コード例 #1
0
        /// <summary>
        /// Analyzes the token request
        /// </summary>
        /// <param name="principal">The principal.</param>
        /// <param name="request">The request.</param>
        /// <returns>A PolicyScope that describes the relying party and policy options</returns>
        protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken rst)
        {
            if (rst.AppliesTo == null)
            {
                Tracing.Error(string.Format("token request from {0} - but no realm specified.",
                                            principal.Identity.Name));

                throw new MissingAppliesToException();
            }

            Tracing.Information(string.Format("Starting token request from {0} for {1}",
                                              principal.Identity.Name,
                                              rst.AppliesTo.Uri.AbsoluteUri));

            Tracing.Information("Authentication method: " + principal.Identities.First().GetClaimValue(ClaimTypes.AuthenticationMethod));

            // analyze request
            var request = new Request(GlobalConfiguration);
            var details = request.Analyze(rst, principal);

            // validate against policy
            request.Validate(details);

            // create scope
            var scope = new RequestDetailsScope(
                details,
                SecurityTokenServiceConfiguration.SigningCredentials,
                GlobalConfiguration.RequireEncryption);

            return(scope);
        }
コード例 #2
0
        /// <summary>
        /// Analyzes the token request
        /// </summary>
        /// <param name="principal">The principal.</param>
        /// <param name="request">The request.</param>
        /// <returns>A PolicyScope that describes the relying party and policy options</returns>
        protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken rst)
        {
            if (rst.AppliesTo == null)
            {
                Tracing.Error(string.Format("token request from {0} - but no realm specified.",
                                            principal.Identity.Name));

                throw new InvalidRequestException();
            }

            Tracing.Information(string.Format("Starting token request from {0} for {1}",
                                              principal.Identity.Name,
                                              rst.AppliesTo.Uri.AbsoluteUri));

            var authenticationMethod = principal.Identities.First().FindFirst(ClaimTypes.AuthenticationMethod);

            if (authenticationMethod != null)
            {
                Tracing.Information("Authentication method: " + authenticationMethod.Value);
            }

            // analyze request
            var request = new Request(ConfigurationRepository);
            var details = request.Analyze(rst, principal);

            // validate against policy
            request.Validate(details);

            // create scope
            var scope = new RequestDetailsScope(
                details,
                SecurityTokenServiceConfiguration.SigningCredentials,
                ConfigurationRepository.Global.RequireEncryption);

            // set token type
            if (!string.IsNullOrWhiteSpace(details.TokenType))
            {
                rst.TokenType = details.TokenType;
            }


            return(scope);
        }
コード例 #3
0
        /// <summary>
        /// Analyzes the token request
        /// </summary>
        /// <param name="principal">The principal.</param>
        /// <param name="request">The request.</param>
        /// <returns>A PolicyScope that describes the relying party and policy options</returns>
        protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken rst)
        {
            if (rst.AppliesTo == null)
            {
                Tracing.Error(string.Format("token request from {0} - but no realm specified.",
                    principal.Identity.Name));

                throw new Exception();
                //throw new MissingAppliesToException();
            }

            Tracing.Information(string.Format("Starting token request from {0} for {1}",
                principal.Identity.Name,
                rst.AppliesTo.Uri.AbsoluteUri));

            Tracing.Information("Authentication method: " + principal.Identities.First().FindFirst(ClaimTypes.AuthenticationMethod).Value);

            // analyze request
            var request = new Request(GlobalConfiguration);
            var details = request.Analyze(rst, principal);

            // validate against policy
            request.Validate(details);

            // create scope
            var scope = new RequestDetailsScope(
                details, 
                SecurityTokenServiceConfiguration.SigningCredentials, 
                GlobalConfiguration.RequireEncryption);

            return scope;
        }
コード例 #4
0
        /// <summary>
        /// Analyzes the token request
        /// </summary>
        /// <param name="principal">The principal.</param>
        /// <param name="request">The request.</param>
        /// <returns>A PolicyScope that describes the relying party and policy options</returns>
        protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken rst)
        {
            if (rst.AppliesTo == null)
            {
                Tracing.Error(string.Format("token request from {0} - but no realm specified.",
                    principal.Identity.Name));

                throw new InvalidRequestException();
            }

            Tracing.Information(string.Format("Starting token request from {0} for {1}",
                principal.Identity.Name,
                rst.AppliesTo.Uri.AbsoluteUri));

            var authenticationMethod = principal.Identities.First().FindFirst(ClaimTypes.AuthenticationMethod);
            if (authenticationMethod != null)
            {
                Tracing.Information("Authentication method: " + authenticationMethod.Value);
            }

            // analyze request
            var request = new Request(ConfigurationRepository);
            var details = request.Analyze(rst, principal);

            // validate against policy
            request.Validate(details);

            // create scope
            var scope = new RequestDetailsScope(
                details, 
                SecurityTokenServiceConfiguration.SigningCredentials, 
                ConfigurationRepository.Global.RequireEncryption);

            // set token type
            if (!string.IsNullOrWhiteSpace(details.TokenType))
            {
                rst.TokenType = details.TokenType;
            }


            return scope;
        }