private bool FollowIssuer(QueryContext context, GraphSubject subject)
{
//if (subject.Flags.HasFlagFast(SubjectFlags.ContainsTrustTrue))
// return true;
var follow = false;
var e = subject.GetClaimIndexEnumerator();
while (e.MoveNext() && follow == false)
{
//follow = (TrustService.Graph.Claims[e.Current].Flags == ClaimFlags.Trust);
if (TrustService.Graph.Claims[e.Current].Type != context.BinaryClaimTypeIndex)
{
continue;
}
follow = (TrustService.Graph.Claims[e.Current].Scope == context.ClaimScope || TrustService.Graph.Claims[e.Current].Scope == context.GlobalScopeIndex);
}
//if (subject.Claims.GetIndex(context.ClaimScope, context.BinaryClaimTypeIndex, out int index))
//follow = (TrustService.Graph.Claims[index].Flags == ClaimFlags.Trust);
//if (!follow) // Check Global scope disable for now. Need more expirence.
//if (subject.Claims.GetIndex(TrustService.GlobalScopeIndex, TrustService.BinaryClaimTypeIndex, out index))
// follow = (TrustService.Graph.Claims[index].Flags == ClaimFlags.Trust);
return(follow);
}
protected List <int> FilterClaims(QueryContext context, GraphSubject subject)
{
var claims = new List <int>();
var binaryTypeIndex = (context.Flags == QueryFlags.IncludeClaimTrust)
? context.BinaryClaimTypeIndex : -1; // Include the BinaryTrust claim if defined in query context flags.
foreach (var typeIndex in context.ClaimTypes)
{
var e = subject.GetClaimIndexEnumerator();
if (e == null)
{
break;
}
while (e.MoveNext())
{
if (TrustService.Graph.Claims[e.Current].Type != typeIndex && TrustService.Graph.Claims[e.Current].Type != binaryTypeIndex)
{
continue;
}
var found = (TrustService.Graph.Claims[e.Current].Scope == context.ClaimScope || TrustService.Graph.Claims[e.Current].Scope == context.GlobalScopeIndex);
if (found)
{
claims.Add(e.Current);
}
}
}
return(claims);
}
public GraphSubject CreateGraphSubject(string subjectId)
{
var graphSubject = new GraphSubject
{
TargetIssuer = EnsureGraphIssuer(subjectId),
//Claims = new ConcurrentDictionary<long, int>()
//Claims = new GraphSubjectDictionary<long, int>(0)
};
return(graphSubject);
}
protected void SearchSubject(QueryContext context, GraphTracker tracker, GraphSubject subject)
{
var claims = FilterClaims(context, subject); // Filter down to claim searching on
if (claims.Count == 0)
{
return;
}
BuildResult(context, tracker, claims); // Target found!
var targetIssuer = tracker.Issuer.Subjects[tracker.SubjectKey].TargetIssuer;
context.TargetsFound[targetIssuer.Index] = targetIssuer;
}
private bool FollowIssuer(QueryContext context, GraphSubject subject)
{
if (subject.Flags.HasFlagFast(SubjectFlags.ContainsTrustTrue))
{
return(true);
}
var follow = false;
if (subject.Claims.GetIndex(context.ClaimScope, context.BinaryClaimTypeIndex, out int index))
{
follow = (TrustService.Graph.Claims[index].Flags == ClaimFlags.Trust);
}
//if (!follow) // Check Global scope disable for now. Need more expirence.
//if (subject.Claims.GetIndex(TrustService.GlobalScopeIndex, TrustService.BinaryClaimTypeIndex, out index))
// follow = (TrustService.Graph.Claims[index].Flags == ClaimFlags.Trust);
return(follow);
}
protected List <Tuple <long, int> > GetClaims(QueryContext context, GraphSubject subject)
{
var claims = new List <Tuple <long, int> >();
int index = 0;
foreach (var type in context.ClaimTypes)
{
if (subject.Claims.GetIndex(context.ClaimScope, type, out index)) // Check local scope for claims
{
claims.Add(new Tuple <long, int>(new SubjectClaimIndex(context.ClaimScope, type).Value, index));
}
else
if (subject.Claims.GetIndex(context.GlobalScopeIndex, type, out index)) // Check global scope for claims
{
claims.Add(new Tuple <long, int>(new SubjectClaimIndex(context.GlobalScopeIndex, type).Value, index));
}
}
return(claims);
}
protected void SearchSubject(QueryContext context, GraphTracker tracker, GraphSubject subject)
{
int index = 0;
var claims = GetClaims(context, subject);
//foreach (var type in context.ClaimTypes)
//{
// if (subject.Claims.GetIndex(context.ClaimScope, type, out index)) // Check local scope for claims
// claims.Add(new Tuple<long, int>(new SubjectClaimIndex(context.ClaimScope, type).Value, index));
// else
// if (subject.Claims.GetIndex(TrustService.GlobalScopeIndex, type, out index)) // Check global scope for claims
// claims.Add(new Tuple<long, int>(new SubjectClaimIndex(TrustService.GlobalScopeIndex, type).Value, index));
//}
if (claims.Count == 0)
{
return;
}
if (context.Flags == QueryFlags.IncludeClaimTrust)
{
if (subject.Claims.GetIndex(context.ClaimScope, context.BinaryClaimTypeIndex, out index)) // Check local scope for claims
{
claims.Add(new Tuple <long, int>(new SubjectClaimIndex(context.ClaimScope, context.BinaryClaimTypeIndex).Value, index));
}
}
//else // Check Global scope disable for now. Need more expirence.
//if (subject.Claims.GetIndex(TrustService.GlobalScopeIndex, TrustService.BinaryClaimTypeIndex, out index)) // Check global scope for claims
//claims.Add(new Tuple<long, int>(new SubjectClaimIndex(TrustService.GlobalScopeIndex, TrustService.BinaryClaimTypeIndex).Value, index));
BuildResult(context, tracker, claims); // Target found!
var targetIssuer = tracker.Issuer.Subjects[tracker.SubjectKey].TargetIssuer;
context.TargetsFound[targetIssuer.Index] = targetIssuer;
}
