static IAuthorizationPolicy RetrievePolicyFromBlob(byte[] contextBlob, string id, DateTime expirationTime, IList <Type> knownTypes)
{
if (contextBlob == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("contextBlob");
}
if (id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");
}
SctClaimDictionary claimDictionary = SctClaimDictionary.Instance;
XmlDictionaryReader reader = XmlDictionaryReader.CreateBinaryReader(contextBlob, 0, contextBlob.Length, claimDictionary, XmlDictionaryReaderQuotas.Max, null, null);
IList <IIdentity> identities = null;
IList <ClaimSet> claimSets = null;
int versionNumber = -1;
reader.ReadFullStartElement(claimDictionary.SecurityContextSecurityToken, claimDictionary.EmptyString);
while (reader.IsStartElement())
{
if (reader.IsStartElement(claimDictionary.Version, claimDictionary.EmptyString))
{
versionNumber = reader.ReadElementContentAsInt();
if (versionNumber != 1)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR2.GetString(SR2.SerializedAuthorizationContextVersionUnsupported, versionNumber)));
}
}
else
{
if (reader.IsStartElement(claimDictionary.Identities, claimDictionary.EmptyString))
{
identities = SctClaimSerializer.DeserializeIdentities(reader, claimDictionary, DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), knownTypes, 0x7fffffff));
continue;
}
if (reader.IsStartElement(claimDictionary.ClaimSets, claimDictionary.EmptyString))
{
reader.ReadStartElement();
DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), knownTypes, 0x7fffffff);
DataContractSerializer claimSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), knownTypes, 0x7fffffff);
claimSets = new List <ClaimSet>(1);
while (reader.IsStartElement())
{
claimSets.Add(SctClaimSerializer.DeserializeClaimSet(reader, claimDictionary, claimSetSerializer, claimSerializer));
}
reader.ReadEndElement();
continue;
}
}
}
reader.ReadEndElement();
return(new SctUnconditionalPolicy(identities, id, claimSets, expirationTime));
}
public byte[] CreateCookieFromSecurityContext(UniqueId contextId, string id, byte[] key, DateTime tokenEffectiveTime, DateTime tokenExpirationTime, UniqueId keyGeneration, DateTime keyEffectiveTime, DateTime keyExpirationTime, ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies)
{
if (contextId == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("contextId");
}
if (key == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("key");
}
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateBinaryWriter(stream, SctClaimDictionary.Instance, null);
SctClaimDictionary instance = SctClaimDictionary.Instance;
writer.WriteStartElement(instance.SecurityContextSecurityToken, instance.EmptyString);
writer.WriteStartElement(instance.Version, instance.EmptyString);
writer.WriteValue(1);
writer.WriteEndElement();
if (id != null)
{
writer.WriteElementString(instance.Id, instance.EmptyString, id);
}
XmlHelper.WriteElementStringAsUniqueId(writer, instance.ContextId, instance.EmptyString, contextId);
writer.WriteStartElement(instance.Key, instance.EmptyString);
writer.WriteBase64(key, 0, key.Length);
writer.WriteEndElement();
if (keyGeneration != null)
{
XmlHelper.WriteElementStringAsUniqueId(writer, instance.KeyGeneration, instance.EmptyString, keyGeneration);
}
XmlHelper.WriteElementContentAsInt64(writer, instance.EffectiveTime, instance.EmptyString, tokenEffectiveTime.ToUniversalTime().Ticks);
XmlHelper.WriteElementContentAsInt64(writer, instance.ExpiryTime, instance.EmptyString, tokenExpirationTime.ToUniversalTime().Ticks);
XmlHelper.WriteElementContentAsInt64(writer, instance.KeyEffectiveTime, instance.EmptyString, keyEffectiveTime.ToUniversalTime().Ticks);
XmlHelper.WriteElementContentAsInt64(writer, instance.KeyExpiryTime, instance.EmptyString, keyExpirationTime.ToUniversalTime().Ticks);
AuthorizationContext authContext = null;
if (authorizationPolicies != null)
{
authContext = AuthorizationContext.CreateDefaultAuthorizationContext(authorizationPolicies);
}
if ((authContext != null) && (authContext.ClaimSets.Count != 0))
{
DataContractSerializer serializer = DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), this.knownTypes, 0x7fffffff);
DataContractSerializer serializer2 = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), this.knownTypes, 0x7fffffff);
DataContractSerializer claimSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), this.knownTypes, 0x7fffffff);
SctClaimSerializer.SerializeIdentities(authContext, instance, writer, serializer);
writer.WriteStartElement(instance.ClaimSets, instance.EmptyString);
for (int i = 0; i < authContext.ClaimSets.Count; i++)
{
SctClaimSerializer.SerializeClaimSet(authContext.ClaimSets[i], instance, writer, serializer2, claimSerializer);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
writer.Flush();
byte[] data = stream.ToArray();
return(this.securityStateEncoder.EncodeSecurityState(data));
}
protected override async ValueTask <(BodyWriter, SspiNegotiationTokenAuthenticatorState)> ProcessRequestSecurityTokenAsync(Message request, RequestSecurityToken requestSecurityToken)
{
if (request == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(request));
}
if (requestSecurityToken == null)
{
throw TraceUtility.ThrowHelperArgumentNull(nameof(requestSecurityToken), request);
}
if (requestSecurityToken.RequestType != null && requestSecurityToken.RequestType != StandardsManager.TrustDriver.RequestTypeIssue)
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(SR.Format(SR.InvalidRstRequestType, requestSecurityToken.RequestType)), request);
}
BinaryNegotiation incomingNego = requestSecurityToken.GetBinaryNegotiation();
ValidateIncomingBinaryNegotiation(incomingNego);
SspiNegotiationTokenAuthenticatorState negotiationState = CreateSspiState(incomingNego.GetNegotiationData(), incomingNego.ValueTypeUri);
AddToDigest(negotiationState, requestSecurityToken);
negotiationState.Context = requestSecurityToken.Context;
if (requestSecurityToken.KeySize != 0)
{
WSTrust.Driver.ValidateRequestedKeySize(requestSecurityToken.KeySize, SecurityAlgorithmSuite);
}
negotiationState.RequestedKeySize = requestSecurityToken.KeySize;
string appliesToNamespace;
string appliesToName;
requestSecurityToken.GetAppliesToQName(out appliesToName, out appliesToNamespace);
if (appliesToName == AddressingStrings.EndpointReference && appliesToNamespace == request.Version.Addressing.Namespace)
{
DataContractSerializer serializer;
if (request.Version.Addressing == AddressingVersion.WSAddressing10)
{
serializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), DataContractSerializerDefaults.MaxItemsInObjectGraph);
negotiationState.AppliesTo = requestSecurityToken.GetAppliesTo <EndpointAddress10>(serializer).ToEndpointAddress();
}
else if (request.Version.Addressing == AddressingVersion.WSAddressingAugust2004)
{
serializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), DataContractSerializerDefaults.MaxItemsInObjectGraph);
negotiationState.AppliesTo = requestSecurityToken.GetAppliesTo <EndpointAddressAugust2004>(serializer).ToEndpointAddress();
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.Format(SR.AddressingVersionNotSupported, request.Version.Addressing)));
}
negotiationState.AppliesToSerializer = serializer;
}
var bodyWriter = await ProcessNegotiationAsync(negotiationState, request, incomingNego);
return(bodyWriter, negotiationState);
}
protected override void OnWriteHeaderContents(XmlDictionaryWriter writer, MessageVersion messageVersion)
{
lock (this.syncRoot)
{
if (this.serializer == null)
{
this.serializer = DataContractSerializerDefaults.CreateSerializer((this.objectToSerialize == null) ? typeof(object) : this.objectToSerialize.GetType(), this.Name, this.Namespace, 0x7fffffff);
}
this.serializer.WriteObjectContent(writer, this.objectToSerialize);
}
}
protected override void OnWriteHeaderContents(XmlDictionaryWriter writer, MessageVersion messageVersion)
{
lock (syncRoot)
{
if (serializer == null)
{
serializer = DataContractSerializerDefaults.CreateSerializer(
(objectToSerialize == null ? typeof(object) : objectToSerialize.GetType()), Name, Namespace, int.MaxValue /*maxItems*/);
}
serializer.WriteObjectContent(writer, objectToSerialize);
}
}
protected override BodyWriter ProcessRequestSecurityToken(Message request, RequestSecurityToken requestSecurityToken, out SspiNegotiationTokenAuthenticatorState negotiationState)
{
string str;
string str2;
if (request == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("request");
}
if (requestSecurityToken == null)
{
throw TraceUtility.ThrowHelperArgumentNull("requestSecurityToken", request);
}
if ((requestSecurityToken.RequestType != null) && (requestSecurityToken.RequestType != base.StandardsManager.TrustDriver.RequestTypeIssue))
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(System.ServiceModel.SR.GetString("InvalidRstRequestType", new object[] { requestSecurityToken.RequestType })), request);
}
BinaryNegotiation binaryNegotiation = requestSecurityToken.GetBinaryNegotiation();
this.ValidateIncomingBinaryNegotiation(binaryNegotiation);
negotiationState = this.CreateSspiState(binaryNegotiation.GetNegotiationData(), binaryNegotiation.ValueTypeUri);
AddToDigest(negotiationState, requestSecurityToken);
negotiationState.Context = requestSecurityToken.Context;
if (requestSecurityToken.KeySize != 0)
{
WSTrust.Driver.ValidateRequestedKeySize(requestSecurityToken.KeySize, base.SecurityAlgorithmSuite);
}
negotiationState.RequestedKeySize = requestSecurityToken.KeySize;
requestSecurityToken.GetAppliesToQName(out str, out str2);
if ((str == "EndpointReference") && (str2 == request.Version.Addressing.Namespace))
{
DataContractSerializer serializer;
if (request.Version.Addressing == AddressingVersion.WSAddressing10)
{
serializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), 0x10000);
negotiationState.AppliesTo = requestSecurityToken.GetAppliesTo <EndpointAddress10>(serializer).ToEndpointAddress();
}
else
{
if (request.Version.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { request.Version.Addressing })));
}
serializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), 0x10000);
negotiationState.AppliesTo = requestSecurityToken.GetAppliesTo <EndpointAddressAugust2004>(serializer).ToEndpointAddress();
}
negotiationState.AppliesToSerializer = serializer;
}
return(this.ProcessNegotiation(negotiationState, request, binaryNegotiation));
}
static byte[] CreateSerializableBlob(AuthorizationContext authorizationContext, IList <Type> knownTypes)
{
if (authorizationContext == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("authorizationContext");
}
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateBinaryWriter(stream, SctClaimDictionary.Instance, null);
SctClaimDictionary claimDictionary = SctClaimDictionary.Instance;
writer.WriteStartElement(claimDictionary.SecurityContextSecurityToken, claimDictionary.EmptyString);
writer.WriteStartElement(claimDictionary.Version, claimDictionary.EmptyString);
writer.WriteValue(1);
writer.WriteEndElement();
if ((authorizationContext != null) && (authorizationContext.ClaimSets.Count != 0))
{
DataContractSerializer identitySerializer = DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), knownTypes, 0x7fffffff);
DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), knownTypes, 0x7fffffff);
DataContractSerializer claimSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), knownTypes, 0x7fffffff);
SctClaimSerializer.SerializeIdentities(authorizationContext, claimDictionary, writer, identitySerializer);
writer.WriteStartElement(claimDictionary.ClaimSets, claimDictionary.EmptyString);
for (int i = 0; i < authorizationContext.ClaimSets.Count; i++)
{
SctClaimSerializer.SerializeClaimSet(authorizationContext.ClaimSets[i], claimDictionary, writer, claimSetSerializer, claimSerializer);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
writer.Flush();
return(stream.ToArray());
}
protected override BodyWriter ProcessRequestSecurityToken(Message request, RequestSecurityToken requestSecurityToken, out NegotiationTokenAuthenticatorState negotiationState)
{
if (request == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("request");
}
if (requestSecurityToken == null)
{
throw TraceUtility.ThrowHelperArgumentNull("requestSecurityToken", request);
}
try
{
if (requestSecurityToken.RequestType != null && requestSecurityToken.RequestType != this.StandardsManager.TrustDriver.RequestTypeIssue)
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(SR.GetString(SR.InvalidRstRequestType, requestSecurityToken.RequestType)), request);
}
if (requestSecurityToken.TokenType != null && requestSecurityToken.TokenType != this.SecurityContextTokenUri)
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(SR.GetString(SR.CannotIssueRstTokenType, requestSecurityToken.TokenType)), request);
}
EndpointAddress appliesTo;
DataContractSerializer appliesToSerializer;
string appliesToName;
string appliesToNamespace;
requestSecurityToken.GetAppliesToQName(out appliesToName, out appliesToNamespace);
if (appliesToName == AddressingStrings.EndpointReference && appliesToNamespace == request.Version.Addressing.Namespace)
{
if (request.Version.Addressing == AddressingVersion.WSAddressing10)
{
appliesToSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), DataContractSerializerDefaults.MaxItemsInObjectGraph);
appliesTo = requestSecurityToken.GetAppliesTo <EndpointAddress10>(appliesToSerializer).ToEndpointAddress();
}
else if (request.Version.Addressing == AddressingVersion.WSAddressingAugust2004)
{
appliesToSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), DataContractSerializerDefaults.MaxItemsInObjectGraph);
appliesTo = requestSecurityToken.GetAppliesTo <EndpointAddressAugust2004>(appliesToSerializer).ToEndpointAddress();
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.GetString(SR.AddressingVersionNotSupported, request.Version.Addressing)));
}
}
else
{
appliesTo = null;
appliesToSerializer = null;
}
if (this.shouldMatchRstWithEndpointFilter)
{
SecurityUtils.MatchRstWithEndpointFilter(request, this.EndpointFilterTable, this.ListenUri);
}
int issuedKeySize;
byte[] issuerEntropy;
byte[] proofKey;
SecurityToken proofToken;
WSTrust.Driver.ProcessRstAndIssueKey(requestSecurityToken, null, this.KeyEntropyMode, this.SecurityAlgorithmSuite,
out issuedKeySize, out issuerEntropy, out proofKey, out proofToken);
UniqueId contextId = SecurityUtils.GenerateUniqueId();
string id = SecurityUtils.GenerateId();
DateTime effectiveTime = DateTime.UtcNow;
DateTime expirationTime = TimeoutHelper.Add(effectiveTime, this.ServiceTokenLifetime);
// ensure that a SecurityContext is present in the message
SecurityMessageProperty securityProperty = request.Properties.Security;
ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies;
if (securityProperty != null)
{
authorizationPolicies = SecuritySessionSecurityTokenAuthenticator.CreateSecureConversationPolicies(securityProperty, expirationTime);
}
else
{
authorizationPolicies = EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance;
}
SecurityContextSecurityToken serviceToken = this.IssueSecurityContextToken(contextId, id, proofKey, effectiveTime, expirationTime, authorizationPolicies,
this.EncryptStateInServiceToken);
if (this.preserveBootstrapTokens)
{
serviceToken.BootstrapMessageProperty = (securityProperty == null) ? null : (SecurityMessageProperty)securityProperty.CreateCopy();
SecurityUtils.ErasePasswordInUsernameTokenIfPresent(serviceToken.BootstrapMessageProperty);
}
RequestSecurityTokenResponse rstr = new RequestSecurityTokenResponse(this.StandardsManager);
rstr.Context = requestSecurityToken.Context;
rstr.KeySize = issuedKeySize;
rstr.RequestedUnattachedReference = this.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(serviceToken, SecurityTokenReferenceStyle.External);
rstr.RequestedAttachedReference = this.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(serviceToken, SecurityTokenReferenceStyle.Internal);
rstr.TokenType = this.SecurityContextTokenUri;
rstr.RequestedSecurityToken = serviceToken;
if (issuerEntropy != null)
{
rstr.SetIssuerEntropy(issuerEntropy);
rstr.ComputeKey = true;
}
if (proofToken != null)
{
rstr.RequestedProofToken = proofToken;
}
if (appliesTo != null)
{
if (request.Version.Addressing == AddressingVersion.WSAddressing10)
{
rstr.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(appliesTo), appliesToSerializer);
}
else if (request.Version.Addressing == AddressingVersion.WSAddressingAugust2004)
{
rstr.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(appliesTo), appliesToSerializer);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.GetString(SR.AddressingVersionNotSupported, request.Version.Addressing)));
}
}
rstr.MakeReadOnly();
negotiationState = new NegotiationTokenAuthenticatorState();
negotiationState.SetServiceToken(serviceToken);
if (this.StandardsManager.MessageSecurityVersion.SecureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
return(rstr);
}
else if (this.StandardsManager.MessageSecurityVersion.SecureConversationVersion == SecureConversationVersion.WSSecureConversation13)
{
List <RequestSecurityTokenResponse> rstrList = new List <RequestSecurityTokenResponse>(1);
rstrList.Add(rstr);
RequestSecurityTokenResponseCollection rstrCollection = new RequestSecurityTokenResponseCollection(rstrList, this.StandardsManager);
return(rstrCollection);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
}
finally
{
SecuritySessionSecurityTokenAuthenticator.RemoveCachedTokensIfRequired(request.Properties.Security);
}
}
private SecurityContextSecurityToken DeserializeContext(byte[] serializedContext, byte[] cookieBlob, string id, XmlDictionaryReaderQuotas quotas)
{
List <IAuthorizationPolicy> list3;
SctClaimDictionary instance = SctClaimDictionary.Instance;
XmlDictionaryReader reader = XmlDictionaryReader.CreateBinaryReader(serializedContext, 0, serializedContext.Length, instance, quotas, null, null);
int num = -1;
UniqueId contextId = null;
DateTime minUtcDateTime = System.ServiceModel.Security.SecurityUtils.MinUtcDateTime;
DateTime maxUtcDateTime = System.ServiceModel.Security.SecurityUtils.MaxUtcDateTime;
byte[] key = null;
string str = null;
UniqueId keyGeneration = null;
DateTime keyEffectiveTime = System.ServiceModel.Security.SecurityUtils.MinUtcDateTime;
DateTime keyExpirationTime = System.ServiceModel.Security.SecurityUtils.MaxUtcDateTime;
List <ClaimSet> claimSets = null;
IList <IIdentity> identities = null;
bool isCookieMode = true;
reader.ReadFullStartElement(instance.SecurityContextSecurityToken, instance.EmptyString);
while (reader.IsStartElement())
{
if (reader.IsStartElement(instance.Version, instance.EmptyString))
{
num = reader.ReadElementContentAsInt();
}
else
{
if (reader.IsStartElement(instance.ContextId, instance.EmptyString))
{
contextId = reader.ReadElementContentAsUniqueId();
continue;
}
if (reader.IsStartElement(instance.Id, instance.EmptyString))
{
str = reader.ReadElementContentAsString();
continue;
}
if (reader.IsStartElement(instance.EffectiveTime, instance.EmptyString))
{
minUtcDateTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
continue;
}
if (reader.IsStartElement(instance.ExpiryTime, instance.EmptyString))
{
maxUtcDateTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
continue;
}
if (reader.IsStartElement(instance.Key, instance.EmptyString))
{
key = reader.ReadElementContentAsBase64();
continue;
}
if (reader.IsStartElement(instance.KeyGeneration, instance.EmptyString))
{
keyGeneration = reader.ReadElementContentAsUniqueId();
continue;
}
if (reader.IsStartElement(instance.KeyEffectiveTime, instance.EmptyString))
{
keyEffectiveTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
continue;
}
if (reader.IsStartElement(instance.KeyExpiryTime, instance.EmptyString))
{
keyExpirationTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
continue;
}
if (reader.IsStartElement(instance.Identities, instance.EmptyString))
{
identities = SctClaimSerializer.DeserializeIdentities(reader, instance, DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), this.knownTypes, 0x7fffffff));
continue;
}
if (reader.IsStartElement(instance.ClaimSets, instance.EmptyString))
{
reader.ReadStartElement();
DataContractSerializer serializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), this.knownTypes, 0x7fffffff);
DataContractSerializer claimSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), this.knownTypes, 0x7fffffff);
claimSets = new List <ClaimSet>(1);
while (reader.IsStartElement())
{
claimSets.Add(SctClaimSerializer.DeserializeClaimSet(reader, instance, serializer, claimSerializer));
}
reader.ReadEndElement();
continue;
}
if (reader.IsStartElement(instance.IsCookieMode, instance.EmptyString))
{
isCookieMode = reader.ReadElementString() == "1";
}
else
{
OnInvalidCookieFailure(System.ServiceModel.SR.GetString("SctCookieXmlParseError"));
}
}
}
reader.ReadEndElement();
if (num != 1)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(System.ServiceModel.SR.GetString("SerializedTokenVersionUnsupported", new object[] { num })));
}
if (contextId == null)
{
OnInvalidCookieFailure(System.ServiceModel.SR.GetString("SctCookieValueMissingOrIncorrect", new object[] { "ContextId" }));
}
if ((key == null) || (key.Length == 0))
{
OnInvalidCookieFailure(System.ServiceModel.SR.GetString("SctCookieValueMissingOrIncorrect", new object[] { "Key" }));
}
if (str != id)
{
OnInvalidCookieFailure(System.ServiceModel.SR.GetString("SctCookieValueMissingOrIncorrect", new object[] { "Id" }));
}
if (claimSets != null)
{
list3 = new List <IAuthorizationPolicy>(1)
{
new SctUnconditionalPolicy(identities, claimSets, maxUtcDateTime)
};
}
else
{
list3 = null;
}
return(new SecurityContextSecurityToken(contextId, str, key, minUtcDateTime, maxUtcDateTime, (list3 != null) ? list3.AsReadOnly() : null, isCookieMode, cookieBlob, keyGeneration, keyEffectiveTime, keyExpirationTime));
}
public static AddressHeader CreateAddressHeader(object value)
{
Type type = GetObjectType(value);
return(CreateAddressHeader(value, DataContractSerializerDefaults.CreateSerializer(type, int.MaxValue /*maxItems*/)));
}
public T GetAppliesTo <T>()
{
return(this.GetAppliesTo <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), 0x10000)));
}
public static AddressHeader CreateAddressHeader(object value)
{
System.Type objectType = GetObjectType(value);
return(CreateAddressHeader(value, DataContractSerializerDefaults.CreateSerializer(objectType, 0x7fffffff)));
}
//public static AddressHeader CreateAddressHeader(object value)
//{
// Type type = GetObjectType(value);
// return CreateAddressHeader(value, DataContractSerializerDefaults.CreateSerializer(type, int.MaxValue/*maxItems*/));
//}
//public static AddressHeader CreateAddressHeader(object value, XmlObjectSerializer serializer)
//{
// if (serializer == null)
// throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("serializer"));
// return new XmlObjectSerializerAddressHeader(value, serializer);
//}
public static AddressHeader CreateAddressHeader(string name, string ns, object value)
{
return(CreateAddressHeader(name, ns, value, DataContractSerializerDefaults.CreateSerializer(GetObjectType(value), name, ns, int.MaxValue /*maxItems*/)));
}
protected override BodyWriter GetFirstOutgoingMessageBody(FederatedTokenProviderState negotiationState, out MessageProperties messageProperties)
{
messageProperties = null;
RequestSecurityToken rst = new RequestSecurityToken(this.StandardsManager);
if (this.addTargetServiceAppliesTo)
{
if (this.MessageVersion.Addressing == AddressingVersion.WSAddressing10)
{
rst.SetAppliesTo <EndpointAddress10>(
EndpointAddress10.FromEndpointAddress(negotiationState.TargetAddress),
DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), DataContractSerializerDefaults.MaxItemsInObjectGraph));
}
else if (this.MessageVersion.Addressing == AddressingVersion.WSAddressingAugust2004)
{
rst.SetAppliesTo <EndpointAddressAugust2004>(
EndpointAddressAugust2004.FromEndpointAddress(negotiationState.TargetAddress),
DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), DataContractSerializerDefaults.MaxItemsInObjectGraph));
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new ProtocolException(SR.GetString(SR.AddressingVersionNotSupported, this.MessageVersion.Addressing)));
}
}
rst.Context = negotiationState.Context;
if (!this.isKeySizePresentInRstProperties)
{
rst.KeySize = this.keySize;
}
Collection <XmlElement> newRequestProperties = new Collection <XmlElement>();
if (this.requestProperties != null)
{
for (int i = 0; i < this.requestProperties.Count; ++i)
{
newRequestProperties.Add(this.requestProperties[i]);
}
}
if (!isKeyTypePresentInRstProperties)
{
XmlElement keyTypeElement = this.StandardsManager.TrustDriver.CreateKeyTypeElement(this.keyType);
newRequestProperties.Insert(0, keyTypeElement);
}
if (this.keyType == SecurityKeyType.SymmetricKey)
{
byte[] requestorEntropy = negotiationState.GetRequestorEntropy();
rst.SetRequestorEntropy(requestorEntropy);
}
else if (this.keyType == SecurityKeyType.AsymmetricKey)
{
RsaKeyIdentifierClause rsaClause = new RsaKeyIdentifierClause(negotiationState.Rsa);
SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier(rsaClause);
newRequestProperties.Add(this.StandardsManager.TrustDriver.CreateUseKeyElement(keyIdentifier, this.StandardsManager));
RsaSecurityTokenParameters rsaParameters = new RsaSecurityTokenParameters();
rsaParameters.InclusionMode = SecurityTokenInclusionMode.Never;
rsaParameters.RequireDerivedKeys = false;
SupportingTokenSpecification rsaSpec = new SupportingTokenSpecification(negotiationState.RsaSecurityToken, EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance, SecurityTokenAttachmentMode.Endorsing, rsaParameters);
messageProperties = new MessageProperties();
SecurityMessageProperty security = new SecurityMessageProperty();
security.OutgoingSupportingTokens.Add(rsaSpec);
messageProperties.Security = security;
}
if (this.keyType == SecurityKeyType.SymmetricKey && this.KeyEntropyMode == SecurityKeyEntropyMode.CombinedEntropy)
{
newRequestProperties.Add(this.StandardsManager.TrustDriver.CreateComputedKeyAlgorithmElement(this.StandardsManager.TrustDriver.ComputedKeyAlgorithm));
}
rst.RequestProperties = newRequestProperties;
rst.MakeReadOnly();
return(rst);
}
public T GetDetail <T>()
{
return(this.GetDetail <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), 0x7fffffff)));
}
public byte[] CreateCookieFromSecurityContext(UniqueId contextId, string id, byte[] key, DateTime tokenEffectiveTime,
DateTime tokenExpirationTime, UniqueId keyGeneration, DateTime keyEffectiveTime, DateTime keyExpirationTime,
ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies)
{
if (contextId == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(contextId));
}
if (key == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(key));
}
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateBinaryWriter(stream, SctClaimDictionary.Instance, null);
SctClaimDictionary dictionary = SctClaimDictionary.Instance;
writer.WriteStartElement(dictionary.SecurityContextSecurityToken, dictionary.EmptyString);
writer.WriteStartElement(dictionary.Version, dictionary.EmptyString);
writer.WriteValue(SupportedPersistanceVersion);
writer.WriteEndElement();
if (id != null)
{
writer.WriteElementString(dictionary.Id, dictionary.EmptyString, id);
}
XmlHelper.WriteElementStringAsUniqueId(writer, dictionary.ContextId, dictionary.EmptyString, contextId);
writer.WriteStartElement(dictionary.Key, dictionary.EmptyString);
writer.WriteBase64(key, 0, key.Length);
writer.WriteEndElement();
if (keyGeneration != null)
{
XmlHelper.WriteElementStringAsUniqueId(writer, dictionary.KeyGeneration, dictionary.EmptyString, keyGeneration);
}
XmlHelper.WriteElementContentAsInt64(writer, dictionary.EffectiveTime, dictionary.EmptyString, tokenEffectiveTime.ToUniversalTime().Ticks);
XmlHelper.WriteElementContentAsInt64(writer, dictionary.ExpiryTime, dictionary.EmptyString, tokenExpirationTime.ToUniversalTime().Ticks);
XmlHelper.WriteElementContentAsInt64(writer, dictionary.KeyEffectiveTime, dictionary.EmptyString, keyEffectiveTime.ToUniversalTime().Ticks);
XmlHelper.WriteElementContentAsInt64(writer, dictionary.KeyExpiryTime, dictionary.EmptyString, keyExpirationTime.ToUniversalTime().Ticks);
AuthorizationContext authContext = null;
if (authorizationPolicies != null)
{
authContext = AuthorizationContext.CreateDefaultAuthorizationContext(authorizationPolicies);
}
if (authContext != null && authContext.ClaimSets.Count != 0)
{
DataContractSerializer identitySerializer = DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), _knownTypes, int.MaxValue);
DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), _knownTypes, int.MaxValue);
DataContractSerializer claimSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), _knownTypes, int.MaxValue);
SctClaimSerializer.SerializeIdentities(authContext, dictionary, writer, identitySerializer);
writer.WriteStartElement(dictionary.ClaimSets, dictionary.EmptyString);
for (int i = 0; i < authContext.ClaimSets.Count; i++)
{
SctClaimSerializer.SerializeClaimSet(authContext.ClaimSets[i], dictionary, writer, claimSetSerializer, claimSerializer);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
writer.Flush();
byte[] serializedContext = stream.ToArray();
return(_securityStateEncoder.EncodeSecurityState(serializedContext));
}
protected override BodyWriter GetFirstOutgoingMessageBody(IssuedSecurityTokenProvider.FederatedTokenProviderState negotiationState, out MessageProperties messageProperties)
{
messageProperties = null;
RequestSecurityToken token = new RequestSecurityToken(base.StandardsManager);
if (this.addTargetServiceAppliesTo)
{
if (this.MessageVersion.Addressing != AddressingVersion.WSAddressing10)
{
if (this.MessageVersion.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { this.MessageVersion.Addressing })));
}
token.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(negotiationState.TargetAddress), DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), 0x10000));
}
else
{
token.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(negotiationState.TargetAddress), DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), 0x10000));
}
}
token.Context = negotiationState.Context;
if (!this.isKeySizePresentInRstProperties)
{
token.KeySize = this.keySize;
}
Collection <XmlElement> collection = new Collection <XmlElement>();
if (this.requestProperties != null)
{
for (int i = 0; i < this.requestProperties.Count; i++)
{
collection.Add(this.requestProperties[i]);
}
}
if (!this.isKeyTypePresentInRstProperties)
{
XmlElement item = base.StandardsManager.TrustDriver.CreateKeyTypeElement(this.keyType);
collection.Insert(0, item);
}
if (this.keyType == SecurityKeyType.SymmetricKey)
{
byte[] requestorEntropy = negotiationState.GetRequestorEntropy();
token.SetRequestorEntropy(requestorEntropy);
}
else if (this.keyType == SecurityKeyType.AsymmetricKey)
{
RsaKeyIdentifierClause clause = new RsaKeyIdentifierClause(negotiationState.Rsa);
SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { clause });
collection.Add(base.StandardsManager.TrustDriver.CreateUseKeyElement(keyIdentifier, base.StandardsManager));
RsaSecurityTokenParameters tokenParameters = new RsaSecurityTokenParameters {
InclusionMode = SecurityTokenInclusionMode.Never,
RequireDerivedKeys = false
};
SupportingTokenSpecification specification = new SupportingTokenSpecification(negotiationState.RsaSecurityToken, System.ServiceModel.Security.EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance, SecurityTokenAttachmentMode.Endorsing, tokenParameters);
messageProperties = new MessageProperties();
SecurityMessageProperty property = new SecurityMessageProperty {
OutgoingSupportingTokens = { specification }
};
messageProperties.Security = property;
}
if ((this.keyType == SecurityKeyType.SymmetricKey) && (this.KeyEntropyMode == SecurityKeyEntropyMode.CombinedEntropy))
{
collection.Add(base.StandardsManager.TrustDriver.CreateComputedKeyAlgorithmElement(base.StandardsManager.TrustDriver.ComputedKeyAlgorithm));
}
token.RequestProperties = collection;
token.MakeReadOnly();
return(token);
}
public static void SerializeRecord(XmlWriter xmlWriter, object o)
{
DataContractSerializerDefaults.CreateSerializer((o == null) ? typeof(object) : o.GetType(), 0x10000).WriteObject(xmlWriter, o);
}
protected override BodyWriter ProcessRequestSecurityToken(Message request, RequestSecurityToken requestSecurityToken, out NegotiationTokenAuthenticatorState negotiationState)
{
BodyWriter writer;
if (request == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("request");
}
if (requestSecurityToken == null)
{
throw TraceUtility.ThrowHelperArgumentNull("requestSecurityToken", request);
}
try
{
EndpointAddress address;
DataContractSerializer serializer;
string str;
string str2;
int num;
byte[] buffer;
byte[] buffer2;
SecurityToken token;
ReadOnlyCollection <IAuthorizationPolicy> instance;
if ((requestSecurityToken.RequestType != null) && (requestSecurityToken.RequestType != base.StandardsManager.TrustDriver.RequestTypeIssue))
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(System.ServiceModel.SR.GetString("InvalidRstRequestType", new object[] { requestSecurityToken.RequestType })), request);
}
if ((requestSecurityToken.TokenType != null) && (requestSecurityToken.TokenType != base.SecurityContextTokenUri))
{
throw TraceUtility.ThrowHelperWarning(new SecurityNegotiationException(System.ServiceModel.SR.GetString("CannotIssueRstTokenType", new object[] { requestSecurityToken.TokenType })), request);
}
requestSecurityToken.GetAppliesToQName(out str, out str2);
if ((str == "EndpointReference") && (str2 == request.Version.Addressing.Namespace))
{
if (request.Version.Addressing != AddressingVersion.WSAddressing10)
{
if (request.Version.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { request.Version.Addressing })));
}
serializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddressAugust2004), 0x10000);
address = requestSecurityToken.GetAppliesTo <EndpointAddressAugust2004>(serializer).ToEndpointAddress();
}
else
{
serializer = DataContractSerializerDefaults.CreateSerializer(typeof(EndpointAddress10), 0x10000);
address = requestSecurityToken.GetAppliesTo <EndpointAddress10>(serializer).ToEndpointAddress();
}
}
else
{
address = null;
serializer = null;
}
if (this.shouldMatchRstWithEndpointFilter)
{
System.ServiceModel.Security.SecurityUtils.MatchRstWithEndpointFilter(request, base.EndpointFilterTable, base.ListenUri);
}
WSTrust.Driver.ProcessRstAndIssueKey(requestSecurityToken, null, this.KeyEntropyMode, base.SecurityAlgorithmSuite, out num, out buffer, out buffer2, out token);
UniqueId contextId = System.ServiceModel.Security.SecurityUtils.GenerateUniqueId();
string id = System.ServiceModel.Security.SecurityUtils.GenerateId();
DateTime utcNow = DateTime.UtcNow;
DateTime expirationTime = TimeoutHelper.Add(utcNow, base.ServiceTokenLifetime);
SecurityMessageProperty security = request.Properties.Security;
if (security != null)
{
instance = SecuritySessionSecurityTokenAuthenticator.CreateSecureConversationPolicies(security, expirationTime);
}
else
{
instance = EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance;
}
SecurityContextSecurityToken token2 = base.IssueSecurityContextToken(contextId, id, buffer2, utcNow, expirationTime, instance, base.EncryptStateInServiceToken);
if (this.preserveBootstrapTokens)
{
token2.BootstrapMessageProperty = (security == null) ? null : ((SecurityMessageProperty)security.CreateCopy());
System.ServiceModel.Security.SecurityUtils.ErasePasswordInUsernameTokenIfPresent(token2.BootstrapMessageProperty);
}
RequestSecurityTokenResponse response = new RequestSecurityTokenResponse(base.StandardsManager)
{
Context = requestSecurityToken.Context,
KeySize = num,
RequestedUnattachedReference = base.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(token2, SecurityTokenReferenceStyle.External),
RequestedAttachedReference = base.IssuedSecurityTokenParameters.CreateKeyIdentifierClause(token2, SecurityTokenReferenceStyle.Internal),
TokenType = base.SecurityContextTokenUri,
RequestedSecurityToken = token2
};
if (buffer != null)
{
response.SetIssuerEntropy(buffer);
response.ComputeKey = true;
}
if (token != null)
{
response.RequestedProofToken = token;
}
if (address != null)
{
if (request.Version.Addressing != AddressingVersion.WSAddressing10)
{
if (request.Version.Addressing != AddressingVersion.WSAddressingAugust2004)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ProtocolException(System.ServiceModel.SR.GetString("AddressingVersionNotSupported", new object[] { request.Version.Addressing })));
}
response.SetAppliesTo <EndpointAddressAugust2004>(EndpointAddressAugust2004.FromEndpointAddress(address), serializer);
}
else
{
response.SetAppliesTo <EndpointAddress10>(EndpointAddress10.FromEndpointAddress(address), serializer);
}
}
response.MakeReadOnly();
negotiationState = new NegotiationTokenAuthenticatorState();
negotiationState.SetServiceToken(token2);
if (base.StandardsManager.MessageSecurityVersion.SecureConversationVersion == SecureConversationVersion.WSSecureConversationFeb2005)
{
return(response);
}
if (base.StandardsManager.MessageSecurityVersion.SecureConversationVersion != SecureConversationVersion.WSSecureConversation13)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException());
}
RequestSecurityTokenResponseCollection responses = new RequestSecurityTokenResponseCollection(new List <RequestSecurityTokenResponse>(1)
{
response
}, base.StandardsManager);
writer = responses;
}
finally
{
SecuritySessionSecurityTokenAuthenticator.RemoveCachedTokensIfRequired(request.Properties.Security);
}
return(writer);
}
SecurityContextSecurityToken DeserializeContext(byte[] serializedContext, byte[] cookieBlob, string id, XmlDictionaryReaderQuotas quotas)
{
SctClaimDictionary dictionary = SctClaimDictionary.Instance;
XmlDictionaryReader reader = XmlDictionaryReader.CreateBinaryReader(serializedContext, 0, serializedContext.Length, dictionary, quotas, null, null);
int cookieVersion = -1;
UniqueId cookieContextId = null;
DateTime effectiveTime = SecurityUtils.MinUtcDateTime;
DateTime expiryTime = SecurityUtils.MaxUtcDateTime;
byte[] key = null;
string localId = null;
UniqueId keyGeneration = null;
DateTime keyEffectiveTime = SecurityUtils.MinUtcDateTime;
DateTime keyExpirationTime = SecurityUtils.MaxUtcDateTime;
List <ClaimSet> claimSets = null;
IList <IIdentity> identities = null;
bool isCookie = true;
reader.ReadFullStartElement(dictionary.SecurityContextSecurityToken, dictionary.EmptyString);
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Version, dictionary.EmptyString))
{
cookieVersion = reader.ReadElementContentAsInt();
}
else if (reader.IsStartElement(dictionary.ContextId, dictionary.EmptyString))
{
cookieContextId = reader.ReadElementContentAsUniqueId();
}
else if (reader.IsStartElement(dictionary.Id, dictionary.EmptyString))
{
localId = reader.ReadElementContentAsString();
}
else if (reader.IsStartElement(dictionary.EffectiveTime, dictionary.EmptyString))
{
effectiveTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
}
else if (reader.IsStartElement(dictionary.ExpiryTime, dictionary.EmptyString))
{
expiryTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
}
else if (reader.IsStartElement(dictionary.Key, dictionary.EmptyString))
{
key = reader.ReadElementContentAsBase64();
}
else if (reader.IsStartElement(dictionary.KeyGeneration, dictionary.EmptyString))
{
keyGeneration = reader.ReadElementContentAsUniqueId();
}
else if (reader.IsStartElement(dictionary.KeyEffectiveTime, dictionary.EmptyString))
{
keyEffectiveTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
}
else if (reader.IsStartElement(dictionary.KeyExpiryTime, dictionary.EmptyString))
{
keyExpirationTime = new DateTime(XmlHelper.ReadElementContentAsInt64(reader), DateTimeKind.Utc);
}
else if (reader.IsStartElement(dictionary.Identities, dictionary.EmptyString))
{
identities = SctClaimSerializer.DeserializeIdentities(reader, dictionary, DataContractSerializerDefaults.CreateSerializer(typeof(IIdentity), this.knownTypes, int.MaxValue));
}
else if (reader.IsStartElement(dictionary.ClaimSets, dictionary.EmptyString))
{
reader.ReadStartElement();
DataContractSerializer claimSetSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(ClaimSet), this.knownTypes, int.MaxValue);
DataContractSerializer claimSerializer = DataContractSerializerDefaults.CreateSerializer(typeof(Claim), this.knownTypes, int.MaxValue);
claimSets = new List <ClaimSet>(1);
while (reader.IsStartElement())
{
claimSets.Add(SctClaimSerializer.DeserializeClaimSet(reader, dictionary, claimSetSerializer, claimSerializer));
}
reader.ReadEndElement();
}
else if (reader.IsStartElement(dictionary.IsCookieMode, dictionary.EmptyString))
{
isCookie = reader.ReadElementString() == "1" ? true : false;
}
else
{
OnInvalidCookieFailure(SR.GetString(SR.SctCookieXmlParseError));
}
}
reader.ReadEndElement();
if (cookieVersion != SupportedPersistanceVersion)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.SerializedTokenVersionUnsupported, cookieVersion)));
}
if (cookieContextId == null)
{
OnInvalidCookieFailure(SR.GetString(SR.SctCookieValueMissingOrIncorrect, "ContextId"));
}
if (key == null || key.Length == 0)
{
OnInvalidCookieFailure(SR.GetString(SR.SctCookieValueMissingOrIncorrect, "Key"));
}
if (localId != id)
{
OnInvalidCookieFailure(SR.GetString(SR.SctCookieValueMissingOrIncorrect, "Id"));
}
List <IAuthorizationPolicy> authorizationPolicies;
if (claimSets != null)
{
authorizationPolicies = new List <IAuthorizationPolicy>(1);
authorizationPolicies.Add(new SctUnconditionalPolicy(identities, claimSets, expiryTime));
}
else
{
authorizationPolicies = null;
}
return(new SecurityContextSecurityToken(cookieContextId, localId, key, effectiveTime, expiryTime,
authorizationPolicies != null ? authorizationPolicies.AsReadOnly() : null, isCookie, cookieBlob, keyGeneration, keyEffectiveTime, keyExpirationTime));
}
public T GetValue <T>()
{
return(GetValue <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), Name, Namespace, int.MaxValue /*maxItems*/)));
}
public DictionaryAddressHeader(XmlDictionaryString name, XmlDictionaryString ns, object value)
: base(name.Value, ns.Value, value, DataContractSerializerDefaults.CreateSerializer(GetObjectType(value), name, ns, int.MaxValue /*maxItems*/))
{
this.name = name;
this.ns = ns;
}
public static MessageFault CreateFault(FaultCode code, FaultReason reason, object detail)
{
return(CreateFault(code, reason, detail, DataContractSerializerDefaults.CreateSerializer(
(detail == null ? typeof(object) : detail.GetType()), int.MaxValue /*maxItems*/), "", ""));
}
public static Message CreateMessage(MessageVersion version, string action, object body)
{
return(CreateMessage(version, action, body, DataContractSerializerDefaults.CreateSerializer(GetObjectType(body), 0x7fffffff)));
}
public T GetValue <T>()
{
return(this.GetValue <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), this.Name, this.Namespace, 0x7fffffff)));
}
public static MessageFault CreateFault(FaultCode code, FaultReason reason, object detail)
{
return(CreateFault(code, reason, detail, DataContractSerializerDefaults.CreateSerializer((detail == null) ? typeof(object) : detail.GetType(), 0x7fffffff), "", ""));
}
public T GetDetail <T>()
{
return(GetDetail <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), int.MaxValue /*maxItems*/)));
}
public T GetAppliesTo <T>()
{
return(this.GetAppliesTo <T>(DataContractSerializerDefaults.CreateSerializer(typeof(T), DataContractSerializerDefaults.MaxItemsInObjectGraph)));
}
public static void SerializeRecord(XmlWriter xmlWriter, object o)
{
DataContractSerializer serializer = DataContractSerializerDefaults.CreateSerializer(((o == null) ? typeof(object) : o.GetType()), DataContractSerializerDefaults.MaxItemsInObjectGraph);
serializer.WriteObject(xmlWriter, o);
}