public SecurityNegotiationAsyncResult(IssuanceTokenProviderBase <T> tokenProvider, TimeSpan timeout, AsyncCallback callback, object state) : base(callback, state) { this.timeout = timeout; this.timeoutHelper = new TimeoutHelper(timeout); this.tokenProvider = tokenProvider; this.target = tokenProvider.targetAddress; this.issuer = tokenProvider.issuerAddress; this.via = tokenProvider.via; bool flag = false; try { flag = this.StartNegotiation(); } catch (Exception exception) { if (Fx.IsFatal(exception)) { throw; } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(this.OnSyncNegotiationFailure(exception)); } if (flag) { this.OnNegotiationComplete(); base.Complete(true); } }
private static void OpenChannelCallback(IAsyncResult result) { if (!result.CompletedSynchronously) { IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult asyncState = (IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult)result.AsyncState; bool flag = false; Exception exception = null; try { asyncState.rstChannel.EndOpen(result); flag = asyncState.OnRequestChannelOpened(); if (flag) { asyncState.OnNegotiationComplete(); } } catch (Exception exception2) { if (Fx.IsFatal(exception2)) { throw; } flag = true; exception = asyncState.OnAsyncNegotiationFailure(exception2); } if (flag) { asyncState.Complete(false, exception); } } }
public SecurityNegotiationAsyncResult(IssuanceTokenProviderBase <T> tokenProvider, TimeSpan timeout, AsyncCallback callback, object state) : base(callback, state) { this.timeout = timeout; timeoutHelper = new TimeoutHelper(timeout); this.tokenProvider = tokenProvider; this.target = tokenProvider.targetAddress; this.issuer = tokenProvider.issuerAddress; this.via = tokenProvider.via; bool completeSelf = false; try { completeSelf = this.StartNegotiation(); } #pragma warning suppress 56500 // covered by FxCOP catch (Exception e) { if (Fx.IsFatal(e)) { throw; } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(this.OnSyncNegotiationFailure(e)); } if (completeSelf) { this.OnNegotiationComplete(); Complete(true); } }
private static Exception WrapExceptionIfRequired(Exception e, EndpointAddress targetAddress, EndpointAddress issuerAddress) { if (IssuanceTokenProviderBase <T> .ShouldWrapException(e)) { Uri uri; Uri uri2; if (targetAddress != null) { uri = targetAddress.Uri; } else { uri = null; } if (issuerAddress != null) { uri2 = issuerAddress.Uri; } else { uri2 = uri; } if (uri != null) { e = new SecurityNegotiationException(System.ServiceModel.SR.GetString("SoapSecurityNegotiationFailedForIssuerAndTarget", new object[] { uri2, uri }), e); return(e); } e = new SecurityNegotiationException(System.ServiceModel.SR.GetString("SoapSecurityNegotiationFailed"), e); } return(e); }
protected override BodyWriter GetNextOutgoingMessageBody(Message incomingMessage, AcceleratedTokenProviderState negotiationState) { ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies; IssuanceTokenProviderBase <AcceleratedTokenProviderState> .ThrowIfFault(incomingMessage, base.TargetAddress); if (incomingMessage.Headers.Action != this.RequestSecurityTokenResponseAction.Value) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("InvalidActionForNegotiationMessage", new object[] { incomingMessage.Headers.Action })), incomingMessage); } SecurityMessageProperty security = incomingMessage.Properties.Security; if ((security != null) && (security.ServiceSecurityContext != null)) { authorizationPolicies = security.ServiceSecurityContext.AuthorizationPolicies; } else { authorizationPolicies = System.ServiceModel.Security.EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance; } RequestSecurityTokenResponse response = null; XmlDictionaryReader readerAtBodyContents = incomingMessage.GetReaderAtBodyContents(); using (readerAtBodyContents) { if (base.StandardsManager.MessageSecurityVersion.TrustVersion == TrustVersion.WSTrustFeb2005) { response = RequestSecurityTokenResponse.CreateFrom(base.StandardsManager, readerAtBodyContents); } else { if (base.StandardsManager.MessageSecurityVersion.TrustVersion != TrustVersion.WSTrust13) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException()); } foreach (RequestSecurityTokenResponse response2 in base.StandardsManager.TrustDriver.CreateRequestSecurityTokenResponseCollection(readerAtBodyContents).RstrCollection) { if (response != null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("MoreThanOneRSTRInRSTRC"))); } response = response2; } } incomingMessage.ReadFromBodyContentsToEnd(readerAtBodyContents); } if (response.Context != negotiationState.Context) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("BadSecurityNegotiationContext")), incomingMessage); } byte[] requestorEntropy = negotiationState.GetRequestorEntropy(); GenericXmlSecurityToken serviceToken = response.GetIssuedToken(null, null, this.keyEntropyMode, requestorEntropy, base.SecurityContextTokenUri, authorizationPolicies, base.SecurityAlgorithmSuite.DefaultSymmetricKeyLength, false); negotiationState.SetServiceToken(serviceToken); return(null); }
private static void SendRequestCallback(IAsyncResult result) { if (!result.CompletedSynchronously) { IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult asyncState = (IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult)result.AsyncState; bool flag = false; Exception exception = null; try { Message incomingMessage = null; try { incomingMessage = asyncState.rstChannel.EndRequest(result); } finally { if (asyncState.nextOutgoingMessage != null) { asyncState.nextOutgoingMessage.Close(); } } using (incomingMessage) { if (incomingMessage == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("FailToRecieveReplyFromNegotiation"))); } flag = asyncState.DoNegotiation(incomingMessage); } if (flag) { asyncState.OnNegotiationComplete(); } } catch (Exception exception2) { if (Fx.IsFatal(exception2)) { throw; } flag = true; exception = asyncState.OnAsyncNegotiationFailure(exception2); } if (flag) { asyncState.Complete(false, exception); } } }
Exception OnAsyncNegotiationFailure(Exception e) { EndpointAddress pinnedEpr = null; try { pinnedEpr = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress; Cleanup(); } catch (CommunicationException ex) { DiagnosticUtility.TraceHandledException(ex, TraceEventType.Information); } return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, pinnedEpr, this.issuer)); }
private Exception OnAsyncNegotiationFailure(Exception e) { EndpointAddress targetAddress = null; try { targetAddress = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress; this.Cleanup(); } catch (CommunicationException exception) { if (DiagnosticUtility.ShouldTraceInformation) { DiagnosticUtility.ExceptionUtility.TraceHandledException(exception, TraceEventType.Information); } } return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, targetAddress, this.issuer)); }
private Exception OnSyncNegotiationFailure(Exception e) { EndpointAddress targetAddress = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress; return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, targetAddress, this.issuer)); }
protected SecurityToken DoNegotiation(TimeSpan timeout) { SecurityToken token2; this.ThrowIfClosedOrCreated(); SecurityTraceRecordHelper.TraceBeginSecurityNegotiation <T>((IssuanceTokenProviderBase <T>) this, this.targetAddress); TimeoutHelper helper = new TimeoutHelper(timeout); IRequestChannel rstChannel = null; T negotiationState = default(T); TimeSpan span = timeout; int num = 1; try { negotiationState = this.CreateNegotiationState(this.targetAddress, this.via, helper.RemainingTime()); this.InitializeNegotiationState(negotiationState); this.InitializeChannelFactories(negotiationState.RemoteAddress, helper.RemainingTime()); rstChannel = this.CreateClientChannel(negotiationState.RemoteAddress, this.via); rstChannel.Open(helper.RemainingTime()); Message nextOutgoingMessage = null; Message incomingMessage = null; SecurityToken serviceToken = null; while (true) { nextOutgoingMessage = this.GetNextOutgoingMessage(incomingMessage, negotiationState); if (incomingMessage != null) { incomingMessage.Close(); } if (nextOutgoingMessage == null) { break; } using (nextOutgoingMessage) { TraceUtility.ProcessOutgoingMessage(nextOutgoingMessage); span = helper.RemainingTime(); incomingMessage = rstChannel.Request(nextOutgoingMessage, span); if (incomingMessage == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CommunicationException(System.ServiceModel.SR.GetString("FailToRecieveReplyFromNegotiation"))); } TraceUtility.ProcessIncomingMessage(incomingMessage); } num += 2; } if (!negotiationState.IsNegotiationCompleted) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoNegotiationMessageToSend")), incomingMessage); } try { rstChannel.Close(helper.RemainingTime()); } catch (CommunicationException exception) { if (DiagnosticUtility.ShouldTraceInformation) { DiagnosticUtility.ExceptionUtility.TraceHandledException(exception, TraceEventType.Information); } rstChannel.Abort(); } catch (TimeoutException exception2) { if (DiagnosticUtility.ShouldTraceInformation) { DiagnosticUtility.ExceptionUtility.TraceHandledException(exception2, TraceEventType.Information); } rstChannel.Abort(); } rstChannel = null; this.ValidateAndCacheServiceToken(negotiationState); serviceToken = negotiationState.ServiceToken; SecurityTraceRecordHelper.TraceEndSecurityNegotiation <T>((IssuanceTokenProviderBase <T>) this, serviceToken, this.targetAddress); token2 = serviceToken; } catch (Exception exception3) { if (Fx.IsFatal(exception3)) { throw; } if (exception3 is TimeoutException) { exception3 = new TimeoutException(System.ServiceModel.SR.GetString("ClientSecurityNegotiationTimeout", new object[] { timeout, num, span }), exception3); } EndpointAddress targetAddress = (negotiationState == null) ? null : negotiationState.RemoteAddress; throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(exception3, targetAddress, this.issuerAddress)); } finally { this.Cleanup(rstChannel, negotiationState); } return(token2); }
protected override BodyWriter GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState) { byte[] negotiationData; try { IssuanceTokenProviderBase <SspiNegotiationTokenProviderState> .ThrowIfFault(incomingMessage, base.TargetAddress); } catch (FaultException exception) { if (!exception.Code.IsSenderFault) { throw; } if (!(exception.Code.SubCode.Name == "FailedAuthentication") && !(exception.Code.SubCode.Name == "FailedAuthentication")) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("FailedSspiNegotiation"), exception), incomingMessage); } throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("AuthenticationOfClientFailed"), exception), incomingMessage); } RequestSecurityTokenResponse rstr = null; RequestSecurityTokenResponse authenticatorRstr = null; XmlDictionaryReader readerAtBodyContents = incomingMessage.GetReaderAtBodyContents(); using (readerAtBodyContents) { if (base.StandardsManager.TrustDriver.IsAtRequestSecurityTokenResponseCollection(readerAtBodyContents)) { using (IEnumerator <RequestSecurityTokenResponse> enumerator = base.StandardsManager.TrustDriver.CreateRequestSecurityTokenResponseCollection(readerAtBodyContents).RstrCollection.GetEnumerator()) { enumerator.MoveNext(); rstr = enumerator.Current; if (enumerator.MoveNext()) { authenticatorRstr = enumerator.Current; } } if (authenticatorRstr == null) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("AuthenticatorNotPresentInRSTRCollection")), incomingMessage); } if (authenticatorRstr.Context != rstr.Context) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("RSTRAuthenticatorHasBadContext")), incomingMessage); } this.AddToDigest(sspiState, rstr, true, true); } else if (base.StandardsManager.TrustDriver.IsAtRequestSecurityTokenResponse(readerAtBodyContents)) { rstr = RequestSecurityTokenResponse.CreateFrom(base.StandardsManager, readerAtBodyContents); this.AddToDigest(sspiState, rstr, true, false); } else { base.StandardsManager.TrustDriver.OnRSTRorRSTRCMissingException(); } incomingMessage.ReadFromBodyContentsToEnd(readerAtBodyContents); } if (rstr.Context != sspiState.Context) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("BadSecurityNegotiationContext")), incomingMessage); } BinaryNegotiation binaryNegotiation = rstr.GetBinaryNegotiation(); if (binaryNegotiation != null) { this.ValidateIncomingBinaryNegotiation(binaryNegotiation); negotiationData = binaryNegotiation.GetNegotiationData(); } else { negotiationData = null; } if ((negotiationData == null) && !sspiState.SspiNegotiation.IsCompleted) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoBinaryNegoToReceive")), incomingMessage); } if ((negotiationData == null) && sspiState.SspiNegotiation.IsCompleted) { this.OnNegotiationComplete(sspiState, rstr, authenticatorRstr); return(null); } byte[] outgoingBlob = sspiState.SspiNegotiation.GetOutgoingBlob(negotiationData, System.ServiceModel.Security.SecurityUtils.GetChannelBindingFromMessage(incomingMessage), null); if ((outgoingBlob == null) && !sspiState.SspiNegotiation.IsCompleted) { throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoBinaryNegoToSend")), incomingMessage); } if ((outgoingBlob == null) && sspiState.SspiNegotiation.IsCompleted) { this.OnNegotiationComplete(sspiState, rstr, authenticatorRstr); return(null); } return(this.PrepareRstr(sspiState, outgoingBlob)); }