public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; if (reader.IsStartElement(samlDictionary.Action, samlDictionary.Namespace)) { this.ns = reader.GetAttribute(samlDictionary.ActionNamespaceAttribute, null); reader.MoveToContent(); this.action = reader.ReadString(); if (string.IsNullOrEmpty(this.action)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLActionNameRequiredOnRead"))); } reader.MoveToContent(); reader.ReadEndElement(); } }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.Action, dictionary.Namespace); if (this.ns != null) { writer.WriteStartAttribute(dictionary.ActionNamespaceAttribute, null); writer.WriteString(this.ns); writer.WriteEndAttribute(); } writer.WriteString(this.action); writer.WriteEndElement(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.Evidence.Value, dictionary.Namespace.Value); for (int i = 0; i < this.assertionIdReferences.Count; i++) { writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AssertionIdReference, dictionary.Namespace); writer.WriteString(this.assertionIdReferences[i]); writer.WriteEndElement(); } for (int i = 0; i < this.assertions.Count; i++) { this.assertions[i].WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); }
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { this.CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.AuthorizationDecisionStatement, samlDictionary.Namespace); writer.WriteStartAttribute(samlDictionary.Decision, null); writer.WriteString(this.accessDecision.ToString()); writer.WriteEndAttribute(); writer.WriteStartAttribute(samlDictionary.Resource, null); writer.WriteString(this.resource); writer.WriteEndAttribute(); base.SamlSubject.WriteXml(writer, samlSerializer, keyInfoSerializer); foreach (SamlAction action in this.actions) { action.WriteXml(writer, samlSerializer, keyInfoSerializer); } if (this.evidence != null) { this.evidence.WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; if (!reader.IsStartElement(samlDictionary.DoNotCacheCondition, samlDictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.DoNotCacheCondition.Value }))); } if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); } else { reader.MoveToContent(); reader.Read(); reader.ReadEndElement(); } }
public virtual void WriteXml( XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw new ArgumentNullException("writer"); } if (samlSerializer == null) { throw new ArgumentNullException("samlSerializer"); } if (AuthorityKind == null) { throw new SecurityTokenException("AuthorityKind must be set to SAML AuthorityBinding before being written."); } if (Binding == null) { throw new SecurityTokenException("non-zero length Binding must be set to SAML AuthorityBinding before being written."); } if (Location == null) { throw new SecurityTokenException("non-zero length Location must be set to SAML AuthorityBinding before being written."); } writer.WriteStartElement("saml", "AuthorityBinding", SamlConstants.Namespace); writer.WriteXmlnsAttribute(String.Empty, AuthorityKind.Namespace); writer.WriteAttributeString("AuthorityKind", AuthorityKind.Name); writer.WriteAttributeString("Location", Location); writer.WriteAttributeString("Binding", Binding); writer.WriteEndElement(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw new ArgumentNullException("writer"); } if (samlSerializer == null) { throw new ArgumentNullException("samlSerializer"); } writer.WriteStartElement("saml", "Conditions", SamlConstants.Namespace); CultureInfo invariant = CultureInfo.InvariantCulture; if (has_not_before) { writer.WriteAttributeString("NotBefore", NotBefore.ToString(SamlConstants.DateFormat, invariant)); } if (has_not_on_after) { writer.WriteAttributeString("NotOnOrAfter", NotOnOrAfter.ToString(SamlConstants.DateFormat, invariant)); } foreach (SamlCondition cond in Conditions) { cond.WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Conditions, samlDictionary.Namespace); if (this.notBefore != System.IdentityModel.SecurityUtils.MinUtcDateTime) { writer.WriteStartAttribute(samlDictionary.NotBefore, null); writer.WriteString(this.notBefore.ToString("yyyy-MM-ddTHH:mm:ss.fffZ", DateTimeFormatInfo.InvariantInfo)); writer.WriteEndAttribute(); } if (this.notOnOrAfter != System.IdentityModel.SecurityUtils.MaxUtcDateTime) { writer.WriteStartAttribute(samlDictionary.NotOnOrAfter, null); writer.WriteString(this.notOnOrAfter.ToString("yyyy-MM-ddTHH:mm:ss.fffZ", DateTimeFormatInfo.InvariantInfo)); writer.WriteEndAttribute(); } for (int i = 0; i < this.conditions.Count; i++) { this.conditions[i].WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); }
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AudienceRestrictionCondition, dictionary.Namespace); for (int i = 0; i < this.audiences.Count; i++) { writer.WriteElementString(dictionary.Audience, dictionary.Namespace, this.audiences[i].AbsoluteUri); } writer.WriteEndElement(); }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; if (!reader.IsStartElement(dictionary.DoNotCacheCondition, dictionary.Namespace)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.DoNotCacheCondition.Value))); // saml:DoNotCacheCondition is a empty element. So just issue a read for // the empty element. if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); return; } reader.MoveToContent(); reader.Read(); reader.ReadEndElement(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { this.CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Attribute, samlDictionary.Namespace); writer.WriteStartAttribute(samlDictionary.AttributeName, null); writer.WriteString(this.name); writer.WriteEndAttribute(); writer.WriteStartAttribute(samlDictionary.AttributeNamespace, null); writer.WriteString(this.nameSpace); writer.WriteEndAttribute(); for (int i = 0; i < this.attributeValues.Count; i++) { if (this.attributeValues[i] == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(System.IdentityModel.SR.GetString("SAMLAttributeValueCannotBeNull")); } writer.WriteElementString(samlDictionary.PreferredPrefix.Value, samlDictionary.AttributeValue, samlDictionary.Namespace, this.attributeValues[i]); } writer.WriteEndElement(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw new ArgumentNullException("writer"); } if (samlSerializer == null) { throw new ArgumentNullException("samlSerializer"); } if (Action == null) { throw new SecurityTokenException("non-zero length string must be set for SAML Action before being written."); } writer.WriteStartElement("saml", "Action", SamlConstants.Namespace); if (Namespace != null) { writer.WriteAttributeString("Namespace", Namespace); } writer.WriteString(Action); writer.WriteEndElement(); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { throw new NotImplementedException(); }
protected void ReadSignature(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoTokenSerializer, SecurityTokenResolver outOfBandTokenResolver, SamlSerializer samlSerializer) { throw new NotImplementedException(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw new ArgumentNullException("writer"); } if (samlSerializer == null) { throw new ArgumentNullException("samlSerializer"); } if (references.Count == 0 && assertions.Count == 0) { throw new SecurityTokenException("At least either one of AssertionIDReference or Assertion must exist in SAML Evidence."); } writer.WriteStartElement("saml", "Evidence", SamlConstants.Namespace); foreach (string s in references) { writer.WriteElementString("saml", "AssertionIDReference", SamlConstants.Namespace, s); } foreach (SamlAssertion a in assertions) { a.WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Advice, samlDictionary.Namespace); for (int i = 0; i < this.assertionIdReferences.Count; i++) { writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.AssertionIdReference, samlDictionary.Namespace); writer.WriteString(this.assertionIdReferences[i]); writer.WriteEndElement(); } for (int j = 0; j < this.assertions.Count; j++) { this.assertions[j].WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); }
public override void WriteXml( XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw new ArgumentNullException("writer"); } if (samlSerializer == null) { throw new ArgumentNullException("samlSerializer"); } if (Audiences.Count == 0) { throw new SecurityTokenException("SAML AudienceRestrictionCondition must contain at least one Audience."); } writer.WriteStartElement("saml", "AudienceRestrictionCondition", SamlConstants.Namespace); foreach (Uri a in Audiences) { writer.WriteElementString("saml", "Audience", SamlConstants.Namespace, a.AbsoluteUri); } writer.WriteEndElement(); }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; if (!reader.IsStartElement(dictionary.DoNotCacheCondition, dictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.DoNotCacheCondition.Value))); } // saml:DoNotCacheCondition is a empty element. So just issue a read for // the empty element. if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); return; } reader.MoveToContent(); reader.Read(); reader.ReadEndElement(); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; if (reader.IsStartElement(dictionary.Action, dictionary.Namespace)) { // The Namespace attribute is optional. this.ns = reader.GetAttribute(dictionary.ActionNamespaceAttribute, null); reader.MoveToContent(); this.action = reader.ReadString(); if (string.IsNullOrEmpty(this.action)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLActionNameRequiredOnRead))); } reader.MoveToContent(); reader.ReadEndElement(); } }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { string str2; string str3; if (reader == null) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; string attribute = reader.GetAttribute(samlDictionary.AuthorityKind, null); if (string.IsNullOrEmpty(attribute)) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingAuthorityKindOnRead"))); } string[] strArray = attribute.Split(new char[] { ':' }); if (strArray.Length > 2) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingInvalidAuthorityKind"))); } if (strArray.Length == 2) { str3 = strArray[0]; str2 = strArray[1]; } else { str3 = string.Empty; str2 = strArray[0]; } string ns = reader.LookupNamespace(str3); this.authorityKind = new XmlQualifiedName(str2, ns); this.binding = reader.GetAttribute(samlDictionary.Binding, null); if (string.IsNullOrEmpty(this.binding)) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingBindingOnRead"))); } this.location = reader.GetAttribute(samlDictionary.Location, null); if (string.IsNullOrEmpty(this.location)) { throw System.IdentityModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorityBindingMissingLocationOnRead"))); } if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); } else { reader.MoveToContent(); reader.Read(); reader.ReadEndElement(); } }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoTokenSerializer) { if (writer == null) { throw new ArgumentNullException("writer"); } if (samlSerializer == null) { throw new ArgumentNullException("samlSerializer"); } if (Name == null || Name.Length == 0) { throw new SecurityTokenException("non-zero length string must be set to Name of SAML Subject before being written."); } writer.WriteStartElement("saml", "Subject", SamlConstants.Namespace); writer.WriteStartElement("saml", "NameIdentifier", SamlConstants.Namespace); writer.WriteAttributeString("Format", NameFormat); writer.WriteAttributeString("NameQualifier", NameQualifier); writer.WriteString(Name); writer.WriteEndElement(); writer.WriteEndElement(); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; if (reader.IsStartElement(dictionary.Action, dictionary.Namespace)) { // The Namespace attribute is optional. this.ns = reader.GetAttribute(dictionary.ActionNamespaceAttribute, null); reader.MoveToContent(); this.action = reader.ReadString(); if (string.IsNullOrEmpty(this.action)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLActionNameRequiredOnRead))); reader.MoveToContent(); reader.ReadEndElement(); } }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoTokenSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw new ArgumentNullException("reader"); } if (samlSerializer == null) { throw new ArgumentNullException("samlSerializer"); } reader.ReadStartElement("Subject", SamlConstants.Namespace); NameFormat = reader.GetAttribute("Format"); NameQualifier = reader.GetAttribute("NameQualifier"); Name = reader.ReadElementContentAsString("NameIdentifier", SamlConstants.Namespace); reader.ReadEndElement(); if (Name == null || Name.Length == 0) { throw new SecurityTokenException("non-zero length string must be exist for Name."); } }
internal void WriteTo(XmlWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer"); } if ((this.signingCredentials == null) && (this.signature == null)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.IdentityModel.SR.GetString("SamlAssertionMissingSigningCredentials"))); } XmlDictionaryWriter innerWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer); if (this.signingCredentials != null) { using (HashAlgorithm algorithm = CryptoHelper.CreateHashAlgorithm(this.signingCredentials.DigestAlgorithm)) { this.hashStream = new HashStream(algorithm); this.keyInfoSerializer = keyInfoSerializer; this.dictionaryManager = samlSerializer.DictionaryManager; SamlDelegatingWriter writer3 = new SamlDelegatingWriter(innerWriter, this.hashStream, this, samlSerializer.DictionaryManager.ParentDictionary); this.WriteXml(writer3, samlSerializer, keyInfoSerializer); return; } } this.tokenStream.SetElementExclusion(null, null); this.tokenStream.WriteTo(innerWriter, samlSerializer.DictionaryManager); }
public WSSecurityTokenSerializer ( SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer) : this (securityVersion, emitBspRequiredAttributes, samlSerializer, null, null) { }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; reader.MoveToContent(); reader.Read(); if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace)) { SamlSubject subject = new SamlSubject(); subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver); base.SamlSubject = subject; } else { // SAML Subject is a required Attribute Statement clause. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingSubjectOnRead))); } while (reader.IsStartElement()) { if (reader.IsStartElement(dictionary.Attribute, dictionary.Namespace)) { // SAML Attribute is a extensibility point. So ask the SAML serializer // to load this part. SamlAttribute attribute = samlSerializer.LoadAttribute(reader, keyInfoSerializer, outOfBandTokenResolver); if (attribute == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAttribute))); } this.attributes.Add(attribute); } else { break; } } if (this.attributes.Count == 0) { // Each Attribute statement should have at least one attribute. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingAttributeOnRead))); } reader.MoveToContent(); reader.ReadEndElement(); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; string authKind = reader.GetAttribute(dictionary.AuthorityKind, null); if (string.IsNullOrEmpty(authKind)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorityBindingMissingAuthorityKindOnRead))); string[] authKindParts = authKind.Split(':'); if (authKindParts.Length > 2) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorityBindingInvalidAuthorityKind))); string localName; string prefix; string nameSpace; if (authKindParts.Length == 2) { prefix = authKindParts[0]; localName = authKindParts[1]; } else { prefix = String.Empty; localName = authKindParts[0]; } nameSpace = reader.LookupNamespace(prefix); this.authorityKind = new XmlQualifiedName(localName, nameSpace); this.binding = reader.GetAttribute(dictionary.Binding, null); if (string.IsNullOrEmpty(this.binding)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorityBindingMissingBindingOnRead))); this.location = reader.GetAttribute(dictionary.Location, null); if (string.IsNullOrEmpty(this.location)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorityBindingMissingLocationOnRead))); if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); } else { reader.MoveToContent(); reader.Read(); reader.ReadEndElement(); } }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoTokenSerializer) { if (writer == null) { throw new ArgumentNullException("writer"); } if (Issuer == null || Issuer.Length == 0) { throw new SecurityTokenException("Issuer must not be null or empty."); } if (Statements.Count == 0) { throw new SecurityTokenException("At least one assertion statement is required."); } if (samlSerializer == null) { throw new ArgumentNullException("samlSerializer"); } CultureInfo invariant = CultureInfo.InvariantCulture; writer.WriteStartElement("saml", "Assertion", SamlConstants.Namespace); writer.WriteAttributeString("MajorVersion", MajorVersion.ToString(invariant)); writer.WriteAttributeString("MinorVersion", MinorVersion.ToString(invariant)); writer.WriteAttributeString("AssertionID", AssertionId); writer.WriteAttributeString("Issuer", Issuer); writer.WriteAttributeString("IssueInstant", IssueInstant.ToString(SamlConstants.DateFormat, invariant)); try { if (Conditions != null) { Conditions.WriteXml(writer, samlSerializer, keyInfoTokenSerializer); } if (Advice != null) { Advice.WriteXml(writer, samlSerializer, keyInfoTokenSerializer); } foreach (SamlStatement statement in Statements) { statement.WriteXml(writer, samlSerializer, keyInfoTokenSerializer); } } catch (NotImplementedException) { throw; } catch (Exception ex) // bad catch, eh? { throw new InvalidOperationException("There is an error on writing assertion statements.", ex); } writer.WriteEndElement(); }
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AuthenticationStatement, dictionary.Namespace); writer.WriteStartAttribute(dictionary.AuthenticationMethod, null); writer.WriteString(this.authenticationMethod); writer.WriteEndAttribute(); writer.WriteStartAttribute(dictionary.AuthenticationInstant, null); writer.WriteString(this.authenticationInstant.ToString(SamlConstants.GeneratedDateTimeFormat, CultureInfo.InvariantCulture)); writer.WriteEndAttribute(); this.SamlSubject.WriteXml(writer, samlSerializer, keyInfoSerializer); if ((this.ipAddress != null) || (this.dnsAddress != null)) { writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.SubjectLocality, dictionary.Namespace); if (this.ipAddress != null) { writer.WriteStartAttribute(dictionary.SubjectLocalityIPAddress, null); writer.WriteString(this.ipAddress); writer.WriteEndAttribute(); } if (this.dnsAddress != null) { writer.WriteStartAttribute(dictionary.SubjectLocalityDNSAddress, null); writer.WriteString(this.dnsAddress); writer.WriteEndAttribute(); } writer.WriteEndElement(); } for (int i = 0; i < this.authorityBindings.Count; i++) { this.authorityBindings[i].WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); }
protected void ReadSignature(XmlDictionaryReader reader, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver, SamlSerializer samlSerializer) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader"); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer"); } if (this.signature != null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SAMLSignatureAlreadyRead))); } // If the reader cannot canonicalize then buffer the signature element to a canonicalizing reader. XmlDictionaryReader effectiveReader = reader; if (!effectiveReader.CanCanonicalize) { MemoryStream stream = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateBinaryWriter(stream, samlSerializer.DictionaryManager.ParentDictionary); writer.WriteNode(effectiveReader, false); writer.Flush(); stream.Position = 0; effectiveReader = XmlDictionaryReader.CreateBinaryReader(stream.GetBuffer(), 0, (int)stream.Length, samlSerializer.DictionaryManager.ParentDictionary, reader.Quotas); effectiveReader.MoveToContent(); writer.Close(); } SignedXml signedXml = new SignedXml(new StandardSignedInfo(samlSerializer.DictionaryManager), samlSerializer.DictionaryManager, keyInfoSerializer); signedXml.TransformFactory = ExtendedTransformFactory.Instance; signedXml.ReadFrom(effectiveReader); SecurityKeyIdentifier securityKeyIdentifier = signedXml.Signature.KeyIdentifier; this.verificationKey = SamlSerializer.ResolveSecurityKey(securityKeyIdentifier, outOfBandTokenResolver); if (this.verificationKey == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToResolveSignatureKey, this.issuer))); } this.signature = signedXml; this.signingToken = SamlSerializer.ResolveSecurityToken(securityKeyIdentifier, outOfBandTokenResolver); if (this.signingToken == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SamlSigningTokenNotFound))); } if (!ReferenceEquals(reader, effectiveReader)) { effectiveReader.Close(); } }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { this.CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer"); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; try { writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Assertion, samlDictionary.Namespace); writer.WriteStartAttribute(samlDictionary.MajorVersion, null); writer.WriteValue(SamlConstants.MajorVersionValue); writer.WriteEndAttribute(); writer.WriteStartAttribute(samlDictionary.MinorVersion, null); writer.WriteValue(SamlConstants.MinorVersionValue); writer.WriteEndAttribute(); writer.WriteStartAttribute(samlDictionary.AssertionId, null); writer.WriteString(this.assertionId); writer.WriteEndAttribute(); writer.WriteStartAttribute(samlDictionary.Issuer, null); writer.WriteString(this.issuer); writer.WriteEndAttribute(); writer.WriteStartAttribute(samlDictionary.IssueInstant, null); writer.WriteString(this.issueInstant.ToString("yyyy-MM-ddTHH:mm:ss.fffZ", CultureInfo.InvariantCulture)); writer.WriteEndAttribute(); if (this.conditions != null) { this.conditions.WriteXml(writer, samlSerializer, keyInfoSerializer); } if (this.advice != null) { this.advice.WriteXml(writer, samlSerializer, keyInfoSerializer); } for (int i = 0; i < this.statements.Count; i++) { this.statements[i].WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); } catch (Exception exception) { if (Fx.IsFatal(exception)) { throw; } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.IdentityModel.SR.GetString("SAMLTokenNotSerialized"), exception)); } }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; string time = reader.GetAttribute(dictionary.NotBefore, null); if (!string.IsNullOrEmpty(time)) { this.notBefore = DateTime.ParseExact( time, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime(); } time = reader.GetAttribute(dictionary.NotOnOrAfter, null); if (!string.IsNullOrEmpty(time)) { this.notOnOrAfter = DateTime.ParseExact( time, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime(); } // Saml Conditions element is an optional element and all its child element // are optional as well. So we can have a empty <saml:Conditions /> element // in a valid Saml token. if (reader.IsEmptyElement) { // Just issue a read to read the Empty element. reader.MoveToContent(); reader.Read(); return; } reader.MoveToContent(); reader.Read(); while (reader.IsStartElement()) { SamlCondition condition = samlSerializer.LoadCondition(reader, keyInfoSerializer, outOfBandTokenResolver); if (condition == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadCondtion))); } this.conditions.Add(condition); } reader.MoveToContent(); reader.ReadEndElement(); }
public override void WriteXml ( XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) throw new ArgumentNullException ("writer"); if (samlSerializer == null) throw new ArgumentNullException ("samlSerializer"); writer.WriteStartElement ("saml", "DoNotCacheCondition", SamlConstants.Namespace); writer.WriteEndElement (); }
public override void WriteXml (XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoTokenSerializer) { if (SamlSubject == null) throw new SecurityTokenException ("Subject is null in the AttributeStatement"); writer.WriteStartElement ("saml", "AttributeStatement", SamlConstants.Namespace); SamlSubject.WriteXml (writer, samlSerializer, keyInfoTokenSerializer); foreach (SamlAttribute a in Attributes) a.WriteXml (writer, samlSerializer, keyInfoTokenSerializer); writer.WriteEndElement (); }
public WSSecurityTokenSerializer ( SecurityVersion securityVersion, bool emitBspRequiredAttributes, SamlSerializer samlSerializer, SecurityStateEncoder securityStateEncoder, IEnumerable<Type> knownTypes) : this (securityVersion, emitBspRequiredAttributes, samlSerializer, securityStateEncoder, knownTypes, defaultOffset, defaultLabelLength, defaultNonceLength) { }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; reader.MoveToContent(); reader.Read(); if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace)) { SamlSubject subject = new SamlSubject(); subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver); base.SamlSubject = subject; } else { // SAML Subject is a required Attribute Statement clause. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingSubjectOnRead))); } while (reader.IsStartElement()) { if (reader.IsStartElement(dictionary.Attribute, dictionary.Namespace)) { // SAML Attribute is a extensibility point. So ask the SAML serializer // to load this part. SamlAttribute attribute = samlSerializer.LoadAttribute(reader, keyInfoSerializer, outOfBandTokenResolver); if (attribute == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAttribute))); this.attributes.Add(attribute); } else { break; } } if (this.attributes.Count == 0) { // Each Attribute statement should have at least one attribute. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAttributeStatementMissingAttributeOnRead))); } reader.MoveToContent(); reader.ReadEndElement(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { writer.WriteStartElement("saml", "Attribute", SamlConstants.Namespace); writer.WriteAttributeString("AttributeName", Name); writer.WriteAttributeString("AttributeNamespace", Namespace); foreach (string s in AttributeValues) { writer.WriteElementString("saml", "AttributeValue", SamlConstants.Namespace, s); } writer.WriteEndElement(); }
internal IssuedTokenServiceCredential(IssuedTokenServiceCredential other) { this.audienceUriMode = other.audienceUriMode; this.allowedAudienceUris = new List<string>(other.allowedAudienceUris); this.samlSerializer = other.samlSerializer; this.knownCertificates = new List<X509Certificate2>(other.knownCertificates); this.certificateValidationMode = other.certificateValidationMode; this.customCertificateValidator = other.customCertificateValidator; this.trustedStoreLocation = other.trustedStoreLocation; this.revocationMode = other.revocationMode; this.allowUntrustedRsaIssuers = other.allowUntrustedRsaIssuers; this.isReadOnly = other.isReadOnly; }
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.DoNotCacheCondition, dictionary.Namespace); writer.WriteEndElement(); }
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.DoNotCacheCondition, samlDictionary.Namespace); writer.WriteEndElement(); }
public override void WriteXml ( XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) throw new ArgumentNullException ("writer"); if (samlSerializer == null) throw new ArgumentNullException ("samlSerializer"); if (Audiences.Count == 0) throw new SecurityTokenException ("SAML AudienceRestrictionCondition must contain at least one Audience."); writer.WriteStartElement ("saml", "AudienceRestrictionCondition", SamlConstants.Namespace); foreach (Uri a in Audiences) writer.WriteElementString ("saml", "Audience", SamlConstants.Namespace, a.AbsoluteUri); writer.WriteEndElement (); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); } else { reader.MoveToContent(); reader.Read(); while (reader.IsStartElement()) { if (!reader.IsStartElement(samlDictionary.AssertionIdReference, samlDictionary.Namespace)) { if (!reader.IsStartElement(samlDictionary.Assertion, samlDictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.Advice.Value }))); } SamlAssertion item = new SamlAssertion(); item.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver); this.assertions.Add(item); } else { reader.MoveToContent(); this.assertionIdReferences.Add(reader.ReadString()); reader.MoveToContent(); reader.ReadEndElement(); continue; } } reader.MoveToContent(); reader.ReadEndElement(); } }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; string attribute = reader.GetAttribute(samlDictionary.NotBefore, null); if (!string.IsNullOrEmpty(attribute)) { this.notBefore = DateTime.ParseExact(attribute, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime(); } attribute = reader.GetAttribute(samlDictionary.NotOnOrAfter, null); if (!string.IsNullOrEmpty(attribute)) { this.notOnOrAfter = DateTime.ParseExact(attribute, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime(); } if (reader.IsEmptyElement) { reader.MoveToContent(); reader.Read(); } else { reader.MoveToContent(); reader.Read(); while (reader.IsStartElement()) { SamlCondition item = samlSerializer.LoadCondition(reader, keyInfoSerializer, outOfBandTokenResolver); if (item == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadCondtion"))); } this.conditions.Add(item); } reader.MoveToContent(); reader.ReadEndElement(); } }
public override SecurityTokenSerializer CreateSecurityTokenSerializer(SecurityTokenVersion version) { if (version == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("version"); } MessageSecurityTokenVersion wsVersion = version as MessageSecurityTokenVersion; if (wsVersion != null) { SamlSerializer samlSerializer = null; if (parent.IssuedTokenAuthentication != null) samlSerializer = parent.IssuedTokenAuthentication.SamlSerializer; else samlSerializer = new SamlSerializer(); return new WSSecurityTokenSerializer(wsVersion.SecurityVersion, wsVersion.TrustVersion, wsVersion.SecureConversationVersion, wsVersion.EmitBspRequiredAttributes, samlSerializer, parent.SecureConversationAuthentication.SecurityStateEncoder, parent.SecureConversationAuthentication.SecurityContextClaimTypes); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SecurityTokenManagerCannotCreateSerializerForVersion, version))); } }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { this.CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Action, samlDictionary.Namespace); if (this.ns != null) { writer.WriteStartAttribute(samlDictionary.ActionNamespaceAttribute, null); writer.WriteString(this.ns); writer.WriteEndAttribute(); } writer.WriteString(this.action); writer.WriteEndElement(); }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; reader.MoveToContent(); reader.Read(); while (reader.IsStartElement()) { if (reader.IsStartElement(dictionary.Audience, dictionary.Namespace)) { reader.MoveToContent(); string audience = reader.ReadString(); if (string.IsNullOrEmpty(audience)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAudienceRestrictionInvalidAudienceValueOnRead))); this.audiences.Add(new Uri(audience)); reader.MoveToContent(); reader.ReadEndElement(); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.AudienceRestrictionCondition.Value))); } } if (this.audiences.Count == 0) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAudienceRestrictionShouldHaveOneAudienceOnRead))); reader.MoveToContent(); reader.ReadEndElement(); }
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; reader.MoveToContent(); reader.Read(); while (reader.IsStartElement()) { if (!reader.IsStartElement(samlDictionary.Audience, samlDictionary.Namespace)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.AudienceRestrictionCondition.Value }))); } reader.MoveToContent(); string str = reader.ReadString(); if (string.IsNullOrEmpty(str)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAudienceRestrictionInvalidAudienceValueOnRead"))); } this.audiences.Add(new Uri(str)); reader.MoveToContent(); reader.ReadEndElement(); } if (this.audiences.Count == 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAudienceRestrictionShouldHaveOneAudienceOnRead"))); } reader.MoveToContent(); reader.ReadEndElement(); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader); WrappedReader wrappedReader = new WrappedReader(dictionaryReader); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; if (!wrappedReader.IsStartElement(dictionary.Assertion, dictionary.Namespace)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLElementNotRecognized, wrappedReader.LocalName))); string attributeValue = wrappedReader.GetAttribute(dictionary.MajorVersion, null); if (string.IsNullOrEmpty(attributeValue)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMajorVersionAttributeOnRead))); int majorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture); attributeValue = wrappedReader.GetAttribute(dictionary.MinorVersion, null); if (string.IsNullOrEmpty(attributeValue)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMinorVersionAttributeOnRead))); int minorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture); if ((majorVersion != SamlConstants.MajorVersionValue) || (minorVersion != SamlConstants.MinorVersionValue)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLTokenVersionNotSupported, majorVersion, minorVersion, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue))); } attributeValue = wrappedReader.GetAttribute(dictionary.AssertionId, null); if (string.IsNullOrEmpty(attributeValue)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIdRequired))); if (!IsAssertionIdValid(attributeValue)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIDIsInvalid, attributeValue))); this.assertionId = attributeValue; attributeValue = wrappedReader.GetAttribute(dictionary.Issuer, null); if (string.IsNullOrEmpty(attributeValue)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingIssuerAttributeOnRead))); this.issuer = attributeValue; attributeValue = wrappedReader.GetAttribute(dictionary.IssueInstant, null); if (!string.IsNullOrEmpty(attributeValue)) this.issueInstant = DateTime.ParseExact( attributeValue, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime(); wrappedReader.MoveToContent(); wrappedReader.Read(); if (wrappedReader.IsStartElement(dictionary.Conditions, dictionary.Namespace)) { this.conditions = samlSerializer.LoadConditions(wrappedReader, keyInfoSerializer, outOfBandTokenResolver); if (this.conditions == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadCondtions))); } if (wrappedReader.IsStartElement(dictionary.Advice, dictionary.Namespace)) { this.advice = samlSerializer.LoadAdvice(wrappedReader, keyInfoSerializer, outOfBandTokenResolver); if (this.advice == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAdvice))); } while (wrappedReader.IsStartElement()) { #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace)) { break; } else { SamlStatement statement = samlSerializer.LoadStatement(wrappedReader, keyInfoSerializer, outOfBandTokenResolver); if (statement == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadStatement))); this.statements.Add(statement); } } if (this.statements.Count == 0) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionRequireOneStatementOnRead))); if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace)) this.ReadSignature(wrappedReader, keyInfoSerializer, outOfBandTokenResolver, samlSerializer); wrappedReader.MoveToContent(); wrappedReader.ReadEndElement(); this.tokenStream = wrappedReader.XmlTokens; if (this.signature != null) { VerifySignature(this.signature, this.verificationKey); } BuildCryptoList(); }
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { this.CheckObjectValidity(); if (writer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.Subject, samlDictionary.Namespace); if (this.name != null) { writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.NameIdentifier, samlDictionary.Namespace); if (this.nameFormat != null) { writer.WriteStartAttribute(samlDictionary.NameIdentifierFormat, null); writer.WriteString(this.nameFormat); writer.WriteEndAttribute(); } if (this.nameQualifier != null) { writer.WriteStartAttribute(samlDictionary.NameIdentifierNameQualifier, null); writer.WriteString(this.nameQualifier); writer.WriteEndAttribute(); } writer.WriteString(this.name); writer.WriteEndElement(); } if (this.confirmationMethods.Count > 0) { writer.WriteStartElement(samlDictionary.PreferredPrefix.Value, samlDictionary.SubjectConfirmation, samlDictionary.Namespace); foreach (string str in this.confirmationMethods) { writer.WriteElementString(samlDictionary.SubjectConfirmationMethod, samlDictionary.Namespace, str); } if (!string.IsNullOrEmpty(this.confirmationData)) { writer.WriteElementString(samlDictionary.SubjectConfirmationData, samlDictionary.Namespace, this.confirmationData); } if (this.securityKeyIdentifier != null) { SamlSerializer.WriteSecurityKeyIdentifier(XmlDictionaryWriter.CreateDictionaryWriter(writer), this.securityKeyIdentifier, keyInfoSerializer); } writer.WriteEndElement(); } writer.WriteEndElement(); }
public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); } if (samlSerializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer"); } SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary; reader.MoveToContent(); reader.Read(); if (reader.IsStartElement(samlDictionary.NameIdentifier, samlDictionary.Namespace)) { this.nameFormat = reader.GetAttribute(samlDictionary.NameIdentifierFormat, null); this.nameQualifier = reader.GetAttribute(samlDictionary.NameIdentifierNameQualifier, null); reader.MoveToContent(); this.name = reader.ReadString(); if (this.name == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLNameIdentifierMissingIdentifierValueOnRead"))); } reader.MoveToContent(); reader.ReadEndElement(); } if (reader.IsStartElement(samlDictionary.SubjectConfirmation, samlDictionary.Namespace)) { reader.MoveToContent(); reader.Read(); while (reader.IsStartElement(samlDictionary.SubjectConfirmationMethod, samlDictionary.Namespace)) { string str = reader.ReadString(); if (string.IsNullOrEmpty(str)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.SubjectConfirmationMethod.Value }))); } this.confirmationMethods.Add(str); reader.MoveToContent(); reader.ReadEndElement(); } if (this.confirmationMethods.Count == 0) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLSubjectConfirmationClauseMissingConfirmationMethodOnRead"))); } if (reader.IsStartElement(samlDictionary.SubjectConfirmationData, samlDictionary.Namespace)) { reader.MoveToContent(); this.confirmationData = reader.ReadString(); reader.MoveToContent(); reader.ReadEndElement(); } if (reader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.KeyInfo, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace)) { XmlDictionaryReader reader2 = XmlDictionaryReader.CreateDictionaryReader(reader); this.securityKeyIdentifier = SamlSerializer.ReadSecurityKeyIdentifier(reader2, keyInfoSerializer); this.crypto = SamlSerializer.ResolveSecurityKey(this.securityKeyIdentifier, outOfBandTokenResolver); if (this.crypto == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SamlUnableToExtractSubjectKey"))); } this.subjectToken = SamlSerializer.ResolveSecurityToken(this.securityKeyIdentifier, outOfBandTokenResolver); } if ((this.confirmationMethods.Count == 0) && string.IsNullOrEmpty(this.name)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLSubjectRequiresNameIdentifierOrConfirmationMethodOnRead"))); } reader.MoveToContent(); reader.ReadEndElement(); } reader.MoveToContent(); reader.ReadEndElement(); }
public override void WriteXml (XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoTokenSerializer) { if (writer == null) throw new ArgumentNullException ("writer"); if (samlSerializer == null) throw new ArgumentNullException ("samlSerializer"); if (SamlSubject == null) throw new SecurityTokenException ("SAML Subject must be set to AuthenticationStatement before it is written."); writer.WriteStartElement ("saml", "AuthenticationStatement", SamlConstants.Namespace); writer.WriteAttributeString ("AuthenticationMethod", AuthenticationMethod); writer.WriteAttributeString ("AuthenticationInstant", AuthenticationInstant.ToString (SamlConstants.DateFormat, CultureInfo.InvariantCulture)); SamlSubject.WriteXml (writer, samlSerializer, keyInfoTokenSerializer); if (DnsAddress != null || IPAddress != null) { writer.WriteStartElement ("saml", "SubjectLocality", SamlConstants.Namespace); if (IPAddress != null) writer.WriteAttributeString ("IPAddress", IPAddress); if (DnsAddress != null) writer.WriteAttributeString ("DNSAddress", DnsAddress); writer.WriteEndElement (); } writer.WriteEndElement (); }
public virtual void WriteXml ( XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) throw new ArgumentNullException ("writer"); if (samlSerializer == null) throw new ArgumentNullException ("samlSerializer"); if (AuthorityKind == null) throw new SecurityTokenException ("AuthorityKind must be set to SAML AuthorityBinding before being written."); if (Binding == null) throw new SecurityTokenException ("non-zero length Binding must be set to SAML AuthorityBinding before being written."); if (Location == null) throw new SecurityTokenException ("non-zero length Location must be set to SAML AuthorityBinding before being written."); writer.WriteStartElement ("saml", "AuthorityBinding", SamlConstants.Namespace); writer.WriteXmlnsAttribute (String.Empty, AuthorityKind.Namespace); writer.WriteAttributeString ("AuthorityKind", AuthorityKind.Name); writer.WriteAttributeString ("Location", Location); writer.WriteAttributeString ("Binding", Binding); writer.WriteEndElement (); }
internal void WriteTo(XmlWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { if (writer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer"); if ((this.signingCredentials == null) && (this.signature == null)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SamlAssertionMissingSigningCredentials))); XmlDictionaryWriter dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer); if (this.signingCredentials != null) { using (HashAlgorithm hash = CryptoHelper.CreateHashAlgorithm(this.signingCredentials.DigestAlgorithm)) { this.hashStream = new HashStream(hash); this.keyInfoSerializer = keyInfoSerializer; this.dictionaryManager = samlSerializer.DictionaryManager; SamlDelegatingWriter delegatingWriter = new SamlDelegatingWriter(dictionaryWriter, this.hashStream, this, samlSerializer.DictionaryManager.ParentDictionary); this.WriteXml(delegatingWriter, samlSerializer, keyInfoSerializer); } } else { this.tokenStream.SetElementExclusion(null, null); this.tokenStream.WriteTo(dictionaryWriter, samlSerializer.DictionaryManager); } }
public abstract void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer);
public abstract void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver);
public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { CheckObjectValidity(); if (writer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer"); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; try { writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.Assertion, dictionary.Namespace); writer.WriteStartAttribute(dictionary.MajorVersion, null); writer.WriteValue(SamlConstants.MajorVersionValue); writer.WriteEndAttribute(); writer.WriteStartAttribute(dictionary.MinorVersion, null); writer.WriteValue(SamlConstants.MinorVersionValue); writer.WriteEndAttribute(); writer.WriteStartAttribute(dictionary.AssertionId, null); writer.WriteString(this.assertionId); writer.WriteEndAttribute(); writer.WriteStartAttribute(dictionary.Issuer, null); writer.WriteString(this.issuer); writer.WriteEndAttribute(); writer.WriteStartAttribute(dictionary.IssueInstant, null); writer.WriteString(this.issueInstant.ToString(SamlConstants.GeneratedDateTimeFormat, CultureInfo.InvariantCulture)); writer.WriteEndAttribute(); // Write out conditions if (this.conditions != null) { this.conditions.WriteXml(writer, samlSerializer, keyInfoSerializer); } // Write out advice if there is one if (this.advice != null) { this.advice.WriteXml(writer, samlSerializer, keyInfoSerializer); } for (int i = 0; i < this.statements.Count; i++) { this.statements[i].WriteXml(writer, samlSerializer, keyInfoSerializer); } writer.WriteEndElement(); } catch (Exception e) { // Always immediately rethrow fatal exceptions. if (Fx.IsFatal(e)) throw; throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SAMLTokenNotSerialized), e)); } }
public override void ReadXml (XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoTokenSerializer, SecurityTokenResolver outOfBandTokenResolver) { throw new NotImplementedException (); }