コード例 #1
0
ファイル: SamlAssertion.cs プロジェクト: nlhepler/mono
		public SamlAssertion (string assertionId, string issuer,
			DateTime issueInstant, SamlConditions conditions,
			SamlAdvice advice, IEnumerable<SamlStatement> statements)
		{
			if (IsInvalidAssertionId (assertionId))
				throw new ArgumentException (String.Format ("The assertionId '{0}' must be a valid XML NCName.", assertionId));

			if (issuer == null || issuer.Length == 0)
				throw new ArgumentException ("issuer");
			if (statements == null)
				throw new ArgumentNullException ("statements");

			major = 1;
			minor = 1;

			assertion_id = assertionId;
			this.issuer = issuer;
			issue_instant = issueInstant;
			this.conditions = conditions;
			this.advice = advice;
			foreach (SamlStatement s in statements) {
				if (s == null)
					throw new ArgumentException ("statements contain null item.");
				this.statements.Add (s);
			}
			if (this.statements.Count == 0)
				throw new ArgumentException ("At least one assertion statement is required.");
		}
コード例 #2
0
 public virtual SamlAdvice LoadAdvice(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
 {
     if (reader == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
     }
     SamlAdvice advice = new SamlAdvice();
     advice.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
     return advice;
 }
コード例 #3
0
        public virtual SamlAdvice LoadAdvice(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }
            SamlAdvice advice = new SamlAdvice();

            advice.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
            return(advice);
        }
コード例 #4
0
        public SamlAssertion(
            string assertionId,
            string issuer,
            DateTime issueInstant,
            SamlConditions samlConditions,
            SamlAdvice samlAdvice,
            IEnumerable <SamlStatement> samlStatements
            )
        {
            if (string.IsNullOrEmpty(assertionId))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAssertionIdRequired));
            }

            if (!IsAssertionIdValid(assertionId))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAssertionIDIsInvalid, assertionId));
            }

            if (string.IsNullOrEmpty(issuer))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAssertionIssuerRequired));
            }

            if (samlStatements == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlStatements");
            }

            this.assertionId  = assertionId;
            this.issuer       = issuer;
            this.issueInstant = issueInstant.ToUniversalTime();
            this.conditions   = samlConditions;
            this.advice       = samlAdvice;

            foreach (SamlStatement samlStatement in samlStatements)
            {
                if (samlStatement == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLEntityCannotBeNullOrEmpty, XD.SamlDictionary.Statement.Value));
                }

                this.statements.Add(samlStatement);
            }

            if (this.statements.Count == 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAssertionRequireOneStatement));
            }
        }
コード例 #5
0
        public SamlAssertion(
            string assertionId,
            string issuer,
            DateTime issueInstant,
            SamlConditions samlConditions,
            SamlAdvice samlAdvice,
            IEnumerable<SamlStatement> samlStatements
            )
        {
            if (string.IsNullOrEmpty(assertionId))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAssertionIdRequired));

            if (!IsAssertionIdValid(assertionId))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAssertionIDIsInvalid, assertionId));

            if (string.IsNullOrEmpty(issuer))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAssertionIssuerRequired));

            if (samlStatements == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlStatements");
            }

            this.assertionId = assertionId;
            this.issuer = issuer;
            this.issueInstant = issueInstant.ToUniversalTime();
            this.conditions = samlConditions;
            this.advice = samlAdvice;

            foreach (SamlStatement samlStatement in samlStatements)
            {
                if (samlStatement == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLEntityCannotBeNullOrEmpty, XD.SamlDictionary.Statement.Value));

                this.statements.Add(samlStatement);
            }

            if (this.statements.Count == 0)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAssertionRequireOneStatement));
        }
コード例 #6
0
 public SamlAssertion(string assertionId, string issuer, DateTime issueInstant, SamlConditions samlConditions, SamlAdvice samlAdvice, IEnumerable <SamlStatement> samlStatements)
 {
     this.assertionId  = "SamlSecurityToken-" + Guid.NewGuid().ToString();
     this.issueInstant = DateTime.UtcNow.ToUniversalTime();
     this.statements   = new ImmutableCollection <SamlStatement>();
     if (string.IsNullOrEmpty(assertionId))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAssertionIdRequired"));
     }
     if (!this.IsAssertionIdValid(assertionId))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAssertionIDIsInvalid", new object[] { assertionId }));
     }
     if (string.IsNullOrEmpty(issuer))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAssertionIssuerRequired"));
     }
     if (samlStatements == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlStatements");
     }
     this.assertionId  = assertionId;
     this.issuer       = issuer;
     this.issueInstant = issueInstant.ToUniversalTime();
     this.conditions   = samlConditions;
     this.advice       = samlAdvice;
     foreach (SamlStatement statement in samlStatements)
     {
         if (statement == null)
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLEntityCannotBeNullOrEmpty", new object[] { XD.SamlDictionary.Statement.Value }));
         }
         this.statements.Add(statement);
     }
     if (this.statements.Count == 0)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAssertionRequireOneStatement"));
     }
 }
コード例 #7
0
        public SamlAssertion(string assertionId, string issuer,
                             DateTime issueInstant, SamlConditions conditions,
                             SamlAdvice advice, IEnumerable <SamlStatement> statements)
        {
            if (IsInvalidAssertionId(assertionId))
            {
                throw new ArgumentException(String.Format("The assertionId '{0}' must be a valid XML NCName.", assertionId));
            }

            if (issuer == null || issuer.Length == 0)
            {
                throw new ArgumentException("issuer");
            }
            if (statements == null)
            {
                throw new ArgumentNullException("statements");
            }

            major = 1;
            minor = 1;

            assertion_id    = assertionId;
            this.issuer     = issuer;
            issue_instant   = issueInstant;
            this.conditions = conditions;
            this.advice     = advice;
            foreach (SamlStatement s in statements)
            {
                if (s == null)
                {
                    throw new ArgumentException("statements contain null item.");
                }
                this.statements.Add(s);
            }
            if (this.statements.Count == 0)
            {
                throw new ArgumentException("At least one assertion statement is required.");
            }
        }
コード例 #8
0
 public SamlAssertion(string assertionId, string issuer, DateTime issueInstant, SamlConditions samlConditions, SamlAdvice samlAdvice, IEnumerable<SamlStatement> samlStatements)
 {
     this.assertionId = "SamlSecurityToken-" + Guid.NewGuid().ToString();
     this.issueInstant = DateTime.UtcNow.ToUniversalTime();
     this.statements = new ImmutableCollection<SamlStatement>();
     if (string.IsNullOrEmpty(assertionId))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAssertionIdRequired"));
     }
     if (!this.IsAssertionIdValid(assertionId))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAssertionIDIsInvalid", new object[] { assertionId }));
     }
     if (string.IsNullOrEmpty(issuer))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAssertionIssuerRequired"));
     }
     if (samlStatements == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlStatements");
     }
     this.assertionId = assertionId;
     this.issuer = issuer;
     this.issueInstant = issueInstant.ToUniversalTime();
     this.conditions = samlConditions;
     this.advice = samlAdvice;
     foreach (SamlStatement statement in samlStatements)
     {
         if (statement == null)
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLEntityCannotBeNullOrEmpty", new object[] { XD.SamlDictionary.Statement.Value }));
         }
         this.statements.Add(statement);
     }
     if (this.statements.Count == 0)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAssertionRequireOneStatement"));
     }
 }
コード例 #9
0
        public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));

            if (samlSerializer == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));

            XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader);
            WrappedReader wrappedReader = new WrappedReader(dictionaryReader);
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
            SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;

            if (!wrappedReader.IsStartElement(dictionary.Assertion, dictionary.Namespace))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLElementNotRecognized, wrappedReader.LocalName)));

            string attributeValue = wrappedReader.GetAttribute(dictionary.MajorVersion, null);
            if (string.IsNullOrEmpty(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMajorVersionAttributeOnRead)));
            int majorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);

            attributeValue = wrappedReader.GetAttribute(dictionary.MinorVersion, null);
            if (string.IsNullOrEmpty(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMinorVersionAttributeOnRead)));

            int minorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);

            if ((majorVersion != SamlConstants.MajorVersionValue) || (minorVersion != SamlConstants.MinorVersionValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLTokenVersionNotSupported, majorVersion, minorVersion, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue)));
            }

            attributeValue = wrappedReader.GetAttribute(dictionary.AssertionId, null);
            if (string.IsNullOrEmpty(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIdRequired)));

            if (!IsAssertionIdValid(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIDIsInvalid, attributeValue)));

            this.assertionId = attributeValue;

            attributeValue = wrappedReader.GetAttribute(dictionary.Issuer, null);
            if (string.IsNullOrEmpty(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingIssuerAttributeOnRead)));
            this.issuer = attributeValue;

            attributeValue = wrappedReader.GetAttribute(dictionary.IssueInstant, null);
            if (!string.IsNullOrEmpty(attributeValue))
                this.issueInstant = DateTime.ParseExact(
                    attributeValue, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();

            wrappedReader.MoveToContent();
            wrappedReader.Read();

            if (wrappedReader.IsStartElement(dictionary.Conditions, dictionary.Namespace))
            {
                this.conditions = samlSerializer.LoadConditions(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                if (this.conditions == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadCondtions)));
            }

            if (wrappedReader.IsStartElement(dictionary.Advice, dictionary.Namespace))
            {
                this.advice = samlSerializer.LoadAdvice(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                if (this.advice == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAdvice)));
            }

            while (wrappedReader.IsStartElement())
            {
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
                if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
                {
                    break;
                }
                else
                {
                    SamlStatement statement = samlSerializer.LoadStatement(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                    if (statement == null)
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadStatement)));
                    this.statements.Add(statement);
                }
            }

            if (this.statements.Count == 0)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionRequireOneStatementOnRead)));

            if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
                this.ReadSignature(wrappedReader, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);

            wrappedReader.MoveToContent();
            wrappedReader.ReadEndElement();

            this.tokenStream = wrappedReader.XmlTokens;

            if (this.signature != null)
            {
                VerifySignature(this.signature, this.verificationKey);
            }

            BuildCryptoList();
        }
コード例 #10
0
        public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));
            }
            if (samlSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
            }
            WrappedReader  reader3        = new WrappedReader(XmlDictionaryReader.CreateDictionaryReader(reader));
            SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;

            if (!reader3.IsStartElement(samlDictionary.Assertion, samlDictionary.Namespace))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLElementNotRecognized", new object[] { reader3.LocalName })));
            }
            string attribute = reader3.GetAttribute(samlDictionary.MajorVersion, null);

            if (string.IsNullOrEmpty(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingMajorVersionAttributeOnRead")));
            }
            int num = int.Parse(attribute, CultureInfo.InvariantCulture);

            attribute = reader3.GetAttribute(samlDictionary.MinorVersion, null);
            if (string.IsNullOrEmpty(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingMinorVersionAttributeOnRead")));
            }
            int num2 = int.Parse(attribute, CultureInfo.InvariantCulture);

            if ((num != SamlConstants.MajorVersionValue) || (num2 != SamlConstants.MinorVersionValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLTokenVersionNotSupported", new object[] { num, num2, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue })));
            }
            attribute = reader3.GetAttribute(samlDictionary.AssertionId, null);
            if (string.IsNullOrEmpty(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionIdRequired")));
            }
            if (!this.IsAssertionIdValid(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionIDIsInvalid", new object[] { attribute })));
            }
            this.assertionId = attribute;
            attribute        = reader3.GetAttribute(samlDictionary.Issuer, null);
            if (string.IsNullOrEmpty(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingIssuerAttributeOnRead")));
            }
            this.issuer = attribute;
            attribute   = reader3.GetAttribute(samlDictionary.IssueInstant, null);
            if (!string.IsNullOrEmpty(attribute))
            {
                this.issueInstant = DateTime.ParseExact(attribute, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
            }
            reader3.MoveToContent();
            reader3.Read();
            if (reader3.IsStartElement(samlDictionary.Conditions, samlDictionary.Namespace))
            {
                this.conditions = samlSerializer.LoadConditions(reader3, keyInfoSerializer, outOfBandTokenResolver);
                if (this.conditions == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadCondtions")));
                }
            }
            if (reader3.IsStartElement(samlDictionary.Advice, samlDictionary.Namespace))
            {
                this.advice = samlSerializer.LoadAdvice(reader3, keyInfoSerializer, outOfBandTokenResolver);
                if (this.advice == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadAdvice")));
                }
            }
            while (reader3.IsStartElement())
            {
                if (reader3.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
                {
                    break;
                }
                SamlStatement item = samlSerializer.LoadStatement(reader3, keyInfoSerializer, outOfBandTokenResolver);
                if (item == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadStatement")));
                }
                this.statements.Add(item);
            }
            if (this.statements.Count == 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionRequireOneStatementOnRead")));
            }
            if (reader3.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
            {
                this.ReadSignature(reader3, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);
            }
            reader3.MoveToContent();
            reader3.ReadEndElement();
            this.tokenStream = reader3.XmlTokens;
            if (this.signature != null)
            {
                this.VerifySignature(this.signature, this.verificationKey);
            }
            this.BuildCryptoList();
        }
コード例 #11
0
        public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));
            }

            if (samlSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
            }

            XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader);
            WrappedReader       wrappedReader    = new WrappedReader(dictionaryReader);

#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
            SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;

            if (!wrappedReader.IsStartElement(dictionary.Assertion, dictionary.Namespace))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLElementNotRecognized, wrappedReader.LocalName)));
            }

            string attributeValue = wrappedReader.GetAttribute(dictionary.MajorVersion, null);
            if (string.IsNullOrEmpty(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMajorVersionAttributeOnRead)));
            }
            int majorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);

            attributeValue = wrappedReader.GetAttribute(dictionary.MinorVersion, null);
            if (string.IsNullOrEmpty(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMinorVersionAttributeOnRead)));
            }

            int minorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);

            if ((majorVersion != SamlConstants.MajorVersionValue) || (minorVersion != SamlConstants.MinorVersionValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLTokenVersionNotSupported, majorVersion, minorVersion, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue)));
            }

            attributeValue = wrappedReader.GetAttribute(dictionary.AssertionId, null);
            if (string.IsNullOrEmpty(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIdRequired)));
            }

            if (!IsAssertionIdValid(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIDIsInvalid, attributeValue)));
            }

            this.assertionId = attributeValue;

            attributeValue = wrappedReader.GetAttribute(dictionary.Issuer, null);
            if (string.IsNullOrEmpty(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingIssuerAttributeOnRead)));
            }
            this.issuer = attributeValue;

            attributeValue = wrappedReader.GetAttribute(dictionary.IssueInstant, null);
            if (!string.IsNullOrEmpty(attributeValue))
            {
                this.issueInstant = DateTime.ParseExact(
                    attributeValue, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
            }

            wrappedReader.MoveToContent();
            wrappedReader.Read();

            if (wrappedReader.IsStartElement(dictionary.Conditions, dictionary.Namespace))
            {
                this.conditions = samlSerializer.LoadConditions(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                if (this.conditions == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadCondtions)));
                }
            }

            if (wrappedReader.IsStartElement(dictionary.Advice, dictionary.Namespace))
            {
                this.advice = samlSerializer.LoadAdvice(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                if (this.advice == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAdvice)));
                }
            }

            while (wrappedReader.IsStartElement())
            {
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
                if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
                {
                    break;
                }
                else
                {
                    SamlStatement statement = samlSerializer.LoadStatement(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                    if (statement == null)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadStatement)));
                    }
                    this.statements.Add(statement);
                }
            }

            if (this.statements.Count == 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionRequireOneStatementOnRead)));
            }

            if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
            {
                this.ReadSignature(wrappedReader, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);
            }

            wrappedReader.MoveToContent();
            wrappedReader.ReadEndElement();

            this.tokenStream = wrappedReader.XmlTokens;

            if (this.signature != null)
            {
                VerifySignature(this.signature, this.verificationKey);
            }

            BuildCryptoList();
        }
コード例 #12
0
 /// <summary>
 /// Override this method to customize the parameters to create a SamlAssertion. 
 /// </summary>
 /// <param name="issuer">The Issuer of the Assertion.</param>
 /// <param name="conditions">The SamlConditions to add.</param>
 /// <param name="advice">The SamlAdvice to add.</param>
 /// <param name="statements">The SamlStatements to add.</param>
 /// <returns>A SamlAssertion.</returns>
 /// <remarks>A unique random id is created for the assertion
 /// IssueInstance is set to DateTime.UtcNow.</remarks>
 protected virtual SamlAssertion CreateAssertion(string issuer, SamlConditions conditions, SamlAdvice advice, IEnumerable<SamlStatement> statements)
 {
     return new SamlAssertion(System.IdentityModel.UniqueId.CreateRandomId(), issuer, DateTime.UtcNow, conditions, advice, statements);
 }
コード例 #13
0
        /// <summary>
        /// Serialize the given SamlAdvice to the given XmlWriter.
        /// </summary>
        /// <param name="writer">XmlWriter to serialize the SamlAdvice.</param>
        /// <param name="advice">SamlAdvice to be serialized.</param>
        /// <exception cref="ArgumentNullException">The input parameter 'writer' or 'advice' is null.</exception>
        protected virtual void WriteAdvice(XmlWriter writer, SamlAdvice advice)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (advice == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("advice");
            }

            writer.WriteStartElement(SamlConstants.Prefix, SamlConstants.ElementNames.Advice, SamlConstants.Namespace);
            if (advice.AssertionIdReferences.Count > 0)
            {
                foreach (string assertionIdReference in advice.AssertionIdReferences)
                {
                    if (string.IsNullOrEmpty(assertionIdReference))
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4079)));
                    }
                    writer.WriteElementString(SamlConstants.Prefix, SamlConstants.ElementNames.AssertionIdReference, SamlConstants.Namespace, assertionIdReference);
                }
            }

            if (advice.Assertions.Count > 0)
            {
                foreach (SamlAssertion assertion in advice.Assertions)
                {
                    WriteAssertion(writer, assertion);
                }
            }

            writer.WriteEndElement();
        }
コード例 #14
0
 public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
 {
     if (reader == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));
     }
     if (samlSerializer == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
     }
     WrappedReader reader3 = new WrappedReader(XmlDictionaryReader.CreateDictionaryReader(reader));
     SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
     if (!reader3.IsStartElement(samlDictionary.Assertion, samlDictionary.Namespace))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLElementNotRecognized", new object[] { reader3.LocalName })));
     }
     string attribute = reader3.GetAttribute(samlDictionary.MajorVersion, null);
     if (string.IsNullOrEmpty(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingMajorVersionAttributeOnRead")));
     }
     int num = int.Parse(attribute, CultureInfo.InvariantCulture);
     attribute = reader3.GetAttribute(samlDictionary.MinorVersion, null);
     if (string.IsNullOrEmpty(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingMinorVersionAttributeOnRead")));
     }
     int num2 = int.Parse(attribute, CultureInfo.InvariantCulture);
     if ((num != SamlConstants.MajorVersionValue) || (num2 != SamlConstants.MinorVersionValue))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLTokenVersionNotSupported", new object[] { num, num2, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue })));
     }
     attribute = reader3.GetAttribute(samlDictionary.AssertionId, null);
     if (string.IsNullOrEmpty(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionIdRequired")));
     }
     if (!this.IsAssertionIdValid(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionIDIsInvalid", new object[] { attribute })));
     }
     this.assertionId = attribute;
     attribute = reader3.GetAttribute(samlDictionary.Issuer, null);
     if (string.IsNullOrEmpty(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingIssuerAttributeOnRead")));
     }
     this.issuer = attribute;
     attribute = reader3.GetAttribute(samlDictionary.IssueInstant, null);
     if (!string.IsNullOrEmpty(attribute))
     {
         this.issueInstant = DateTime.ParseExact(attribute, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
     }
     reader3.MoveToContent();
     reader3.Read();
     if (reader3.IsStartElement(samlDictionary.Conditions, samlDictionary.Namespace))
     {
         this.conditions = samlSerializer.LoadConditions(reader3, keyInfoSerializer, outOfBandTokenResolver);
         if (this.conditions == null)
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadCondtions")));
         }
     }
     if (reader3.IsStartElement(samlDictionary.Advice, samlDictionary.Namespace))
     {
         this.advice = samlSerializer.LoadAdvice(reader3, keyInfoSerializer, outOfBandTokenResolver);
         if (this.advice == null)
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadAdvice")));
         }
     }
     while (reader3.IsStartElement())
     {
         if (reader3.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
         {
             break;
         }
         SamlStatement item = samlSerializer.LoadStatement(reader3, keyInfoSerializer, outOfBandTokenResolver);
         if (item == null)
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadStatement")));
         }
         this.statements.Add(item);
     }
     if (this.statements.Count == 0)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionRequireOneStatementOnRead")));
     }
     if (reader3.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
     {
         this.ReadSignature(reader3, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);
     }
     reader3.MoveToContent();
     reader3.ReadEndElement();
     this.tokenStream = reader3.XmlTokens;
     if (this.signature != null)
     {
         this.VerifySignature(this.signature, this.verificationKey);
     }
     this.BuildCryptoList();
 }