiredRemoteTokenIssuer - The returned token should be issued by this // specific issuer. // public static GenericXmlSecurityToken GetToken(XmlElement endpoint, IEnumerable <XmlElement> policy, XmlElement requiredRemoteTokenIssuer, SecurityTokenSerializer tokenSerializer) { if (null == endpoint) { throw IDT.ThrowHelperArgumentNull("endpoint"); } if (null == policy) { throw IDT.ThrowHelperArgumentNull("policy"); } if (null == tokenSerializer) { throw IDT.ThrowHelperArgumentNull("tokenSerializer"); } Collection <XmlElement> policyCollection = new Collection <XmlElement>(); foreach (XmlElement element in policy) { policyCollection.Add(element); } return(GetToken(new CardSpacePolicyElement[] { new CardSpacePolicyElement(endpoint, requiredRemoteTokenIssuer, policyCollection, null, 0, false) }, tokenSerializer)); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; if (reader.IsStartElement(dictionary.Action, dictionary.Namespace)) { // The Namespace attribute is optional. this.ns = reader.GetAttribute(dictionary.ActionNamespaceAttribute, null); reader.MoveToContent(); this.action = reader.ReadString(); if (string.IsNullOrEmpty(this.action)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLActionNameRequiredOnRead))); reader.MoveToContent(); reader.ReadEndElement(); } }
public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthenticationStatement, this.DictionaryManager.SamlDictionary.Namespace)) { SamlAuthenticationStatement statement = new SamlAuthenticationStatement(); statement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return statement; } if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AttributeStatement, this.DictionaryManager.SamlDictionary.Namespace)) { SamlAttributeStatement statement2 = new SamlAttributeStatement(); statement2.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return statement2; } if (!reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, this.DictionaryManager.SamlDictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(System.IdentityModel.SR.GetString("SAMLUnableToLoadUnknownElement", new object[] { reader.LocalName }))); } SamlAuthorizationDecisionStatement statement3 = new SamlAuthorizationDecisionStatement(); statement3.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return statement3; }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; if (!reader.IsStartElement(dictionary.DoNotCacheCondition, dictionary.Namespace)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.DoNotCacheCondition.Value))); // saml:DoNotCacheCondition is a empty element. So just issue a read for // the empty element. if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); return; } reader.MoveToContent(); reader.Read(); reader.ReadEndElement(); }
public SecurityStandardsManager(MessageSecurityVersion messageSecurityVersion, SecurityTokenSerializer tokenSerializer) { if (messageSecurityVersion == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("messageSecurityVersion")); if (tokenSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenSerializer"); this.messageSecurityVersion = messageSecurityVersion; this.tokenSerializer = tokenSerializer; if (messageSecurityVersion.SecureConversationVersion == SecureConversationVersion.WSSecureConversation13) this.secureConversationDriver = new WSSecureConversationDec2005.DriverDec2005(); else this.secureConversationDriver = new WSSecureConversationFeb2005.DriverFeb2005(); if (this.SecurityVersion == SecurityVersion.WSSecurity10 || this.SecurityVersion == SecurityVersion.WSSecurity11) { this.idManager = WSSecurityJan2004.IdManager.Instance; } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("messageSecurityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange))); } this.wsUtilitySpecificationVersion = WSUtilitySpecificationVersion.Default; if (messageSecurityVersion.MessageSecurityTokenVersion.TrustVersion == TrustVersion.WSTrust13) this.trustDriver = new WSTrustDec2005.DriverDec2005(this); else this.trustDriver = new WSTrustFeb2005.DriverFeb2005(this); }
public EncryptedTypeElement(SecurityTokenSerializer keyInfoSerializer) { _cipherData = new CipherDataElement(); _encryptionMethod = new EncryptionMethodElement(); _keyInfo = new KeyInfo(keyInfoSerializer); _properties = new List<string>(); _keyInfoSerializer = keyInfoSerializer; }
public static string GetKeyIdentifierClauseXml (SecurityTokenSerializer serializer, XmlWriterSettings settings, SecurityKeyIdentifierClause item) { StringWriter sw = new StringWriter (); using (XmlWriter xw = XmlWriter.Create (sw)) { serializer.WriteKeyIdentifierClause (xw, item); } return sw.ToString (); }
public KeyInfoSerializer( bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer ) : this( emitBspRequiredAttributes, dictionaryManager, trustDictionary, innerSecurityTokenSerializer, null ) { }
public virtual void WriteToken(SamlSecurityToken token, XmlWriter writer, SecurityTokenSerializer keyInfoSerializer) { if (token == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token"); #pragma warning suppress 56506 // token.Assertion is never null. token.Assertion.WriteTo(writer, this, keyInfoSerializer); }
public Saml2InitiatorSecurityTokenSerializer(SecurityTokenSerializer serializer) { this.serializer = serializer; var securityTokenSerializerAdapter = (SecurityTokenSerializerAdapter) serializer; securityTokenSerializerAdapter.SecurityTokenHandlers.Remove( securityTokenSerializerAdapter.SecurityTokenHandlers[typeof (Saml2SecurityToken)]); securityTokenSerializerAdapter.SecurityTokenHandlers.Add(new OIOSaml2SecurityTokenHandler()); }
public static GenericXmlSecurityToken GetToken ( XmlElement endpoint, IEnumerable<XmlElement> policy, XmlElement requiredRemoteTokenIssuer, SecurityTokenSerializer serializer) { CardSpacePolicyElement pe = new CardSpacePolicyElement (endpoint, requiredRemoteTokenIssuer, new Collection<XmlElement> (new List<XmlElement> (policy)), null, 0, requiredRemoteTokenIssuer != null); return GetToken (new CardSpacePolicyElement [] {pe}, serializer); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { string str2; string str3; if (reader == null) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; string attribute = reader.GetAttribute(samlDictionary.AuthorityKind, null); if (string.IsNullOrEmpty(attribute)) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingAuthorityKindOnRead"))); } string[] strArray = attribute.Split(new char[] { ':' }); if (strArray.Length > 2) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingInvalidAuthorityKind"))); } if (strArray.Length == 2) { str3 = strArray[0]; str2 = strArray[1]; } else { str3 = string.Empty; str2 = strArray[0]; } string ns = reader.LookupNamespace(str3); this.authorityKind = new XmlQualifiedName(str2, ns); this.binding = reader.GetAttribute(samlDictionary.Binding, null); if (string.IsNullOrEmpty(this.binding)) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingBindingOnRead"))); } this.location = reader.GetAttribute(samlDictionary.Location, null); if (string.IsNullOrEmpty(this.location)) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingLocationOnRead"))); } if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); } else { reader.MoveToContent(); reader.Read(); reader.ReadEndElement(); } }
public static GenericXmlSecurityToken GetToken( XmlElement endpoint, IEnumerable <XmlElement> policy, XmlElement requiredRemoteTokenIssuer, SecurityTokenSerializer serializer) { CardSpacePolicyElement pe = new CardSpacePolicyElement(endpoint, requiredRemoteTokenIssuer, new Collection <XmlElement> (new List <XmlElement> (policy)), null, 0, requiredRemoteTokenIssuer != null); return(GetToken(new CardSpacePolicyElement [] { pe }, serializer)); }
public virtual SamlConditions LoadConditions(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } SamlConditions conditions = new SamlConditions(); conditions.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return conditions; }
public virtual SamlAdvice LoadAdvice(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } SamlAdvice advice = new SamlAdvice(); advice.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return advice; }
public NativeGenericXmlToken (GenericXmlSecurityToken token, SecurityTokenSerializer serializer) { created = token.ValidFrom.ToFileTime (); expired = token.ValidTo.ToFileTime (); xml_token = token.TokenXml.OuterXml; XmlWriterSettings settings = new XmlWriterSettings (); settings.OmitXmlDeclaration = true; internal_ref = GetKeyIdentifierClauseXml (serializer, settings, token.InternalTokenReference); external_ref = GetKeyIdentifierClauseXml (serializer, settings, token.ExternalTokenReference); }
public virtual SamlAssertion LoadAssertion(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); SamlAssertion assertion = new SamlAssertion(); assertion.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return assertion; }
public override void WriteXml ( XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) throw new ArgumentNullException ("writer"); if (samlSerializer == null) throw new ArgumentNullException ("samlSerializer"); writer.WriteStartElement ("saml", "DoNotCacheCondition", SamlConstants.Namespace); writer.WriteEndElement (); }
public override void WriteXml (XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoTokenSerializer) { if (SamlSubject == null) throw new SecurityTokenException ("Subject is null in the AttributeStatement"); writer.WriteStartElement ("saml", "AttributeStatement", SamlConstants.Namespace); SamlSubject.WriteXml (writer, samlSerializer, keyInfoTokenSerializer); foreach (SamlAttribute a in Attributes) a.WriteXml (writer, samlSerializer, keyInfoTokenSerializer); writer.WriteEndElement (); }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; reader.MoveToContent(); reader.Read(); if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace)) { SamlSubject subject = new SamlSubject(); subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver); base.SamlSubject = subject; } else { // SAML Subject is a required Attribute Statement clause. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingSubjectOnRead))); } while (reader.IsStartElement()) { if (reader.IsStartElement(dictionary.Attribute, dictionary.Namespace)) { // SAML Attribute is a extensibility point. So ask the SAML serializer // to load this part. SamlAttribute attribute = samlSerializer.LoadAttribute(reader, keyInfoSerializer, outOfBandTokenResolver); if (attribute == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAttribute))); this.attributes.Add(attribute); } else { break; } } if (this.attributes.Count == 0) { // Each Attribute statement should have at least one attribute. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingAttributeOnRead))); } reader.MoveToContent(); reader.ReadEndElement(); }
/// <summary> /// Initializes an instance of <see cref="EnvelopedSignatureWriter"/>. The returned writer can be directly used /// to write the envelope. The signature will be automatically generated when /// the envelope is completed. /// </summary> /// <param name="innerWriter">Writer to wrap/</param> /// <param name="signingCredentials">SigningCredentials to be used to generate the signature.</param> /// <param name="referenceId">The reference Id of the envelope.</param> /// <param name="securityTokenSerializer">SecurityTokenSerializer to serialize the signature KeyInfo.</param> /// <exception cref="ArgumentNullException">One of he input parameter is null.</exception> /// <exception cref="ArgumentException">The string 'referenceId' is either null or empty.</exception> public EnvelopedSignatureWriter(XmlWriter innerWriter, SigningCredentials signingCredentials, string referenceId, SecurityTokenSerializer securityTokenSerializer) { if (innerWriter == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("innerWriter"); } if (signingCredentials == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("signingCredentials"); } if (string.IsNullOrEmpty(referenceId)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentException(SR.GetString(SR.ID0006), "referenceId")); } if (securityTokenSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenSerializer"); } // Remember the user's writer here. We need to finally write out the signed XML // into this writer. _dictionaryManager = new DictionaryManager(); _innerWriter = innerWriter; _signingCreds = signingCredentials; _referenceId = referenceId; _tokenSerializer = securityTokenSerializer; _signatureFragment = new MemoryStream(); _endFragment = new MemoryStream(); _writerStream = new MemoryStream(); XmlDictionaryWriter effectiveWriter = XmlDictionaryWriter.CreateTextWriter(_writerStream, Encoding.UTF8, false); // Initialize the base writer to the newly created writer. The user should write the XML // to this. base.InitializeInnerWriter(effectiveWriter); _hashAlgorithm = CryptoHelper.CreateHashAlgorithm(_signingCreds.DigestAlgorithm); _hashStream = new HashStream(_hashAlgorithm); base.InnerWriter.StartCanonicalization(_hashStream, false, null); // // Add tracing for the un-canonicalized bytes // if (DiagnosticUtility.ShouldTraceVerbose) { _preCanonicalTracingStream = new MemoryStream(); base.InitializeTracingWriter(new XmlTextWriter(_preCanonicalTracingStream, Encoding.UTF8)); } }
public KeyInfoSerializer( bool emitBspRequiredAttributes, DictionaryManager dictionaryManager, TrustDictionary trustDictionary, SecurityTokenSerializer innerSecurityTokenSerializer, Func<KeyInfoSerializer, IEnumerable<SerializerEntries>> additionalEntries) { this.dictionaryManager = dictionaryManager; this.emitBspRequiredAttributes = emitBspRequiredAttributes; this.innerSecurityTokenSerializer = innerSecurityTokenSerializer; this.serializerEntries = new List<SecurityTokenSerializer.SerializerEntries>(); this.serializerEntries.Add(new XmlDsigSep2000(this)); this.serializerEntries.Add(new XmlEncApr2001(this)); this.serializerEntries.Add(new System.IdentityModel.Security.WSTrust(this, trustDictionary)); if ( additionalEntries != null ) { foreach ( SerializerEntries entries in additionalEntries( this ) ) { this.serializerEntries.Add(entries); } } bool wsSecuritySerializerFound = false; foreach ( SerializerEntries entry in this.serializerEntries ) { if ( ( entry is WSSecurityXXX2005 ) || ( entry is WSSecurityJan2004 ) ) { wsSecuritySerializerFound = true; break; } } if ( !wsSecuritySerializerFound ) { this.serializerEntries.Add( new WSSecurityXXX2005( this ) ); } this.tokenEntries = new List<TokenEntry>(); this.keyIdentifierEntries = new List<SecurityTokenSerializer.KeyIdentifierEntry>(); this.keyIdentifierClauseEntries = new List<SecurityTokenSerializer.KeyIdentifierClauseEntry>(); for (int i = 0; i < this.serializerEntries.Count; ++i) { SecurityTokenSerializer.SerializerEntries serializerEntry = this.serializerEntries[i]; serializerEntry.PopulateTokenEntries(this.tokenEntries); serializerEntry.PopulateKeyIdentifierEntries(this.keyIdentifierEntries); serializerEntry.PopulateKeyIdentifierClauseEntries(this.keyIdentifierClauseEntries); } }
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.DoNotCacheCondition, samlDictionary.Namespace); writer.WriteEndElement(); }
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.DoNotCacheCondition, dictionary.Namespace); writer.WriteEndElement(); }
public GenericXmlSecurityToken ToObject (NativeInfocardCryptoHandle proofTokenHandle, SecurityTokenSerializer serializer) { XmlDocument doc = new XmlDocument (); doc.LoadXml (xml_token); XmlElement token = doc.DocumentElement; SecurityToken proof = new CardSpaceProofToken (DateTime.FromFileTime (proofTokenHandle.Expiration), proofTokenHandle.GetAsymmetricKey ()); DateTime effective = DateTime.FromFileTime (created); DateTime expiration = DateTime.FromFileTime (expired); SecurityKeyIdentifierClause intref = serializer.ReadKeyIdentifierClause (Create (internal_ref)); SecurityKeyIdentifierClause extref = serializer.ReadKeyIdentifierClause (Create (external_ref)); return new GenericXmlSecurityToken (token, proof, effective, expiration, intref, extref, null); }
public override void WriteXml ( XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) throw new ArgumentNullException ("writer"); if (samlSerializer == null) throw new ArgumentNullException ("samlSerializer"); if (Audiences.Count == 0) throw new SecurityTokenException ("SAML AudienceRestrictionCondition must contain at least one Audience."); writer.WriteStartElement ("saml", "AudienceRestrictionCondition", SamlConstants.Namespace); foreach (Uri a in Audiences) writer.WriteElementString ("saml", "Audience", SamlConstants.Namespace, a.AbsoluteUri); writer.WriteEndElement (); }
public virtual SamlSecurityToken ReadToken(XmlReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader); WrappedReader wrappedReader = new WrappedReader(dictionaryReader); SamlAssertion assertion = LoadAssertion(wrappedReader, keyInfoSerializer, outOfBandTokenResolver); if (assertion == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAssertion))); //if (assertion.Signature == null) // throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SamlTokenMissingSignature))); return new SamlSecurityToken(assertion); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); } else { reader.MoveToContent(); reader.Read(); while (reader.IsStartElement()) { if (!reader.IsStartElement(samlDictionary.AssertionIdReference, samlDictionary.Namespace)) { if (!reader.IsStartElement(samlDictionary.Assertion, samlDictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.Advice.Value }))); } SamlAssertion item = new SamlAssertion(); item.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver); this.assertions.Add(item); } else { reader.MoveToContent(); this.assertionIdReferences.Add(reader.ReadString()); reader.MoveToContent(); reader.ReadEndElement(); continue; } } reader.MoveToContent(); reader.ReadEndElement(); } }
internal SignedXml(SignedInfo signedInfo, DictionaryManager dictionaryManager, System.IdentityModel.Selectors.SecurityTokenSerializer tokenSerializer) { if (signedInfo == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("signedInfo")); } if (dictionaryManager == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("dictionaryManager"); } if (tokenSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenSerializer"); } this.transformFactory = StandardTransformFactory.Instance; this.tokenSerializer = tokenSerializer; this.signature = new System.IdentityModel.Signature(this, signedInfo); this.dictionaryManager = dictionaryManager; }
internal SignedXml(SignedInfo signedInfo, DictionaryManager dictionaryManager, SecurityTokenSerializer tokenSerializer) { if (signedInfo == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("signedInfo")); } if (dictionaryManager == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("dictionaryManager"); } if (tokenSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenSerializer"); } this.transformFactory = StandardTransformFactory.Instance; this.tokenSerializer = tokenSerializer; this.signature = new Signature(this, signedInfo); this.dictionaryManager = dictionaryManager; }
protected EncryptedType() { this.encryptionMethod.Init(); this.state = EncryptionState.New; this.tokenSerializer = SecurityStandardsManager.DefaultInstance.SecurityTokenSerializer; }
// Summary // Request a security token from the infocard system // // Parameters // policyChain - an array of PolicyElements that describe the federated security chain that the client // needs a final token to unwind. // public static GenericXmlSecurityToken GetToken(CardSpacePolicyElement[] policyChain, SecurityTokenSerializer tokenSerializer) { IDT.TraceDebug("ICARDCLIENT: GetToken called with a policy chain of length {0}", policyChain.Length); InfoCardProofToken proofToken = null; InternalRefCountedHandle nativeCryptoHandle = null; GenericXmlSecurityToken token = null; RpcGenericXmlToken infocardToken = new RpcGenericXmlToken(); SafeTokenHandle nativeToken = null; Int32 result = 0; if (null == policyChain || 0 == policyChain.Length) { throw IDT.ThrowHelperArgumentNull("policyChain"); } if (null == tokenSerializer) { throw IDT.ThrowHelperArgumentNull("tokenSerializer"); } if (null == tokenSerializer) { throw IDT.ThrowHelperArgumentNull("tokenSerializer"); } try { RuntimeHelpers.PrepareConstrainedRegions(); bool mustRelease = false; try { } finally { // // The PolicyChain class will do the marshalling and native buffer management for us. // try { using (PolicyChain tmpChain = new PolicyChain(policyChain)) { IDT.TraceDebug("ICARDCLIENT: PInvoking the native GetToken call"); result = GetShim().m_csShimGetToken( tmpChain.Length, tmpChain.DoMarshal(), out nativeToken, out nativeCryptoHandle); } if (0 == result) { IDT.TraceDebug("ICARDCLIENT: The PInvoke of GetToken succeeded"); nativeToken.DangerousAddRef(ref mustRelease); infocardToken = (RpcGenericXmlToken)Marshal.PtrToStructure( nativeToken.DangerousGetHandle(), typeof(RpcGenericXmlToken)); } } finally { if (mustRelease) { nativeToken.DangerousRelease(); } } } if (0 == result) { using (ProofTokenCryptoHandle crypto = (ProofTokenCryptoHandle)CryptoHandle.Create(nativeCryptoHandle)) { proofToken = crypto.CreateProofToken(); } XmlDocument xmlDoc = new XmlDocument(); xmlDoc.LoadXml(infocardToken.xmlToken); SecurityKeyIdentifierClause internalTokenReference = null; if (null != infocardToken.internalTokenReference) { internalTokenReference = tokenSerializer.ReadKeyIdentifierClause( CreateReaderWithQuotas(infocardToken.internalTokenReference)); } SecurityKeyIdentifierClause externalTokenReference = null; if (null != infocardToken.externalTokenReference) { externalTokenReference = tokenSerializer.ReadKeyIdentifierClause( CreateReaderWithQuotas(infocardToken.externalTokenReference)); } IDT.TraceDebug("ICARDCLIENT: Constructing a new GenericXmlSecurityToken"); token = new GenericXmlSecurityToken( xmlDoc.DocumentElement, proofToken, DateTime.FromFileTimeUtc(infocardToken.createDate), DateTime.FromFileTimeUtc(infocardToken.expiryDate), internalTokenReference, externalTokenReference, null); } else { IDT.TraceDebug("ICARDCLIENT: The PInvoke of GetToken failed with a return code of {0}", result); // // Convert the HRESULTS to exceptions // ExceptionHelper.ThrowIfCardSpaceException((int)result); throw IDT.ThrowHelperError(new CardSpaceException(SR.GetString(SR.ClientAPIInfocardError))); } } catch { if (null != nativeCryptoHandle) { nativeCryptoHandle.Dispose(); } if (null != proofToken) { proofToken.Dispose(); } throw; } finally { if (null != nativeToken) { nativeToken.Dispose(); } } return(token); }
public static GenericXmlSecurityToken GetToken(CardSpacePolicyElement[] policyChain, SecurityTokenSerializer tokenSerializer) { InfoCardProofToken proofToken = null; InternalRefCountedHandle pCryptoHandle = null; RpcGenericXmlToken token3 = new RpcGenericXmlToken(); SafeTokenHandle securityToken = null; int status = 0; if ((policyChain == null) || (policyChain.Length == 0)) { throw InfoCardTrace.ThrowHelperArgumentNull("policyChain"); } if (tokenSerializer == null) { throw InfoCardTrace.ThrowHelperArgumentNull("tokenSerializer"); } if (tokenSerializer == null) { throw InfoCardTrace.ThrowHelperArgumentNull("tokenSerializer"); } try { RuntimeHelpers.PrepareConstrainedRegions(); bool success = false; try { } finally { try { using (PolicyChain chain = new PolicyChain(policyChain)) { status = GetShim().m_csShimGetToken(chain.Length, chain.DoMarshal(), out securityToken, out pCryptoHandle); } if (status == 0) { securityToken.DangerousAddRef(ref success); token3 = (RpcGenericXmlToken)Marshal.PtrToStructure(securityToken.DangerousGetHandle(), typeof(RpcGenericXmlToken)); } } finally { if (success) { securityToken.DangerousRelease(); } } } if (status == 0) { using (ProofTokenCryptoHandle handle3 = (ProofTokenCryptoHandle)CryptoHandle.Create(pCryptoHandle)) { proofToken = handle3.CreateProofToken(); } XmlDocument document = new XmlDocument(); document.LoadXml(token3.xmlToken); SecurityKeyIdentifierClause internalTokenReference = null; if (token3.internalTokenReference != null) { internalTokenReference = tokenSerializer.ReadKeyIdentifierClause(CreateReaderWithQuotas(token3.internalTokenReference)); } SecurityKeyIdentifierClause externalTokenReference = null; if (token3.externalTokenReference != null) { externalTokenReference = tokenSerializer.ReadKeyIdentifierClause(CreateReaderWithQuotas(token3.externalTokenReference)); } DateTime effectiveTime = DateTime.FromFileTimeUtc(token3.createDate); return(new GenericXmlSecurityToken(document.DocumentElement, proofToken, effectiveTime, DateTime.FromFileTimeUtc(token3.expiryDate), internalTokenReference, externalTokenReference, null)); } ExceptionHelper.ThrowIfCardSpaceException(status); throw InfoCardTrace.ThrowHelperError(new CardSpaceException(Microsoft.InfoCards.SR.GetString("ClientAPIInfocardError"))); } catch { if (pCryptoHandle != null) { pCryptoHandle.Dispose(); } if (proofToken != null) { proofToken.Dispose(); } throw; } finally { if (securityToken != null) { securityToken.Dispose(); } } return(null); }
public static GenericXmlSecurityToken GetToken(XmlElement endpoint, IEnumerable <XmlElement> policy, XmlElement requiredRemoteTokenIssuer, SecurityTokenSerializer tokenSerializer) { if (endpoint == null) { throw InfoCardTrace.ThrowHelperArgumentNull("endpoint"); } if (policy == null) { throw InfoCardTrace.ThrowHelperArgumentNull("policy"); } if (tokenSerializer == null) { throw InfoCardTrace.ThrowHelperArgumentNull("tokenSerializer"); } Collection <XmlElement> parameters = new Collection <XmlElement>(); foreach (XmlElement element in policy) { parameters.Add(element); } return(GetToken(new CardSpacePolicyElement[] { new CardSpacePolicyElement(endpoint, requiredRemoteTokenIssuer, parameters, null, 0, false) }, tokenSerializer)); }
public SecurityStandardsManager(System.IdentityModel.Selectors.SecurityTokenSerializer tokenSerializer) : this(System.ServiceModel.MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11, tokenSerializer) { }
//----------------------------------------- //----------------------------------------- // Constructors //----------------------------------------- protected override SecurityToken GetInfoCardSecurityToken(bool requiresInfoCard, System.IdentityModel.Selectors.CardSpacePolicyElement[] chain, System.IdentityModel.Selectors.SecurityTokenSerializer tokenSerializer) { CardspacePolicyInfo policyInfo = new CardspacePolicyInfo(chain); TimeZone localTimeZone = TimeZone.CurrentTimeZone; if ( //Does the cache contain a token with the specified policy info? _cachedInformationCardTokens.ContainsKey(policyInfo) && //Is the token is still valid? localTimeZone.ToLocalTime(_cachedInformationCardTokens[policyInfo].ValidFrom) < DateTime.Now && localTimeZone.ToLocalTime(_cachedInformationCardTokens[policyInfo].ValidTo) > DateTime.Now ) { return(CachedInformationCardTokens[policyInfo]); } else { lock (CachedInformationCardTokens) { SecurityToken newInformationCardToken = base.GetInfoCardSecurityToken(requiresInfoCard, chain, tokenSerializer); CachedInformationCardTokens.Add(policyInfo, newInformationCardToken); return(newInformationCardToken); } } }
public static GenericXmlSecurityToken GetToken( CardSpacePolicyElement [] policyChain, SecurityTokenSerializer serializer) { return((GenericXmlSecurityToken)get_token.Invoke(impl, new object [] { policyChain, serializer })); }
public SignedXml(DictionaryManager dictionaryManager, System.IdentityModel.Selectors.SecurityTokenSerializer tokenSerializer) : this(new StandardSignedInfo(dictionaryManager), dictionaryManager, tokenSerializer) { }
public override void ReadXml (XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoTokenSerializer, SecurityTokenResolver outOfBandTokenResolver) { throw new NotImplementedException (); }