static async Task <NetworkCredential> GetCredentialCoreAsync(AuthenticationSchemes authenticationScheme, SecurityTokenProviderContainer credentialProvider, OutWrapper <TokenImpersonationLevel> impersonationLevelWrapper, OutWrapper <AuthenticationLevel> authenticationLevelWrapper, CancellationToken cancellationToken) { impersonationLevelWrapper.Value = TokenImpersonationLevel.None; authenticationLevelWrapper.Value = AuthenticationLevel.None; NetworkCredential result = null; switch (authenticationScheme) { case AuthenticationSchemes.Basic: result = await TransportSecurityHelpers.GetUserNameCredentialAsync(credentialProvider, cancellationToken); impersonationLevelWrapper.Value = TokenImpersonationLevel.Delegation; break; case AuthenticationSchemes.Digest: result = await TransportSecurityHelpers.GetSspiCredentialAsync(credentialProvider, impersonationLevelWrapper, authenticationLevelWrapper, cancellationToken); ValidateDigestCredential(result, impersonationLevelWrapper.Value); break; case AuthenticationSchemes.Negotiate: result = await TransportSecurityHelpers.GetSspiCredentialAsync(credentialProvider, impersonationLevelWrapper, authenticationLevelWrapper, cancellationToken); break; case AuthenticationSchemes.Ntlm: result = await TransportSecurityHelpers.GetSspiCredentialAsync(credentialProvider, impersonationLevelWrapper, authenticationLevelWrapper, cancellationToken); if (authenticationLevelWrapper.Value == AuthenticationLevel.MutualAuthRequired) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new InvalidOperationException(SR.CredentialDisallowsNtlm)); } break; default: // The setter for this property should prevent this. throw Fx.AssertAndThrow("GetCredential: Invalid authentication scheme"); } return(result); }
internal override async Task OpenAsync(TimeSpan timeout) { TimeoutHelper timeoutHelper = new TimeoutHelper(timeout); base.Open(timeoutHelper.RemainingTime()); OutWrapper <TokenImpersonationLevel> impersonationLevelWrapper = new OutWrapper <TokenImpersonationLevel>(); OutWrapper <bool> allowNtlmWrapper = new OutWrapper <bool>(); SecurityUtils.OpenTokenProviderIfRequired(_clientTokenProvider, timeoutHelper.RemainingTime()); _credential = await TransportSecurityHelpers.GetSspiCredentialAsync( _clientTokenProvider, impersonationLevelWrapper, allowNtlmWrapper, timeoutHelper.GetCancellationToken()); _impersonationLevel = impersonationLevelWrapper.Value; _allowNtlm = allowNtlmWrapper; return; }