private static XElement SerializeScope(PolicyScope scope) { XElement scopeElement = new XElement("scope"); scopeElement.SetAttributeValue("uri", scope.Uri.ToString()); XElement claimTypesElement = new XElement("claimTypes"); scopeElement.Add(claimTypesElement); foreach (var claimType in scope.ClaimTypes) { claimTypesElement.Add(SerializaClaimType(claimType)); } XElement issuersElement = new XElement("issuers"); scopeElement.Add(issuersElement); foreach (var issuer in scope.Issuers) { issuersElement.Add(SerializaIssuer(issuer)); } XElement rulesElement = new XElement("rules"); scopeElement.Add(rulesElement); foreach (var rule in scope.Rules) { rulesElement.Add(SerializaRule(rule)); } return(scopeElement); }
public void ShouldMatchInputClaim() { var store = new MockPolicyStore(); ClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(store); InputPolicyClaim inputClaim = new InputPolicyClaim(this.issuer, this.inputClaimType, "myInputClaim"); OutputPolicyClaim outputClaim = new OutputPolicyClaim(this.outputClaimType, "myOutputClaimValue"); PolicyRule rule = new PolicyRule(AssertionsMatch.Any, new[] { inputClaim }, outputClaim); var policyScope = new PolicyScope(new Uri("http://myScope"), new[] { rule }); policyScope.AddIssuer(new Issuer("http://originalIssuer", string.Empty, "OriginalIssuer")); store.RetrieveScopesReturnValue = new List <PolicyScope>() { policyScope }; IEnumerable <Claim> evaluatedOutputClaims = evaluator.Evaluate(new Uri("http://myScope"), new[] { new Claim("http://myInputClaimType", "myInputClaim", string.Empty, "http://myInputClaimIssuer", "http://originalIssuer") }); Assert.IsNotNull(evaluatedOutputClaims); Assert.AreEqual(1, evaluatedOutputClaims.Count()); Assert.AreEqual("http://myOutputClaimType", evaluatedOutputClaims.ElementAt(0).ClaimType); Assert.AreEqual("myOutputClaimValue", evaluatedOutputClaims.ElementAt(0).Value); Assert.AreEqual("http://myInputClaimIssuer", evaluatedOutputClaims.ElementAt(0).Issuer); Assert.AreEqual("OriginalIssuer", evaluatedOutputClaims.ElementAt(0).OriginalIssuer); }
public void PolicyScopeMatchResult(PolicyScope scope, ScopeMatchResult result) { this.logger.Log( LogLevel.Diagnostic, "Policy scope {0} {1} {2}", scope.DisplayName, result.Success ? "matches" : "does not match", result.Arguments); }
private static PolicyScope RetrievePolicyScope() { var scope = new PolicyScope(new Uri("http://localhost/tests")); scope.ClaimTypes.Add(sampleClaimType); scope.Issuers.Add(sampleIssuer); return(scope); }
public void ShouldPassEvaluateRuleIfCopyOutputValueFromInputIssuer() { var store = new XmlPolicyStore("My Xml Store Path", new MockXmlRepository(@"content\integrationTest2.xml")); PolicyScope scope = store.RetrieveScope(new Uri("http://localhost/1")); var issuer = scope.Issuers.ElementAt(0); IList <InputPolicyClaim> inputClaims = new List <InputPolicyClaim>(); ClaimType claimType = new ClaimType("http://myClaimType", "myClaimType"); inputClaims.Add(new InputPolicyClaim(issuer, claimType, "*")); PolicyRule newRule = new PolicyRule(AssertionsMatch.Any, inputClaims, new OutputPolicyClaim(claimType, string.Empty, CopyFromConstants.InputIssuer)); store.AddPolicyRule(new Uri("http://localhost/1"), newRule); string claimValue = "myInputClaimValue33"; ClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(store); Claim inputClaim = new Claim("http://myClaimType", claimValue, string.Empty, "http://myIssuer1"); IEnumerable <Claim> evaluatedOutputClaims = evaluator.Evaluate(new Uri("http://localhost/1"), new[] { inputClaim }); Assert.IsNotNull(evaluatedOutputClaims); Assert.AreEqual("http://myClaimType", evaluatedOutputClaims.ElementAt(0).ClaimType); }
public void ShouldMatchInputClaim() { var store = new MockPolicyStore(); ClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(store); InputPolicyClaim inputClaim = new InputPolicyClaim(this.issuer, this.inputClaimType, "myInputClaim"); OutputPolicyClaim outputClaim = new OutputPolicyClaim(this.outputClaimType, "myOutputClaimValue"); PolicyRule rule = new PolicyRule(AssertionsMatch.Any, new[] { inputClaim }, outputClaim); var policyScope = new PolicyScope(new Uri("http://myScope"), new[] { rule }); policyScope.AddIssuer(new Issuer("http://originalIssuer", string.Empty, "OriginalIssuer")); store.RetrieveScopesReturnValue = new List<PolicyScope>() { policyScope }; IEnumerable<Claim> evaluatedOutputClaims = evaluator.Evaluate(new Uri("http://myScope"), new[] { new Claim("http://myInputClaimType", "myInputClaim", string.Empty, "http://myInputClaimIssuer", "http://originalIssuer") }); Assert.IsNotNull(evaluatedOutputClaims); Assert.AreEqual(1, evaluatedOutputClaims.Count()); Assert.AreEqual("http://myOutputClaimType", evaluatedOutputClaims.ElementAt(0).ClaimType); Assert.AreEqual("myOutputClaimValue", evaluatedOutputClaims.ElementAt(0).Value); Assert.AreEqual("http://myInputClaimIssuer", evaluatedOutputClaims.ElementAt(0).Issuer); Assert.AreEqual("OriginalIssuer", evaluatedOutputClaims.ElementAt(0).OriginalIssuer); }
public IEnumerable <Claim> Evaluate(Uri scope, IEnumerable <Claim> inputClaims) { if (scope == null) { throw new ArgumentNullException(nameof(scope)); } if (!inputClaims.Any()) { return(Enumerable.Empty <Claim>()); } IEnumerable <PolicyScope> policyScopes = this.store.RetrieveScopes(); PolicyScope mappingScope = policyScopes.FirstOrDefault(s => s.Uri == scope); if (mappingScope == null) { throw new ClaimsPolicyEvaluationException(string.Format(CultureInfo.CurrentUICulture, Resources.ScopeNotFound, scope)); } return(MapClaims(inputClaims, mappingScope)); }
private static PolicyScope RetrieveScope(XElement scopeElement) { IDictionary <string, string> claimTypes = RetrieveReferences(scopeElement.Element("claimTypes"), "claimType", "displayName", "fullName"); IDictionary <string, Issuer> issuers = new Dictionary <string, Issuer>(); PolicyScope scope = new PolicyScope(new Uri(scopeElement.Attribute("uri").Value), new List <PolicyRule>()); var issuerElements = scopeElement.Element("issuers").Descendants("issuer"); foreach (var item in issuerElements) { Issuer issuer = new Issuer( item.Attribute("uri").Value, item.Attribute("thumbprint").Value.ToUpperInvariant(), item.Attribute("displayName").Value); scope.AddIssuer(issuer); issuers.Add(issuer.DisplayName, issuer); } foreach (var item in claimTypes) { scope.AddClaimType(new ClaimType(item.Value, item.Key)); } foreach (XElement ruleElement in scopeElement.Element("rules").Descendants("rule")) { AssertionsMatch assertionsMatch = RetrieveRuleAssertionsMatch(ruleElement); IEnumerable <InputPolicyClaim> inputClaims = RetrieveInputClaims(ruleElement, issuers, claimTypes); OutputPolicyClaim outputClaim = RetrieveOutputClaim(ruleElement, claimTypes); scope.AddRule(new PolicyRule(assertionsMatch, inputClaims, outputClaim)); } return(scope); }
/// <inheritdoc/> public string ToDelimitedString() { CultureInfo culture = CultureInfo.CurrentCulture; return(string.Format( culture, StringHelper.StringFormatSequence(0, 73, Configuration.FieldSeparator), Id, InsuredsEmployeeId != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredsEmployeeId.Select(x => x.ToDelimitedString())) : null, InsuredsSocialSecurityNumber, InsuredsEmployersNameAndId != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredsEmployersNameAndId.Select(x => x.ToDelimitedString())) : null, EmployerInformationData?.ToDelimitedString(), MailClaimParty != null ? string.Join(Configuration.FieldRepeatSeparator, MailClaimParty.Select(x => x.ToDelimitedString())) : null, MedicareHealthInsCardNumber, MedicaidCaseName != null ? string.Join(Configuration.FieldRepeatSeparator, MedicaidCaseName.Select(x => x.ToDelimitedString())) : null, MedicaidCaseNumber, MilitarySponsorName != null ? string.Join(Configuration.FieldRepeatSeparator, MilitarySponsorName.Select(x => x.ToDelimitedString())) : null, MilitaryIdNumber, DependentOfMilitaryRecipient?.ToDelimitedString(), MilitaryOrganization, MilitaryStation, MilitaryService?.ToDelimitedString(), MilitaryRankGrade?.ToDelimitedString(), MilitaryStatus?.ToDelimitedString(), MilitaryRetireDate.HasValue ? MilitaryRetireDate.Value.ToString(Consts.DateFormatPrecisionDay, culture) : null, MilitaryNonAvailCertOnFile, BabyCoverage, CombineBabyBill, BloodDeductible, SpecialCoverageApprovalName != null ? string.Join(Configuration.FieldRepeatSeparator, SpecialCoverageApprovalName.Select(x => x.ToDelimitedString())) : null, SpecialCoverageApprovalTitle, NonCoveredInsuranceCode != null ? string.Join(Configuration.FieldRepeatSeparator, NonCoveredInsuranceCode.Select(x => x.ToDelimitedString())) : null, PayorId != null ? string.Join(Configuration.FieldRepeatSeparator, PayorId.Select(x => x.ToDelimitedString())) : null, PayorSubscriberId != null ? string.Join(Configuration.FieldRepeatSeparator, PayorSubscriberId.Select(x => x.ToDelimitedString())) : null, EligibilitySource?.ToDelimitedString(), RoomCoverageTypeAmount != null ? string.Join(Configuration.FieldRepeatSeparator, RoomCoverageTypeAmount.Select(x => x.ToDelimitedString())) : null, PolicyTypeAmount != null ? string.Join(Configuration.FieldRepeatSeparator, PolicyTypeAmount.Select(x => x.ToDelimitedString())) : null, DailyDeductible?.ToDelimitedString(), LivingDependency?.ToDelimitedString(), AmbulatoryStatus != null ? string.Join(Configuration.FieldRepeatSeparator, AmbulatoryStatus.Select(x => x.ToDelimitedString())) : null, Citizenship != null ? string.Join(Configuration.FieldRepeatSeparator, Citizenship.Select(x => x.ToDelimitedString())) : null, PrimaryLanguage?.ToDelimitedString(), LivingArrangement?.ToDelimitedString(), PublicityCode?.ToDelimitedString(), ProtectionIndicator, StudentIndicator?.ToDelimitedString(), Religion?.ToDelimitedString(), MothersMaidenName != null ? string.Join(Configuration.FieldRepeatSeparator, MothersMaidenName.Select(x => x.ToDelimitedString())) : null, Nationality?.ToDelimitedString(), EthnicGroup != null ? string.Join(Configuration.FieldRepeatSeparator, EthnicGroup.Select(x => x.ToDelimitedString())) : null, MaritalStatus != null ? string.Join(Configuration.FieldRepeatSeparator, MaritalStatus.Select(x => x.ToDelimitedString())) : null, InsuredsEmploymentStartDate.HasValue ? InsuredsEmploymentStartDate.Value.ToString(Consts.DateFormatPrecisionDay, culture) : null, EmploymentStopDate.HasValue ? EmploymentStopDate.Value.ToString(Consts.DateFormatPrecisionDay, culture) : null, JobTitle, JobCodeClass?.ToDelimitedString(), JobStatus?.ToDelimitedString(), EmployerContactPersonName != null ? string.Join(Configuration.FieldRepeatSeparator, EmployerContactPersonName.Select(x => x.ToDelimitedString())) : null, EmployerContactPersonPhoneNumber != null ? string.Join(Configuration.FieldRepeatSeparator, EmployerContactPersonPhoneNumber.Select(x => x.ToDelimitedString())) : null, EmployerContactReason?.ToDelimitedString(), InsuredsContactPersonsName != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredsContactPersonsName.Select(x => x.ToDelimitedString())) : null, InsuredsContactPersonPhoneNumber != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredsContactPersonPhoneNumber.Select(x => x.ToDelimitedString())) : null, InsuredsContactPersonReason != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredsContactPersonReason.Select(x => x.ToDelimitedString())) : null, RelationshipToThePatientStartDate.HasValue ? RelationshipToThePatientStartDate.Value.ToString(Consts.DateFormatPrecisionDay, culture) : null, RelationshipToThePatientStopDate != null ? string.Join(Configuration.FieldRepeatSeparator, RelationshipToThePatientStopDate.Select(x => x.ToString(Consts.DateFormatPrecisionDay, culture))) : null, InsuranceCoContactReason?.ToDelimitedString(), InsuranceCoContactPhoneNumber != null ? string.Join(Configuration.FieldRepeatSeparator, InsuranceCoContactPhoneNumber.Select(x => x.ToDelimitedString())) : null, PolicyScope?.ToDelimitedString(), PolicySource?.ToDelimitedString(), PatientMemberNumber?.ToDelimitedString(), GuarantorsRelationshipToInsured?.ToDelimitedString(), InsuredsPhoneNumberHome != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredsPhoneNumberHome.Select(x => x.ToDelimitedString())) : null, InsuredsEmployerPhoneNumber != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredsEmployerPhoneNumber.Select(x => x.ToDelimitedString())) : null, MilitaryHandicappedProgram?.ToDelimitedString(), SuspendFlag, CopayLimitFlag, StoplossLimitFlag, InsuredOrganizationNameAndId != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredOrganizationNameAndId.Select(x => x.ToDelimitedString())) : null, InsuredEmployerOrganizationNameAndId != null ? string.Join(Configuration.FieldRepeatSeparator, InsuredEmployerOrganizationNameAndId.Select(x => x.ToDelimitedString())) : null, Race != null ? string.Join(Configuration.FieldRepeatSeparator, Race.Select(x => x.ToDelimitedString())) : null, PatientsRelationshipToInsured?.ToDelimitedString() ).TrimEnd(Configuration.FieldSeparator.ToCharArray())); }
private static PolicyScope RetrievePolicyScope() { var scope = new PolicyScope(new Uri("http://localhost/tests")); scope.ClaimTypes.Add(sampleClaimType); scope.Issuers.Add(sampleIssuer); return scope; }
private static IEnumerable <Claim> MapClaims(IEnumerable <Claim> inputClaims, PolicyScope mappingScope) { List <Claim> mappedClaims = new List <Claim>(); foreach (PolicyRule rule in mappingScope.Rules) { IEnumerable <Claim> matchingInputClaims = MatchesRule(rule, inputClaims); if (matchingInputClaims != null && matchingInputClaims.Any()) { foreach (var matchingInputClaim in matchingInputClaims) { string outputValue; if (rule.OutputClaim.CopyFromInput) { if (rule.InputClaims.ElementAt(0).Value != Wildcard) { if (rule.OutputClaim.CopyFrom.ToUpperInvariant().Equals(CopyFromConstants.InputValue)) { outputValue = rule.InputClaims.ElementAt(0).Value; } else { outputValue = rule.InputClaims.ElementAt(0).Issuer.DisplayName; } } else { if (rule.OutputClaim.CopyFrom.ToUpperInvariant().Equals(CopyFromConstants.InputValue)) { outputValue = matchingInputClaim.Value; } else { var issuer = mappingScope.Issuers.FirstOrDefault(i => i.Uri == matchingInputClaim.Issuer); outputValue = issuer != null ? issuer.DisplayName : matchingInputClaim.Issuer; } } } else { outputValue = rule.OutputClaim.Value; } var originalIssuer = mappingScope.Issuers.FirstOrDefault(i => i.Uri == matchingInputClaim.OriginalIssuer); string originalIssuerDisplayName = originalIssuer != null ? originalIssuer.DisplayName : matchingInputClaim.Issuer; mappedClaims.Add( new Claim( rule.OutputClaim.ClaimType.FullName, outputValue, matchingInputClaim.ValueType, matchingInputClaim.Issuer, originalIssuerDisplayName)); } } } return(mappedClaims); }
private static XElement SerializeScope(PolicyScope scope) { XElement scopeElement = new XElement("scope"); scopeElement.SetAttributeValue("uri", scope.Uri.ToString()); XElement claimTypesElement = new XElement("claimTypes"); scopeElement.Add(claimTypesElement); foreach (var claimType in scope.ClaimTypes) { claimTypesElement.Add(SerializaClaimType(claimType)); } XElement issuersElement = new XElement("issuers"); scopeElement.Add(issuersElement); foreach (var issuer in scope.Issuers) { issuersElement.Add(SerializaIssuer(issuer)); } XElement rulesElement = new XElement("rules"); scopeElement.Add(rulesElement); foreach (var rule in scope.Rules) { rulesElement.Add(SerializaRule(rule)); } return scopeElement; }
private static PolicyScope RetrieveScope(XElement scopeElement) { IDictionary<string, string> claimTypes = RetrieveReferences(scopeElement.Element("claimTypes"), "claimType", "displayName", "fullName"); IDictionary<string, Issuer> issuers = new Dictionary<string, Issuer>(); PolicyScope scope = new PolicyScope(new Uri(scopeElement.Attribute("uri").Value), new List<PolicyRule>()); var issuerElements = scopeElement.Element("issuers").Descendants("issuer"); foreach (var item in issuerElements) { Issuer issuer = new Issuer( item.Attribute("uri").Value, item.Attribute("thumbprint").Value.ToUpperInvariant(), item.Attribute("displayName").Value); scope.AddIssuer(issuer); issuers.Add(issuer.DisplayName, issuer); } foreach (var item in claimTypes) { scope.AddClaimType(new ClaimType(item.Value, item.Key)); } foreach (XElement ruleElement in scopeElement.Element("rules").Descendants("rule")) { AssertionsMatch assertionsMatch = RetrieveRuleAssertionsMatch(ruleElement); IEnumerable<InputPolicyClaim> inputClaims = RetrieveInputClaims(ruleElement, issuers, claimTypes); OutputPolicyClaim outputClaim = RetrieveOutputClaim(ruleElement, claimTypes); scope.AddRule(new PolicyRule(assertionsMatch, inputClaims, outputClaim)); } return scope; }