public WindowsStreamSecurityUpgradeProvider(WindowsStreamSecurityBindingElement bindingElement,
BindingContext context, bool isClient)
: base(context.Binding)
{
this.extractGroupsForWindowsAccounts = TransportDefaults.ExtractGroupsForWindowsAccounts;
this.protectionLevel = bindingElement.ProtectionLevel;
this.scheme = context.Binding.Scheme;
this.isClient = isClient;
this.listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress);
SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialProvider == null)
{
if (isClient)
{
credentialProvider = ClientCredentials.CreateDefaultCredentials();
}
else
{
credentialProvider = ServiceCredentials.CreateDefaultCredentials();
}
}
this.securityTokenManager = credentialProvider.CreateSecurityTokenManager();
}
internal static void ImportPolicy(MetadataImporter importer, PolicyConversionContext policyContext)
{
XmlElement assertion = PolicyConversionContext.FindAssertion(policyContext.GetBindingAssertions(),
TransportPolicyConstants.WindowsTransportSecurityName, TransportPolicyConstants.DotNetFramingNamespace, true);
if (assertion != null)
{
WindowsStreamSecurityBindingElement windowsBindingElement
= new WindowsStreamSecurityBindingElement();
XmlReader reader = new XmlNodeReader(assertion);
reader.ReadStartElement();
string protectionLevelString = null;
if (reader.IsStartElement(
TransportPolicyConstants.ProtectionLevelName,
TransportPolicyConstants.DotNetFramingNamespace) && !reader.IsEmptyElement)
{
protectionLevelString = reader.ReadElementContentAsString();
}
if (string.IsNullOrEmpty(protectionLevelString))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(
SR.GetString(SR.ExpectedElementMissing, TransportPolicyConstants.ProtectionLevelName, TransportPolicyConstants.DotNetFramingNamespace)));
}
windowsBindingElement.ProtectionLevel = (ProtectionLevel)Enum.Parse(typeof(ProtectionLevel), protectionLevelString);
policyContext.BindingElements.Add(windowsBindingElement);
}
}
public WindowsStreamSecurityUpgradeProvider(WindowsStreamSecurityBindingElement bindingElement,
BindingContext context, bool isClient)
: base(context.Binding)
{
_extractGroupsForWindowsAccounts = TransportDefaults.ExtractGroupsForWindowsAccounts;
_protectionLevel = bindingElement.ProtectionLevel;
_scheme = context.Binding.Scheme;
_isClient = isClient;
_listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress);
SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialProvider == null)
{
if (isClient)
{
credentialProvider = ClientCredentials.CreateDefaultCredentials();
}
else
{
throw ExceptionHelper.PlatformNotSupported("WindowsStreamSecurityUpgradeProvider for server is not supported.");
}
}
_securityTokenManager = credentialProvider.CreateSecurityTokenManager();
}
void ITransportPolicyImport.ImportPolicy(MetadataImporter importer, PolicyConversionContext policyContext)
{
if (PolicyConversionContext.FindAssertion(policyContext.GetBindingAssertions(), "Streamed", "http://schemas.microsoft.com/ws/2006/05/framing/policy", true) != null)
{
this.TransferMode = System.ServiceModel.TransferMode.Streamed;
}
WindowsStreamSecurityBindingElement.ImportPolicy(importer, policyContext);
SslStreamSecurityBindingElement.ImportPolicy(importer, policyContext);
}
void ITransportPolicyImport.ImportPolicy(MetadataImporter importer, PolicyConversionContext policyContext)
{
if (PolicyConversionContext.FindAssertion(policyContext.GetBindingAssertions(), TransportPolicyConstants.StreamedName, TransportPolicyConstants.DotNetFramingNamespace, true) != null)
{
this.TransferMode = TransferMode.Streamed;
}
WindowsStreamSecurityBindingElement.ImportPolicy(importer, policyContext);
SslStreamSecurityBindingElement.ImportPolicy(importer, policyContext);
}
internal override bool IsMatch(BindingElement b)
{
if (b == null)
{
return(false);
}
WindowsStreamSecurityBindingElement element = b as WindowsStreamSecurityBindingElement;
if (element == null)
{
return(false);
}
if (this.protectionLevel != element.protectionLevel)
{
return(false);
}
return(true);
}
internal override bool IsMatch(BindingElement b)
{
if (b == null)
{
return(false);
}
WindowsStreamSecurityBindingElement security = b as WindowsStreamSecurityBindingElement;
if (security == null)
{
return(false);
}
if (_protectionLevel != security._protectionLevel)
{
return(false);
}
return(true);
}
public WindowsStreamSecurityUpgradeProvider(WindowsStreamSecurityBindingElement bindingElement,
BindingContext context, bool isClient)
: base(context.Binding)
{
Contract.Assert(isClient, ".NET Core and .NET Native does not support server side");
_extractGroupsForWindowsAccounts = TransportDefaults.ExtractGroupsForWindowsAccounts;
_protectionLevel = bindingElement.ProtectionLevel;
_scheme = context.Binding.Scheme;
_isClient = isClient;
_listenUri = TransportSecurityHelpers.GetListenUri(context.ListenUriBaseAddress, context.ListenUriRelativeAddress);
SecurityCredentialsManager credentialProvider = context.BindingParameters.Find <SecurityCredentialsManager>();
if (credentialProvider == null)
{
credentialProvider = ClientCredentials.CreateDefaultCredentials();
}
_securityTokenManager = credentialProvider.CreateSecurityTokenManager();
}
bool ImportWindowsTransportSecurity(MetadataImporter importer,
PolicyConversionContext context,
XmlElement policyElement)
{
var protectionLevel = PolicyImportHelper.GetElement(
importer, policyElement, "ProtectionLevel",
PolicyImportHelper.FramingPolicyNS, true);
if (protectionLevel == null)
{
importer.AddWarning(
"Invalid policy assertion: {0}", policyElement.OuterXml);
return(false);
}
var element = new WindowsStreamSecurityBindingElement();
switch (protectionLevel.InnerText.ToLowerInvariant())
{
case "none":
element.ProtectionLevel = ProtectionLevel.None;
break;
case "sign":
element.ProtectionLevel = ProtectionLevel.Sign;
break;
case "encryptandsign":
element.ProtectionLevel = ProtectionLevel.EncryptAndSign;
break;
default:
importer.AddWarning(
"Invalid policy assertion: {0}", protectionLevel.OuterXml);
return(false);
}
context.BindingElements.Add(element);
return(true);
}
internal static void ImportPolicy(MetadataImporter importer, PolicyConversionContext policyContext)
{
XmlElement node = PolicyConversionContext.FindAssertion(policyContext.GetBindingAssertions(), "WindowsTransportSecurity", "http://schemas.microsoft.com/ws/2006/05/framing/policy", true);
if (node != null)
{
WindowsStreamSecurityBindingElement item = new WindowsStreamSecurityBindingElement();
XmlReader reader = new XmlNodeReader(node);
reader.ReadStartElement();
string str = null;
if (reader.IsStartElement("ProtectionLevel", "http://schemas.microsoft.com/ws/2006/05/framing/policy") && !reader.IsEmptyElement)
{
str = reader.ReadElementContentAsString();
}
if (string.IsNullOrEmpty(str))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(System.ServiceModel.SR.GetString("ExpectedElementMissing", new object[] { "ProtectionLevel", "http://schemas.microsoft.com/ws/2006/05/framing/policy" })));
}
item.ProtectionLevel = (System.Net.Security.ProtectionLevel)Enum.Parse(typeof(System.Net.Security.ProtectionLevel), str);
policyContext.BindingElements.Add(item);
}
}
protected WindowsStreamSecurityBindingElement(WindowsStreamSecurityBindingElement elementToBeCloned)
: base(elementToBeCloned)
{
this.protectionLevel = elementToBeCloned.protectionLevel;
}
bool ImportNetTcpBinding(
WsdlImporter importer, WsdlEndpointConversionContext context,
CustomBinding custom, WS.Soap12Binding soap)
{
TcpTransportBindingElement transportElement = null;
BinaryMessageEncodingBindingElement binaryElement = null;
TransactionFlowBindingElement transactionFlowElement = null;
WindowsStreamSecurityBindingElement windowsStreamElement = null;
SslStreamSecurityBindingElement sslStreamElement = null;
bool foundUnknownElement = false;
foreach (var element in custom.Elements)
{
if (element is TcpTransportBindingElement)
{
transportElement = (TcpTransportBindingElement)element;
}
else if (element is BinaryMessageEncodingBindingElement)
{
binaryElement = (BinaryMessageEncodingBindingElement)element;
}
else if (element is TransactionFlowBindingElement)
{
transactionFlowElement = (TransactionFlowBindingElement)element;
}
else if (element is WindowsStreamSecurityBindingElement)
{
windowsStreamElement = (WindowsStreamSecurityBindingElement)element;
}
else if (element is SslStreamSecurityBindingElement)
{
sslStreamElement = (SslStreamSecurityBindingElement)element;
}
else
{
importer.AddWarning(
"Found unknown binding element `{0}' while importing " +
"binding `{1}'.", element.GetType(), custom.Name);
foundUnknownElement = true;
}
}
if (foundUnknownElement)
{
return(false);
}
if (transportElement == null)
{
importer.AddWarning(
"Missing TcpTransportBindingElement while importing " +
"binding `{0}'.", custom.Name);
return(false);
}
if (binaryElement == null)
{
importer.AddWarning(
"Missing BinaryMessageEncodingBindingElement while importing " +
"binding `{0}'.", custom.Name);
return(false);
}
if ((windowsStreamElement != null) && (sslStreamElement != null))
{
importer.AddWarning(
"Found both WindowsStreamSecurityBindingElement and " +
"SslStreamSecurityBindingElement while importing binding `{0}.",
custom.Name);
return(false);
}
NetTcpSecurity security;
if (windowsStreamElement != null)
{
security = new NetTcpSecurity(SecurityMode.Transport);
security.Transport.ProtectionLevel = windowsStreamElement.ProtectionLevel;
}
else if (sslStreamElement != null)
{
security = new NetTcpSecurity(SecurityMode.TransportWithMessageCredential);
}
else
{
security = new NetTcpSecurity(SecurityMode.None);
}
var netTcp = new NetTcpBinding(transportElement, security, false);
netTcp.Name = context.Endpoint.Binding.Name;
netTcp.Namespace = context.Endpoint.Binding.Namespace;
context.Endpoint.Binding = netTcp;
return(true);
}
public WindowsStreamSecurityBindingElement(
WindowsStreamSecurityBindingElement other)
: base(other)
{
ProtectionLevel = other.ProtectionLevel;
}
private WindowsStreamSecurityBindingElement(
WindowsStreamSecurityBindingElement other)
: base(other)
{
throw new NotImplementedException();
}
