/// <summary>
        /// Indicates whether the <see cref="SecurityKeyIdentifierClause"/> for an assertion matches the specified <see cref="SecurityKeyIdentifierClause"/>.
        /// </summary>
        /// <param name="assertionId">Id of the assertion</param>
        /// <param name="keyIdentifierClause">A <see cref="SecurityKeyIdentifierClause"/> to match.</param>
        /// <returns>'True' if the keyIdentifier matches this. 'False' otherwise.</returns>
        public static bool Matches(string assertionId, SecurityKeyIdentifierClause keyIdentifierClause)
        {
            if (string.IsNullOrEmpty(assertionId))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("assertionId");
            }

            if (null == keyIdentifierClause)
            {
                return(false);
            }

            // Prefer our own type
            Saml2AssertionKeyIdentifierClause saml2Clause = keyIdentifierClause as Saml2AssertionKeyIdentifierClause;

            if (null != saml2Clause && StringComparer.Ordinal.Equals(assertionId, saml2Clause.Id))
            {
                return(true);
            }

            // For compatibility, match against the old WCF type.
            // WCF will read SAML2-based key identifier clauses if our
            // SecurityTokenSerializer doesn't get the chance. Unfortunately,
            // the TokenTypeUri and ValueType properties are internal, so
            // we can't check if they're for SAML2 or not. We're just going
            // to go with the fact that SAML Assertion IDs, in both versions,
            // are supposed to be sufficiently random as to not intersect.
            // So, if the AssertionID matches our Id, we'll say that's good
            // enough.
            SamlAssertionKeyIdentifierClause wcfClause = keyIdentifierClause as SamlAssertionKeyIdentifierClause;

            if (null != wcfClause && StringComparer.Ordinal.Equals(assertionId, wcfClause.AssertionId))
            {
                return(true);
            }

            // Out of options.
            return(false);
        }
 /// <summary>
 /// Creates an instance of <see cref="WrappedSaml2AssertionKeyIdentifierClause"/>
 /// </summary>
 /// <param name="clause">A <see cref="Saml2AssertionKeyIdentifierClause"/> to be wrapped.</param>
 public WrappedSaml2AssertionKeyIdentifierClause(Saml2AssertionKeyIdentifierClause clause)
     : base(clause.Id)
 {
     this.clause = clause;
 }
 /// <summary>
 /// Creates an instance of <see cref="WrappedSaml2AssertionKeyIdentifierClause"/>
 /// </summary>
 /// <param name="clause">A <see cref="Saml2AssertionKeyIdentifierClause"/> to be wrapped.</param>
 public WrappedSaml2AssertionKeyIdentifierClause(Saml2AssertionKeyIdentifierClause clause)
     : base(clause.Id)
 {
     this.clause = clause;
 }
예제 #4
0
 /// <summary>
 /// Determines if this token matches the keyIdentifierClause.
 /// </summary>
 /// <param name="keyIdentifierClause"><see cref="SecurityKeyIdentifierClause"/> to match.</param>
 /// <returns>True if the keyIdentifierClause is matched. False otherwise.</returns>
 public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause)
 {
     return(Saml2AssertionKeyIdentifierClause.Matches(this.Id, keyIdentifierClause) ||
            base.MatchesKeyIdentifierClause(keyIdentifierClause));
 }