Exemplo n.º 1
0
            public SecurityNegotiationAsyncResult(IssuanceTokenProviderBase <T> tokenProvider, TimeSpan timeout, AsyncCallback callback, object state) : base(callback, state)
            {
                this.timeout       = timeout;
                this.timeoutHelper = new TimeoutHelper(timeout);
                this.tokenProvider = tokenProvider;
                this.target        = tokenProvider.targetAddress;
                this.issuer        = tokenProvider.issuerAddress;
                this.via           = tokenProvider.via;
                bool flag = false;

                try
                {
                    flag = this.StartNegotiation();
                }
                catch (Exception exception)
                {
                    if (Fx.IsFatal(exception))
                    {
                        throw;
                    }
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(this.OnSyncNegotiationFailure(exception));
                }
                if (flag)
                {
                    this.OnNegotiationComplete();
                    base.Complete(true);
                }
            }
Exemplo n.º 2
0
 private static void OpenChannelCallback(IAsyncResult result)
 {
     if (!result.CompletedSynchronously)
     {
         IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult asyncState = (IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult)result.AsyncState;
         bool      flag      = false;
         Exception exception = null;
         try
         {
             asyncState.rstChannel.EndOpen(result);
             flag = asyncState.OnRequestChannelOpened();
             if (flag)
             {
                 asyncState.OnNegotiationComplete();
             }
         }
         catch (Exception exception2)
         {
             if (Fx.IsFatal(exception2))
             {
                 throw;
             }
             flag      = true;
             exception = asyncState.OnAsyncNegotiationFailure(exception2);
         }
         if (flag)
         {
             asyncState.Complete(false, exception);
         }
     }
 }
            public SecurityNegotiationAsyncResult(IssuanceTokenProviderBase <T> tokenProvider, TimeSpan timeout, AsyncCallback callback, object state)
                : base(callback, state)
            {
                this.timeout       = timeout;
                timeoutHelper      = new TimeoutHelper(timeout);
                this.tokenProvider = tokenProvider;
                this.target        = tokenProvider.targetAddress;
                this.issuer        = tokenProvider.issuerAddress;
                this.via           = tokenProvider.via;
                bool completeSelf = false;

                try
                {
                    completeSelf = this.StartNegotiation();
                }
#pragma warning suppress 56500 // covered by FxCOP
                catch (Exception e)
                {
                    if (Fx.IsFatal(e))
                    {
                        throw;
                    }
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(this.OnSyncNegotiationFailure(e));
                }
                if (completeSelf)
                {
                    this.OnNegotiationComplete();
                    Complete(true);
                }
            }
Exemplo n.º 4
0
 private static Exception WrapExceptionIfRequired(Exception e, EndpointAddress targetAddress, EndpointAddress issuerAddress)
 {
     if (IssuanceTokenProviderBase <T> .ShouldWrapException(e))
     {
         Uri uri;
         Uri uri2;
         if (targetAddress != null)
         {
             uri = targetAddress.Uri;
         }
         else
         {
             uri = null;
         }
         if (issuerAddress != null)
         {
             uri2 = issuerAddress.Uri;
         }
         else
         {
             uri2 = uri;
         }
         if (uri != null)
         {
             e = new SecurityNegotiationException(System.ServiceModel.SR.GetString("SoapSecurityNegotiationFailedForIssuerAndTarget", new object[] { uri2, uri }), e);
             return(e);
         }
         e = new SecurityNegotiationException(System.ServiceModel.SR.GetString("SoapSecurityNegotiationFailed"), e);
     }
     return(e);
 }
Exemplo n.º 5
0
        protected override BodyWriter GetNextOutgoingMessageBody(Message incomingMessage, AcceleratedTokenProviderState negotiationState)
        {
            ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies;

            IssuanceTokenProviderBase <AcceleratedTokenProviderState> .ThrowIfFault(incomingMessage, base.TargetAddress);

            if (incomingMessage.Headers.Action != this.RequestSecurityTokenResponseAction.Value)
            {
                throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("InvalidActionForNegotiationMessage", new object[] { incomingMessage.Headers.Action })), incomingMessage);
            }
            SecurityMessageProperty security = incomingMessage.Properties.Security;

            if ((security != null) && (security.ServiceSecurityContext != null))
            {
                authorizationPolicies = security.ServiceSecurityContext.AuthorizationPolicies;
            }
            else
            {
                authorizationPolicies = System.ServiceModel.Security.EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance;
            }
            RequestSecurityTokenResponse response             = null;
            XmlDictionaryReader          readerAtBodyContents = incomingMessage.GetReaderAtBodyContents();

            using (readerAtBodyContents)
            {
                if (base.StandardsManager.MessageSecurityVersion.TrustVersion == TrustVersion.WSTrustFeb2005)
                {
                    response = RequestSecurityTokenResponse.CreateFrom(base.StandardsManager, readerAtBodyContents);
                }
                else
                {
                    if (base.StandardsManager.MessageSecurityVersion.TrustVersion != TrustVersion.WSTrust13)
                    {
                        throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
                    }
                    foreach (RequestSecurityTokenResponse response2 in base.StandardsManager.TrustDriver.CreateRequestSecurityTokenResponseCollection(readerAtBodyContents).RstrCollection)
                    {
                        if (response != null)
                        {
                            throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("MoreThanOneRSTRInRSTRC")));
                        }
                        response = response2;
                    }
                }
                incomingMessage.ReadFromBodyContentsToEnd(readerAtBodyContents);
            }
            if (response.Context != negotiationState.Context)
            {
                throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("BadSecurityNegotiationContext")), incomingMessage);
            }
            byte[] requestorEntropy = negotiationState.GetRequestorEntropy();
            GenericXmlSecurityToken serviceToken = response.GetIssuedToken(null, null, this.keyEntropyMode, requestorEntropy, base.SecurityContextTokenUri, authorizationPolicies, base.SecurityAlgorithmSuite.DefaultSymmetricKeyLength, false);

            negotiationState.SetServiceToken(serviceToken);
            return(null);
        }
Exemplo n.º 6
0
 private static void SendRequestCallback(IAsyncResult result)
 {
     if (!result.CompletedSynchronously)
     {
         IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult asyncState = (IssuanceTokenProviderBase <T> .SecurityNegotiationAsyncResult)result.AsyncState;
         bool      flag      = false;
         Exception exception = null;
         try
         {
             Message incomingMessage = null;
             try
             {
                 incomingMessage = asyncState.rstChannel.EndRequest(result);
             }
             finally
             {
                 if (asyncState.nextOutgoingMessage != null)
                 {
                     asyncState.nextOutgoingMessage.Close();
                 }
             }
             using (incomingMessage)
             {
                 if (incomingMessage == null)
                 {
                     throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("FailToRecieveReplyFromNegotiation")));
                 }
                 flag = asyncState.DoNegotiation(incomingMessage);
             }
             if (flag)
             {
                 asyncState.OnNegotiationComplete();
             }
         }
         catch (Exception exception2)
         {
             if (Fx.IsFatal(exception2))
             {
                 throw;
             }
             flag      = true;
             exception = asyncState.OnAsyncNegotiationFailure(exception2);
         }
         if (flag)
         {
             asyncState.Complete(false, exception);
         }
     }
 }
            Exception OnAsyncNegotiationFailure(Exception e)
            {
                EndpointAddress pinnedEpr = null;

                try
                {
                    pinnedEpr = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress;
                    Cleanup();
                }
                catch (CommunicationException ex)
                {
                    DiagnosticUtility.TraceHandledException(ex, TraceEventType.Information);
                }

                return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, pinnedEpr, this.issuer));
            }
Exemplo n.º 8
0
            private Exception OnAsyncNegotiationFailure(Exception e)
            {
                EndpointAddress targetAddress = null;

                try
                {
                    targetAddress = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress;
                    this.Cleanup();
                }
                catch (CommunicationException exception)
                {
                    if (DiagnosticUtility.ShouldTraceInformation)
                    {
                        DiagnosticUtility.ExceptionUtility.TraceHandledException(exception, TraceEventType.Information);
                    }
                }
                return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, targetAddress, this.issuer));
            }
Exemplo n.º 9
0
            private Exception OnSyncNegotiationFailure(Exception e)
            {
                EndpointAddress targetAddress = (this.negotiationState == null) ? null : this.negotiationState.RemoteAddress;

                return(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(e, targetAddress, this.issuer));
            }
Exemplo n.º 10
0
        protected SecurityToken DoNegotiation(TimeSpan timeout)
        {
            SecurityToken token2;

            this.ThrowIfClosedOrCreated();
            SecurityTraceRecordHelper.TraceBeginSecurityNegotiation <T>((IssuanceTokenProviderBase <T>) this, this.targetAddress);
            TimeoutHelper   helper     = new TimeoutHelper(timeout);
            IRequestChannel rstChannel = null;
            T        negotiationState  = default(T);
            TimeSpan span = timeout;
            int      num  = 1;

            try
            {
                negotiationState = this.CreateNegotiationState(this.targetAddress, this.via, helper.RemainingTime());
                this.InitializeNegotiationState(negotiationState);
                this.InitializeChannelFactories(negotiationState.RemoteAddress, helper.RemainingTime());
                rstChannel = this.CreateClientChannel(negotiationState.RemoteAddress, this.via);
                rstChannel.Open(helper.RemainingTime());
                Message       nextOutgoingMessage = null;
                Message       incomingMessage     = null;
                SecurityToken serviceToken        = null;
                while (true)
                {
                    nextOutgoingMessage = this.GetNextOutgoingMessage(incomingMessage, negotiationState);
                    if (incomingMessage != null)
                    {
                        incomingMessage.Close();
                    }
                    if (nextOutgoingMessage == null)
                    {
                        break;
                    }
                    using (nextOutgoingMessage)
                    {
                        TraceUtility.ProcessOutgoingMessage(nextOutgoingMessage);
                        span            = helper.RemainingTime();
                        incomingMessage = rstChannel.Request(nextOutgoingMessage, span);
                        if (incomingMessage == null)
                        {
                            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CommunicationException(System.ServiceModel.SR.GetString("FailToRecieveReplyFromNegotiation")));
                        }
                        TraceUtility.ProcessIncomingMessage(incomingMessage);
                    }
                    num += 2;
                }
                if (!negotiationState.IsNegotiationCompleted)
                {
                    throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoNegotiationMessageToSend")), incomingMessage);
                }
                try
                {
                    rstChannel.Close(helper.RemainingTime());
                }
                catch (CommunicationException exception)
                {
                    if (DiagnosticUtility.ShouldTraceInformation)
                    {
                        DiagnosticUtility.ExceptionUtility.TraceHandledException(exception, TraceEventType.Information);
                    }
                    rstChannel.Abort();
                }
                catch (TimeoutException exception2)
                {
                    if (DiagnosticUtility.ShouldTraceInformation)
                    {
                        DiagnosticUtility.ExceptionUtility.TraceHandledException(exception2, TraceEventType.Information);
                    }
                    rstChannel.Abort();
                }
                rstChannel = null;
                this.ValidateAndCacheServiceToken(negotiationState);
                serviceToken = negotiationState.ServiceToken;
                SecurityTraceRecordHelper.TraceEndSecurityNegotiation <T>((IssuanceTokenProviderBase <T>) this, serviceToken, this.targetAddress);
                token2 = serviceToken;
            }
            catch (Exception exception3)
            {
                if (Fx.IsFatal(exception3))
                {
                    throw;
                }
                if (exception3 is TimeoutException)
                {
                    exception3 = new TimeoutException(System.ServiceModel.SR.GetString("ClientSecurityNegotiationTimeout", new object[] { timeout, num, span }), exception3);
                }
                EndpointAddress targetAddress = (negotiationState == null) ? null : negotiationState.RemoteAddress;
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(IssuanceTokenProviderBase <T> .WrapExceptionIfRequired(exception3, targetAddress, this.issuerAddress));
            }
            finally
            {
                this.Cleanup(rstChannel, negotiationState);
            }
            return(token2);
        }
Exemplo n.º 11
0
        protected override BodyWriter GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState)
        {
            byte[] negotiationData;
            try
            {
                IssuanceTokenProviderBase <SspiNegotiationTokenProviderState> .ThrowIfFault(incomingMessage, base.TargetAddress);
            }
            catch (FaultException exception)
            {
                if (!exception.Code.IsSenderFault)
                {
                    throw;
                }
                if (!(exception.Code.SubCode.Name == "FailedAuthentication") && !(exception.Code.SubCode.Name == "FailedAuthentication"))
                {
                    throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("FailedSspiNegotiation"), exception), incomingMessage);
                }
                throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("AuthenticationOfClientFailed"), exception), incomingMessage);
            }
            RequestSecurityTokenResponse rstr = null;
            RequestSecurityTokenResponse authenticatorRstr    = null;
            XmlDictionaryReader          readerAtBodyContents = incomingMessage.GetReaderAtBodyContents();

            using (readerAtBodyContents)
            {
                if (base.StandardsManager.TrustDriver.IsAtRequestSecurityTokenResponseCollection(readerAtBodyContents))
                {
                    using (IEnumerator <RequestSecurityTokenResponse> enumerator = base.StandardsManager.TrustDriver.CreateRequestSecurityTokenResponseCollection(readerAtBodyContents).RstrCollection.GetEnumerator())
                    {
                        enumerator.MoveNext();
                        rstr = enumerator.Current;
                        if (enumerator.MoveNext())
                        {
                            authenticatorRstr = enumerator.Current;
                        }
                    }
                    if (authenticatorRstr == null)
                    {
                        throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("AuthenticatorNotPresentInRSTRCollection")), incomingMessage);
                    }
                    if (authenticatorRstr.Context != rstr.Context)
                    {
                        throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("RSTRAuthenticatorHasBadContext")), incomingMessage);
                    }
                    this.AddToDigest(sspiState, rstr, true, true);
                }
                else if (base.StandardsManager.TrustDriver.IsAtRequestSecurityTokenResponse(readerAtBodyContents))
                {
                    rstr = RequestSecurityTokenResponse.CreateFrom(base.StandardsManager, readerAtBodyContents);
                    this.AddToDigest(sspiState, rstr, true, false);
                }
                else
                {
                    base.StandardsManager.TrustDriver.OnRSTRorRSTRCMissingException();
                }
                incomingMessage.ReadFromBodyContentsToEnd(readerAtBodyContents);
            }
            if (rstr.Context != sspiState.Context)
            {
                throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("BadSecurityNegotiationContext")), incomingMessage);
            }
            BinaryNegotiation binaryNegotiation = rstr.GetBinaryNegotiation();

            if (binaryNegotiation != null)
            {
                this.ValidateIncomingBinaryNegotiation(binaryNegotiation);
                negotiationData = binaryNegotiation.GetNegotiationData();
            }
            else
            {
                negotiationData = null;
            }
            if ((negotiationData == null) && !sspiState.SspiNegotiation.IsCompleted)
            {
                throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoBinaryNegoToReceive")), incomingMessage);
            }
            if ((negotiationData == null) && sspiState.SspiNegotiation.IsCompleted)
            {
                this.OnNegotiationComplete(sspiState, rstr, authenticatorRstr);
                return(null);
            }
            byte[] outgoingBlob = sspiState.SspiNegotiation.GetOutgoingBlob(negotiationData, System.ServiceModel.Security.SecurityUtils.GetChannelBindingFromMessage(incomingMessage), null);
            if ((outgoingBlob == null) && !sspiState.SspiNegotiation.IsCompleted)
            {
                throw TraceUtility.ThrowHelperError(new SecurityNegotiationException(System.ServiceModel.SR.GetString("NoBinaryNegoToSend")), incomingMessage);
            }
            if ((outgoingBlob == null) && sspiState.SspiNegotiation.IsCompleted)
            {
                this.OnNegotiationComplete(sspiState, rstr, authenticatorRstr);
                return(null);
            }
            return(this.PrepareRstr(sspiState, outgoingBlob));
        }