예제 #1
0
        public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));

            if (samlSerializer == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));

            XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader);
            WrappedReader wrappedReader = new WrappedReader(dictionaryReader);
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
            SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;

            if (!wrappedReader.IsStartElement(dictionary.Assertion, dictionary.Namespace))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLElementNotRecognized, wrappedReader.LocalName)));

            string attributeValue = wrappedReader.GetAttribute(dictionary.MajorVersion, null);
            if (string.IsNullOrEmpty(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMajorVersionAttributeOnRead)));
            int majorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);

            attributeValue = wrappedReader.GetAttribute(dictionary.MinorVersion, null);
            if (string.IsNullOrEmpty(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMinorVersionAttributeOnRead)));

            int minorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);

            if ((majorVersion != SamlConstants.MajorVersionValue) || (minorVersion != SamlConstants.MinorVersionValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLTokenVersionNotSupported, majorVersion, minorVersion, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue)));
            }

            attributeValue = wrappedReader.GetAttribute(dictionary.AssertionId, null);
            if (string.IsNullOrEmpty(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIdRequired)));

            if (!IsAssertionIdValid(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIDIsInvalid, attributeValue)));

            this.assertionId = attributeValue;

            attributeValue = wrappedReader.GetAttribute(dictionary.Issuer, null);
            if (string.IsNullOrEmpty(attributeValue))
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingIssuerAttributeOnRead)));
            this.issuer = attributeValue;

            attributeValue = wrappedReader.GetAttribute(dictionary.IssueInstant, null);
            if (!string.IsNullOrEmpty(attributeValue))
                this.issueInstant = DateTime.ParseExact(
                    attributeValue, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();

            wrappedReader.MoveToContent();
            wrappedReader.Read();

            if (wrappedReader.IsStartElement(dictionary.Conditions, dictionary.Namespace))
            {
                this.conditions = samlSerializer.LoadConditions(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                if (this.conditions == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadCondtions)));
            }

            if (wrappedReader.IsStartElement(dictionary.Advice, dictionary.Namespace))
            {
                this.advice = samlSerializer.LoadAdvice(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                if (this.advice == null)
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAdvice)));
            }

            while (wrappedReader.IsStartElement())
            {
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
                if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
                {
                    break;
                }
                else
                {
                    SamlStatement statement = samlSerializer.LoadStatement(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                    if (statement == null)
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadStatement)));
                    this.statements.Add(statement);
                }
            }

            if (this.statements.Count == 0)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionRequireOneStatementOnRead)));

            if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
                this.ReadSignature(wrappedReader, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);

            wrappedReader.MoveToContent();
            wrappedReader.ReadEndElement();

            this.tokenStream = wrappedReader.XmlTokens;

            if (this.signature != null)
            {
                VerifySignature(this.signature, this.verificationKey);
            }

            BuildCryptoList();
        }
예제 #2
0
        public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));
            }

            if (samlSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
            }

            XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader);
            WrappedReader       wrappedReader    = new WrappedReader(dictionaryReader);

#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
            SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;

            if (!wrappedReader.IsStartElement(dictionary.Assertion, dictionary.Namespace))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLElementNotRecognized, wrappedReader.LocalName)));
            }

            string attributeValue = wrappedReader.GetAttribute(dictionary.MajorVersion, null);
            if (string.IsNullOrEmpty(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMajorVersionAttributeOnRead)));
            }
            int majorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);

            attributeValue = wrappedReader.GetAttribute(dictionary.MinorVersion, null);
            if (string.IsNullOrEmpty(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingMinorVersionAttributeOnRead)));
            }

            int minorVersion = Int32.Parse(attributeValue, CultureInfo.InvariantCulture);

            if ((majorVersion != SamlConstants.MajorVersionValue) || (minorVersion != SamlConstants.MinorVersionValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLTokenVersionNotSupported, majorVersion, minorVersion, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue)));
            }

            attributeValue = wrappedReader.GetAttribute(dictionary.AssertionId, null);
            if (string.IsNullOrEmpty(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIdRequired)));
            }

            if (!IsAssertionIdValid(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionIDIsInvalid, attributeValue)));
            }

            this.assertionId = attributeValue;

            attributeValue = wrappedReader.GetAttribute(dictionary.Issuer, null);
            if (string.IsNullOrEmpty(attributeValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionMissingIssuerAttributeOnRead)));
            }
            this.issuer = attributeValue;

            attributeValue = wrappedReader.GetAttribute(dictionary.IssueInstant, null);
            if (!string.IsNullOrEmpty(attributeValue))
            {
                this.issueInstant = DateTime.ParseExact(
                    attributeValue, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
            }

            wrappedReader.MoveToContent();
            wrappedReader.Read();

            if (wrappedReader.IsStartElement(dictionary.Conditions, dictionary.Namespace))
            {
                this.conditions = samlSerializer.LoadConditions(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                if (this.conditions == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadCondtions)));
                }
            }

            if (wrappedReader.IsStartElement(dictionary.Advice, dictionary.Namespace))
            {
                this.advice = samlSerializer.LoadAdvice(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                if (this.advice == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadAdvice)));
                }
            }

            while (wrappedReader.IsStartElement())
            {
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
                if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
                {
                    break;
                }
                else
                {
                    SamlStatement statement = samlSerializer.LoadStatement(wrappedReader, keyInfoSerializer, outOfBandTokenResolver);
                    if (statement == null)
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLUnableToLoadStatement)));
                    }
                    this.statements.Add(statement);
                }
            }

            if (this.statements.Count == 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAssertionRequireOneStatementOnRead)));
            }

            if (wrappedReader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
            {
                this.ReadSignature(wrappedReader, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);
            }

            wrappedReader.MoveToContent();
            wrappedReader.ReadEndElement();

            this.tokenStream = wrappedReader.XmlTokens;

            if (this.signature != null)
            {
                VerifySignature(this.signature, this.verificationKey);
            }

            BuildCryptoList();
        }
        public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));
            }
            if (samlSerializer == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
            }
            WrappedReader  reader3        = new WrappedReader(XmlDictionaryReader.CreateDictionaryReader(reader));
            SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;

            if (!reader3.IsStartElement(samlDictionary.Assertion, samlDictionary.Namespace))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLElementNotRecognized", new object[] { reader3.LocalName })));
            }
            string attribute = reader3.GetAttribute(samlDictionary.MajorVersion, null);

            if (string.IsNullOrEmpty(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingMajorVersionAttributeOnRead")));
            }
            int num = int.Parse(attribute, CultureInfo.InvariantCulture);

            attribute = reader3.GetAttribute(samlDictionary.MinorVersion, null);
            if (string.IsNullOrEmpty(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingMinorVersionAttributeOnRead")));
            }
            int num2 = int.Parse(attribute, CultureInfo.InvariantCulture);

            if ((num != SamlConstants.MajorVersionValue) || (num2 != SamlConstants.MinorVersionValue))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLTokenVersionNotSupported", new object[] { num, num2, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue })));
            }
            attribute = reader3.GetAttribute(samlDictionary.AssertionId, null);
            if (string.IsNullOrEmpty(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionIdRequired")));
            }
            if (!this.IsAssertionIdValid(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionIDIsInvalid", new object[] { attribute })));
            }
            this.assertionId = attribute;
            attribute        = reader3.GetAttribute(samlDictionary.Issuer, null);
            if (string.IsNullOrEmpty(attribute))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingIssuerAttributeOnRead")));
            }
            this.issuer = attribute;
            attribute   = reader3.GetAttribute(samlDictionary.IssueInstant, null);
            if (!string.IsNullOrEmpty(attribute))
            {
                this.issueInstant = DateTime.ParseExact(attribute, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
            }
            reader3.MoveToContent();
            reader3.Read();
            if (reader3.IsStartElement(samlDictionary.Conditions, samlDictionary.Namespace))
            {
                this.conditions = samlSerializer.LoadConditions(reader3, keyInfoSerializer, outOfBandTokenResolver);
                if (this.conditions == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadCondtions")));
                }
            }
            if (reader3.IsStartElement(samlDictionary.Advice, samlDictionary.Namespace))
            {
                this.advice = samlSerializer.LoadAdvice(reader3, keyInfoSerializer, outOfBandTokenResolver);
                if (this.advice == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadAdvice")));
                }
            }
            while (reader3.IsStartElement())
            {
                if (reader3.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
                {
                    break;
                }
                SamlStatement item = samlSerializer.LoadStatement(reader3, keyInfoSerializer, outOfBandTokenResolver);
                if (item == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadStatement")));
                }
                this.statements.Add(item);
            }
            if (this.statements.Count == 0)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionRequireOneStatementOnRead")));
            }
            if (reader3.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
            {
                this.ReadSignature(reader3, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);
            }
            reader3.MoveToContent();
            reader3.ReadEndElement();
            this.tokenStream = reader3.XmlTokens;
            if (this.signature != null)
            {
                this.VerifySignature(this.signature, this.verificationKey);
            }
            this.BuildCryptoList();
        }
 public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
 {
     if (reader == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("ReadXml"));
     }
     if (samlSerializer == null)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
     }
     WrappedReader reader3 = new WrappedReader(XmlDictionaryReader.CreateDictionaryReader(reader));
     SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
     if (!reader3.IsStartElement(samlDictionary.Assertion, samlDictionary.Namespace))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLElementNotRecognized", new object[] { reader3.LocalName })));
     }
     string attribute = reader3.GetAttribute(samlDictionary.MajorVersion, null);
     if (string.IsNullOrEmpty(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingMajorVersionAttributeOnRead")));
     }
     int num = int.Parse(attribute, CultureInfo.InvariantCulture);
     attribute = reader3.GetAttribute(samlDictionary.MinorVersion, null);
     if (string.IsNullOrEmpty(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingMinorVersionAttributeOnRead")));
     }
     int num2 = int.Parse(attribute, CultureInfo.InvariantCulture);
     if ((num != SamlConstants.MajorVersionValue) || (num2 != SamlConstants.MinorVersionValue))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLTokenVersionNotSupported", new object[] { num, num2, SamlConstants.MajorVersionValue, SamlConstants.MinorVersionValue })));
     }
     attribute = reader3.GetAttribute(samlDictionary.AssertionId, null);
     if (string.IsNullOrEmpty(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionIdRequired")));
     }
     if (!this.IsAssertionIdValid(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionIDIsInvalid", new object[] { attribute })));
     }
     this.assertionId = attribute;
     attribute = reader3.GetAttribute(samlDictionary.Issuer, null);
     if (string.IsNullOrEmpty(attribute))
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionMissingIssuerAttributeOnRead")));
     }
     this.issuer = attribute;
     attribute = reader3.GetAttribute(samlDictionary.IssueInstant, null);
     if (!string.IsNullOrEmpty(attribute))
     {
         this.issueInstant = DateTime.ParseExact(attribute, SamlConstants.AcceptedDateTimeFormats, DateTimeFormatInfo.InvariantInfo, DateTimeStyles.None).ToUniversalTime();
     }
     reader3.MoveToContent();
     reader3.Read();
     if (reader3.IsStartElement(samlDictionary.Conditions, samlDictionary.Namespace))
     {
         this.conditions = samlSerializer.LoadConditions(reader3, keyInfoSerializer, outOfBandTokenResolver);
         if (this.conditions == null)
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadCondtions")));
         }
     }
     if (reader3.IsStartElement(samlDictionary.Advice, samlDictionary.Namespace))
     {
         this.advice = samlSerializer.LoadAdvice(reader3, keyInfoSerializer, outOfBandTokenResolver);
         if (this.advice == null)
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadAdvice")));
         }
     }
     while (reader3.IsStartElement())
     {
         if (reader3.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
         {
             break;
         }
         SamlStatement item = samlSerializer.LoadStatement(reader3, keyInfoSerializer, outOfBandTokenResolver);
         if (item == null)
         {
             throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLUnableToLoadStatement")));
         }
         this.statements.Add(item);
     }
     if (this.statements.Count == 0)
     {
         throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAssertionRequireOneStatementOnRead")));
     }
     if (reader3.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.Signature, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace))
     {
         this.ReadSignature(reader3, keyInfoSerializer, outOfBandTokenResolver, samlSerializer);
     }
     reader3.MoveToContent();
     reader3.ReadEndElement();
     this.tokenStream = reader3.XmlTokens;
     if (this.signature != null)
     {
         this.VerifySignature(this.signature, this.verificationKey);
     }
     this.BuildCryptoList();
 }