public SecurityNegotiationAsyncResult(IssuanceTokenProviderBase <T> tokenProvider, TimeSpan timeout, AsyncCallback callback, object state) : base(callback, state)
{
this.timeout = timeout;
this.timeoutHelper = new TimeoutHelper(timeout);
this.tokenProvider = tokenProvider;
this.target = tokenProvider.targetAddress;
this.issuer = tokenProvider.issuerAddress;
this.via = tokenProvider.via;
bool flag = false;
try
{
flag = this.StartNegotiation();
}
catch (Exception exception)
{
if (Fx.IsFatal(exception))
{
throw;
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(this.OnSyncNegotiationFailure(exception));
}
if (flag)
{
this.OnNegotiationComplete();
base.Complete(true);
}
}
private static void OpenChannelCallback(IAsyncResult result)
{
if (!result.CompletedSynchronously)
{
IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult asyncState = (IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult)result.AsyncState;
bool flag = false;
Exception exception = null;
try
{
asyncState.rstChannel.EndOpen(result);
flag = asyncState.OnRequestChannelOpened();
if (flag)
{
asyncState.OnNegotiationComplete();
}
}
catch (Exception exception2)
{
if (Fx.IsFatal(exception2))
{
throw;
}
flag = true;
exception = asyncState.OnAsyncNegotiationFailure(exception2);
}
if (flag)
{
asyncState.Complete(false, exception);
}
}
}
public SecurityNegotiationAsyncResult(IssuanceTokenProviderBase <T> tokenProvider, TimeSpan timeout, AsyncCallback callback, object state)
: base(callback, state)
{
this.timeout = timeout;
timeoutHelper = new TimeoutHelper(timeout);
this.tokenProvider = tokenProvider;
this.target = tokenProvider.targetAddress;
this.issuer = tokenProvider.issuerAddress;
this.via = tokenProvider.via;
bool completeSelf = false;
try
{
completeSelf = this.StartNegotiation();
}
#pragma warning suppress 56500 // covered by FxCOP
catch (Exception e)
{
if (Fx.IsFatal(e))
{
throw;
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(this.OnSyncNegotiationFailure(e));
}
if (completeSelf)
{
this.OnNegotiationComplete();
Complete(true);
}
}
private static Exception WrapExceptionIfRequired(Exception e, EndpointAddress targetAddress, EndpointAddress issuerAddress)
{
if (IssuanceTokenProviderBase <T> .ShouldWrapException(e))
{
Uri uri;
Uri uri2;
if (targetAddress != null)
{
uri = targetAddress.Uri;
}
else
{
uri = null;
}
if (issuerAddress != null)
{
uri2 = issuerAddress.Uri;
}
else
{
uri2 = uri;
}
if (uri != null)
{
e = new SecurityNegotiationException(System.ServiceModel.SR.GetString("SoapSecurityNegotiationFailedForIssuerAndTarget", new object[] { uri2, uri }), e);
return(e);
}
e = new SecurityNegotiationException(System.ServiceModel.SR.GetString("SoapSecurityNegotiationFailed"), e);
}
return(e);
}
protected override BodyWriter GetNextOutgoingMessageBody(Message incomingMessage, AcceleratedTokenProviderState negotiationState)
{
ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies;
IssuanceTokenProviderBase <AcceleratedTokenProviderState> .ThrowIfFault(incomingMessage, base.TargetAddress);
if (incomingMessage.Headers.Action != this.RequestSecurityTokenResponseAction.Value)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("InvalidActionForNegotiationMessage", new object[] { incomingMessage.Headers.Action })), incomingMessage);
}
SecurityMessageProperty security = incomingMessage.Properties.Security;
if ((security != null) && (security.ServiceSecurityContext != null))
{
authorizationPolicies = security.ServiceSecurityContext.AuthorizationPolicies;
}
else
{
authorizationPolicies = System.ServiceModel.Security.EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance;
}
RequestSecurityTokenResponse response = null;
XmlDictionaryReader readerAtBodyContents = incomingMessage.GetReaderAtBodyContents();
using (readerAtBodyContents)
{
if (base.StandardsManager.MessageSecurityVersion.TrustVersion == TrustVersion.WSTrustFeb2005)
{
response = RequestSecurityTokenResponse.CreateFrom(base.StandardsManager, readerAtBodyContents);
}
else
{
if (base.StandardsManager.MessageSecurityVersion.TrustVersion != TrustVersion.WSTrust13)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
foreach (RequestSecurityTokenResponse response2 in base.StandardsManager.TrustDriver.CreateRequestSecurityTokenResponseCollection(readerAtBodyContents).RstrCollection)
{
if (response != null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("MoreThanOneRSTRInRSTRC")));
}
response = response2;
}
}
incomingMessage.ReadFromBodyContentsToEnd(readerAtBodyContents);
}
if (response.Context != negotiationState.Context)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("BadSecurityNegotiationContext")), incomingMessage);
}
byte[] requestorEntropy = negotiationState.GetRequestorEntropy();
GenericXmlSecurityToken serviceToken = response.GetIssuedToken(null, null, this.keyEntropyMode, requestorEntropy, base.SecurityContextTokenUri, authorizationPolicies, base.SecurityAlgorithmSuite.DefaultSymmetricKeyLength, false);
negotiationState.SetServiceToken(serviceToken);
return(null);
}
private static void SendRequestCallback(IAsyncResult result)
{
if (!result.CompletedSynchronously)
{
IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult asyncState = (IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult)result.AsyncState;
bool flag = false;
Exception exception = null;
try
{
Message incomingMessage = null;
try
{
incomingMessage = asyncState.rstChannel.EndRequest(result);
}
finally
{
if (asyncState.nextOutgoingMessage != null)
{
asyncState.nextOutgoingMessage.Close();
}
}
using (incomingMessage)
{
if (incomingMessage == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("FailToRecieveReplyFromNegotiation")));
}
flag = asyncState.DoNegotiation(incomingMessage);
}
if (flag)
{
asyncState.OnNegotiationComplete();
}
}
catch (Exception exception2)
{
if (Fx.IsFatal(exception2))
{
throw;
}
flag = true;
exception = asyncState.OnAsyncNegotiationFailure(exception2);
}
if (flag)
{
asyncState.Complete(false, exception);
}
}
}
Exception OnAsyncNegotiationFailure(Exception e)
{
EndpointAddress pinnedEpr = null;
try
{
pinnedEpr = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress;
Cleanup();
}
catch (CommunicationException ex)
{
DiagnosticUtility.TraceHandledException(ex, TraceEventType.Information);
}
return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, pinnedEpr, this.issuer));
}
private Exception OnAsyncNegotiationFailure(Exception e)
{
EndpointAddress targetAddress = null;
try
{
targetAddress = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress;
this.Cleanup();
}
catch (CommunicationException exception)
{
if (DiagnosticUtility.ShouldTraceInformation)
{
DiagnosticUtility.ExceptionUtility.TraceHandledException(exception, TraceEventType.Information);
}
}
return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, targetAddress, this.issuer));
}
private Exception OnSyncNegotiationFailure(Exception e)
{
EndpointAddress targetAddress = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress;
return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, targetAddress, this.issuer));
}
protected SecurityToken DoNegotiation(TimeSpan timeout)
{
SecurityToken token2;
this.ThrowIfClosedOrCreated();
SecurityTraceRecordHelper.TraceBeginSecurityNegotiation <T>((IssuanceTokenProviderBase <T>) this, this.targetAddress);
TimeoutHelper helper = new TimeoutHelper(timeout);
IRequestChannel rstChannel = null;
T negotiationState = default(T);
TimeSpan span = timeout;
int num = 1;
try
{
negotiationState = this.CreateNegotiationState(this.targetAddress, this.via, helper.RemainingTime());
this.InitializeNegotiationState(negotiationState);
this.InitializeChannelFactories(negotiationState.RemoteAddress, helper.RemainingTime());
rstChannel = this.CreateClientChannel(negotiationState.RemoteAddress, this.via);
rstChannel.Open(helper.RemainingTime());
Message nextOutgoingMessage = null;
Message incomingMessage = null;
SecurityToken serviceToken = null;
while (true)
{
nextOutgoingMessage = this.GetNextOutgoingMessage(incomingMessage, negotiationState);
if (incomingMessage != null)
{
incomingMessage.Close();
}
if (nextOutgoingMessage == null)
{
break;
}
using (nextOutgoingMessage)
{
TraceUtility.ProcessOutgoingMessage(nextOutgoingMessage);
span = helper.RemainingTime();
incomingMessage = rstChannel.Request(nextOutgoingMessage, span);
if (incomingMessage == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CommunicationException(System.ServiceModel.SR.GetString("FailToRecieveReplyFromNegotiation")));
}
TraceUtility.ProcessIncomingMessage(incomingMessage);
}
num += 2;
}
if (!negotiationState.IsNegotiationCompleted)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoNegotiationMessageToSend")), incomingMessage);
}
try
{
rstChannel.Close(helper.RemainingTime());
}
catch (CommunicationException exception)
{
if (DiagnosticUtility.ShouldTraceInformation)
{
DiagnosticUtility.ExceptionUtility.TraceHandledException(exception, TraceEventType.Information);
}
rstChannel.Abort();
}
catch (TimeoutException exception2)
{
if (DiagnosticUtility.ShouldTraceInformation)
{
DiagnosticUtility.ExceptionUtility.TraceHandledException(exception2, TraceEventType.Information);
}
rstChannel.Abort();
}
rstChannel = null;
this.ValidateAndCacheServiceToken(negotiationState);
serviceToken = negotiationState.ServiceToken;
SecurityTraceRecordHelper.TraceEndSecurityNegotiation <T>((IssuanceTokenProviderBase <T>) this, serviceToken, this.targetAddress);
token2 = serviceToken;
}
catch (Exception exception3)
{
if (Fx.IsFatal(exception3))
{
throw;
}
if (exception3 is TimeoutException)
{
exception3 = new TimeoutException(System.ServiceModel.SR.GetString("ClientSecurityNegotiationTimeout", new object[] { timeout, num, span }), exception3);
}
EndpointAddress targetAddress = (negotiationState == null) ? null : negotiationState.RemoteAddress;
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(exception3, targetAddress, this.issuerAddress));
}
finally
{
this.Cleanup(rstChannel, negotiationState);
}
return(token2);
}
protected override BodyWriter GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState)
{
byte[] negotiationData;
try
{
IssuanceTokenProviderBase <SspiNegotiationTokenProviderState> .ThrowIfFault(incomingMessage, base.TargetAddress);
}
catch (FaultException exception)
{
if (!exception.Code.IsSenderFault)
{
throw;
}
if (!(exception.Code.SubCode.Name == "FailedAuthentication") && !(exception.Code.SubCode.Name == "FailedAuthentication"))
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("FailedSspiNegotiation"), exception), incomingMessage);
}
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("AuthenticationOfClientFailed"), exception), incomingMessage);
}
RequestSecurityTokenResponse rstr = null;
RequestSecurityTokenResponse authenticatorRstr = null;
XmlDictionaryReader readerAtBodyContents = incomingMessage.GetReaderAtBodyContents();
using (readerAtBodyContents)
{
if (base.StandardsManager.TrustDriver.IsAtRequestSecurityTokenResponseCollection(readerAtBodyContents))
{
using (IEnumerator <RequestSecurityTokenResponse> enumerator = base.StandardsManager.TrustDriver.CreateRequestSecurityTokenResponseCollection(readerAtBodyContents).RstrCollection.GetEnumerator())
{
enumerator.MoveNext();
rstr = enumerator.Current;
if (enumerator.MoveNext())
{
authenticatorRstr = enumerator.Current;
}
}
if (authenticatorRstr == null)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("AuthenticatorNotPresentInRSTRCollection")), incomingMessage);
}
if (authenticatorRstr.Context != rstr.Context)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("RSTRAuthenticatorHasBadContext")), incomingMessage);
}
this.AddToDigest(sspiState, rstr, true, true);
}
else if (base.StandardsManager.TrustDriver.IsAtRequestSecurityTokenResponse(readerAtBodyContents))
{
rstr = RequestSecurityTokenResponse.CreateFrom(base.StandardsManager, readerAtBodyContents);
this.AddToDigest(sspiState, rstr, true, false);
}
else
{
base.StandardsManager.TrustDriver.OnRSTRorRSTRCMissingException();
}
incomingMessage.ReadFromBodyContentsToEnd(readerAtBodyContents);
}
if (rstr.Context != sspiState.Context)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("BadSecurityNegotiationContext")), incomingMessage);
}
BinaryNegotiation binaryNegotiation = rstr.GetBinaryNegotiation();
if (binaryNegotiation != null)
{
this.ValidateIncomingBinaryNegotiation(binaryNegotiation);
negotiationData = binaryNegotiation.GetNegotiationData();
}
else
{
negotiationData = null;
}
if ((negotiationData == null) && !sspiState.SspiNegotiation.IsCompleted)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoBinaryNegoToReceive")), incomingMessage);
}
if ((negotiationData == null) && sspiState.SspiNegotiation.IsCompleted)
{
this.OnNegotiationComplete(sspiState, rstr, authenticatorRstr);
return(null);
}
byte[] outgoingBlob = sspiState.SspiNegotiation.GetOutgoingBlob(negotiationData, System.ServiceModel.Security.SecurityUtils.GetChannelBindingFromMessage(incomingMessage), null);
if ((outgoingBlob == null) && !sspiState.SspiNegotiation.IsCompleted)
{
throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoBinaryNegoToSend")), incomingMessage);
}
if ((outgoingBlob == null) && sspiState.SspiNegotiation.IsCompleted)
{
this.OnNegotiationComplete(sspiState, rstr, authenticatorRstr);
return(null);
}
return(this.PrepareRstr(sspiState, outgoingBlob));
}