//private void ValidateSignatures(SoapContext context, IEnumerable<SecurityToken> tokens) //{ // using var buffer = context.Request.CreateBufferedCopy((int)(context.HttpContext.Request.ContentLength ?? 64 * 1024)); // using var request = buffer.CreateMessage(); // using var stream = new MemoryStream(); // using (var writer = XmlWriter.Create(stream, new XmlWriterSettings { CloseOutput = false })) // request.WriteMessage(writer); // stream.Position = 0; // using (var reader = new EnvelopedSignatureReader(XmlReader.Create(stream))) // _ = reader.ReadOuterXml(); // context.Request = buffer.CreateMessage(); //} //private AsymmetricAlgorithm GetPublicKey(SoapContext context, KeyInfo keyInfo, IEnumerable<SecurityToken> tokens) //{ // keyInfo. // var inner = keyInfo.GetXml().ChildNodes.OfType<XmlElement>().First(); // if (inner.LocalName != "SecurityTokenReference" || inner.NamespaceURI != WsSecurityConstants.WsSecurity10Namespace) return null; // var children = inner.Elements(); // if (!children.Any()) throw context.CreateFailedCheckFault(); // var first = children.First(); // if (first.LocalName == "Reference" && first.NamespaceURI == WsSecurityConstants.WsSecurity10Namespace) // { // var id = first.GetAttribute("URI")?.Substring(1); // var token = store.GetSecurityToken(id); // if (token == null) // throw context.CreateFailedCheckFault(); // return token.SecurityKey?.CryptoProviderFactory.; // } // return null; //} private async ValueTask <VerifyTokenResult> VerifyTokenAsync(XmlReader reader, SoapContext soap) { WsSecurityLogMessages.LogSecurityTokenElement(Logger, ref reader); foreach (var handler in _securityTokenHandlerProvider.GetAllSecurityTokenHandlers()) { if (!handler.CanValidateToken) { continue; } if (!await CanReadTokenAsync(handler, reader)) { continue; } WsSecurityLogMessages.LogSecurityTokenHandlerValidationAttempt(Logger, handler); var parameters = await _tokenValidationParametersFactory.CreateAsync(); var user = null as ClaimsPrincipal; var securityToken = null as SecurityToken; var token = null as string; try { if (handler is IAsyncSecurityTokenHandler asyncHandler) { var result = await asyncHandler.ValidateTokenAsync(reader, parameters); if (!result.Success) { throw result.Error; } user = result.User; securityToken = result.Token; } else { user = handler.ValidateToken(reader, parameters, out securityToken); } } catch (Exception ex) { WsSecurityLogMessages.LogFailedSecurityTokenHandlerValidation(Logger, handler, ex); continue; } if (user != null && securityToken != null) { WsSecurityLogMessages.LogSuccessfulSecurityTokenHandlerValidation(Logger, handler); return(new VerifyTokenResult(user, securityToken)); } } throw soap.CreateInvalidSecurityTokenFault(); }