/// <summary> /// Analyzes the token request /// </summary> /// <param name="principal">The principal.</param> /// <param name="request">The request.</param> /// <returns>A PolicyScope that describes the relying party and policy options</returns> protected override Scope GetScope(IClaimsPrincipal principal, RequestSecurityToken rst) { if (rst.AppliesTo == null) { Tracing.Error(string.Format("token request from {0} - but no realm specified.", principal.Identity.Name)); throw new MissingAppliesToException(); } Tracing.Information(string.Format("Starting token request from {0} for {1}", principal.Identity.Name, rst.AppliesTo.Uri.AbsoluteUri)); Tracing.Information("Authentication method: " + principal.Identities.First().GetClaimValue(ClaimTypes.AuthenticationMethod)); // analyze request var request = new Request(GlobalConfiguration); var details = request.Analyze(rst, principal); // validate against policy request.Validate(details); // create scope var scope = new RequestDetailsScope( details, SecurityTokenServiceConfiguration.SigningCredentials, GlobalConfiguration.RequireEncryption); return(scope); }
/// <summary> /// Analyzes the token request /// </summary> /// <param name="principal">The principal.</param> /// <param name="request">The request.</param> /// <returns>A PolicyScope that describes the relying party and policy options</returns> protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken rst) { if (rst.AppliesTo == null) { Tracing.Error(string.Format("token request from {0} - but no realm specified.", principal.Identity.Name)); throw new InvalidRequestException(); } Tracing.Information(string.Format("Starting token request from {0} for {1}", principal.Identity.Name, rst.AppliesTo.Uri.AbsoluteUri)); var authenticationMethod = principal.Identities.First().FindFirst(ClaimTypes.AuthenticationMethod); if (authenticationMethod != null) { Tracing.Information("Authentication method: " + authenticationMethod.Value); } // analyze request var request = new Request(ConfigurationRepository); var details = request.Analyze(rst, principal); // validate against policy request.Validate(details); // create scope var scope = new RequestDetailsScope( details, SecurityTokenServiceConfiguration.SigningCredentials, ConfigurationRepository.Global.RequireEncryption); // set token type if (!string.IsNullOrWhiteSpace(details.TokenType)) { rst.TokenType = details.TokenType; } return(scope); }
/// <summary> /// Analyzes the token request /// </summary> /// <param name="principal">The principal.</param> /// <param name="request">The request.</param> /// <returns>A PolicyScope that describes the relying party and policy options</returns> protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken rst) { if (rst.AppliesTo == null) { Tracing.Error(string.Format("token request from {0} - but no realm specified.", principal.Identity.Name)); throw new Exception(); //throw new MissingAppliesToException(); } Tracing.Information(string.Format("Starting token request from {0} for {1}", principal.Identity.Name, rst.AppliesTo.Uri.AbsoluteUri)); Tracing.Information("Authentication method: " + principal.Identities.First().FindFirst(ClaimTypes.AuthenticationMethod).Value); // analyze request var request = new Request(GlobalConfiguration); var details = request.Analyze(rst, principal); // validate against policy request.Validate(details); // create scope var scope = new RequestDetailsScope( details, SecurityTokenServiceConfiguration.SigningCredentials, GlobalConfiguration.RequireEncryption); return scope; }
/// <summary> /// Analyzes the token request /// </summary> /// <param name="principal">The principal.</param> /// <param name="request">The request.</param> /// <returns>A PolicyScope that describes the relying party and policy options</returns> protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken rst) { if (rst.AppliesTo == null) { Tracing.Error(string.Format("token request from {0} - but no realm specified.", principal.Identity.Name)); throw new InvalidRequestException(); } Tracing.Information(string.Format("Starting token request from {0} for {1}", principal.Identity.Name, rst.AppliesTo.Uri.AbsoluteUri)); var authenticationMethod = principal.Identities.First().FindFirst(ClaimTypes.AuthenticationMethod); if (authenticationMethod != null) { Tracing.Information("Authentication method: " + authenticationMethod.Value); } // analyze request var request = new Request(ConfigurationRepository); var details = request.Analyze(rst, principal); // validate against policy request.Validate(details); // create scope var scope = new RequestDetailsScope( details, SecurityTokenServiceConfiguration.SigningCredentials, ConfigurationRepository.Global.RequireEncryption); // set token type if (!string.IsNullOrWhiteSpace(details.TokenType)) { rst.TokenType = details.TokenType; } return scope; }