Exemplo n.º 1
0
		/// <summary>
		/// Discovers what access the client should have considering the access token in the current request.
		/// </summary>
		/// <param name="httpRequestInfo">The HTTP request info.</param>
		/// <param name="requiredScopes">The set of scopes required to approve this request.</param>
		/// <returns>
		/// The access token describing the authorization the client has.  Never <c>null</c>.
		/// </returns>
		/// <exception cref="ProtocolFaultResponseException">
		/// Thrown when the client is not authorized.  This exception should be caught and the
		/// <see cref="ProtocolFaultResponseException.ErrorResponseMessage"/> message should be returned to the client.
		/// </exception>
		public virtual AccessToken GetAccessToken(HttpRequestBase httpRequestInfo = null, params string[] requiredScopes) {
			Requires.NotNull(requiredScopes, "requiredScopes");
			Requires.ValidState(this.ScopeSatisfiedCheck != null, Strings.RequiredPropertyNotYetPreset);
			if (httpRequestInfo == null) {
				httpRequestInfo = this.Channel.GetRequestFromContext();
			}

			AccessToken accessToken;
			AccessProtectedResourceRequest request = null;
			try {
				if (this.Channel.TryReadFromRequest<AccessProtectedResourceRequest>(httpRequestInfo, out request)) {
					accessToken = this.AccessTokenAnalyzer.DeserializeAccessToken(request, request.AccessToken);
					ErrorUtilities.VerifyHost(accessToken != null, "IAccessTokenAnalyzer.DeserializeAccessToken returned a null reslut.");
					if (string.IsNullOrEmpty(accessToken.User) && string.IsNullOrEmpty(accessToken.ClientIdentifier)) {
						Logger.OAuth.Error("Access token rejected because both the username and client id properties were null or empty.");
						ErrorUtilities.ThrowProtocol(ResourceServerStrings.InvalidAccessToken);
					}

					var requiredScopesSet = OAuthUtilities.ParseScopeSet(requiredScopes);
					if (!this.ScopeSatisfiedCheck.IsScopeSatisfied(requiredScope: requiredScopesSet, grantedScope: accessToken.Scope)) {
						var response = UnauthorizedResponse.InsufficientScope(request, requiredScopesSet);
						throw new ProtocolFaultResponseException(this.Channel, response);
					}

					return accessToken;
				} else {
					var ex = new ProtocolException(ResourceServerStrings.MissingAccessToken);
					var response = UnauthorizedResponse.InvalidRequest(ex);
					throw new ProtocolFaultResponseException(this.Channel, response, innerException: ex);
				}
			} catch (ProtocolException ex) {
				if (ex is ProtocolFaultResponseException) {
					// This doesn't need to be wrapped again.
					throw;
				}

				var response = request != null ? UnauthorizedResponse.InvalidToken(request, ex) : UnauthorizedResponse.InvalidRequest(ex);
				throw new ProtocolFaultResponseException(this.Channel, response, innerException: ex);
			}
		}
        internal static Exception ConvertAndTraceException(Exception ex, TimeSpan timeout, string operation)
        {
            ObjectDisposedException objectDisposedException = ex as ObjectDisposedException;
            if (objectDisposedException != null)
            {
                CommunicationObjectAbortedException communicationObjectAbortedException = new CommunicationObjectAbortedException(ex.Message, ex);
                FxTrace.Exception.AsWarning(communicationObjectAbortedException);
                return communicationObjectAbortedException;
            }

            AggregateException aggregationException = ex as AggregateException;
            if (aggregationException != null)
            {
                Exception exception = FxTrace.Exception.AsError<OperationCanceledException>(aggregationException);
                OperationCanceledException operationCanceledException = exception as OperationCanceledException;
                if (operationCanceledException != null)
                {
                    TimeoutException timeoutException = GetTimeoutException(exception, timeout, operation);
                    FxTrace.Exception.AsWarning(timeoutException);
                    return timeoutException;
                }
                else
                {
                    Exception communicationException = ConvertAggregateExceptionToCommunicationException(aggregationException);
                    if (communicationException is CommunicationObjectAbortedException)
                    {
                        FxTrace.Exception.AsWarning(communicationException);
                        return communicationException;
                    }
                    else
                    {
                        return FxTrace.Exception.AsError(communicationException);
                    }
                }
            }

            WebSocketException webSocketException = ex as WebSocketException;
            if (webSocketException != null)
            {
                switch (webSocketException.WebSocketErrorCode)
                {
                    case WebSocketError.InvalidMessageType:
                    case WebSocketError.UnsupportedProtocol:
                    case WebSocketError.UnsupportedVersion:
                        ex = new ProtocolException(ex.Message, ex);
                        break;
                    default:
                        ex = new CommunicationException(ex.Message, ex);
                        break;
                }
            }

            return FxTrace.Exception.AsError(ex);
        }
Exemplo n.º 3
0
            protected override bool OnTryCreateException(Message message, MessageFault fault, out Exception exception)
            {
                exception = null;

                // SOAP MustUnderstand
                if (string.Compare(fault.Code.Namespace, version.Envelope.Namespace, StringComparison.Ordinal) == 0
                    && string.Compare(fault.Code.Name, MessageStrings.MustUnderstandFault, StringComparison.Ordinal) == 0)
                {
                    exception = new ProtocolException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text);
                    return true;
                }

                bool checkSender;
                bool checkReceiver;
                FaultCode code;

                if (version.Envelope == EnvelopeVersion.Soap11)
                {
                    checkSender = true;
                    checkReceiver = true;
                    code = fault.Code;
                }
                else
                {
                    checkSender = fault.Code.IsSenderFault;
                    checkReceiver = fault.Code.IsReceiverFault;
                    code = fault.Code.SubCode;
                }

                if (code == null)
                {
                    return false;
                }

                if (code.Namespace == null)
                {
                    return false;
                }

                if (checkSender)
                {
                    // WS-Addressing
                    if (string.Compare(code.Namespace, version.Addressing.Namespace, StringComparison.Ordinal) == 0)
                    {
                        if (string.Compare(code.Name, AddressingStrings.ActionNotSupported, StringComparison.Ordinal) == 0)
                        {
                            exception = new ActionNotSupportedException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text);
                            return true;
                        }
                        else if (string.Compare(code.Name, AddressingStrings.DestinationUnreachable, StringComparison.Ordinal) == 0)
                        {
                            exception = new EndpointNotFoundException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text);
                            return true;
                        }
                        else if (string.Compare(code.Name, Addressing10Strings.InvalidAddressingHeader, StringComparison.Ordinal) == 0)
                        {
                            if (code.SubCode != null && string.Compare(code.SubCode.Namespace, version.Addressing.Namespace, StringComparison.Ordinal) == 0 &&
                                string.Compare(code.SubCode.Name, Addressing10Strings.InvalidCardinality, StringComparison.Ordinal) == 0)
                            {
                                exception = new MessageHeaderException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text, true);
                                return true;
                            }
                        }
                        else if (version.Addressing == AddressingVersion.WSAddressing10)
                        {
                            if (string.Compare(code.Name, Addressing10Strings.MessageAddressingHeaderRequired, StringComparison.Ordinal) == 0)
                            {
                                exception = new MessageHeaderException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text);
                                return true;
                            }
                            else if (string.Compare(code.Name, Addressing10Strings.InvalidAddressingHeader, StringComparison.Ordinal) == 0)
                            {
                                exception = new ProtocolException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text);
                                return true;
                            }
                        }
                        else
                        {
                            if (string.Compare(code.Name, Addressing200408Strings.MessageInformationHeaderRequired, StringComparison.Ordinal) == 0)
                            {
                                exception = new ProtocolException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text);
                                return true;
                            }
                            else if (string.Compare(code.Name, Addressing200408Strings.InvalidMessageInformationHeader, StringComparison.Ordinal) == 0)
                            {
                                exception = new ProtocolException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text);
                                return true;
                            }
                        }
                    }
                }

                if (checkReceiver)
                {
                    // WS-Addressing
                    if (string.Compare(code.Namespace, version.Addressing.Namespace, StringComparison.Ordinal) == 0)
                    {
                        if (string.Compare(code.Name, AddressingStrings.EndpointUnavailable, StringComparison.Ordinal) == 0)
                        {
                            exception = new ServerTooBusyException(fault.Reason.GetMatchingTranslation(CultureInfo.CurrentCulture).Text);
                            return true;
                        }
                    }
                }

                return false;
            }