private SecurityKeyIdentifier ReadGenericXmlSecurityKeyIdentifier(XmlDictionaryReader localReader, Exception previousException) { if (!localReader.IsStartElement(XD.XmlSignatureDictionary.KeyInfo, XD.XmlSignatureDictionary.Namespace)) { return(null); } localReader.ReadStartElement(XD.XmlSignatureDictionary.KeyInfo, XD.XmlSignatureDictionary.Namespace); SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier(); if (localReader.IsStartElement()) { SecurityKeyIdentifierClause clause = null; string strId = localReader.GetAttribute(XD.UtilityDictionary.IdAttribute, XD.UtilityDictionary.Namespace); XmlDocument doc = new XmlDocument(); XmlElement keyIdentifierReferenceXml = (doc.ReadNode(localReader) as XmlElement); clause = new GenericXmlSecurityKeyIdentifierClause(keyIdentifierReferenceXml); if (!string.IsNullOrEmpty(strId)) { clause.Id = strId; } keyIdentifier.Add(clause); } if (keyIdentifier.Count == 0) { throw previousException; } localReader.ReadEndElement(); return(keyIdentifier); }
/// <summary> /// Makes a WSTrust call to the STS to obtain a <see cref="SecurityToken"/> first checking if the token is available in the cache. /// </summary> /// <returns>A <see cref="GenericXmlSecurityToken"/>.</returns> protected override SecurityToken GetTokenCore(TimeSpan timeout) { WsTrustRequest request = CreateWsTrustRequest(); WsTrustResponse trustResponse = GetCachedResponse(request); if (trustResponse is null) { using (var memeoryStream = new MemoryStream()) { var writer = XmlDictionaryWriter.CreateTextWriter(memeoryStream, Encoding.UTF8); var serializer = new WsTrustSerializer(); serializer.WriteRequest(writer, _requestSerializationContext.TrustVersion, request); writer.Flush(); var reader = XmlDictionaryReader.CreateTextReader(memeoryStream.ToArray(), XmlDictionaryReaderQuotas.Max); IRequestChannel channel = ChannelFactory.CreateChannel(); Message reply = channel.Request(Message.CreateMessage(MessageVersion.Soap12WSAddressing10, _requestSerializationContext.TrustActions.IssueRequest, reader)); SecurityUtils.ThrowIfNegotiationFault(reply, channel.RemoteAddress); trustResponse = serializer.ReadResponse(reply.GetReaderAtBodyContents()); CacheSecurityTokenResponse(request, trustResponse); } } // Create GenericXmlSecurityToken // Assumes that token is first and Saml2SecurityToken. using (var stream = new MemoryStream()) { RequestSecurityTokenResponse response = trustResponse.RequestSecurityTokenResponseCollection[0]; // Get attached and unattached references GenericXmlSecurityKeyIdentifierClause internalSecurityKeyIdentifierClause = null; if (response.AttachedReference != null) { internalSecurityKeyIdentifierClause = GetSecurityKeyIdentifierForTokenReference(response.AttachedReference); } GenericXmlSecurityKeyIdentifierClause externalSecurityKeyIdentifierClause = null; if (response.UnattachedReference != null) { externalSecurityKeyIdentifierClause = GetSecurityKeyIdentifierForTokenReference(response.UnattachedReference); } // Get proof token IdentityModel.Tokens.SecurityToken proofToken = GetProofToken(request, response); // Get lifetime DateTime created = response.Lifetime?.Created ?? DateTime.UtcNow; DateTime expires = response.Lifetime?.Expires ?? created.AddDays(1); return(new GenericXmlSecurityToken(response.RequestedSecurityToken.TokenElement, proofToken, created, expires, internalSecurityKeyIdentifierClause, externalSecurityKeyIdentifierClause, null)); } }
public static void Ctor_Deriviation_Properties() { XmlElement tokenReference = CreateTokenReference(Guid.NewGuid()); byte[] derivationNonce = new byte[] { 1, 2, 3, 4, 5, 6 }; int derivationLength = 128; var genericXmlSecurityKeyIdentifierClause = new GenericXmlSecurityKeyIdentifierClause(tokenReference, (byte[])derivationNonce.Clone(), derivationLength); Assert.Equal(derivationNonce, genericXmlSecurityKeyIdentifierClause.GetDerivationNonce()); Assert.Equal(derivationLength, genericXmlSecurityKeyIdentifierClause.DerivationLength); }
public static void Matches() { Guid guid = Guid.NewGuid(); XmlElement tokenReference = CreateTokenReference(guid); var genericXmlSecurityKeyIdentifierClause = new GenericXmlSecurityKeyIdentifierClause(tokenReference); tokenReference = CreateTokenReference(guid); // Create equivalant but different instance var genericXmlSecurityKeyIdentifierClause2 = new GenericXmlSecurityKeyIdentifierClause(tokenReference); Assert.True(genericXmlSecurityKeyIdentifierClause.Matches(genericXmlSecurityKeyIdentifierClause2)); tokenReference = CreateTokenReference(Guid.NewGuid()); genericXmlSecurityKeyIdentifierClause2 = new GenericXmlSecurityKeyIdentifierClause(tokenReference); Assert.False(genericXmlSecurityKeyIdentifierClause.Matches(genericXmlSecurityKeyIdentifierClause2)); }
public static void Ctor_Default_Properties() { var exception = Assert.Throws <ArgumentNullException>(() => new GenericXmlSecurityKeyIdentifierClause(null)); Assert.Equal("referenceXml", exception.ParamName); XmlElement tokenReference = CreateTokenReference(Guid.NewGuid()); var genericXmlSecurityKeyIdentifierClause = new GenericXmlSecurityKeyIdentifierClause(tokenReference); Assert.Null(genericXmlSecurityKeyIdentifierClause.Id); Assert.False(genericXmlSecurityKeyIdentifierClause.CanCreateKey); Assert.Null(genericXmlSecurityKeyIdentifierClause.ClauseType); Assert.Throws <NotSupportedException>(() => genericXmlSecurityKeyIdentifierClause.CreateKey()); Assert.Null(genericXmlSecurityKeyIdentifierClause.GetDerivationNonce()); Assert.Equal(0, genericXmlSecurityKeyIdentifierClause.DerivationLength); Assert.Equal(tokenReference, genericXmlSecurityKeyIdentifierClause.ReferenceXml); }
internal static WCFSecurityToken CreateGenericXmlSecurityToken(WsTrustRequest request, WsTrustResponse trustResponse, WsSerializationContext serializationContext, SecurityAlgorithmSuite algorithmSuite) { // Create GenericXmlSecurityToken // Assumes that token is first and Saml2SecurityToken. RequestSecurityTokenResponse response = trustResponse.RequestSecurityTokenResponseCollection[0]; // Get attached and unattached references GenericXmlSecurityKeyIdentifierClause internalSecurityKeyIdentifierClause = null; if (response.AttachedReference != null) { internalSecurityKeyIdentifierClause = GetSecurityKeyIdentifierForTokenReference(response.AttachedReference); } GenericXmlSecurityKeyIdentifierClause externalSecurityKeyIdentifierClause = null; if (response.UnattachedReference != null) { externalSecurityKeyIdentifierClause = GetSecurityKeyIdentifierForTokenReference(response.UnattachedReference); } // Get proof token WCFSecurityToken proofToken = GetProofToken(request, response, serializationContext, algorithmSuite); // Get lifetime DateTime created = response.Lifetime?.Created ?? DateTime.UtcNow; DateTime expires = response.Lifetime?.Expires ?? created.AddDays(1); return(new GenericXmlSecurityToken(response.RequestedSecurityToken.TokenElement, proofToken, created, expires, internalSecurityKeyIdentifierClause, externalSecurityKeyIdentifierClause, null)); }
public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) { GenericXmlSecurityKeyIdentifierClause genericXmlSecurityKeyIdentifierClause = keyIdentifierClause as GenericXmlSecurityKeyIdentifierClause; genericXmlSecurityKeyIdentifierClause.ReferenceXml.WriteTo(writer); }