private XmlDictionaryReader CreateMetadataReader(Uri mexAddress)
{
var metadataSet = new MetadataSet();
var metadataReference = new MetadataReference(new EndpointAddress(mexAddress), AddressingVersion.WSAddressing10);
var metadataSection = new MetadataSection(MetadataSection.MetadataExchangeDialect, null, metadataReference);
metadataSet.MetadataSections.Add(metadataSection);
var sb = new StringBuilder();
var w = new StringWriter(sb, CultureInfo.InvariantCulture);
var writer = XmlWriter.Create(w);
metadataSet.WriteTo(writer);
writer.Flush();
w.Flush();
var input = new StringReader(sb.ToString());
var reader = new XmlTextReader(input);
return XmlDictionaryReader.CreateDictionaryReader(reader);
}
private static XmlDictionaryReader CreateMetadataReader(Uri mexAddress)
{
var metadataSet = new MetadataSet();
var metadataReference = new MetadataReference(new EndpointAddress(mexAddress), AddressingVersion.WSAddressing10);
var metadataSection = new MetadataSection(MetadataSection.MetadataExchangeDialect, null, metadataReference);
metadataSet.MetadataSections.Add(metadataSection);
var stringBuilder = new StringBuilder();
using(var stringWriter = new StringWriter(stringBuilder, CultureInfo.InvariantCulture))
{
var xmlWriter = XmlWriter.Create(stringWriter);
metadataSet.WriteTo(xmlWriter);
xmlWriter.Flush();
stringWriter.Flush();
var stringReader = new StringReader(stringBuilder.ToString());
var xmlTextReader = new XmlTextReader(stringReader);
var result = XmlDictionaryReader.CreateDictionaryReader(xmlTextReader);
return result;
}
}
/// <summary>
/// Sign this information card and write it to a file.
/// </summary>
/// <param name="filename">Path to where this card should be stored.</param>
/// <param name="cert">Certificate to use for signing this card.</param>
public void SerializeAndSign( string filename, X509Certificate2 cert )
{
MemoryStream stream = new MemoryStream();
XmlWriter writer = XmlWriter.Create( stream );
writer.WriteStartElement( XmlNames.WSIdentity.InfoCardElement, XmlNames.WSIdentity.Namespace );
//
// write the InformationCardReference element
//
writer.WriteAttributeString( XmlNames.Xml.Language, XmlNames.Xml.Namespace, m_language );
writer.WriteStartElement( XmlNames.WSIdentity.InfoCardRefElement, XmlNames.WSIdentity.Namespace );
writer.WriteElementString( XmlNames.WSIdentity.CardIdElement, XmlNames.WSIdentity.Namespace, m_cardId );
writer.WriteElementString( XmlNames.WSIdentity.CardVersionElement, XmlNames.WSIdentity.Namespace, m_cardVersion );
writer.WriteEndElement();
//
// card name
//
if( !String.IsNullOrEmpty( m_cardName ) )
{
writer.WriteStartElement( XmlNames.WSIdentity.CardNameElement, XmlNames.WSIdentity.Namespace );
writer.WriteString( m_cardName );
writer.WriteEndElement();
}
//
// card image
//
if( null != m_logo && 0 != m_logo.Length )
{
writer.WriteStartElement( XmlNames.WSIdentity.CardImageElement, XmlNames.WSIdentity.Namespace );
if( !String.IsNullOrEmpty( m_mimeType ) )
{
writer.WriteAttributeString( XmlNames.WSIdentity.MimeTypeAttribute, m_mimeType );
}
string val = Convert.ToBase64String( m_logo );
writer.WriteString( val );
writer.WriteEndElement();
}
//
// card issuer uri
//
writer.WriteStartElement( XmlNames.WSIdentity.IssuerElement, XmlNames.WSIdentity.Namespace );
writer.WriteString( m_issuerId );
writer.WriteEndElement();
//
// issue time
//
writer.WriteStartElement( XmlNames.WSIdentity.TimeIssuedElement, XmlNames.WSIdentity.Namespace );
writer.WriteString( XmlConvert.ToString( m_issuedOn, XmlDateTimeSerializationMode.Utc ) );
writer.WriteEndElement();
//
// expiry time
//
writer.WriteStartElement( XmlNames.WSIdentity.TimeExpiresElement, XmlNames.WSIdentity.Namespace );
writer.WriteString( XmlConvert.ToString( m_expiresOn, XmlDateTimeSerializationMode.Utc ) );
writer.WriteEndElement();
//
// Start the tokenservice list
//
writer.WriteStartElement( XmlNames.WSIdentity.TokenServiceListElement, XmlNames.WSIdentity.Namespace );
EndpointAddressBuilder eprBuilder = new EndpointAddressBuilder();
eprBuilder.Uri = new Uri( m_issuerId );
eprBuilder.Identity = new X509CertificateEndpointIdentity( cert );
if( null != m_mexUri )
{
MetadataReference mexRef = new MetadataReference();
mexRef.Address = new EndpointAddress( m_mexUri );
mexRef.AddressVersion = AddressingVersion.WSAddressing10;
MetadataSection mexSection = new MetadataSection();
mexSection.Metadata = mexRef;
MetadataSet mexSet = new MetadataSet();
mexSet.MetadataSections.Add( mexSection );
MemoryStream memStream = new MemoryStream();
XmlTextWriter writer1 = new XmlTextWriter( memStream, System.Text.Encoding.UTF8 );
mexSet.WriteTo( writer1 );
writer1.Flush();
memStream.Seek( 0, SeekOrigin.Begin );
XmlDictionaryReader reader = XmlDictionaryReader.CreateTextReader( memStream, XmlDictionaryReaderQuotas.Max );
eprBuilder.SetMetadataReader( reader );
}
m_epr = eprBuilder.ToEndpointAddress();
writer.WriteStartElement( XmlNames.WSIdentity.TokenServiceElement, XmlNames.WSIdentity.Namespace );
//
// Write the EndPointReference
//
m_epr.WriteTo( AddressingVersion.WSAddressing10, writer );
//
// Write the UserCredential Element
//
writer.WriteStartElement( XmlNames.WSIdentity.UserCredentialElement, XmlNames.WSIdentity.Namespace );
//
// Write the hint
//
if( !String.IsNullOrEmpty( m_hint ) )
{
writer.WriteStartElement( XmlNames.WSIdentity.DisplayCredentialHintElement, XmlNames.WSIdentity.Namespace );
writer.WriteString( m_hint );
writer.WriteEndElement();
}
switch( m_cardType )
{
case DefaultValues.CardType.UserNamePassword:
writer.WriteStartElement( XmlNames.WSIdentity.UserNamePasswordCredentialElement, XmlNames.WSIdentity.Namespace );
if( !string.IsNullOrEmpty( m_credentialIdentifier ) )
{
writer.WriteStartElement( XmlNames.WSIdentity.UserNameElement, XmlNames.WSIdentity.Namespace );
writer.WriteString( m_credentialIdentifier );
writer.WriteEndElement();
}
writer.WriteEndElement();
break;
case DefaultValues.CardType.KerberosAuth:
writer.WriteStartElement( XmlNames.WSIdentity.KerberosV5CredentialElement, XmlNames.WSIdentity.Namespace );
writer.WriteEndElement();
break;
case DefaultValues.CardType.SelfIssuedAuth:
writer.WriteStartElement( XmlNames.WSIdentity.SelfIssuedCredentialElement, XmlNames.WSIdentity.Namespace );
if( !string.IsNullOrEmpty( m_credentialIdentifier ) )
{
writer.WriteStartElement( XmlNames.WSIdentity.PrivatePersonalIdentifierElement, XmlNames.WSIdentity.Namespace );
writer.WriteString( m_credentialIdentifier );
writer.WriteEndElement();
}
else
{
throw new InvalidDataException( "No PPID was specified" );
}
writer.WriteEndElement();
break;
case DefaultValues.CardType.SmartCard:
writer.WriteStartElement( XmlNames.WSIdentity.X509V3CredentialElement, XmlNames.WSIdentity.Namespace );
writer.WriteStartElement( XmlNames.XmlDSig.X509DataElement, XmlNames.XmlDSig.Namespace );
if( !string.IsNullOrEmpty( m_credentialIdentifier ) )
{
writer.WriteStartElement( XmlNames.WSSecurityExt.KeyIdentifierElement, XmlNames.WSSecurityExt.Namespace );
writer.WriteAttributeString( XmlNames.WSSecurityExt.ValueTypeAttribute,
null,
XmlNames.WSSecurityExt.Sha1ThumbrpintKeyTypeValue );
writer.WriteString( m_credentialIdentifier );
writer.WriteEndElement();
}
else
{
throw new InvalidDataException( "No thumbprint was specified" );
}
writer.WriteEndElement();
writer.WriteEndElement();
break;
default:
break;
}
writer.WriteEndElement(); //end of user credential
writer.WriteEndElement(); // end of tokenservice
writer.WriteEndElement(); //end of tokenservice list
//
// tokentypes
//
writer.WriteStartElement( XmlNames.WSIdentity.SupportedTokenTypeListElement, XmlNames.WSIdentity.Namespace );
foreach( string type in m_tokenTypes )
{
writer.WriteElementString( XmlNames.WSTrust.TokenType,
XmlNames.WSTrust.Namespace,
type );
}
writer.WriteEndElement();
//
// claims
//
writer.WriteStartElement( XmlNames.WSIdentity.SupportedClaimTypeListElement, XmlNames.WSIdentity.Namespace );
foreach( ClaimInfo clm in m_supportedClaims )
{
writer.WriteStartElement( XmlNames.WSIdentity.SupportedClaimTypeElement, XmlNames.WSIdentity.Namespace );
writer.WriteAttributeString( XmlNames.WSIdentity.UriAttribute, clm.Id );
if( !String.IsNullOrEmpty( clm.DisplayTag ) )
{
writer.WriteElementString( XmlNames.WSIdentity.DisplayTagElement,
XmlNames.WSIdentity.Namespace,
clm.DisplayTag );
}
if( !String.IsNullOrEmpty( clm.Description ) )
{
writer.WriteElementString( XmlNames.WSIdentity.DescriptionElement,
XmlNames.WSIdentity.Namespace,
clm.Description );
}
writer.WriteEndElement();
}
writer.WriteEndElement();
//
// RequireAppliesTo
//
if( m_requireAppliesTo )
{
writer.WriteElementString( XmlNames.WSIdentity.RequireAppliesToElement, XmlNames.WSIdentity.Namespace, null );
}
//
// Privacy Notice
//
if( !String.IsNullOrEmpty( m_privacyNoticeAt ) )
{
writer.WriteStartElement( XmlNames.WSIdentity.PrivacyNoticeAtElement, XmlNames.WSIdentity.Namespace );
writer.WriteString( m_privacyNoticeAt );
writer.WriteEndElement();
}
writer.WriteEndElement();
writer.Close();
//
// Sign the xml content
//
stream.Position = 0;
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = false;
doc.Load( stream );
SignedXml signed = new SignedXml();
signed.SigningKey = cert.PrivateKey;
signed.Signature.SignedInfo.CanonicalizationMethod
= SignedXml.XmlDsigExcC14NTransformUrl;
Reference reference = new Reference();
reference.Uri = "#_Object_InfoCard";
reference.AddTransform(
new XmlDsigExcC14NTransform() );
signed.AddReference( reference );
KeyInfo info = new KeyInfo();
KeyInfoX509Data data = new KeyInfoX509Data( cert,
X509IncludeOption.WholeChain );
info.AddClause( data );
signed.KeyInfo = info;
DataObject cardData = new DataObject( "_Object_InfoCard", null, null, doc.DocumentElement );
signed.AddObject( cardData );
signed.ComputeSignature();
XmlElement e = signed.GetXml();
XmlTextWriter fileWriter = new XmlTextWriter( filename, Encoding.UTF8 );
e.WriteTo( fileWriter );
fileWriter.Flush();
fileWriter.Close();
}
/// <summary>
/// Create a reader to provide simulated Metadata endpoint configuration element
/// </summary>
/// <param name="activeSTSUrl">The active endpoint URL.</param>
static XmlDictionaryReader GetMetadataReader(string activeSTSUrl)
{
MetadataSet metadata = new MetadataSet();
MetadataReference mexReferece = new MetadataReference(new EndpointAddress(activeSTSUrl), AddressingVersion.WSAddressing10);
MetadataSection refSection = new MetadataSection(MetadataSection.ServiceDescriptionDialect, null, mexReferece);
metadata.MetadataSections.Add(refSection);
byte[] metadataSectionBytes;
StringBuilder stringBuilder = new StringBuilder();
using (StringWriter stringWriter = new StringWriter(stringBuilder))
{
using (XmlTextWriter textWriter = new XmlTextWriter(stringWriter))
{
metadata.WriteTo(textWriter);
textWriter.Flush();
stringWriter.Flush();
metadataSectionBytes = stringWriter.Encoding.GetBytes(stringBuilder.ToString());
}
}
return XmlDictionaryReader.CreateTextReader(metadataSectionBytes, XmlDictionaryReaderQuotas.Max);
}
