public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } if (reader.IsStartElement(DictionaryManager.SamlDictionary.AuthenticationStatement, DictionaryManager.SamlDictionary.Namespace)) { SamlAuthenticationStatement authStatement = new SamlAuthenticationStatement(); authStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return(authStatement); } else if (reader.IsStartElement(DictionaryManager.SamlDictionary.AttributeStatement, DictionaryManager.SamlDictionary.Namespace)) { SamlAttributeStatement attrStatement = new SamlAttributeStatement(); attrStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return(attrStatement); } else if (reader.IsStartElement(DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, DictionaryManager.SamlDictionary.Namespace)) { SamlAuthorizationDecisionStatement authDecisionStatement = new SamlAuthorizationDecisionStatement(); authDecisionStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return(authDecisionStatement); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.SAMLUnableToLoadUnknownElement, reader.LocalName))); } }
public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthenticationStatement, this.DictionaryManager.SamlDictionary.Namespace)) { SamlAuthenticationStatement statement = new SamlAuthenticationStatement(); statement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return(statement); } if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AttributeStatement, this.DictionaryManager.SamlDictionary.Namespace)) { SamlAttributeStatement statement2 = new SamlAttributeStatement(); statement2.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return(statement2); } if (!reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, this.DictionaryManager.SamlDictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(System.IdentityModel.SR.GetString("SAMLUnableToLoadUnknownElement", new object[] { reader.LocalName }))); } SamlAuthorizationDecisionStatement statement3 = new SamlAuthorizationDecisionStatement(); statement3.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return(statement3); }
public void DefaultValues () { SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement (); Assert.AreEqual (default (SamlAccessDecision), a.AccessDecision, "#1"); Assert.IsNull (a.Evidence, "#2"); Assert.IsNull (a.Resource, "#3"); Assert.IsNull (a.SamlSubject, "#4"); Assert.AreEqual (0, a.SamlActions.Count, "#5"); }
/// <summary> /// Serialize a SamlAuthorizationDecisionStatement. /// </summary> /// <param name="writer">XmlWriter to which the SamlAuthorizationStatement is serialized.</param> /// <param name="statement">SamlAuthorizationDecisionStatement to serialize.</param> /// <exception cref="ArgumentNullException">The input parameter 'writer' or 'statement' is null.</exception> protected virtual void WriteAuthorizationDecisionStatement(XmlWriter writer, SamlAuthorizationDecisionStatement statement) { if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer"); } if (statement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("statement"); } writer.WriteStartElement(SamlConstants.Prefix, SamlConstants.ElementNames.AuthorizationDecisionStatement, SamlConstants.Namespace); writer.WriteAttributeString(SamlConstants.AttributeNames.Decision, null, statement.AccessDecision.ToString()); writer.WriteAttributeString(SamlConstants.AttributeNames.Resource, null, statement.Resource); WriteSubject(writer, statement.SamlSubject); foreach (SamlAction action in statement.SamlActions) { WriteAction(writer, action); } if (statement.Evidence != null) { WriteEvidence(writer, statement.Evidence); } writer.WriteEndElement(); }
SamlAuthorizationDecisionStatement ReadAuthorizationDecisionStatement(XmlReader reader) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } if (!reader.IsStartElement(SamlConstants.ElementNames.AuthorizationDecisionStatement, SamlConstants.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.ID4082, SamlConstants.ElementNames.AuthorizationDecisionStatement, SamlConstants.Namespace, reader.LocalName, reader.NamespaceURI))); } SamlAuthorizationDecisionStatement authzStatement = new SamlAuthorizationDecisionStatement(); authzStatement.Resource = reader.GetAttribute(SamlConstants.AttributeNames.Resource, null); if (string.IsNullOrEmpty(authzStatement.Resource)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.ID4205))); } string decisionString = reader.GetAttribute(SamlConstants.AttributeNames.Decision, null); if (string.IsNullOrEmpty(decisionString)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.ID4204))); } if (decisionString.Equals(SamlAccessDecision.Deny.ToString(), StringComparison.OrdinalIgnoreCase)) { authzStatement.AccessDecision = SamlAccessDecision.Deny; } else if (decisionString.Equals(SamlAccessDecision.Permit.ToString(), StringComparison.OrdinalIgnoreCase)) { authzStatement.AccessDecision = SamlAccessDecision.Permit; } else { authzStatement.AccessDecision = SamlAccessDecision.Indeterminate; } reader.MoveToContent(); reader.Read(); if (reader.IsStartElement(SamlConstants.ElementNames.Subject, SamlConstants.Namespace)) { authzStatement.SamlSubject = ReadSubject(reader); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4206))); } while (reader.IsStartElement()) { if (reader.IsStartElement(SamlConstants.ElementNames.Action, SamlConstants.Namespace)) { authzStatement.SamlActions.Add(ReadAction(reader)); } else if (reader.IsStartElement(SamlConstants.ElementNames.Evidence, SamlConstants.Namespace)) { if (authzStatement.Evidence != null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4207))); } authzStatement.Evidence = ReadEvidence(reader); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4208, reader.LocalName, reader.NamespaceURI))); } } if (authzStatement.SamlActions.Count == 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.ID4209))); } reader.MoveToContent(); reader.ReadEndElement(); return authzStatement; }
/// <summary> /// Override this virtual to provide custom processing of SamlAuthorizationDecisionStatement. /// By default no processing is performed, you will need to access the token for SamlAuthorizationDecisionStatement information. /// </summary> /// <param name="samlStatement">The SamlAuthorizationDecisionStatement to process.</param> /// <param name="subject">The identity that should be modified to reflect the statement.</param> /// <param name="issuer">The subject that identifies the issuer.</param> protected virtual void ProcessAuthorizationDecisionStatement(SamlAuthorizationDecisionStatement samlStatement, ClaimsIdentity subject, string issuer) { }
public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); if (reader.IsStartElement(DictionaryManager.SamlDictionary.AuthenticationStatement, DictionaryManager.SamlDictionary.Namespace)) { SamlAuthenticationStatement authStatement = new SamlAuthenticationStatement(); authStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return authStatement; } else if (reader.IsStartElement(DictionaryManager.SamlDictionary.AttributeStatement, DictionaryManager.SamlDictionary.Namespace)) { SamlAttributeStatement attrStatement = new SamlAttributeStatement(); attrStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return attrStatement; } else if (reader.IsStartElement(DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, DictionaryManager.SamlDictionary.Namespace)) { SamlAuthorizationDecisionStatement authDecisionStatement = new SamlAuthorizationDecisionStatement(); authDecisionStatement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return authDecisionStatement; } else throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.SAMLUnableToLoadUnknownElement, reader.LocalName))); }
public virtual SamlStatement LoadStatement(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthenticationStatement, this.DictionaryManager.SamlDictionary.Namespace)) { SamlAuthenticationStatement statement = new SamlAuthenticationStatement(); statement.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return statement; } if (reader.IsStartElement(this.DictionaryManager.SamlDictionary.AttributeStatement, this.DictionaryManager.SamlDictionary.Namespace)) { SamlAttributeStatement statement2 = new SamlAttributeStatement(); statement2.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return statement2; } if (!reader.IsStartElement(this.DictionaryManager.SamlDictionary.AuthorizationDecisionStatement, this.DictionaryManager.SamlDictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(System.IdentityModel.SR.GetString("SAMLUnableToLoadUnknownElement", new object[] { reader.LocalName }))); } SamlAuthorizationDecisionStatement statement3 = new SamlAuthorizationDecisionStatement(); statement3.ReadXml(reader, this, keyInfoSerializer, outOfBandTokenResolver); return statement3; }
public void SetResourceEmpty () { SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement (); a.Resource = String.Empty; }
public void ReadXml1 () { SamlSerializer ser = new SamlSerializer (); string xml = String.Format ("<saml:AuthorizationDecisionStatement Decision=\"Deny\" Resource=\"resource\" xmlns:saml=\"{0}\"><saml:Subject><saml:NameIdentifier Format=\"myFormat\" NameQualifier=\"myQualifier\">myName</saml:NameIdentifier></saml:Subject><saml:Action>myAction</saml:Action><saml:Evidence><saml:AssertionIDReference>myID</saml:AssertionIDReference></saml:Evidence></saml:AuthorizationDecisionStatement>", SamlConstants.Namespace); XmlDictionaryReader reader = CreateReader (xml); reader.MoveToContent (); SamlAuthorizationDecisionStatement s = new SamlAuthorizationDecisionStatement (); s.ReadXml (reader, ser, null, null); Assert.AreEqual (SamlAccessDecision.Deny, s.AccessDecision, "#1"); Assert.IsNotNull (s.SamlSubject, "#2"); Assert.AreEqual (1, s.SamlActions.Count, "#3"); Assert.AreEqual ("myAction", s.SamlActions [0].Action, "#4"); Assert.IsNotNull (s.Evidence, "#5"); Assert.AreEqual (1, s.Evidence.AssertionIdReferences.Count, "#6"); Assert.AreEqual ("myID", s.Evidence.AssertionIdReferences [0], "#7"); Assert.AreEqual ("resource", s.Resource, "#8"); }
public void WriteXml1 () { SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement (); a.SamlSubject = new SamlSubject ("myFormat", "myQualifier", "myName"); a.Resource = "resource"; a.SamlActions.Add (new SamlAction ("myAction")); a.Evidence = new SamlEvidence (new string [] {"myID"}); StringWriter sw = new StringWriter (); using (XmlDictionaryWriter dw = CreateWriter (sw)) { a.WriteXml (dw, new SamlSerializer (), null); } Assert.AreEqual (String.Format ("<?xml version=\"1.0\" encoding=\"utf-16\"?><saml:AuthorizationDecisionStatement Decision=\"Permit\" Resource=\"resource\" xmlns:saml=\"{0}\"><saml:Subject><saml:NameIdentifier Format=\"myFormat\" NameQualifier=\"myQualifier\">myName</saml:NameIdentifier></saml:Subject><saml:Action>myAction</saml:Action><saml:Evidence><saml:AssertionIDReference>myID</saml:AssertionIDReference></saml:Evidence></saml:AuthorizationDecisionStatement>", SamlConstants.Namespace), sw.ToString ()); }
public void WriteXmlNoAction () { SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement (); a.SamlSubject = new SamlSubject ("myFormat", "myQualifier", "myName"); a.Resource = "resource"; StringWriter sw = new StringWriter (); using (XmlDictionaryWriter dw = CreateWriter (sw)) { a.WriteXml (dw, new SamlSerializer (), null); } }
public void WriteXmlNoSubject () { SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement (); StringWriter sw = new StringWriter (); using (XmlDictionaryWriter dw = CreateWriter (sw)) { a.WriteXml (dw, new SamlSerializer (), null); } }
public void SetEvidenceNull () { SamlAuthorizationDecisionStatement a = new SamlAuthorizationDecisionStatement (); a.Evidence = null; }