static void Main(string[] args)
{
// Setup Log4Net configuration by loading it from configuration file.
// log4net is not necessary and is only being used for demonstration.
XmlConfigurator.Configure();
// To ensure that the WSP is up and running.
Thread.Sleep(1000);
// Retrieve token
IStsTokenService tokenService = new StsTokenServiceCache(TokenServiceConfigurationFactory.CreateConfiguration());
var securityToken = tokenService.GetToken();
// Call WSP with token
var client = new HelloWorldClient();
var channelWithIssuedToken = client.ChannelFactory.CreateChannelWithIssuedToken(securityToken);
Console.WriteLine(channelWithIssuedToken.HelloNone("Schultz")); // Even if the protection level is set to 'None' Digst.OioIdws.Wsc ensures that the body is always at least signed.
Console.WriteLine(channelWithIssuedToken.HelloSign("Schultz"));
Console.WriteLine(channelWithIssuedToken.HelloEncryptAndSign("Schultz"));
//Checking that SOAP faults can be read.SOAP faults are encrypted in Sign and EncryptAndSign mode if no special care is taken.
try
{
channelWithIssuedToken.HelloSignError("Schultz");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
Console.ReadKey();
}
public void DotnetWscCallJavaWspTest()
{
// Ensure that the WSP is up and running.
Thread.Sleep(30000);
var succeeded = false;
// Retrieve token
IStsTokenService stsTokenService =
new StsTokenServiceCache(
TokenServiceConfigurationFactory.CreateConfiguration()
);
var securityToken = stsTokenService.GetToken();
// Call WSP with token
var client = new HelloWorldPortTypeClient();
var channelWithIssuedToken =
client.ChannelFactory.CreateChannelWithIssuedToken(
securityToken
);
var helloWorldRequestJohn = new HelloWorldRequest("John");
succeeded =
channelWithIssuedToken
.HelloWorld(helloWorldRequestJohn)
.response.Equals("Hello John");
Assert.IsTrue(succeeded);
}
private string RunSoap(SecurityToken bootstrapToken)
{
// Retrieve token
IStsTokenService stsTokenService = new StsTokenServiceCache(TokenServiceConfigurationFactory.CreateConfiguration());
SecurityToken securityToken = null;
if (bootstrapToken != null)
{
securityToken = stsTokenService.GetTokenWithBootstrapToken(bootstrapToken);
}
else
{
securityToken = stsTokenService.GetToken();
}
// Call WSP with token
var client = new HelloWorldClient();
// enable revocation check if not white listed at Nets, don't do this in production!
//client.ClientCredentials.ServiceCertificate.Authentication.RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck;
var channelWithIssuedToken = client.ChannelFactory.CreateChannelWithIssuedToken(securityToken);
return(channelWithIssuedToken.HelloSign("Oiosaml-net.dk TEST"));
}
static void Main(string[] args)
{
// Setup Log4Net configuration by loading it from configuration file.
// log4net is not necessary and is only being used for demonstration.
XmlConfigurator.Configure();
// To ensure that the WSP is up and running.
Thread.Sleep(1000);
// Retrieve token
IStsTokenService stsTokenService =
new StsTokenServiceCache(
TokenServiceConfigurationFactory.CreateConfiguration()
);
var securityToken = stsTokenService.GetToken();
// Call WSP with token
var client = new HelloWorldPortTypeClient();
var channelWithIssuedToken =
client.ChannelFactory.CreateChannelWithIssuedToken(
securityToken
);
var helloWorldRequestJohn = new HelloWorldRequest("John");
Console.WriteLine(
channelWithIssuedToken.HelloWorld(helloWorldRequestJohn).response
);
var helloWorldRequestJane = new HelloWorldRequest("Jane");
Console.WriteLine(
channelWithIssuedToken.HelloWorld(helloWorldRequestJane).response
);
try
{
// third call will trigger a SOAPFault
var helloWorldRequest = new HelloWorldRequest("");
Console.WriteLine(
channelWithIssuedToken.HelloWorld(helloWorldRequest).response
);
}
catch (Exception ex)
{
Console.WriteLine("Expected SOAPFault caught: " + ex.Message);
}
// Encrypted calls fails client side. However, encryption at message
// level is not required and no further investigation has been
// putted into this issue yet.
//
// Console.WriteLine(channelWithIssuedToken.HelloEncryptAndSign("Schultz"));
Console.WriteLine("Press <Enter> to stop the service.");
Console.ReadLine();
}
public void OioWsTrustTokenServiceCacheGivesTheSameTokenTest()
{
// Arrange
IStsTokenService stsTokenService =
new StsTokenServiceCache(
TokenServiceConfigurationFactory.CreateConfiguration()
);
var securityToken = stsTokenService.GetToken();
// Act
var securityToken2 = stsTokenService.GetToken();
// Assert
Assert.AreEqual(securityToken, securityToken2, "Expected that tokens was the same");
}
public static void Setup(TestContext context)
{
// Check certificates
if (!CertMaker.rootCertIsTrusted())
{
CertMaker.trustRootCert();
}
// Start proxy server (to simulate man in the middle attacks)
FiddlerApplication.Startup(
8877, /* Port */
true, /* Register as System Proxy */
true, /* Decrypt SSL */
false /* Allow Remote */
);
// Start WSP
_process = Process.Start(@"..\..\..\..\Examples\Digst.OioIdws.WspExample\bin\Debug\Digst.OioIdws.WspExample.exe");
// Retrieve token
_stsTokenService = new StsTokenServiceCache(TokenServiceConfigurationFactory.CreateConfiguration());
}
static void Main(string[] args)
{
// Setup Log4Net configuration by loading it from configuration file
// log4net is not necessary and is only being used for demonstration
XmlConfigurator.Configure();
// To ensure that the WSP is up and running.
Thread.Sleep(1000);
// Retrieve token
IStsTokenService stsTokenService =
new StsTokenServiceCache(
TokenServiceConfigurationFactory.CreateConfiguration()
);
var securityToken = stsTokenService.GetToken();
// Call WSP with token
var hostname = "https://localhost:8443/HelloWorld/services/helloworld";
var customBinding = new Channels.CustomBinding();
var endpointAddress = new System.ServiceModel.EndpointAddress(
new Uri(hostname),
System.ServiceModel.EndpointIdentity.CreateDnsIdentity(
//"wsp.oioidws-net.dk TEST (funktionscertifikat)"
"eID JAVA test (funktionscertifikat)"
),
new Channels.AddressHeader[] { }
);
var asymmetric =
new Channels.AsymmetricSecurityBindingElement
(
new SecurityTokens.X509SecurityTokenParameters(
SecurityTokens.X509KeyIdentifierClauseType.Any,
SecurityTokens.SecurityTokenInclusionMode.AlwaysToInitiator
),
new Soap.StrCustomization.CustomizedIssuedSecurityTokenParameters(
"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
)
{
UseStrTransform = true
}
)
{
AllowSerializedSigningTokenOnReply = true,
ProtectTokens = true
};
asymmetric.SetKeyDerivation(false);
var messageEncoding =
new Channels.TextMessageEncodingBindingElement
{
MessageVersion =
Channels.MessageVersion.Soap12WSAddressing10
};
var transport =
(hostname.ToLower().StartsWith("https://"))
? new Channels.HttpsTransportBindingElement()
: new Channels.HttpTransportBindingElement();
customBinding.Elements.Add(asymmetric);
customBinding.Elements.Add(messageEncoding);
customBinding.Elements.Add(transport);
System.ServiceModel.ChannelFactory <HelloWorldPortType> factory =
new System.ServiceModel.ChannelFactory <HelloWorldPortType>(
customBinding, endpointAddress
);
factory.Credentials.UseIdentityConfiguration = true;
factory.Credentials.ServiceCertificate.SetScopedCertificate(
X509Certificates.StoreLocation.LocalMachine,
X509Certificates.StoreName.My,
X509Certificates.X509FindType.FindByThumbprint,
//"1F0830937C74B0567D6B05C07B6155059D9B10C7",
"85398FCF737FB76F554C6F2422CC39D3A35EC26F",
new Uri(hostname)
);
factory.Endpoint.Behaviors.Add(
new Soap.Behaviors.SoapClientBehavior()
);
var channelWithIssuedToken =
factory.CreateChannelWithIssuedToken(securityToken);
var helloWorldRequestJohn = new HelloWorldRequest("John");
Console.WriteLine(
channelWithIssuedToken.HelloWorld(helloWorldRequestJohn).response
);
var helloWorldRequestJane = new HelloWorldRequest("Jane");
Console.WriteLine(
channelWithIssuedToken.HelloWorld(helloWorldRequestJane).response
);
try
{
// third call will trigger a SOAPFault
var helloWorldRequest = new HelloWorldRequest("");
Console.WriteLine(
channelWithIssuedToken.HelloWorld(helloWorldRequest).response
);
}
catch (Exception ex)
{
Console.WriteLine("Expected SOAPFault caught: " + ex.Message);
}
// Encrypted calls fails client side. However, encryption at message
// level is not required and no further investigation has been
// putted into this issue yet.
//
// Console.WriteLine(channelWithIssuedToken.HelloEncryptAndSign("Schultz"));
Console.WriteLine("Press <Enter> to stop the service.");
Console.ReadLine();
}
static void Main(string[] args)
{
// Setup Log4Net configuration by loading it from configuration file
// log4net is not necessary and is only being used for demonstration
XmlConfigurator.Configure();
// To ensure that the WSP is up and running.
Thread.Sleep(1000);
// Retrieve token
IStsTokenService stsTokenService =
new StsTokenServiceCache(
TokenServiceConfigurationFactory.CreateConfiguration()
);
var securityToken = stsTokenService.GetToken();
// Call WSP with token
var hostname = "https://Digst.OioIdws.Wsp:9090/HelloWorld";
var customBinding = new Channels.CustomBinding();
var endpointAddress = new System.ServiceModel.EndpointAddress(
new Uri(hostname),
System.ServiceModel.EndpointIdentity.CreateDnsIdentity(
"wsp.oioidws-net.dk TEST (funktionscertifikat)"
),
new Channels.AddressHeader[] { }
);
var asymmetric =
new Channels.AsymmetricSecurityBindingElement
(
new SecurityTokens.X509SecurityTokenParameters(
SecurityTokens.X509KeyIdentifierClauseType.Any,
SecurityTokens.SecurityTokenInclusionMode.AlwaysToInitiator
),
new Soap.StrCustomization.CustomizedIssuedSecurityTokenParameters(
"http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
)
{
UseStrTransform = true
}
)
{
AllowSerializedSigningTokenOnReply = true,
ProtectTokens = true
};
asymmetric.SetKeyDerivation(false);
var messageEncoding =
new Channels.TextMessageEncodingBindingElement
{
MessageVersion =
Channels.MessageVersion.Soap12WSAddressing10
};
var transport =
(hostname.ToLower().StartsWith("https://"))
? new Channels.HttpsTransportBindingElement()
: new Channels.HttpTransportBindingElement();
customBinding.Elements.Add(asymmetric);
customBinding.Elements.Add(messageEncoding);
customBinding.Elements.Add(transport);
System.ServiceModel.ChannelFactory <IHelloWorld> factory =
new System.ServiceModel.ChannelFactory <IHelloWorld>(
customBinding, endpointAddress
);
factory.Credentials.UseIdentityConfiguration = true;
factory.Credentials.ServiceCertificate.SetScopedCertificate(
X509Certificates.StoreLocation.LocalMachine,
X509Certificates.StoreName.My,
X509Certificates.X509FindType.FindByThumbprint,
"1F0830937C74B0567D6B05C07B6155059D9B10C7",
new Uri(hostname)
);
factory.Endpoint.Behaviors.Add(
new Soap.Behaviors.SoapClientBehavior()
);
var channelWithIssuedToken =
factory.CreateChannelWithIssuedToken(securityToken);
Console.WriteLine(channelWithIssuedToken.HelloNone("Schultz"));
Console.WriteLine(channelWithIssuedToken.HelloSign("Schultz"));
Console.WriteLine(channelWithIssuedToken.HelloEncryptAndSign("Schultz"));
// Checking that SOAP faults can be read. SOAP faults are encrypted
// in Sign and EncryptAndSign mode if no special care is taken.
try
{
channelWithIssuedToken.HelloSignError("Schultz");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
// Checking that SOAP faults can be read when only being signed.
// SOAP faults are only signed if special care is taken.
try
{
channelWithIssuedToken.HelloSignErrorNotEncrypted("Schultz");
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
Console.ReadLine();
}
