protected IdCard(string version, XElement domElement, string cardId, AuthenticationLevel authenticationLevel, string issuer, SystemInfo systemInfo, string certHash, string alternativeIdentifier, string userName, string password)
{
ModelUtilities.ValidateNotEmpty(issuer, "'Issuer' cannot be null or empty");
ModelUtilities.ValidateNotNull(authenticationLevel, "'AuthenticationLevel' cannot be null");
Version = version;
CreatedDate = DateTime.Now.AddMinutes(-IDCARD_BEGIN_TIME_BUFFER_IN_MINUTES);
ExpiryDate = CreatedDate.AddHours(MAX_IDCARD_LIFE_IN_HOURS);
Issuer = issuer;
AuthenticationLevel = authenticationLevel;
if (AuthenticationLevel.MocesTrustedUser.Equals(authenticationLevel) || AuthenticationLevel.VocesTrustedSystem.Equals(authenticationLevel))
{
CertHash = certHash ?? "";
}
AlternativeIdentifier = alternativeIdentifier;
if (AuthenticationLevel.UsernamePasswordAuthentication.Equals(authenticationLevel))
{
ModelUtilities.ValidateNotEmpty(userName, "'username' cannot be null or empty for authenticationlevel 2");
ModelUtilities.ValidateNotEmpty(password, "'password' cannot be null or empty for authenticationlevel 2");
Username = userName;
Password = password;
}
Xassertion = domElement;
NeedsSignature = (Xassertion == null);
IdCardId = cardId;
}
protected IdCard(string version, XElement xAssertion, string cardId, AuthenticationLevel authLevel, string certHash, string issuer, DateTime creationDate, DateTime expiryDate, string alternativeIdentifier, string username, string password)
{
ModelUtilities.ValidateNotNull(cardId, "IDCard ID cannot be 'null'");
ModelUtilities.ValidateNotEmpty(issuer, "'Issuer' cannot be null or empty");
ModelUtilities.ValidateNotNull(authLevel, "'AuthenticationLevel' cannot be null");
this.Version = version;
this.CreatedDate = creationDate;
this.ExpiryDate = expiryDate;
this.Issuer = issuer;
this.AuthenticationLevel = authLevel;
if (AuthenticationLevel.MocesTrustedUser.Equals(authLevel) ||
AuthenticationLevel.VocesTrustedSystem.Equals(authLevel))
{
this.CertHash = certHash;
}
this.Xassertion = xAssertion;
this.AlternativeIdentifier = alternativeIdentifier;
if (AuthenticationLevel.UsernamePasswordAuthentication.Equals(authLevel))
{
ModelUtilities.ValidateNotEmpty(username, "'username' cannot be null or empty for authenticationlevel 2");
ModelUtilities.ValidateNotEmpty(password, "'password' cannot be null or empty for authenticationlevel 2");
this.Username = username;
this.Password = password;
}
// This is an invariant! When the IDCard is created from deserialization,
// the ID card is already signed => needsSignature=false
NeedsSignature = (xAssertion == null);
IdCardId = cardId;
}
public override void ReadXml(XmlReader reader)
{
reader.MoveToContent();
reader.ReadStartElement();
{
LastDomOperation = reader.GetAttribute("LastDomOperation");
string needsSignatureAttribute = reader.GetAttribute("NeedsSignature");
if (!string.IsNullOrEmpty(needsSignatureAttribute))
{
NeedsSignature = bool.Parse(needsSignatureAttribute);
}
AlternativeIdentifier = reader.GetAttribute("AlternativeIdentifier");
CertHash = reader.GetAttribute("CertHash");
IdCardId = reader.GetAttribute("IdCardId");
Issuer = reader.GetAttribute("Issuer");
Password = reader.GetAttribute("Password");
Username = reader.GetAttribute("Username");
Version = reader.GetAttribute("Version");
var authenticationLevelAttribute = reader.GetAttribute("AuthenticationLevel");
if (!string.IsNullOrEmpty(authenticationLevelAttribute))
{
AuthenticationLevel = AuthenticationLevel.GetEnumeratedValue(int.Parse(authenticationLevelAttribute));
}
while (reader.Read())
{
if (reader.IsStartElement())
{
if (reader.Name == "CreatedDate")
{
reader.ReadStartElement();
this.CreatedDate = (DateTime) new XmlSerializer(typeof(DateTime)).Deserialize(reader);
reader.ReadEndElement();
}
if (reader.Name == "ExpiryDate")
{
reader.ReadStartElement();
this.ExpiryDate = (DateTime) new XmlSerializer(typeof(DateTime)).Deserialize(reader);
reader.ReadEndElement();
}
if (reader.Name == "Xassertion")
{
reader.ReadStartElement();
//this.Xassertion = XElement.ReadFrom(reader.ReadSubtree()).Parent;
this.Xassertion = XElement.Parse(reader.ReadOuterXml(), LoadOptions.PreserveWhitespace);
}
if (reader.Name == "SystemInfo")
{
this.SystemInfo = new SystemInfo(null, null);
(this.SystemInfo as IXmlSerializable).ReadXml(reader);
}
}
}
}
//reader.ReadEndElement();
}
protected IdCard(IdCard toCopy,
string issuer,
string certHash,
string alternativeIdentifier,
AuthenticationLevel authenticationLevel)
{
AlternativeIdentifier = alternativeIdentifier;
AuthenticationLevel = authenticationLevel;
CertHash = certHash;
CreatedDate = DateTime.Now;//toCopy.CreatedDate;//?
ExpiryDate = toCopy.ExpiryDate;
Issuer = issuer;
Password = toCopy.Password;
Username = toCopy.Username;
Version = toCopy.Version;
IdCardId = Guid.NewGuid().ToString("D");
}
protected override Assertion GenerateAssertion()
{
//Create SubjectConfirmationData based on AuthLevel.
SubjectConfirmation subjectConf = new SubjectConfirmation();
if (AuthenticationLevel.Equals(AuthenticationLevel.UsernamePasswordAuthentication))
{
var subjectConfData = new SubjectConfirmationData
{
Item = new UsernameToken()
{
Username = Username, Password = Password
}
};
subjectConf.SubjectConfirmationData = subjectConfData;
}
else if (AuthenticationLevel.Equals(AuthenticationLevel.MocesTrustedUser) || AuthenticationLevel.Equals(AuthenticationLevel.VocesTrustedSystem))
{
var subjectConfData = new SubjectConfirmationData
{
Item = new KeyInfo
{
Item = "OCESSignature"
}
};
subjectConf.SubjectConfirmationData = subjectConfData;
subjectConf.ConfirmationMethod = ConfirmationMethod.urnoasisnamestcSAML20cmholderofkey;
}
//Create NameID based on alternative identifier
NameID nameId = new NameID();
if (string.IsNullOrEmpty(AlternativeIdentifier))
{
nameId.Format = SystemInfo.CareProvider.Type;
nameId.Value = SystemInfo.CareProvider.Id;
}
else
{
nameId.Format = SubjectIdentifierType.medcomother;
nameId.Value = AlternativeIdentifier;
}
var ass = new Assertion
{
IssueInstant = CreatedDate,
id = "IDCard",
Version = 2.0m,
Issuer = Issuer,
Conditions = new Conditions
{
NotBefore = CreatedDate,
NotOnOrAfter = ExpiryDate
},
Subject = new Subject
{
NameID = nameId,
SubjectConfirmation = AuthenticationLevel.Equals(AuthenticationLevel.NoAuthentication) ? null : subjectConf
},
AttributeStatement = new[]
{
new AttributeStatement
{
id = AttributeStatementID.IDCardData,
Attribute = new []
{
new Attribute {
Name = AttributeName.sosiIDCardID, AttributeValue = IdCardId
},
new Attribute {
Name = AttributeName.sosiIDCardVersion, AttributeValue = Version
},
new Attribute {
Name = AttributeName.sosiIDCardType, AttributeValue = "system"
},
new Attribute {
Name = AttributeName.sosiAuthenticationLevel, AttributeValue = AuthenticationLevel.Level.ToString()
},
new Attribute {
Name = AttributeName.sosiOCESCertHash, AttributeValue = CertHash,
}
}
},
new AttributeStatement
{
id = AttributeStatementID.SystemLog,
Attribute = new []
{
new Attribute {
Name = AttributeName.medcomITSystemName, AttributeValue = SystemInfo.ItSystemName
},
new Attribute
{
Name = AttributeName.medcomCareProviderID,
AttributeValue = SystemInfo.CareProvider.Id,
NameFormatSpecified = true,
NameFormat = SystemInfo.CareProvider.Type
},
new Attribute {
Name = AttributeName.medcomCareProviderName, AttributeValue = SystemInfo.CareProvider.OrgName
},
}
}
}
};
return(ass);
}
public SystemIdCard(string version, XElement xAssertion, string cardId, AuthenticationLevel authLevel, string certHash, string issuer, SystemInfo systemInfo, DateTime creationDate, DateTime expiryDate, string alternativeIdentifier, string username, string password) : base(version, xAssertion, cardId, authLevel, certHash, issuer, creationDate, expiryDate, alternativeIdentifier, username, password)
{
ModelUtilities.ValidateNotNull(systemInfo, "SystemInfo must be specified");
ModelUtilities.ValidateNotNull(systemInfo.CareProvider, "SystemInfo must be specified");
this.SystemInfo = systemInfo;
}
public SystemIdCard(string version, AuthenticationLevel authLevel, string issuer, SystemInfo systemInfo, string certHash, string alternativeIdentifier, string userName, string password) : base(version, authLevel, issuer, certHash, alternativeIdentifier, userName, password)
{
ModelUtilities.ValidateNotEmpty(systemInfo.ItSystemName, "SystemInfo must be specified");
ModelUtilities.ValidateNotNull(systemInfo.CareProvider, "SystemInfo must be specified");
SystemInfo = systemInfo;
}
public SystemIdCard(IdCard toCopy, string issuer, string certHash, string alternativeIdentifier, SystemInfo systemInfo, AuthenticationLevel authLevel) : base(toCopy, issuer, certHash, alternativeIdentifier, authLevel)
{
SystemInfo = systemInfo;
}
public UserIdCard(string version, AuthenticationLevel authLevel, string issuer, SystemInfo systemInfo, UserInfo userInfo, string certHash, string alternativeIdentifier, string userName, string password) : base(version, authLevel, issuer, systemInfo, certHash, alternativeIdentifier, userName, password)
{
ModelUtilities.ValidateNotNull(userInfo, "UserInfo must be specified");
UserInfo = userInfo;
}
