public TokenFactory(IdentityConfiguration configuration)
{
Saml2Handler = new CustomSaml2SecurityTokenHandler();
if (configuration != null)
{
IdentityConfiguration = configuration;
IdentityConfiguration.SecurityTokenHandlers.AddOrReplace(Saml2Handler);
}
}
private GenericXmlSecurityToken SetSecurityToken <T>(T contract, Saml2SecurityToken samlToken,
CustomSaml2SecurityTokenHandler tokenHandler, SecurityTokenDescriptor tokenDescriptor)
where T : SamlTokenContract
{
GenericXmlSecurityToken xmlToken;
var outputTokenString = samlToken.ToTokenXmlString();
var attachedReference = tokenHandler.CreateSecurityTokenReference(samlToken, true);
var unattachedReference = tokenHandler.CreateSecurityTokenReference(samlToken, false);
if (contract.Confirmation == SubjectConfirmationMethod.HolderOfKey)
{
if (contract is AsymmetricSamlTokenContract)
{
xmlToken = new GenericXmlSecurityToken(
GetElement(outputTokenString),
new X509SecurityToken(contract.SigningCertificate),
DateTime.UtcNow,
DateTime.UtcNow.AddHours(8),
attachedReference,
unattachedReference,
new ReadOnlyCollection <IAuthorizationPolicy>(new List <IAuthorizationPolicy>()));
}
else if (contract is SymmetricSamlTokenContract)
{
var proof = (SymmetricProofDescriptor)tokenDescriptor.Proof;
xmlToken = new GenericXmlSecurityToken(
GetElement(outputTokenString),
new BinarySecretSecurityToken(proof.GetKeyBytes()),
DateTime.UtcNow,
DateTime.UtcNow.AddHours(8),
attachedReference,
unattachedReference,
new ReadOnlyCollection <IAuthorizationPolicy>(new List <IAuthorizationPolicy>()));
}
else
{
throw new InvalidOperationException("Unsupported Holder-of-Key contract: " + contract.GetType().Name);
}
}
else
{
xmlToken = new GenericXmlSecurityToken(
GetElement(outputTokenString),
null,
DateTime.UtcNow,
DateTime.UtcNow.AddHours(8),
attachedReference,
unattachedReference,
new ReadOnlyCollection <IAuthorizationPolicy>(new List <IAuthorizationPolicy>()));
}
return(xmlToken);
}