/// <summary> /// Helper function to check if SAML Token was issued by HomeRealmSTS /// </summary> /// <returns>True on success. False on failure.</returns> private static bool IssuedByHomeRealmSTS(ClaimSet myClaimSet) { // Extract the issuer ClaimSet ClaimSet issuerClaimSet = myClaimSet.Issuer; // If the Issuer is null, return false. if (issuerClaimSet == null) { return(false); } // Find all the Thumbprint claims in the issuer ClaimSet IEnumerable <Claim> issuerClaims = issuerClaimSet.FindClaims(ClaimTypes.Thumbprint, null); // If there are no Thumbprint claims, return false; if (issuerClaims == null) { return(false); } // Get the enumerator for the set of Thumbprint claims... IEnumerator <Claim> issuerClaimsEnum = issuerClaims.GetEnumerator(); // ...and set issuerClaim to the first such Claim Claim issuerClaim = null; if (issuerClaimsEnum.MoveNext()) { issuerClaim = issuerClaimsEnum.Current; } // If there was no Thumbprint claim, return false; if (issuerClaim == null) { return(false); } // If, despite the above checks, the returned claim is not a Thumbprint claim, return false if (issuerClaim.ClaimType != ClaimTypes.Thumbprint) { return(false); } // If the returned claim doesn't contain a Resource, return false if (issuerClaim.Resource == null) { return(false); } // Extract the thmubprint data from the claim byte[] issuerThumbprint = (byte[])issuerClaim.Resource; // Extract the thumbprint for the HomeRealmSTS.com certificate byte[] certThumbprint = FederationUtilities.GetCertificateThumbprint(ServiceConstants.CertStoreName, ServiceConstants.CertStoreLocation, ServiceConstants.IssuerDistinguishedName); // If the lengths of the two thumbprints are different, return false if (issuerThumbprint.Length != certThumbprint.Length) { return(false); } // Check the individual bytes of the two thumbprints for equality... for (int i = 0; i < issuerThumbprint.Length; i++) { //... if any byte in the thumbprint from the claim does NOT match the corresponding // byte from the thumbprint in the BookStoreSTS.com certificate, return false if (issuerThumbprint[i] != certThumbprint[i]) { return(false); } } // If we get through all the above checks, return true (ClaimSet was issued by HomeRealmSTS.com) return(true); }
/// <summary> /// Sets up the BookStoreSTS by loading relevant Application Settings /// </summary> public BookStoreSTS() : base(ServiceConstants.SecurityTokenServiceName, FederationUtilities.GetX509TokenFromCert(ServiceConstants.CertStoreName, ServiceConstants.CertStoreLocation, ServiceConstants.CertDistinguishedName), FederationUtilities.GetX509TokenFromCert(ServiceConstants.CertStoreName, ServiceConstants.CertStoreLocation, ServiceConstants.TargetDistinguishedName)) { }
public HomeRealmSTS() : base(ServiceConstants.StsName, FederationUtilities.GetX509TokenFromCert(ServiceConstants.CertStoreName, ServiceConstants.CertStoreLocation, ServiceConstants.CertDistinguishedName), FederationUtilities.GetX509TokenFromCert(ServiceConstants.CertStoreName, ServiceConstants.CertStoreLocation, ServiceConstants.TargetDistinguishedName)) { }