/// <summary>
        /// Creates a security token based on a token descriptor.
        /// </summary>
        /// <param name="tokenDescriptor">The token descriptor.</param>
        /// <returns>A security token.</returns>
        /// <exception cref="ArgumentNullException">Thrown if 'tokenDescriptor' is null.</exception>
        public override SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor)
        {
            if (null == tokenDescriptor)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenDescriptor");
            }

            if (this.Configuration == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4272)));
            }

            ClaimsPrincipal principal = new ClaimsPrincipal(tokenDescriptor.Subject);

            if (this.Configuration.SaveBootstrapContext)
            {
                SecurityTokenHandlerCollection bootstrapTokenCollection = CreateBootstrapTokenHandlerCollection();
                if (!bootstrapTokenCollection.CanWriteToken(tokenDescriptor.Token))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4010, tokenDescriptor.Token.GetType().ToString())));
                }

                (principal.Identities as ReadOnlyCollection <ClaimsIdentity>)[0].BootstrapContext = new BootstrapContext(tokenDescriptor.Token, bootstrapTokenCollection[tokenDescriptor.Token.GetType()]);
            }

            DateTime validFrom = (tokenDescriptor.Lifetime.Created.HasValue) ? (DateTime)tokenDescriptor.Lifetime.Created : DateTime.UtcNow;
            DateTime validTo   = (tokenDescriptor.Lifetime.Expires.HasValue) ? (DateTime)tokenDescriptor.Lifetime.Expires : DateTime.UtcNow + SessionSecurityTokenHandler.DefaultTokenLifetime;

            return(new SessionSecurityToken(principal, null, validFrom, validTo));
        }
Пример #2
0
        /// <summary>
        /// Creates the default set of SecurityTokenHandlers.
        /// </summary>
        /// <returns>A SecurityTokenHandlerCollectionManager with a default collection of token handlers.</returns>
        public static SecurityTokenHandlerCollectionManager CreateDefaultSecurityTokenHandlerCollectionManager()
        {
            SecurityTokenHandlerCollection        defaultHandlers = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection();
            SecurityTokenHandlerCollectionManager defaultManager  = new SecurityTokenHandlerCollectionManager(ConfigurationStrings.DefaultServiceName);

            defaultManager.collections.Clear();
            defaultManager.collections.Add(SecurityTokenHandlerCollectionManager.Usage.Default, defaultHandlers);

            return(defaultManager);
        }
Пример #3
0
        /// <summary>
        /// Creates an instance of this object using XML representation of the security token.
        /// </summary>
        /// <param name="securityTokenXml">The <see cref="XmlElement"/> representation of the security token.</param>
        /// <param name="securityTokenHandlers">The collection of <see cref="SecurityTokenHandler"/> objects that may
        /// be used to read and validate the security token this object represents.</param>
        public SecurityTokenElement(XmlElement securityTokenXml, SecurityTokenHandlerCollection securityTokenHandlers)
        {
            if (securityTokenXml == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenXml");
            }

            if (securityTokenHandlers == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenHandlers");
            }

            _securityTokenXml      = securityTokenXml;
            _securityTokenHandlers = securityTokenHandlers;
        }
Пример #4
0
        /// <summary>
        /// Initializes an instance of <see cref="SecurityTokenSerializerAdapter"/>
        /// </summary>
        /// <param name="securityTokenHandlerCollection">
        /// The <see cref="SecurityTokenHandlerCollection" /> containing the set of <see cref="SecurityTokenHandler" />
        /// </param>
        public SecurityTokenSerializerAdapter(SecurityTokenHandlerCollection securityTokenHandlerCollection)
        {
            if (securityTokenHandlerCollection == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenHandlerCollection");
            }
            _securityTokenHandlers = securityTokenHandlerCollection;

            KeyInfoSerializer serializer = securityTokenHandlerCollection.KeyInfoSerializer as KeyInfoSerializer;

            if (serializer != null)
            {
                serializer.InnerSecurityTokenSerializer = this;
            }
        }
Пример #5
0
        /// <summary>
        /// Reads a <see cref="SecurityToken"/> from the provided XML representation.
        /// </summary>
        /// <param name="securityTokenXml">The XML representation of the security token.</param>
        /// <param name="securityTokenHandlers">The <see cref="SecurityTokenHandlerCollection"/> used to
        /// read the token.</param>
        /// <returns>A <see cref="SecurityToken"/>.</returns>
        protected virtual SecurityToken ReadSecurityToken(XmlElement securityTokenXml,
                                                          SecurityTokenHandlerCollection securityTokenHandlers)
        {
            SecurityToken securityToken = null;
            XmlReader     reader        = new XmlNodeReader(securityTokenXml);

            reader.MoveToContent();

            securityToken = securityTokenHandlers.ReadToken(reader);
            if (securityToken == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4051, securityTokenXml, reader.LocalName, reader.NamespaceURI)));
            }

            return(securityToken);
        }
        /// <summary>
        /// Creates a system default collection of basic SecurityTokenHandlers, each of which has the system default configuration.
        /// The SecurityTokenHandlers in this collection must be configured with service specific data before they can be used.
        /// </summary>
        /// <param name="configuration">The configuration to associate with the collection.</param>
        /// <returns>A SecurityTokenHandlerCollection with default basic SecurityTokenHandlers.</returns>
        public static SecurityTokenHandlerCollection CreateDefaultSecurityTokenHandlerCollection(SecurityTokenHandlerConfiguration configuration)
        {
            SecurityTokenHandlerCollection collection = new SecurityTokenHandlerCollection(new SecurityTokenHandler[] {
                new KerberosSecurityTokenHandler(),
                new RsaSecurityTokenHandler(),
                new SamlSecurityTokenHandler(),
                new Saml2SecurityTokenHandler(),
                new WindowsUserNameSecurityTokenHandler(),
                new X509SecurityTokenHandler(),
                new EncryptedSecurityTokenHandler(),
                new SessionSecurityTokenHandler(),
            },
                                                                                           configuration);

            defaultHandlerCollectionCount = collection.Count;

            return(collection);
        }
Пример #7
0
        /// <summary>
        /// Creates the identities for the represented by the <see cref="SecurityToken"/>.
        /// </summary>
        /// <param name="securityTokenXml">The <see cref="XmlElement"/> representation of the security token.</param>
        /// <param name="securityTokenHandlers">The collection of <see cref="SecurityTokenHandler"/> objects that may
        /// be used to read and validate the security token this object represents.</param>
        /// <returns>A <see cref="ReadOnlyCollection{T}"/> of <see cref="ClaimsIdentity"/> representing the identities contained in the token.</returns>
        /// <exception cref="InvalidOperationException">If either parameter 'securityTokenXml' or 'securityTokenHandlers' are null.</exception>
        protected virtual ReadOnlyCollection <ClaimsIdentity> ValidateToken(XmlElement securityTokenXml, SecurityTokenHandlerCollection securityTokenHandlers)
        {
            if (securityTokenXml == null || securityTokenHandlers == null)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ID4052)));
            }

            SecurityToken securityToken = GetSecurityToken();

            return(securityTokenHandlers.ValidateToken(securityToken));
        }
        /// <summary>
        /// Gets the bootstrap token handler collection.
        /// </summary>
        SecurityTokenHandlerCollection CreateBootstrapTokenHandlerCollection()
        {
            SecurityTokenHandlerCollection tokenHandlerCollection = this.ContainingCollection ?? SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection();

            return(tokenHandlerCollection);
        }