/// <summary> /// Called when an authentication request is about to be sent. /// </summary> /// <param name="request">The request.</param> void IRelyingPartyBehavior.OnOutgoingAuthenticationRequest(RelyingParty.IAuthenticationRequest request) { RelyingParty.AuthenticationRequest requestInternal = (RelyingParty.AuthenticationRequest)request; ErrorUtilities.VerifyProtocol(string.Equals(request.Realm.Scheme, Uri.UriSchemeHttps, StringComparison.Ordinal) || DisableSslRequirement, BehaviorStrings.RealmMustBeHttps); var pape = requestInternal.AppliedExtensions.OfType<PolicyRequest>().SingleOrDefault(); if (pape == null) { request.AddExtension(pape = new PolicyRequest()); } if (!pape.PreferredPolicies.Contains(AuthenticationPolicies.PrivatePersonalIdentifier)) { pape.PreferredPolicies.Add(AuthenticationPolicies.PrivatePersonalIdentifier); } if (!pape.PreferredPolicies.Contains(AuthenticationPolicies.USGovernmentTrustLevel1)) { pape.PreferredPolicies.Add(AuthenticationPolicies.USGovernmentTrustLevel1); } if (!AllowPersonallyIdentifiableInformation && !pape.PreferredPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation)) { pape.PreferredPolicies.Add(AuthenticationPolicies.NoPersonallyIdentifiableInformation); } if (pape.PreferredPolicies.Contains(AuthenticationPolicies.NoPersonallyIdentifiableInformation)) { ErrorUtilities.VerifyProtocol( (!requestInternal.AppliedExtensions.OfType<ClaimsRequest>().Any() && !requestInternal.AppliedExtensions.OfType<FetchRequest>().Any()), BehaviorStrings.PiiIncludedWithNoPiiPolicy); } Reporting.RecordEventOccurrence(this, "RP"); }