public SecurityChannelFactory(ISecurityCapabilities securityCapabilities, BindingContext context, SecuritySessionClientSettings <TChannel> sessionClientSettings) : this(securityCapabilities, context, sessionClientSettings.ChannelBuilder, sessionClientSettings.CreateInnerChannelFactory()) { SessionMode = true; _sessionClientSettings = sessionClientSettings; }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } SecureConversationSecurityTokenParameters item = null; if (base.EndpointSupportingTokenParameters.Endorsing.Count > 0) { item = base.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer(); ChannelBuilder builder = new ChannelBuilder(context, addChannelDemuxerIfRequired); if (addChannelDemuxerIfRequired) { base.ApplyPropertiesOnDemuxer(builder, context); } BindingContext issuerBindingContext = context.Clone(); if (item != null) { if (item.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding"))); } item.IssuerBindingContext = issuerBindingContext; if (item.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory factory2 = new SessionSymmetricTransportSecurityProtocolFactory { SecurityTokenParameters = item.Clone() }; ((SecureConversationSecurityTokenParameters)factory2.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; base.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(factory2, credentialsManager, false, issuerBindingContext, context.Binding); } finally { base.EndpointSupportingTokenParameters.Endorsing.Insert(0, item); } SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel> { ChannelBuilder = builder, KeyRenewalInterval = base.LocalClientSettings.SessionKeyRenewalInterval, KeyRolloverInterval = base.LocalClientSettings.SessionKeyRolloverInterval, TolerateTransportFailures = base.LocalClientSettings.ReconnectTransportOnFailure, CanRenewSession = item.CanRenewSession, IssuedSecurityTokenParameters = item.Clone() }; ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = factory2.StandardsManager; sessionClientSettings.SessionProtocolFactory = factory2; return(new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings)); } TransportSecurityProtocolFactory factory = new TransportSecurityProtocolFactory(); base.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(factory, credentialsManager, false, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters parameters2 = (SecureConversationSecurityTokenParameters)item.Clone(); parameters2.IssuerBindingContext = issuerBindingContext; factory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, parameters2); } finally { base.EndpointSupportingTokenParameters.Endorsing.Insert(0, item); } return(new SecurityChannelFactory <TChannel>(property, context, builder, factory)); } return(new SecurityChannelFactory <TChannel>(property, context, builder, this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext))); }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities securityCapabilities = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } SecureConversationSecurityTokenParameters scParameters = null; if (this.EndpointSupportingTokenParameters.Endorsing.Count > 0) { scParameters = this.EndpointSupportingTokenParameters.Endorsing[0] as SecureConversationSecurityTokenParameters; } // This adds the demuxer element to the context bool requireDemuxer = RequiresChannelDemuxer(); ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer); if (requireDemuxer) { ApplyPropertiesOnDemuxer(channelBuilder, context); } BindingContext issuerBindingContext = context.Clone(); SecurityChannelFactory <TChannel> channelFactory; if (scParameters != null) { if (scParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); } scParameters.IssuerBindingContext = issuerBindingContext; if (scParameters.RequireCancellation) { SessionSymmetricTransportSecurityProtocolFactory sessionFactory = new SessionSymmetricTransportSecurityProtocolFactory(); sessionFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = issuerBindingContext; this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>(); sessionClientSettings.ChannelBuilder = channelBuilder; sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval; sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval; sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure; sessionClientSettings.CanRenewSession = scParameters.CanRenewSession; sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager; sessionClientSettings.SessionProtocolFactory = sessionFactory; channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, sessionClientSettings); } else { TransportSecurityProtocolFactory protocolFactory = new TransportSecurityProtocolFactory(); this.EndpointSupportingTokenParameters.Endorsing.RemoveAt(0); try { base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding); SecureConversationSecurityTokenParameters acceleratedTokenParameters = (SecureConversationSecurityTokenParameters)scParameters.Clone(); acceleratedTokenParameters.IssuerBindingContext = issuerBindingContext; protocolFactory.SecurityBindingElement.EndpointSupportingTokenParameters.Endorsing.Insert(0, acceleratedTokenParameters); } finally { this.EndpointSupportingTokenParameters.Endorsing.Insert(0, scParameters); } channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory); } } else { SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory <TChannel>( context, credentialsManager, false, issuerBindingContext); channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory); } return(channelFactory); }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer(); ChannelBuilder builder = new ChannelBuilder(context, addChannelDemuxerIfRequired); if (addChannelDemuxerIfRequired) { base.ApplyPropertiesOnDemuxer(builder, context); } BindingContext issuerBindingContext = context.Clone(); if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters) { SecureConversationSecurityTokenParameters protectionTokenParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters; if (protectionTokenParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding"))); } BindingContext context3 = issuerBindingContext.Clone(); context3.BindingParameters.Remove <ChannelProtectionRequirements>(); context3.BindingParameters.Add(protectionTokenParameters.BootstrapProtectionRequirements); if (protectionTokenParameters.RequireCancellation) { SessionSymmetricMessageSecurityProtocolFactory factory2 = new SessionSymmetricMessageSecurityProtocolFactory { SecurityTokenParameters = protectionTokenParameters.Clone() }; ((SecureConversationSecurityTokenParameters)factory2.SecurityTokenParameters).IssuerBindingContext = context3; factory2.ApplyConfidentiality = true; factory2.RequireConfidentiality = true; factory2.ApplyIntegrity = true; factory2.RequireIntegrity = true; factory2.IdentityVerifier = base.LocalClientSettings.IdentityVerifier; factory2.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; factory2.MessageProtectionOrder = this.MessageProtectionOrder; factory2.IdentityVerifier = base.LocalClientSettings.IdentityVerifier; factory2.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false)); base.ConfigureProtocolFactory(factory2, credentialsManager, false, issuerBindingContext, context.Binding); SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel> { ChannelBuilder = builder, KeyRenewalInterval = base.LocalClientSettings.SessionKeyRenewalInterval, CanRenewSession = protectionTokenParameters.CanRenewSession, KeyRolloverInterval = base.LocalClientSettings.SessionKeyRolloverInterval, TolerateTransportFailures = base.LocalClientSettings.ReconnectTransportOnFailure, IssuedSecurityTokenParameters = protectionTokenParameters.Clone() }; ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = factory2.StandardsManager; sessionClientSettings.SessionProtocolFactory = factory2; return(new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings)); } SymmetricSecurityProtocolFactory factory = new SymmetricSecurityProtocolFactory { SecurityTokenParameters = protectionTokenParameters.Clone() }; ((SecureConversationSecurityTokenParameters)factory.SecurityTokenParameters).IssuerBindingContext = context3; factory.ApplyConfidentiality = true; factory.RequireConfidentiality = true; factory.ApplyIntegrity = true; factory.RequireIntegrity = true; factory.IdentityVerifier = base.LocalClientSettings.IdentityVerifier; factory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; factory.MessageProtectionOrder = this.MessageProtectionOrder; factory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false)); base.ConfigureProtocolFactory(factory, credentialsManager, false, issuerBindingContext, context.Binding); return(new SecurityChannelFactory <TChannel>(property, context, builder, factory)); } return(new SecurityChannelFactory <TChannel>(property, context, builder, this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext))); }
protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities securityCapabilities = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>(); if (credentialsManager == null) { credentialsManager = ClientCredentials.CreateDefaultCredentials(); } // This adds the demuxer element to the context. We add a demuxer element only if the binding is configured to do // secure conversation or negotiation bool requireDemuxer = RequiresChannelDemuxer(); ChannelBuilder channelBuilder = new ChannelBuilder(context, requireDemuxer); if (requireDemuxer) { ApplyPropertiesOnDemuxer(channelBuilder, context); } BindingContext issuerBindingContext = context.Clone(); SecurityChannelFactory <TChannel> channelFactory; if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters) { SecureConversationSecurityTokenParameters scParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters; if (scParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecureConversationSecurityTokenParametersRequireBootstrapBinding))); } BindingContext scIssuerBindingContext = issuerBindingContext.Clone(); scIssuerBindingContext.BindingParameters.Remove <ChannelProtectionRequirements>(); scIssuerBindingContext.BindingParameters.Add(scParameters.BootstrapProtectionRequirements); if (scParameters.RequireCancellation) { SessionSymmetricMessageSecurityProtocolFactory sessionFactory = new SessionSymmetricMessageSecurityProtocolFactory(); sessionFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionFactory.SecurityTokenParameters).IssuerBindingContext = scIssuerBindingContext; sessionFactory.ApplyConfidentiality = true; sessionFactory.RequireConfidentiality = true; sessionFactory.ApplyIntegrity = true; sessionFactory.RequireIntegrity = true; sessionFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; sessionFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; sessionFactory.MessageProtectionOrder = this.MessageProtectionOrder; sessionFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; sessionFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false)); base.ConfigureProtocolFactory(sessionFactory, credentialsManager, false, issuerBindingContext, context.Binding); SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>(); sessionClientSettings.ChannelBuilder = channelBuilder; sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval; sessionClientSettings.CanRenewSession = scParameters.CanRenewSession; sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval; sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure; sessionClientSettings.IssuedSecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = issuerBindingContext; sessionClientSettings.SecurityStandardsManager = sessionFactory.StandardsManager; sessionClientSettings.SessionProtocolFactory = sessionFactory; channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, sessionClientSettings); } else { SymmetricSecurityProtocolFactory protocolFactory = new SymmetricSecurityProtocolFactory(); protocolFactory.SecurityTokenParameters = scParameters.Clone(); ((SecureConversationSecurityTokenParameters)protocolFactory.SecurityTokenParameters).IssuerBindingContext = scIssuerBindingContext; protocolFactory.ApplyConfidentiality = true; protocolFactory.RequireConfidentiality = true; protocolFactory.ApplyIntegrity = true; protocolFactory.RequireIntegrity = true; protocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; protocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; protocolFactory.MessageProtectionOrder = this.MessageProtectionOrder; protocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements(this, context.BindingParameters, context.Binding.Elements, false)); base.ConfigureProtocolFactory(protocolFactory, credentialsManager, false, issuerBindingContext, context.Binding); channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory); } } else { SecurityProtocolFactory protocolFactory = this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, issuerBindingContext); channelFactory = new SecurityChannelFactory <TChannel>(securityCapabilities, context, channelBuilder, protocolFactory); } return(channelFactory); }
/*internal override bool RequiresChannelDemuxer() * { * if (!base.RequiresChannelDemuxer()) * return this.RequiresChannelDemuxer(this.ProtectionTokenParameters); * return true; * }*/ protected override IChannelFactory <TChannel> BuildChannelFactoryCore <TChannel>(BindingContext context) { ISecurityCapabilities property = this.GetProperty <ISecurityCapabilities>(context); SecurityCredentialsManager credentialsManager = context.BindingParameters.Find <SecurityCredentialsManager>() ?? (SecurityCredentialsManager)ClientCredentials.CreateDefaultCredentials(); bool addChannelDemuxerIfRequired = this.RequiresChannelDemuxer(); ChannelBuilder channelBuilder = new ChannelBuilder(context, addChannelDemuxerIfRequired); if (addChannelDemuxerIfRequired) { #if FEATURE_CORECLR throw new NotImplementedException("ApplyPropertiesOnDemuxer is not supported in .NET Core"); #else this.ApplyPropertiesOnDemuxer(channelBuilder, context); #endif } BindingContext bindingContext1 = context.Clone(); SecurityChannelFactory <TChannel> securityChannelFactory; if (this.ProtectionTokenParameters is SecureConversationSecurityTokenParameters) { SecureConversationSecurityTokenParameters protectionTokenParameters = (SecureConversationSecurityTokenParameters)this.ProtectionTokenParameters; if (protectionTokenParameters.BootstrapSecurityBindingElement == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError((Exception) new InvalidOperationException(SR.GetString("SecureConversationSecurityTokenParametersRequireBootstrapBinding"))); } BindingContext bindingContext2 = bindingContext1.Clone(); bindingContext2.BindingParameters.Remove <ChannelProtectionRequirements>(); // BootstrapProtectionRequirements not supported // bindingContext2.BindingParameters.Add((object) protectionTokenParameters.BootstrapProtectionRequirements); if (protectionTokenParameters.RequireCancellation) { SessionSymmetricMessageSecurityProtocolFactory securityProtocolFactory = new SessionSymmetricMessageSecurityProtocolFactory(); securityProtocolFactory.SecurityTokenParameters = protectionTokenParameters.Clone(); ((SecureConversationSecurityTokenParameters)securityProtocolFactory.SecurityTokenParameters).IssuerBindingContext = bindingContext2; securityProtocolFactory.ApplyConfidentiality = true; securityProtocolFactory.RequireConfidentiality = true; securityProtocolFactory.ApplyIntegrity = true; securityProtocolFactory.RequireIntegrity = true; securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; securityProtocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; securityProtocolFactory.MessageProtectionOrder = this.MessageProtectionOrder; securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; securityProtocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements((SecurityBindingElement)this, context.BindingParameters, context.Binding.Elements, false)); this.ConfigureProtocolFactory((SecurityProtocolFactory)securityProtocolFactory, credentialsManager, false, bindingContext1, (Binding)context.Binding); SecuritySessionClientSettings <TChannel> sessionClientSettings = new SecuritySessionClientSettings <TChannel>(); sessionClientSettings.ChannelBuilder = channelBuilder; sessionClientSettings.KeyRenewalInterval = this.LocalClientSettings.SessionKeyRenewalInterval; sessionClientSettings.CanRenewSession = protectionTokenParameters.CanRenewSession; sessionClientSettings.KeyRolloverInterval = this.LocalClientSettings.SessionKeyRolloverInterval; sessionClientSettings.TolerateTransportFailures = this.LocalClientSettings.ReconnectTransportOnFailure; sessionClientSettings.IssuedSecurityTokenParameters = protectionTokenParameters.Clone(); ((SecureConversationSecurityTokenParameters)sessionClientSettings.IssuedSecurityTokenParameters).IssuerBindingContext = bindingContext1; sessionClientSettings.SecurityStandardsManager = securityProtocolFactory.StandardsManager; Console.WriteLine("Assigned sessionClientSettings.SessionProtocolFactory"); sessionClientSettings.SessionProtocolFactory = (SecurityProtocolFactory)securityProtocolFactory; securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, sessionClientSettings); } else { #if FEATURE_CORECLR throw new NotImplementedException("SymmetricSecurityProtocolFactory not supported in .NET Core"); #else SymmetricSecurityProtocolFactory securityProtocolFactory = new SymmetricSecurityProtocolFactory(); securityProtocolFactory.SecurityTokenParameters = protectionTokenParameters.Clone(); ((SecureConversationSecurityTokenParameters)securityProtocolFactory.SecurityTokenParameters).IssuerBindingContext = bindingContext2; securityProtocolFactory.ApplyConfidentiality = true; securityProtocolFactory.RequireConfidentiality = true; securityProtocolFactory.ApplyIntegrity = true; securityProtocolFactory.RequireIntegrity = true; securityProtocolFactory.IdentityVerifier = this.LocalClientSettings.IdentityVerifier; securityProtocolFactory.DoRequestSignatureConfirmation = this.RequireSignatureConfirmation; securityProtocolFactory.MessageProtectionOrder = this.MessageProtectionOrder; securityProtocolFactory.ProtectionRequirements.Add(SecurityBindingElement.ComputeProtectionRequirements((SecurityBindingElement)this, context.BindingParameters, context.Binding.Elements, false)); this.ConfigureProtocolFactory((SecurityProtocolFactory)securityProtocolFactory, credentialsManager, false, bindingContext1, (Binding)context.Binding); securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, channelBuilder, (SecurityProtocolFactory)securityProtocolFactory); #endif } } else { SecurityProtocolFactory securityProtocolFactory = this.CreateSecurityProtocolFactory <TChannel>(context, credentialsManager, false, bindingContext1); securityChannelFactory = new SecurityChannelFactory <TChannel>(property, context, channelBuilder, securityProtocolFactory); } return((IChannelFactory <TChannel>)securityChannelFactory); }