コード例 #1
0
        public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (reader.IsStartElement(DictionaryManager.SamlDictionary.AuthenticationStatement, DictionaryManager.SamlDictionary.Namespace))
            {
                SamlAuthenticationStatement authStatement = new SamlAuthenticationStatement();
                authStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
                return(authStatement);
            }
            else if (reader.IsStartElement(DictionaryManager.SamlDictionary.AttributeStatement, DictionaryManager.SamlDictionary.Namespace))
            {
                SamlAttributeStatement attrStatement = new SamlAttributeStatement();
                attrStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
                return(attrStatement);
            }
            else if (reader.IsStartElement(DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, DictionaryManager.SamlDictionary.Namespace))
            {
                SamlAuthorizationDecisionStatement authDecisionStatement = new SamlAuthorizationDecisionStatement();
                authDecisionStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
                return(authDecisionStatement);
            }
            else
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.SAMLUnableToLoadUnknownElement, reader.LocalName)));
            }
        }
コード例 #2
0
        public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }
            if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthenticationStatement, this.DictionaryManager.SamlDictionary.Namespace))
            {
                SamlAuthenticationStatement statement = new SamlAuthenticationStatement();
                statement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
                return(statement);
            }
            if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AttributeStatement, this.DictionaryManager.SamlDictionary.Namespace))
            {
                SamlAttributeStatement statement2 = new SamlAttributeStatement();
                statement2.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
                return(statement2);
            }
            if (!reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, this.DictionaryManager.SamlDictionary.Namespace))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(System.IdentityModel.SR.GetString("SAMLUnableToLoadUnknownElement", new object[] { reader.LocalName })));
            }
            SamlAuthorizationDecisionStatement statement3 = new SamlAuthorizationDecisionStatement();

            statement3.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
            return(statement3);
        }
コード例 #3
0
		public void DefaultValues ()
		{
			SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement ();
			Assert.AreEqual (default (SamlAccessDecision), a.AccessDecision, "#1");
			Assert.IsNull (a.Evidence, "#2");
			Assert.IsNull (a.Resource, "#3");
			Assert.IsNull (a.SamlSubject, "#4");
			Assert.AreEqual (0, a.SamlActions.Count, "#5");
		}
コード例 #4
0
        /// <summary>
        /// Serialize a SamlAuthorizationDecisionStatement.
        /// </summary>
        /// <param name="writer">XmlWriter to which the SamlAuthorizationStatement is serialized.</param>
        /// <param name="statement">SamlAuthorizationDecisionStatement to serialize.</param>
        /// <exception cref="ArgumentNullException">The input parameter 'writer' or 'statement' is null.</exception>
        protected virtual void WriteAuthorizationDecisionStatement(XmlWriter writer, SamlAuthorizationDecisionStatement statement)
        {
            if (writer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
            }

            if (statement == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("statement");
            }

            writer.WriteStartElement(SamlConstants.Prefix, SamlConstants.ElementNames.AuthorizationDecisionStatement, SamlConstants.Namespace);

            writer.WriteAttributeString(SamlConstants.AttributeNames.Decision, null, statement.AccessDecision.ToString());

            writer.WriteAttributeString(SamlConstants.AttributeNames.Resource, null, statement.Resource);

            WriteSubject(writer, statement.SamlSubject);

            foreach (SamlAction action in statement.SamlActions)
            {
                WriteAction(writer, action);
            }

            if (statement.Evidence != null)
            {
                WriteEvidence(writer, statement.Evidence);
            }

            writer.WriteEndElement();
        }
コード例 #5
0
        SamlAuthorizationDecisionStatement ReadAuthorizationDecisionStatement(XmlReader reader)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
            }

            if (!reader.IsStartElement(SamlConstants.ElementNames.AuthorizationDecisionStatement, SamlConstants.Namespace))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.ID4082, SamlConstants.ElementNames.AuthorizationDecisionStatement, SamlConstants.Namespace, reader.LocalName, reader.NamespaceURI)));
            }

            SamlAuthorizationDecisionStatement authzStatement = new SamlAuthorizationDecisionStatement();
            authzStatement.Resource = reader.GetAttribute(SamlConstants.AttributeNames.Resource, null);
            if (string.IsNullOrEmpty(authzStatement.Resource))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.ID4205)));
            }

            string decisionString = reader.GetAttribute(SamlConstants.AttributeNames.Decision, null);
            if (string.IsNullOrEmpty(decisionString))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.ID4204)));
            }

            if (decisionString.Equals(SamlAccessDecision.Deny.ToString(), StringComparison.OrdinalIgnoreCase))
            {
                authzStatement.AccessDecision = SamlAccessDecision.Deny;
            }
            else if (decisionString.Equals(SamlAccessDecision.Permit.ToString(), StringComparison.OrdinalIgnoreCase))
            {
                authzStatement.AccessDecision = SamlAccessDecision.Permit;
            }
            else
            {
                authzStatement.AccessDecision = SamlAccessDecision.Indeterminate;
            }

            reader.MoveToContent();
            reader.Read();

            if (reader.IsStartElement(SamlConstants.ElementNames.Subject, SamlConstants.Namespace))
            {
                authzStatement.SamlSubject = ReadSubject(reader);
            }
            else
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4206)));
            }

            while (reader.IsStartElement())
            {
                if (reader.IsStartElement(SamlConstants.ElementNames.Action, SamlConstants.Namespace))
                {
                    authzStatement.SamlActions.Add(ReadAction(reader));
                }
                else if (reader.IsStartElement(SamlConstants.ElementNames.Evidence, SamlConstants.Namespace))
                {
                    if (authzStatement.Evidence != null)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4207)));
                    }

                    authzStatement.Evidence = ReadEvidence(reader);
                }
                else
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4208, reader.LocalName, reader.NamespaceURI)));
                }
            }

            if (authzStatement.SamlActions.Count == 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4209)));
            }

            reader.MoveToContent();
            reader.ReadEndElement();

            return authzStatement;
        }
コード例 #6
0
 /// <summary>
 /// Override this virtual to provide custom processing of SamlAuthorizationDecisionStatement.
 /// By default no processing is performed, you will need to access the token for SamlAuthorizationDecisionStatement information.
 /// </summary>
 /// <param name="samlStatement">The SamlAuthorizationDecisionStatement to process.</param>
 /// <param name="subject">The identity that should be modified to reflect the statement.</param>
 /// <param name="issuer">The subject that identifies the issuer.</param>
 protected virtual void ProcessAuthorizationDecisionStatement(SamlAuthorizationDecisionStatement samlStatement, ClaimsIdentity subject, string issuer)
 {
 }
コード例 #7
0
        public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");

            if (reader.IsStartElement(DictionaryManager.SamlDictionary.AuthenticationStatement, DictionaryManager.SamlDictionary.Namespace))
            {
                SamlAuthenticationStatement authStatement = new SamlAuthenticationStatement();
                authStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
                return authStatement;
            }
            else if (reader.IsStartElement(DictionaryManager.SamlDictionary.AttributeStatement, DictionaryManager.SamlDictionary.Namespace))
            {
                SamlAttributeStatement attrStatement = new SamlAttributeStatement();
                attrStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
                return attrStatement;
            }
            else if (reader.IsStartElement(DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, DictionaryManager.SamlDictionary.Namespace))
            {
                SamlAuthorizationDecisionStatement authDecisionStatement = new SamlAuthorizationDecisionStatement();
                authDecisionStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
                return authDecisionStatement;
            }
            else
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.SAMLUnableToLoadUnknownElement, reader.LocalName)));
        }
コード例 #8
0
 public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
 {
     if (reader == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
     }
     if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthenticationStatement, this.DictionaryManager.SamlDictionary.Namespace))
     {
         SamlAuthenticationStatement statement = new SamlAuthenticationStatement();
         statement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
         return statement;
     }
     if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AttributeStatement, this.DictionaryManager.SamlDictionary.Namespace))
     {
         SamlAttributeStatement statement2 = new SamlAttributeStatement();
         statement2.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
         return statement2;
     }
     if (!reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, this.DictionaryManager.SamlDictionary.Namespace))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(System.IdentityModel.SR.GetString("SAMLUnableToLoadUnknownElement", new object[] { reader.LocalName })));
     }
     SamlAuthorizationDecisionStatement statement3 = new SamlAuthorizationDecisionStatement();
     statement3.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver);
     return statement3;
 }
コード例 #9
0
		public void SetResourceEmpty ()
		{
			SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement ();
			a.Resource = String.Empty;
		}
コード例 #10
0
		public void ReadXml1 ()
		{
			SamlSerializer ser = new SamlSerializer ();
			string xml = String.Format ("<saml:AuthorizationDecisionStatement Decision=\"Deny\" Resource=\"resource\" xmlns:saml=\"{0}\"><saml:Subject><saml:NameIdentifier Format=\"myFormat\" NameQualifier=\"myQualifier\">myName</saml:NameIdentifier></saml:Subject><saml:Action>myAction</saml:Action><saml:Evidence><saml:AssertionIDReference>myID</saml:AssertionIDReference></saml:Evidence></saml:AuthorizationDecisionStatement>", SamlConstants.Namespace);
			XmlDictionaryReader reader = CreateReader (xml);
			reader.MoveToContent ();

			SamlAuthorizationDecisionStatement s =
				new SamlAuthorizationDecisionStatement ();
			s.ReadXml (reader, ser, null, null);
			Assert.AreEqual (SamlAccessDecision.Deny, s.AccessDecision, "#1");
			Assert.IsNotNull (s.SamlSubject, "#2");
			Assert.AreEqual (1, s.SamlActions.Count, "#3");
			Assert.AreEqual ("myAction", s.SamlActions [0].Action, "#4");
			Assert.IsNotNull (s.Evidence, "#5");
			Assert.AreEqual (1, s.Evidence.AssertionIdReferences.Count, "#6");
			Assert.AreEqual ("myID", s.Evidence.AssertionIdReferences [0], "#7");
			Assert.AreEqual ("resource", s.Resource, "#8");
		}
コード例 #11
0
		public void WriteXml1 ()
		{
			SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement ();
			a.SamlSubject = new SamlSubject ("myFormat", "myQualifier", "myName");
			a.Resource = "resource";
			a.SamlActions.Add (new SamlAction ("myAction"));
			a.Evidence = new SamlEvidence (new string [] {"myID"});

			StringWriter sw = new StringWriter ();
			using (XmlDictionaryWriter dw = CreateWriter (sw)) {
				a.WriteXml (dw, new SamlSerializer (), null);
			}
			Assert.AreEqual (String.Format ("<?xml version=\"1.0\" encoding=\"utf-16\"?><saml:AuthorizationDecisionStatement Decision=\"Permit\" Resource=\"resource\" xmlns:saml=\"{0}\"><saml:Subject><saml:NameIdentifier Format=\"myFormat\" NameQualifier=\"myQualifier\">myName</saml:NameIdentifier></saml:Subject><saml:Action>myAction</saml:Action><saml:Evidence><saml:AssertionIDReference>myID</saml:AssertionIDReference></saml:Evidence></saml:AuthorizationDecisionStatement>", SamlConstants.Namespace), sw.ToString ());
		}
コード例 #12
0
		public void WriteXmlNoAction ()
		{
			SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement ();
			a.SamlSubject = new SamlSubject ("myFormat", "myQualifier", "myName");
			a.Resource = "resource";

			StringWriter sw = new StringWriter ();
			using (XmlDictionaryWriter dw = CreateWriter (sw)) {
				a.WriteXml (dw, new SamlSerializer (), null);
			}
		}
コード例 #13
0
		public void WriteXmlNoSubject ()
		{
			SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement ();

			StringWriter sw = new StringWriter ();
			using (XmlDictionaryWriter dw = CreateWriter (sw)) {
				a.WriteXml (dw, new SamlSerializer (), null);
			}
		}
コード例 #14
0
		public void SetEvidenceNull ()
		{
			SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement ();
			a.Evidence = null;
		}