static void Main(string[] args) { // <Snippet0> // <Snippet3> // <Snippet1> EndpointAddressBuilder eab = new EndpointAddressBuilder(); // </Snippet1> eab.Uri = new Uri("http://localhost/Uri"); eab.Headers.Add(AddressHeader.CreateAddressHeader("n", "ns", "val")); // </Snippet3> // <Snippet4> eab.Identity = EndpointIdentity.CreateUpnIdentity("identity"); // </Snippet4> // <Snippet5> XmlDictionaryReader xdrExtensions = eab.GetReaderAtExtensions(); // </Snippet5> // <Snippet6> StringReader sr = new StringReader(@"<myExtension xmlns=""myExtNs"" />"); eab.SetExtensionReader(XmlDictionaryReader.CreateDictionaryReader(XmlReader.Create(sr))); // </Snippet6> // <Snippet7> EndpointAddress ea = eab.ToEndpointAddress(); // </Snippet7> // <Snippet8> sr = new StringReader(@"<myMetadata xmlns=""myMetaNs"" />"); XmlDictionaryReader xdrMetaData = eab.GetReaderAtMetadata(); // </Snippet8> // <Snippet9> eab.SetMetadataReader(XmlDictionaryReader.CreateDictionaryReader(XmlReader.Create(sr))); // </Snippet9> // </Snippet0> // <Snippet2> EndpointAddress endpointAddress = new EndpointAddress("http://localhost/uri2"); EndpointAddressBuilder eab2 = new EndpointAddressBuilder(endpointAddress); // </Snippet2> }
public void SerializeAndSign(string filename, X509Certificate2 cert) { MemoryStream stream = new MemoryStream(); XmlWriter writer = XmlWriter.Create(stream); writer.WriteStartElement(XmlNames.WSIdentity.InfoCardElement, XmlNames.WSIdentity.Namespace); // // write the InformationCardReference element // writer.WriteAttributeString(XmlNames.Xml.Language, XmlNames.Xml.Namespace, m_language); writer.WriteStartElement(XmlNames.WSIdentity.InfoCardRefElement, XmlNames.WSIdentity.Namespace); writer.WriteElementString(XmlNames.WSIdentity.CardIdElement, XmlNames.WSIdentity.Namespace, m_cardId); writer.WriteElementString(XmlNames.WSIdentity.CardVersionElement, XmlNames.WSIdentity.Namespace, m_cardVersion); writer.WriteEndElement(); // // card name // if (!String.IsNullOrEmpty(m_cardName)) { writer.WriteStartElement(XmlNames.WSIdentity.CardNameElement, XmlNames.WSIdentity.Namespace); writer.WriteString(m_cardName); writer.WriteEndElement(); } // // card image // if (null != m_logo && 0 != m_logo.Length) { writer.WriteStartElement(XmlNames.WSIdentity.CardImageElement, XmlNames.WSIdentity.Namespace); if (!String.IsNullOrEmpty(m_mimeType)) { writer.WriteAttributeString(XmlNames.WSIdentity.MimeTypeAttribute, m_mimeType); } string val = Convert.ToBase64String(m_logo); writer.WriteString(val); writer.WriteEndElement(); } // // card issuer uri // writer.WriteStartElement(XmlNames.WSIdentity.IssuerElement, XmlNames.WSIdentity.Namespace); writer.WriteString(m_issuerId); writer.WriteEndElement(); // // issue time // writer.WriteStartElement(XmlNames.WSIdentity.TimeIssuedElement, XmlNames.WSIdentity.Namespace); writer.WriteString(XmlConvert.ToString(m_issuedOn, XmlDateTimeSerializationMode.Utc)); writer.WriteEndElement(); // // expiry time // writer.WriteStartElement(XmlNames.WSIdentity.TimeExpiresElement, XmlNames.WSIdentity.Namespace); writer.WriteString(XmlConvert.ToString(m_expiresOn, XmlDateTimeSerializationMode.Utc)); writer.WriteEndElement(); // // Start the tokenservice list // writer.WriteStartElement(XmlNames.WSIdentity.TokenServiceListElement, XmlNames.WSIdentity.Namespace); EndpointAddressBuilder eprBuilder = new EndpointAddressBuilder(); eprBuilder.Uri = new Uri(m_issuerId); eprBuilder.Identity = new X509CertificateEndpointIdentity(cert); if (null != m_mexUri) { MetadataReference mexRef = new MetadataReference(); mexRef.Address = new EndpointAddress(m_mexUri); mexRef.AddressVersion = AddressingVersion.WSAddressing10; MetadataSection mexSection = new MetadataSection(); mexSection.Metadata = mexRef; MetadataSet mexSet = new MetadataSet(); mexSet.MetadataSections.Add(mexSection); MemoryStream memStream = new MemoryStream(); XmlTextWriter writer1 = new XmlTextWriter(memStream, System.Text.Encoding.UTF8); mexSet.WriteTo(writer1); writer1.Flush(); memStream.Seek(0, SeekOrigin.Begin); XmlDictionaryReader reader = XmlDictionaryReader.CreateTextReader(memStream, XmlDictionaryReaderQuotas.Max); eprBuilder.SetMetadataReader(reader); } m_epr = eprBuilder.ToEndpointAddress(); writer.WriteStartElement(XmlNames.WSIdentity.TokenServiceElement, XmlNames.WSIdentity.Namespace); // // Write the EndPointReference // m_epr.WriteTo(AddressingVersion.WSAddressing10, writer); // // Write the UserCredential Element // writer.WriteStartElement(XmlNames.WSIdentity.UserCredentialElement, XmlNames.WSIdentity.Namespace); // // Write the hint // if (!String.IsNullOrEmpty(m_hint)) { writer.WriteStartElement(XmlNames.WSIdentity.DisplayCredentialHintElement, XmlNames.WSIdentity.Namespace); writer.WriteString(m_hint); writer.WriteEndElement(); } switch (m_cardType) { case DefaultValues.CardType.UserNamePassword: writer.WriteStartElement(XmlNames.WSIdentity.UserNamePasswordCredentialElement, XmlNames.WSIdentity.Namespace); if (!string.IsNullOrEmpty(m_credentialIdentifier)) { writer.WriteStartElement(XmlNames.WSIdentity.UserNameElement, XmlNames.WSIdentity.Namespace); writer.WriteString(m_credentialIdentifier); writer.WriteEndElement(); } writer.WriteEndElement(); break; case DefaultValues.CardType.KerberosAuth: writer.WriteStartElement(XmlNames.WSIdentity.KerberosV5CredentialElement, XmlNames.WSIdentity.Namespace); writer.WriteEndElement(); break; case DefaultValues.CardType.SelfIssuedAuth: writer.WriteStartElement(XmlNames.WSIdentity.SelfIssuedCredentialElement, XmlNames.WSIdentity.Namespace); if (!string.IsNullOrEmpty(m_credentialIdentifier)) { writer.WriteStartElement(XmlNames.WSIdentity.PrivatePersonalIdentifierElement, XmlNames.WSIdentity.Namespace); writer.WriteString(m_credentialIdentifier); writer.WriteEndElement(); } else { throw new InvalidDataException("No PPID was specified"); } writer.WriteEndElement(); break; case DefaultValues.CardType.SmartCard: writer.WriteStartElement(XmlNames.WSIdentity.X509V3CredentialElement, XmlNames.WSIdentity.Namespace); writer.WriteStartElement(XmlNames.XmlDSig.X509DataElement, XmlNames.XmlDSig.Namespace); if (!string.IsNullOrEmpty(m_credentialIdentifier)) { writer.WriteStartElement(XmlNames.WSSecurityExt.KeyIdentifierElement, XmlNames.WSSecurityExt.Namespace); writer.WriteAttributeString(XmlNames.WSSecurityExt.ValueTypeAttribute, null, XmlNames.WSSecurityExt.Sha1ThumbrpintKeyTypeValue); writer.WriteString(m_credentialIdentifier); writer.WriteEndElement(); } else { throw new InvalidDataException("No thumbprint was specified"); } writer.WriteEndElement(); writer.WriteEndElement(); break; default: break; } writer.WriteEndElement(); //end of user credential writer.WriteEndElement(); // end of tokenservice writer.WriteEndElement(); //end of tokenservice list // // tokentypes // writer.WriteStartElement(XmlNames.WSIdentity.SupportedTokenTypeListElement, XmlNames.WSIdentity.Namespace); foreach (string type in m_tokenTypes) { writer.WriteElementString(XmlNames.WSTrust.TokenType, XmlNames.WSTrust.Namespace, type); } writer.WriteEndElement(); // // claims // writer.WriteStartElement(XmlNames.WSIdentity.SupportedClaimTypeListElement, XmlNames.WSIdentity.Namespace); foreach (ClaimInfo clm in m_supportedClaims) { writer.WriteStartElement(XmlNames.WSIdentity.SupportedClaimTypeElement, XmlNames.WSIdentity.Namespace); writer.WriteAttributeString(XmlNames.WSIdentity.UriAttribute, clm.Id); if (!String.IsNullOrEmpty(clm.DisplayTag)) { writer.WriteElementString(XmlNames.WSIdentity.DisplayTagElement, XmlNames.WSIdentity.Namespace, clm.DisplayTag); } if (!String.IsNullOrEmpty(clm.Description)) { writer.WriteElementString(XmlNames.WSIdentity.DescriptionElement, XmlNames.WSIdentity.Namespace, clm.Description); } writer.WriteEndElement(); } writer.WriteEndElement(); // // RequireAppliesTo // if (m_requireAppliesTo) { writer.WriteElementString(XmlNames.WSIdentity.RequireAppliesToElement, XmlNames.WSIdentity.Namespace, null); } // // Privacy Notice // if (!String.IsNullOrEmpty(m_privacyNoticeAt)) { writer.WriteStartElement(XmlNames.WSIdentity.PrivacyNoticeAtElement, XmlNames.WSIdentity.Namespace); writer.WriteString(m_privacyNoticeAt); writer.WriteEndElement(); } writer.WriteEndElement(); writer.Close(); // // Sign the xml content // stream.Position = 0; XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = false; doc.Load(stream); SignedXml signed = new SignedXml(); signed.SigningKey = cert.PrivateKey; signed.Signature.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; Reference reference = new Reference(); reference.Uri = "#_Object_InfoCard"; reference.AddTransform( new XmlDsigExcC14NTransform()); signed.AddReference(reference); KeyInfo info = new KeyInfo(); KeyInfoX509Data data = new KeyInfoX509Data(cert, X509IncludeOption.WholeChain); info.AddClause(data); signed.KeyInfo = info; DataObject cardData = new DataObject("_Object_InfoCard", null, null, doc.DocumentElement); signed.AddObject(cardData); signed.ComputeSignature(); XmlElement e = signed.GetXml(); XmlTextWriter fileWriter = new XmlTextWriter(filename, Encoding.UTF8); e.WriteTo(fileWriter); fileWriter.Flush(); fileWriter.Close(); }
public XmlDocument CreateInformationCardXML(InformationCard card) { MemoryStream stream = new MemoryStream(); XmlWriter writer = XmlWriter.Create(stream); writer.WriteStartElement("InformationCard", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteAttributeString("lang", "http://www.w3.org/XML/1998/namespace", "en-US"); writer.WriteStartElement("InformationCardReference", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteElementString("CardId", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.CardReference.CardID); writer.WriteElementString("CardVersion", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.CardReference.CardVersion.ToString()); writer.WriteEndElement(); if (card.CardName != null && card.CardName.Length > 0) { writer.WriteStartElement("CardName", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteString(card.CardName); writer.WriteEndElement(); } if (card.CardImage != null && card.CardImage.ImageName.Length > 0) { writer.WriteStartElement("CardImage", "http://schemas.xmlsoap.org/ws/2005/05/identity"); if (card.CardImage != null && card.CardImage.ImageMimeType != null && card.CardImage.ImageMimeType.Length > 0) { writer.WriteAttributeString("MimeType", card.CardImage.ImageMimeType); } FileInfo cardImage = new FileInfo(card.CardImage.ImageName); if (cardImage.Exists) { byte[] cardImageBytes = new byte[cardImage.Length]; using (FileStream imageFS = cardImage.OpenRead()) { imageFS.Read(cardImageBytes, 0, cardImageBytes.Length); } string imageBase64 = Convert.ToBase64String(cardImageBytes); writer.WriteString(imageBase64); writer.WriteEndElement(); } } writer.WriteStartElement("Issuer", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteString(card.Issuer); writer.WriteEndElement(); //writer.WriteStartElement("IssuerName", "http://schemas.xmlsoap.org/ws/2005/05/identity"); //writer.WriteString(card.IssuerName); //writer.WriteEndElement(); writer.WriteStartElement("TimeIssued", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteString(XmlConvert.ToString(card.TimeIssued, XmlDateTimeSerializationMode.Utc)); writer.WriteEndElement(); writer.WriteStartElement("TimeExpires", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteString(XmlConvert.ToString(card.TimeExpires, XmlDateTimeSerializationMode.Utc)); writer.WriteEndElement(); writer.WriteStartElement("TokenServiceList", "http://schemas.xmlsoap.org/ws/2005/05/identity"); foreach (TokenService ts in card.TokenServiceList) { EndpointAddressBuilder endpointBuilder = new EndpointAddressBuilder(); endpointBuilder.Uri = new Uri(ts.EndpointReference.Address); endpointBuilder.Identity = new X509CertificateEndpointIdentity(RetrieveCertificate(ts.EndpointReference.Identity)); if (null != ts.EndpointReference.Mex) { MetadataReference mexReference = new MetadataReference(); mexReference.Address = new EndpointAddress(ts.EndpointReference.Mex); mexReference.AddressVersion = AddressingVersion.WSAddressing10; MetadataSection mexSection = new MetadataSection(); mexSection.Metadata = mexReference; MetadataSet mexSet = new MetadataSet(); mexSet.MetadataSections.Add(mexSection); MemoryStream mexMemoryStream = new MemoryStream(); XmlTextWriter mexWriter = new XmlTextWriter(mexMemoryStream, System.Text.Encoding.UTF8); mexSet.WriteTo(mexWriter); mexWriter.Flush(); mexMemoryStream.Seek(0, SeekOrigin.Begin); XmlDictionaryReader reader = XmlDictionaryReader.CreateTextReader(mexMemoryStream, XmlDictionaryReaderQuotas.Max); endpointBuilder.SetMetadataReader(reader); writer.WriteStartElement("TokenService", "http://schemas.xmlsoap.org/ws/2005/05/identity"); EndpointAddress endpoint = endpointBuilder.ToEndpointAddress(); endpoint.WriteTo(AddressingVersion.WSAddressing10, writer); writer.WriteStartElement("UserCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity"); if (ts.UserCredential.DisplayCredentialHint != null && ts.UserCredential.DisplayCredentialHint.Length > 0) { writer.WriteStartElement("DisplayCredentialHint", "http://schemas.xmlsoap.org/ws/2005/05/identity"); if (ts.UserCredential.UserCredentialType == CredentialType.SelfIssued) { //Override the user value as this should be false for types of SelfIssued ts.UserCredential.DisplayCredentialHint = "false"; } writer.WriteString(ts.UserCredential.DisplayCredentialHint); writer.WriteEndElement(); } switch (ts.UserCredential.UserCredentialType) { case CredentialType.SelfIssued: writer.WriteStartElement("SelfIssuedCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity"); if (!string.IsNullOrEmpty(ts.UserCredential.Value)) { writer.WriteStartElement("PrivatePersonalIdentifier", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteString(ts.UserCredential.Value); writer.WriteEndElement(); } writer.WriteEndElement(); break; case CredentialType.UsernameAndPassword: writer.WriteStartElement("UsernamePasswordCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity"); if (!string.IsNullOrEmpty(ts.UserCredential.Value)) { writer.WriteStartElement("Username", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteString(ts.UserCredential.Value); writer.WriteEndElement(); } writer.WriteEndElement(); break; case CredentialType.Kerberos: writer.WriteStartElement("KerberosV5Credential", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteEndElement(); break; case CredentialType.SmartCard: writer.WriteStartElement("X509V3Credential", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteStartElement("X509Data", "http://www.w3.org/2000/09/xmldsig#"); if (!string.IsNullOrEmpty(ts.UserCredential.Value)) { writer.WriteStartElement("KeyIdentifier", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); writer.WriteAttributeString("ValueType", null, "http://docs.oasis-open.org/wss/2004/xx/oasis-2004xx-wss-soap-message-security-1.1#ThumbprintSHA1"); writer.WriteString(RetrieveCertificate(ts.UserCredential.Value).Thumbprint); writer.WriteEndElement(); } else { throw new InvalidDataException("No thumbprint was specified"); } writer.WriteEndElement(); writer.WriteEndElement(); break; default: break; } writer.WriteEndElement(); writer.WriteEndElement(); } } writer.WriteEndElement(); //end of tokenservice list // // tokentypes // writer.WriteStartElement("SupportedTokenTypeList", "http://schemas.xmlsoap.org/ws/2005/05/identity"); foreach (TokenType tokenType in card.AcceptedTokenTypes) { writer.WriteElementString("TokenType", "http://schemas.xmlsoap.org/ws/2005/02/trust", tokenType.Uri); } writer.WriteEndElement(); // // claims // writer.WriteStartElement("SupportedClaimTypeList", "http://schemas.xmlsoap.org/ws/2005/05/identity"); foreach (CardClaim claim in card.SupportedClaimTypeList) { writer.WriteStartElement("SupportedClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteAttributeString("Uri", claim.Uri); if (!String.IsNullOrEmpty(claim.DisplayTag)) { writer.WriteElementString("DisplayTag", "http://schemas.xmlsoap.org/ws/2005/05/identity", claim.DisplayTag); } if (!String.IsNullOrEmpty(claim.Description)) { writer.WriteElementString("Description", "http://schemas.xmlsoap.org/ws/2005/05/identity", claim.Description); } writer.WriteEndElement(); } writer.WriteEndElement(); if (card.RequireRPIdentification) { writer.WriteElementString("RequireAppliesTo", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.RequireRPIdentification.ToString()); } if (!String.IsNullOrEmpty(card.PrivacyNotice)) { writer.WriteStartElement("PrivacyNotice", "http://schemas.xmlsoap.org/ws/2005/05/identity"); writer.WriteString(card.PrivacyNotice); writer.WriteEndElement(); } writer.WriteEndElement(); writer.Close(); stream.Position = 0; XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = false; doc.Load(stream); return(doc); }