public void WriteMetadata(WsFederationMetadataTheoryData theoryData)
{
TestUtilities.WriteHeader($"{this}.WriteMetadata", theoryData);
var context = new CompareContext($"{this}.WriteMetadata, {theoryData.TestId}");
try
{
var settings = new XmlWriterSettings();
var builder = new StringBuilder();
if (theoryData.UseNullWriter)
{
theoryData.Serializer.WriteMetadata(null, theoryData.Configuration);
theoryData.ExpectedException.ProcessNoException(context);
}
else
{
using (var writer = XmlWriter.Create(builder, settings))
{
// add signingCredentials so we can created signed metadata.
if (theoryData.Configuration != null)
{
theoryData.Configuration.SigningCredentials = KeyingMaterial.DefaultX509SigningCreds_2048_RsaSha2_Sha2;
}
// write configuration content into metadata and sign the metadata
var serializer = new WsFederationMetadataSerializer();
serializer.WriteMetadata(writer, theoryData.Configuration);
writer.Flush();
var metadata = builder.ToString();
// read the created metadata into a new configuration
var reader = XmlReader.Create(new StringReader(metadata));
var configuration = theoryData.Serializer.ReadMetadata(reader);
// assign signingcredentials and verify the signature of created metadata
configuration.SigningCredentials = theoryData.Configuration.SigningCredentials;
if (configuration.SigningCredentials != null)
{
configuration.Signature.Verify(configuration.SigningCredentials.Key, configuration.SigningCredentials.Key.CryptoProviderFactory);
}
// remove the signature and do the comparison
configuration.Signature = null;
theoryData.ExpectedException.ProcessNoException(context);
IdentityComparer.AreWsFederationConfigurationsEqual(configuration, theoryData.Configuration, context);
}
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
TestUtilities.AssertFailIfErrors(context);
}
/// <summary>
/// Executes the result operation of the action method asynchronously. This method is called by MVC to process
/// the result of an action method.
/// </summary>
/// <param name="context">The context in which the result is executed. The context information includes
/// information about the action that was executed and request information.</param>
/// <returns>
/// A task that represents the asynchronous execute operation.
/// </returns>
public Task ExecuteResultAsync(ActionContext context)
{
var ser = new WsFederationMetadataSerializer();
using var ms = new MemoryStream();
using XmlWriter writer = XmlDictionaryWriter.CreateTextWriter(ms, Encoding.UTF8, false);
ser.WriteMetadata(writer, _config);
writer.Flush();
context.HttpContext.Response.ContentType = "application/xml";
var metaAsString = Encoding.UTF8.GetString(ms.ToArray());
return(context.HttpContext.Response.WriteAsync(metaAsString));
}
public async Task <string> GetMetadata(HttpContext context)
{
var configuration = new WsFederationConfiguration
{
Issuer = _options.IssuerUri,
SigningCredentials = await _keys.GetSigningCredentialsAsync(),
TokenEndpoint = context.GetIdentityServerOrigin() + "/wsfederation"
};
//For whatever reason, the Digest method isn't specified in the builder extensions for identity server.
//Not a good solution to force the user to use the overload that takes SigningCredentials
//IdentityServer4/Configuration/DependencyInjection/BuilderExtensions/Crypto.cs
//Instead, it should be supported in:
// The overload that takes a X509Certificate2
// The overload that looks it up in a cert store
// The overload that takes an RsaSecurityKey
// AddDeveloperSigningCredential
//For now, this is a workaround.
if (configuration.SigningCredentials.Digest == null)
{
_logger.LogInformation($"SigningCredentials does not have a digest specified. Using default digest algorithm of {SecurityAlgorithms.Sha256Digest}");
configuration.SigningCredentials = new SigningCredentials(configuration.SigningCredentials.Key, configuration.SigningCredentials.Algorithm ?? SecurityAlgorithms.RsaSha256Signature, SecurityAlgorithms.Sha256Digest);
}
configuration.KeyInfos.Add(new KeyInfo(configuration.SigningCredentials.Key));
var serializer = new WsFederationMetadataSerializer();
var sb = new StringBuilder();
var settings = new XmlWriterSettings
{
OmitXmlDeclaration = true
};
using (var writer = XmlWriter.Create(sb, settings))
{
serializer.WriteMetadata(writer, configuration);
}
var metadata = sb.ToString();
return(metadata);
}