public static SecurityHeaderType MakeSecurity(SealCard card, Guid id) { var assertionDoc = new XmlDocument(); var assertionElement = assertionDoc.ReadNode(card.Xassertion.CreateReader()) as XmlElement; var timestampDoc = new XmlDocument(); var createdElement = timestampDoc.CreateElement("Created", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); // vær opmærkesom på at det er forskelligt fra dgws 1.0.1 til 1.1 om timestamps skal være i lokal tid eller i UTC ! createdElement.InnerText = (DateTimeEx.UtcNowRound - TimeSpan.FromMinutes(5)).ToLocalTime().ToString("yyyy-MM-ddThh:mm:sszzz"); var timestampElement = timestampDoc.CreateElement("Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); timestampElement.AppendChild(createdElement); var idAttribute = new XmlDocument().CreateAttribute("id"); idAttribute.Value = id.ToString("D"); return(new SecurityHeaderType { Any = new[] { timestampElement, assertionElement }, AnyAttr = new[] { idAttribute } }); }
private static void CallNts(SealCard sealCard) { var client = new NtsWSProviderClient(); client.Endpoint.EndpointBehaviors.Add(new SealEndpointBehavior()); using (new OperationContextScope(client.InnerChannel)) { var header = new Header { SecurityLevel = 4, SecurityLevelSpecified = true, Linking = new Linking { MessageID = Guid.NewGuid().ToString("D") } }; // Adding seal-security and dgws-header soap header OperationContext.Current.OutgoingMessageHeaders.Add(new SealCardMessageHeader(sealCard)); OperationContext.Current.OutgoingMessageHeaders.Add(new DgwsMessageHeader(DgwsHeader.Create(header))); client.invoke("test"); } }
/*[Test] * public void GatewaySecureBrowserLoginTest() * { * DoLogin(Global.MocesCprGyldig); * * using (var stsClient = new Seal2SamlStsClient("GWFetchCard")) * using (var scope = new OperationContextScope((IContextChannel) stsClient.Channel.Channel)) * { * OperationContext.Current.OutgoingMessageHeaders.Add(new SealCardMessageHeader(SealCard.Create(_assertion))); * var d = stsClient.ExchangeAssertionViaGW("http://sundhed.dk/") as GenericXmlSecurityToken; * var elm = d.TokenXml; * } * }*/ public void DoLogin(X509Certificate2 cert) { var gwClient = new GW.SosiGWFacadeClient(); var sec = MakeSecurity(MakeAssertionForSTS()); var dig = gwClient.requestIdCardDigestForSigning(sec, "whatever"); var csp = (RSACryptoServiceProvider)cert.PrivateKey; var sha1 = new SHA1Managed(); var hash = sha1.ComputeHash(dig.DigestValue); var rb = new GW.signIdCardRequestBody { SignatureValue = csp.SignHash(hash, CryptoConfig.MapNameToOID("SHA1")), KeyInfo = new GW.KeyInfo { Item = new GW.X509Data { Item = cert.Export(X509ContentType.Cert) } } }; var res = gwClient.signIdCard(sec, rb); if (res != GW.signIdCardResponse.ok) { throw new Exception("Gateway logon error"); } _header = MakeHeader(); _assertion = SealCard.Create(sec.Assertion).GetAssertion <Assertion>(typeof(GW.AssertionType).Name); }
public SealCard GetIdCard() { if (!IsIdCardValid(_idCard)) { var rsc = SealCard.Create(MakeAssertionForSts(_userCertificate)); _idCard = SealUtilities.SignIn(rsc, _issuer, _stsUrl); } return(_idCard); }
public void TestIDcard_Does_not_change_whiteSpace() { var localSealCard = SealCard.Create(AssertionMaker.MakeAssertionForSTS(Global.MocesCprGyldig)); var sosiCardSTS = SealUtilities.SignIn(localSealCard, "http://www.ribeamt.dk/EPJ", Settings.Default.SecurityTokenService); CallNts(sosiCardSTS); Assert.IsTrue(SealUtilities.CheckAssertionSignature(localSealCard.Xassertion)); Assert.IsTrue(SealUtilities.CheckAssertionSignature(sosiCardSTS.Xassertion)); }
private static bool IsIdCardValid(SealCard sc) { var fiveMinAgo = FiveMinutesAgoUtc(); // Check if the card is created and valid for atleast five minutes. if (sc != null && (sc.ValidTo.CompareTo(fiveMinAgo) < 0)) { return(true); } return(false); }
public void TestSTSogFMKAssertionAsType() { //Seal kort oprettes //FMK kaldes //Assertion overføres typestærkt var rsc = SealCard.Create(AssertionMaker.MakeAssertionForSTS(Global.MocesCprGyldig)); var sc = SealUtilities.SignIn(rsc, "http://www.ribeamt.dk/EPJ", Settings.Default.SecurityTokenService); var client = new proxy.MedicineCardPortTypeClient("localFMK"); client.GetMedicineCard_20120101(MakeSecurity(sc.GetAssertion <proxy.Assertion>()), MakeHeader()); }
public void TestSTSogFMKAssertionAsXml() { //Seal kort oprettes //FMK kaldes //Assertion overføres via SealCard som XML var rsc = SealCard.Create(AssertionMaker.MakeAssertionForSTS(Global.MocesCprGyldig)); var sc = SealUtilities.SignIn(rsc, "http://www.ribeamt.dk/EPJ", Settings.Default.SecurityTokenService); var client = new proxy.MedicineCardPortTypeClient("localFMK"); using (var scope = new OperationContextScope(client.InnerChannel)) { OperationContext.Current.OutgoingMessageHeaders.Add(new SealCardMessageHeader(sc)); client.GetMedicineCard_20120101(null, MakeHeader()); } }
public static GetMedicineCardRequest_2015_06_01 GetMedicineCardRequest20150601(string userCpr, SealCard ass) { return(new GetMedicineCardRequest_2015_06_01( Security: MakeSecurity(ass, Guid.NewGuid()), Header: MakeHeader(), OnBehalfOf: GetOnBehalfOf(userCpr), WhitelistingHeader: GetWhitelistingHeader(), ConsentHeader: null, GetMedicineCardRequest: GetGetMedicineCardRequest())); }