Пример #1
0
        public void GetTokenWithoutProtectionTokenParameters()
        {
            IssuedSecurityTokenProvider p = SetupProvider(CreateIssuerBinding(null, false));

            try
            {
                p.Open();
                p.GetToken(TimeSpan.FromSeconds(10));
            }
            finally
            {
                if (p.State == CommunicationState.Opened)
                {
                    p.Close();
                }
            }
        }
Пример #2
0
        public void GetTokenUnsignedReply()
        {
            IssuedSecurityTokenProvider p = SetupProvider(CreateIssuerBinding(new RequestSender(OnGetTokenUnsignedReply), true));

            try
            {
                p.Open(TimeSpan.FromSeconds(5));
                p.GetToken(TimeSpan.FromSeconds(10));
            }
            finally
            {
                if (p.State == CommunicationState.Opened)
                {
                    p.Close();
                }
            }
        }
Пример #3
0
        public void GetTokenNoSecureBinding()
        {
            IssuedSecurityTokenProvider p = SetupProvider(new BasicHttpBinding());

            try
            {
                p.Open();
                p.GetToken(TimeSpan.FromSeconds(10));
            }
            finally
            {
                if (p.State == CommunicationState.Opened)
                {
                    p.Close();
                }
            }
        }
Пример #4
0
    public static void Main()
    {
        IssuedSecurityTokenProvider p =
            new IssuedSecurityTokenProvider();

        p.SecurityTokenSerializer = WSSecurityTokenSerializer.DefaultInstance;
        p.IssuerAddress           = new EndpointAddress("http://localhost:8080");
        WSHttpBinding binding = new WSHttpBinding();

        //binding.Security.Mode = SecurityMode.Message;
        p.IssuerBinding          = binding;
        p.SecurityAlgorithmSuite = SecurityAlgorithmSuite.Default;
        p.TargetAddress          = new EndpointAddress("http://localhost:8080");

        p.Open();
        p.GetToken(TimeSpan.FromSeconds(10));
        p.Close();
    }
Пример #5
0
        public void GetTokenWithoutServiceCertificate()
        {
            IssuedSecurityTokenProvider p = SetupProvider(CreateIssuerBinding(null, true));

            p.IssuerAddress = new EndpointAddress("stream:dummy");
            try
            {
                p.Open(TimeSpan.FromSeconds(5));
                p.GetToken(TimeSpan.FromSeconds(10));
            }
            finally
            {
                if (p.State == CommunicationState.Opened)
                {
                    p.Close();
                }
            }
        }
Пример #6
0
        public static void Main(string [] args)
        {
            bool no_nego = false, no_sc = false;

            foreach (string arg in args)
            {
                if (arg == "--no-nego")
                {
                    no_nego = true;
                }
                else if (arg == "--no-sc")
                {
                    no_sc = true;
                }
                else
                {
                    Console.WriteLine("Unrecognized option '{0}'", arg);
                    return;
                }
            }

            X509Certificate2            cert = new X509Certificate2("test.pfx", "mono");
            IssuedSecurityTokenProvider p    =
                new IssuedSecurityTokenProvider();

            p.IssuerAddress = new EndpointAddress(new Uri("http://localhost:8080"), new X509CertificateEndpointIdentity(cert));
            p.TargetAddress = new EndpointAddress("http://localhost:8080");
            WSHttpBinding binding            = new WSHttpBinding();

            // the following lines are required to not depend on
            // MessageCredentialType.Windows (which uses SSPI).
            binding.Security.Message.ClientCredentialType = MessageCredentialType.Certificate;
            ClientCredentials cred = new ClientCredentials();

            cred.ClientCertificate.Certificate = cert;
            cred.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
            p.IssuerChannelBehaviors.Add(cred);

            if (no_sc)
            {
                binding.Security.Message.EstablishSecurityContext = false;
            }
            if (no_nego)
            {
                binding.Security.Message.NegotiateServiceCredential = false;
            }

            p.IssuerBinding           = binding;
            p.SecurityTokenSerializer = new WSSecurityTokenSerializer();
            p.SecurityAlgorithmSuite  = SecurityAlgorithmSuite.Default;
            p.KeyEntropyMode          = SecurityKeyEntropyMode.ClientEntropy;
            p.Open();
            SecurityToken token = p.GetToken(TimeSpan.FromSeconds(10));

            p.Close();

            XmlWriter writer = XmlWriter.Create(Console.Out);

            new ClientCredentialsSecurityTokenManager(cred).CreateSecurityTokenSerializer(MessageSecurityVersion.Default.SecurityTokenVersion).WriteToken(writer, token);
            writer.Close();
        }
Пример #7
0
        public static eHtalkMessage GetResponseSync(eHtalkMessage msg, X509Certificate2 extInterfaCertificate, string esbEndpoint, string relyingParty, string identityProviderURL, X509Certificate2 userCertificate, string wsaddressingTo, Stopwatch stopw)
        {
#if !CC
            IssuedSecurityTokenProvider provider = new IssuedSecurityTokenProvider();
            provider.SecurityTokenSerializer = new WSSecurityTokenSerializer();
            provider.TargetAddress           = new EndpointAddress(new Uri(relyingParty), new AddressHeader[0]);
            provider.IssuerAddress           = new EndpointAddress(new Uri(identityProviderURL), new AddressHeader[0]);
            provider.SecurityAlgorithmSuite  = SecurityAlgorithmSuite.Basic256;
            provider.MessageSecurityVersion  = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
            ClientCredentials credentials = new ClientCredentials
            {
                ClientCertificate = { Certificate = userCertificate }
            };
            provider.IssuerChannelBehaviors.Add(credentials);

            HttpsTransportBindingElement tbe = new HttpsTransportBindingElement
            {
                AuthenticationScheme     = AuthenticationSchemes.Digest,
                RequireClientCertificate = true,
                KeepAliveEnabled         = false
            };
            CustomBinding stsBinding = new CustomBinding(new BindingElement[] { tbe });
            provider.IssuerBinding = stsBinding;

            provider.Open();
            var token = provider.GetToken(TimeSpan.FromSeconds(30.0)) as GenericXmlSecurityToken;
#endif
#if CC
            var cc    = new EhealthCryptoController();
            var token = cc.GetSamlTokenForHealthProfessional(relyingParty);
#endif
            if (token == null)
            {
                throw new ApplicationException("No AT token received");
            }
            Console.WriteLine(string.Format("Ziskany AT token in {0}", stopw.ElapsedMilliseconds));



            CustomBinding          binding = new CustomBinding();
            SecurityBindingElement sbe     = SecurityBindingElement.CreateIssuedTokenForCertificateBindingElement(new IssuedSecurityTokenParameters()
            {
                RequireDerivedKeys = true, KeyType = SecurityKeyType.SymmetricKey
            });

            sbe.MessageSecurityVersion =
                MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
            sbe.SecurityHeaderLayout = SecurityHeaderLayout.Strict;
            sbe.IncludeTimestamp     = true;
            //sbe.AllowInsecureTransport = true;
            sbe.SetKeyDerivation(true);
            sbe.KeyEntropyMode = SecurityKeyEntropyMode.ClientEntropy;
            binding.Elements.Add(sbe);
            binding.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap12WSAddressing10, System.Text.Encoding.UTF8));
            binding.Elements.Add(new HttpsTransportBindingElement()
            {
                RequireClientCertificate = true, KeepAliveEnabled = true
            });
            var regEx          = new Regex(@"https?://([^/]+)");
            var dnsIdentity    = regEx.Match(wsaddressingTo).Groups[1].Captures[0].Value;
            var channelFactory = new ChannelFactory <IeHealthSyncService>(binding,
                                                                          new EndpointAddress(
                                                                              new Uri(wsaddressingTo),
                                                                              new DnsEndpointIdentity(dnsIdentity),
                                                                              new AddressHeader[] { }));
            channelFactory.Credentials.SupportInteractive                    = false;
            channelFactory.Credentials.ClientCertificate.Certificate         = userCertificate;
            channelFactory.Credentials.ServiceCertificate.DefaultCertificate = extInterfaCertificate;

            channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode =
                X509CertificateValidationMode.None;
            channelFactory.ConfigureChannelFactory <IeHealthSyncService>();
            channelFactory.Endpoint.Behaviors.Add(new ClientViaBehavior(new Uri(esbEndpoint)));
            var channel = channelFactory.CreateChannelWithIssuedToken(token);
            Console.WriteLine(string.Format("vytvoreny kanal: {0}", stopw.ElapsedMilliseconds));
            var stopw1 = new Stopwatch();

            eHtalkMessage data = null;
            int           wait = 1;
            for (int i = 0; i < 20; i++)
            {
                stopw1.Reset();
                stopw1.Start();
                msg.Header.MessageInfo.MessageID = Guid.NewGuid().ToString("D");
                Debug.WriteLine("Start calling", "MyCustom");
                try
                {
                    data = channel.GetData(msg);
                }
                catch (CommunicationException ex)
                {
                    data = channel.GetData(msg);
                }
                Console.WriteLine(string.Format("po {1} sekundach: {0}", stopw1.ElapsedMilliseconds, wait));
                Thread.Sleep(wait * 1000);
                wait = wait * 2;
            }

            return(data);
        }
Пример #8
0
 /// <summary>
 /// CacheSecurityTokenProvider
 /// </summary>
 public CacheSecurityTokenProvider(SecurityTokenRequirement requirement, IssuedSecurityTokenProvider federatedSecurityTokenProvider) : base( )
 {
     innerProvider = federatedSecurityTokenProvider;
     innerProvider.Open();
 }