/// <summary> /// /// </summary> /// <param name="requestMessage"></param> /// <param name="config"></param> /// <param name="withRefreshToken"></param> /// <returns></returns> public static AccessTokenResponse ProcessAccessTokenRequest(AccessTokenRequest requestMessage, SecurityTokenServiceConfiguration config, Boolean withRefreshToken) { ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => true; // Call issuer to create token WSTrustChannelFactory factory = new WSTrustChannelFactory("issuer"); // TODO: factory.Credentials.UserName.UserName = requestMessage.Name ?? requestMessage.ClientId; // TODO: factory.Credentials.UserName.Password = requestMessage.Password ?? requestMessage.ClientSecret; WSTrustChannel issuer = factory.CreateChannel() as WSTrustChannel; RequestSecurityToken rst = new RequestSecurityToken(WSTrust13Constants.RequestTypes.Issue); rst.AppliesTo = new EndpointAddress("https://wrap.client"); rst.KeyType = WSTrust13Constants.KeyTypes.Bearer; RequestSecurityTokenResponse response = null; issuer.Issue(rst, out response); WSTrustSerializationContext context = new WSTrustSerializationContext( config.SecurityTokenHandlerCollectionManager, config.CreateAggregateTokenResolver(), config.IssuerTokenResolver); // Create response var token = response.RequestedSecurityToken.SecurityToken; if (null == token) { using (XmlReader reader = new XmlNodeReader(response.RequestedSecurityToken.SecurityTokenXml)) { token = FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlers.ReadToken(reader); } token = ConvertToSimpleWebToken(token, response); } // Write token return WriteToken(token, withRefreshToken); }
private static string GetTokenXml(HttpRequest request) { var quotas = new XmlDictionaryReaderQuotas(); quotas.MaxArrayLength = 0x200000; quotas.MaxStringContentLength = 0x200000; var wsFederationMessage = WSFederationMessage.CreateFromFormPost(request) as SignInResponseMessage; WSFederationSerializer federationSerializer; using (var reader = XmlDictionaryReader.CreateTextReader(Encoding.UTF8.GetBytes(wsFederationMessage.Result), quotas)) { federationSerializer = new WSFederationSerializer(reader); } var serializationContext = new WSTrustSerializationContext(SecurityTokenHandlerCollectionManager.CreateDefaultSecurityTokenHandlerCollectionManager()); var tokenXml = federationSerializer.CreateResponse(wsFederationMessage, serializationContext).RequestedSecurityToken.SecurityTokenXml.OuterXml; return tokenXml; }
/// <summary> /// Constructor for the WSTrustRequestBodyWriter. /// </summary> /// <param name="requestSecurityToken">The RequestSecurityToken object to be serialized in the outgoing Message.</param> /// <param name="serializer">Serializer is responsible for writting the requestSecurityToken into a XmlDictionaryWritter.</param> /// <param name="serializationContext">Context for the serialization.</param> /// <exception cref="ArgumentNullException">The 'requestSecurityToken' is null.</exception> /// <exception cref="ArgumentNullException">The 'serializer' is null.</exception> /// <exception cref="ArgumentNullException">The 'serializationContext' is null.</exception> public WSTrustRequestBodyWriter(System.IdentityModel.Protocols.WSTrust.RequestSecurityToken requestSecurityToken, WSTrustRequestSerializer serializer, WSTrustSerializationContext serializationContext) : base(true) { if (requestSecurityToken == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestSecurityToken"); } if (serializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("serializer"); } if (serializationContext == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("serializationContext"); } _requestSecurityToken = requestSecurityToken; _serializer = serializer; _serializationContext = serializationContext; }
private string SerializeResponse(RequestSecurityTokenResponse response) { var serializer = new WSTrust13ResponseSerializer(); var context = new WSTrustSerializationContext(FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlerCollectionManager); var sb = new StringBuilder(128); using (var writer = XmlWriter.Create(new StringWriter(sb))) { serializer.WriteXml(response, writer, context); return sb.ToString(); } }
private string SerializeRequest(RequestSecurityToken request) { var serializer = new WSTrust13RequestSerializer(); var context = new WSTrustSerializationContext(); var sb = new StringBuilder(128); using (var writer = XmlWriter.Create(new StringWriter(sb))) { serializer.WriteXml(request, writer, context); return sb.ToString(); } }
/// <summary> /// Processes a WS-Federation sign in request. /// </summary> /// <param name="request">The request.</param> /// <param name="principal">The client principal.</param> /// <param name="configuration">The token service configuration.</param> /// <returns>A SignInResponseMessage</returns> public static SignInResponseMessage ProcessSignInRequest(SignInRequestMessage request, IClaimsPrincipal principal, SecurityTokenServiceConfiguration configuration) { Contract.Requires(request != null); Contract.Requires(principal != null); Contract.Requires(configuration != null); Contract.Ensures(Contract.Result<SignInResponseMessage>() != null); // create token service and serializers var sts = configuration.CreateSecurityTokenService(); var context = new WSTrustSerializationContext( sts.SecurityTokenServiceConfiguration.SecurityTokenHandlerCollectionManager, sts.SecurityTokenServiceConfiguration.ServiceTokenResolver, sts.SecurityTokenServiceConfiguration.IssuerTokenResolver); var federationSerializer = new WSFederationSerializer( sts.SecurityTokenServiceConfiguration.WSTrust13RequestSerializer, sts.SecurityTokenServiceConfiguration.WSTrust13ResponseSerializer); // convert ws-fed message to RST and call issue pipeline var rst = federationSerializer.CreateRequest(request, context); var rstr = sts.Issue(principal, rst); // check ReplyTo Uri result = null; if (!Uri.TryCreate(rstr.ReplyTo, UriKind.Absolute, out result)) { throw new InvalidOperationException("Invalid ReplyTo"); } var response = new SignInResponseMessage(result, rstr, federationSerializer, context); // copy the incoming context data (as required by the WS-Federation spec) if (!String.IsNullOrEmpty(request.Context)) { response.Context = request.Context; } return response; }
public override void ReadXmlElement(XmlReader reader, RequestSecurityTokenResponse rstr, WSTrustSerializationContext context) { if (reader.LocalName == "RequestedSecurityToken") { var rd = reader.ReadSubtree(); rd.ReadToFollowing("Assertion", "urn:oasis:names:tc:SAML:2.0:assertion"); rstr.RequestedSecurityToken = new RequestedSecurityToken(new Saml2SecurityToken(ser.ReadSaml2Assertion(rd.ReadSubtree()))); } else { base.ReadXmlElement(reader, rstr, context); } }
/// <summary> /// Initializes an instance of <see cref="WSTrustResponseBodyWriter"/> /// </summary> /// <param name="requestSecurityTokenResponse">The Response object that can write the body contents.</param> /// <param name="serializer">Serializer to use for serializing the RSTR.</param> /// <param name="context">The <see cref="WSTrustSerializationContext"/> of this request.</param> /// <exception cref="ArgumentNullException">serializer parameter is null.</exception> public WSTrustResponseBodyWriter(RSTR requestSecurityTokenResponse, WSTrustResponseSerializer serializer, WSTrustSerializationContext context) : base(true) { if (serializer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("serializer"); } if (requestSecurityTokenResponse == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("requestSecurityTokenResponse"); } if (context == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); } _serializer = serializer; _rstr = requestSecurityTokenResponse; _context = context; }
/// <summary> /// /// </summary> /// <param name="response"></param> /// <param name="context"></param> /// <returns></returns> public String GetResponseAsString(RequestSecurityTokenResponse response, WSTrustSerializationContext context) { if (null == response) throw new ArgumentNullException("response"); if (null == context) throw new ArgumentNullException("context"); StringBuilder sb = new StringBuilder(); using (StringWriter stringWriter = new StringWriter(sb, CultureInfo.InvariantCulture)) { using (XmlTextWriter xmlWriter = new XmlTextWriter(stringWriter)) { responseSerializer.WriteXml(response, xmlWriter, context); } } return sb.ToString(); }
string RstToString(RequestSecurityToken token) { WSTrust13RequestSerializer ser = new WSTrust13RequestSerializer(); WSTrustSerializationContext context = new WSTrustSerializationContext(); StringBuilder stringBuilder = new StringBuilder(); XmlWriter xr = XmlWriter.Create(new StringWriter(stringBuilder), new XmlWriterSettings { OmitXmlDeclaration = true }); ser.WriteXml(token, xr, context); xr.Flush(); return stringBuilder.ToString(); }
private string SerializeResponse(RequestSecurityTokenResponse response) { var serializer = new WSTrust13ResponseSerializer(); WSTrustSerializationContext context = new WSTrustSerializationContext(); StringBuilder sb = new StringBuilder(128); using (var writer = new XmlTextWriter(new StringWriter(sb))) { serializer.WriteXml(response, writer, context); return sb.ToString(); } }
/// <summary> /// Override ReadXml method to deserialize the custom element inside the RST. /// </summary> /// <param name="reader">The xml reader to read from</param> /// <param name="rst">The rst object that is going to be populated with the new custom element</param> /// <param name="serializer">The token serializer to serialize the token related elements</param> public override void ReadXmlElement(System.Xml.XmlReader reader, RequestSecurityToken rst, WSTrustSerializationContext context) { if (reader == null) { throw new ArgumentNullException("reader"); } if (rst == null) { throw new ArgumentNullException("rst"); } if (context == null) { throw new ArgumentNullException("context"); } if (reader.IsStartElement(CustomElementConstants.LocalName, CustomElementConstants.Namespace)) { if (rst is CustomRequestSecurityToken) { CustomRequestSecurityToken customRST = rst as CustomRequestSecurityToken; if (customRST != null) { // // reading the custom element in the RST // customRST.CustomElement = reader.ReadElementContentAsString(); } } } else { // // The rest is just normal thing // base.ReadXmlElement(reader, rst, context); } }