public InternalPolicyElement(CardSpacePolicyElement element)
{
if (element.Target == null)
{
throw InfoCardTrace.ThrowHelperArgumentNull("PolicyElement.Target");
}
this.m_element = element;
}
public InternalPolicyElement(CardSpacePolicyElement element)
{
if (element.Target == null)
{
throw InfoCardTrace.ThrowHelperArgumentNull("PolicyElement.Target");
}
this.m_element = element;
}
public static GenericXmlSecurityToken GetToken (
XmlElement endpoint,
IEnumerable<XmlElement> policy,
XmlElement requiredRemoteTokenIssuer,
SecurityTokenSerializer serializer)
{
CardSpacePolicyElement pe = new CardSpacePolicyElement (endpoint, requiredRemoteTokenIssuer, new Collection<XmlElement> (new List<XmlElement> (policy)), null, 0, requiredRemoteTokenIssuer != null);
return GetToken (new CardSpacePolicyElement [] {pe}, serializer);
}
//
// Parameters:
// target - The target of the token being described.
// parameters - describes the type of token required by the target.
//
public InternalPolicyElement(CardSpacePolicyElement element)
{
m_nativePtr = IntPtr.Zero;
if (null == element.Target)
{
throw IDT.ThrowHelperArgumentNull("PolicyElement.Target");
}
m_element = element;
}
//
// Parameters:
// target - The target of the token being described.
// parameters - describes the type of token required by the target.
//
public InternalPolicyElement(CardSpacePolicyElement element)
{
m_nativePtr = IntPtr.Zero;
if (null == element.Target)
{
throw IDT.ThrowHelperArgumentNull("PolicyElement.Target");
}
m_element = element;
}
public static GenericXmlSecurityToken GetToken(
XmlElement endpoint,
IEnumerable <XmlElement> policy,
XmlElement requiredRemoteTokenIssuer,
SecurityTokenSerializer serializer)
{
CardSpacePolicyElement pe = new CardSpacePolicyElement(endpoint, requiredRemoteTokenIssuer, new Collection <XmlElement> (new List <XmlElement> (policy)), null, 0, requiredRemoteTokenIssuer != null);
return(GetToken(new CardSpacePolicyElement [] { pe }, serializer));
}
public PolicyChain(CardSpacePolicyElement[] elements)
{
int length = elements.Length;
m_chain = new InternalPolicyElement[length];
for (int i = 0; i < length; i++)
{
m_chain[i] = new InternalPolicyElement(elements[i]);
}
}
public static GenericXmlSecurityToken GetToken (
CardSpacePolicyElement [] policyChain,
SecurityTokenSerializer serializer)
{
return (GenericXmlSecurityToken) get_token.Invoke (impl, new object [] {policyChain, serializer});
}
internal protected virtual SecurityToken GetInfoCardSecurityToken(bool requiresInfoCard, CardSpacePolicyElement[] chain, SecurityTokenSerializer tokenSerializer)
{
if (!requiresInfoCard)
{
return null;
}
return CardSpaceSelector.GetToken(chain, tokenSerializer);
}
protected virtual SecurityToken GetInfoCardSecurityToken (
bool requiresInfoCard, CardSpacePolicyElement [] chain,
SecurityTokenSerializer tokenSerializer)
{
throw new NotImplementedException ();
}
public override GenericXmlSecurityToken GetToken (
CardSpacePolicyElement [] policyChain,
SecurityTokenSerializer serializer)
{
NativeGenericXmlToken token;
NativeInfocardCryptoHandle proof;
NativePolicyElement [] natives =
new NativePolicyElement [policyChain.Length];
for (int i = 0; i < policyChain.Length; i++)
natives [i] = new NativePolicyElement (
policyChain [i].Target,
policyChain [i].Issuer,
policyChain [i].Parameters,
policyChain [i].PolicyNoticeLink,
policyChain [i].PolicyNoticeVersion,
policyChain [i].IsManagedIssuer);
int hresult = GetToken (policyChain.Length, natives, out token, out proof);
NativeGetTokenResults ret = (NativeGetTokenResults) (hresult & 0xCFFFFFFF);
switch (ret) {
case NativeGetTokenResults.OK:
return token.ToObject (proof, serializer);
case NativeGetTokenResults.UserCancelled:
throw new UserCancellationException ();
case NativeGetTokenResults.InvalidPolicy:
throw new PolicyValidationException ();
case NativeGetTokenResults.ServiceBusy:
throw new ServiceBusyException ();
case NativeGetTokenResults.ServiceUnavailable:
throw new ServiceNotStartedException ();
case NativeGetTokenResults.IdentityVerificationFailed:
case NativeGetTokenResults.InvalidDecryptionKey:
throw new IdentityValidationException ();
case NativeGetTokenResults.ErrorOnCommunication:
throw new StsCommunicationException ();
case NativeGetTokenResults.UntrustedRecipient:
throw new UntrustedRecipientException ();
case NativeGetTokenResults.UnsupportedPolicy:
throw new UnsupportedPolicyOptionsException ();
case NativeGetTokenResults.ErrorOnDataAccess:
case NativeGetTokenResults.ErrorOnExport:
case NativeGetTokenResults.ErrorOnImport:
case NativeGetTokenResults.InvalidArgument:
case NativeGetTokenResults.ErrorInRequest:
case NativeGetTokenResults.ErrorInCardData:
case NativeGetTokenResults.InvalidCertificateLogo:
case NativeGetTokenResults.InvalidPassword:
case NativeGetTokenResults.ProcessDied:
case NativeGetTokenResults.Shuttingdown:
case NativeGetTokenResults.ErrorOnTokenCreation:
case NativeGetTokenResults.TrustExchangeFailure:
case NativeGetTokenResults.ErrorOnStoreImport:
case NativeGetTokenResults.UIStartFailure:
case NativeGetTokenResults.MaxSession:
case NativeGetTokenResults.ImportFileAccessFailure:
case NativeGetTokenResults.MalformedRequest:
case NativeGetTokenResults.RefreshRequired:
case NativeGetTokenResults.MissingAppliesTo:
case NativeGetTokenResults.UnknownReference:
case NativeGetTokenResults.InvalidProofKey:
case NativeGetTokenResults.ClaimsNotProvided:
default:
throw CardspaceError (ret);
}
}
// Summary
// Request a security token from the infocard system
//
// Parameters
// policyChain - an array of PolicyElements that describe the federated security chain that the client
// needs a final token to unwind.
//
public static GenericXmlSecurityToken GetToken(CardSpacePolicyElement[] policyChain, SecurityTokenSerializer tokenSerializer)
{
IDT.TraceDebug("ICARDCLIENT: GetToken called with a policy chain of length {0}", policyChain.Length);
InfoCardProofToken proofToken = null;
InternalRefCountedHandle nativeCryptoHandle = null;
GenericXmlSecurityToken token = null;
RpcGenericXmlToken infocardToken = new RpcGenericXmlToken();
SafeTokenHandle nativeToken = null;
Int32 result = 0;
if (null == policyChain || 0 == policyChain.Length)
{
throw IDT.ThrowHelperArgumentNull("policyChain");
}
if (null == tokenSerializer)
{
throw IDT.ThrowHelperArgumentNull("tokenSerializer");
}
if (null == tokenSerializer)
{
throw IDT.ThrowHelperArgumentNull("tokenSerializer");
}
try
{
RuntimeHelpers.PrepareConstrainedRegions();
bool mustRelease = false;
try
{
}
finally
{
//
// The PolicyChain class will do the marshalling and native buffer management for us.
//
try
{
using (PolicyChain tmpChain = new PolicyChain(policyChain))
{
IDT.TraceDebug("ICARDCLIENT: PInvoking the native GetToken call");
result = GetShim().m_csShimGetToken(
tmpChain.Length,
tmpChain.DoMarshal(),
out nativeToken,
out nativeCryptoHandle);
}
if (0 == result)
{
IDT.TraceDebug("ICARDCLIENT: The PInvoke of GetToken succeeded");
nativeToken.DangerousAddRef(ref mustRelease);
infocardToken = (RpcGenericXmlToken)Marshal.PtrToStructure(
nativeToken.DangerousGetHandle(),
typeof(RpcGenericXmlToken));
}
}
finally
{
if (mustRelease)
{
nativeToken.DangerousRelease();
}
}
}
if (0 == result)
{
using (ProofTokenCryptoHandle crypto =
(ProofTokenCryptoHandle)CryptoHandle.Create(nativeCryptoHandle))
{
proofToken = crypto.CreateProofToken();
}
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(infocardToken.xmlToken);
SecurityKeyIdentifierClause internalTokenReference = null;
if (null != infocardToken.internalTokenReference)
{
internalTokenReference = tokenSerializer.ReadKeyIdentifierClause(
CreateReaderWithQuotas(infocardToken.internalTokenReference));
}
SecurityKeyIdentifierClause externalTokenReference = null;
if (null != infocardToken.externalTokenReference)
{
externalTokenReference = tokenSerializer.ReadKeyIdentifierClause(
CreateReaderWithQuotas(infocardToken.externalTokenReference));
}
IDT.TraceDebug("ICARDCLIENT: Constructing a new GenericXmlSecurityToken");
token = new GenericXmlSecurityToken(
xmlDoc.DocumentElement,
proofToken,
DateTime.FromFileTimeUtc(infocardToken.createDate),
DateTime.FromFileTimeUtc(infocardToken.expiryDate),
internalTokenReference,
externalTokenReference,
null);
}
else
{
IDT.TraceDebug("ICARDCLIENT: The PInvoke of GetToken failed with a return code of {0}", result);
//
// Convert the HRESULTS to exceptions
//
ExceptionHelper.ThrowIfCardSpaceException((int)result);
throw IDT.ThrowHelperError(new CardSpaceException(SR.GetString(SR.ClientAPIInfocardError)));
}
}
catch
{
if (null != nativeCryptoHandle)
{
nativeCryptoHandle.Dispose();
}
if (null != proofToken)
{
proofToken.Dispose();
}
throw;
}
finally
{
if (null != nativeToken)
{
nativeToken.Dispose();
}
}
return token;
}
public virtual GenericXmlSecurityToken GetToken (
CardSpacePolicyElement [] policyChain,
SecurityTokenSerializer serializer)
{
// FIXME: sort out what is supposed to be done here.
foreach (CardSpacePolicyElement policy in policyChain)
return GetToken (policy.Target, policy.Issuer,
policy.Parameters,
policy.PolicyNoticeLink,
policy.PolicyNoticeVersion);
throw new Exception ("INTERNAL ERROR: no policy to process");
}
