public SecurityContextSecurityToken CreateSecurityContextFromCookie(byte[] encodedCookie, UniqueId contextId, UniqueId generation, string id, XmlDictionaryReaderQuotas quotas) { byte[] cookie = null; try { cookie = this.securityStateEncoder.DecodeSecurityState(encodedCookie); } catch (Exception e) { if (Fx.IsFatal(e)) { throw; } OnInvalidCookieFailure(SR.Format(SR.SctCookieBlobDecodeFailure), e); } SecurityContextSecurityToken sct = DeserializeContext(cookie, encodedCookie, id, quotas); if (sct.ContextId != contextId) { OnInvalidCookieFailure(SR.Format(SR.SctCookieValueMissingOrIncorrect, nameof(contextId))); } if (sct.KeyGeneration != generation) { OnInvalidCookieFailure(SR.Format(SR.SctCookieValueMissingOrIncorrect, nameof(sct.KeyGeneration))); } return(sct); }
internal SecurityContextSecurityToken(SecurityContextSecurityToken sourceToken, string id, byte[] key, UniqueId keyGeneration, DateTime keyEffectiveTime, DateTime keyExpirationTime, ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies) : base() { _id = id; Initialize(sourceToken.ContextId, key, sourceToken.ValidFrom, sourceToken.ValidTo, authorizationPolicies, sourceToken.IsCookieMode, keyGeneration, keyEffectiveTime, keyExpirationTime); CookieBlob = sourceToken.CookieBlob; BootstrapMessageProperty = (sourceToken.BootstrapMessageProperty == null) ? null : (SecurityMessageProperty)sourceToken.BootstrapMessageProperty.CreateCopy(); }
private SecurityContextSecurityToken(SecurityContextSecurityToken from) { ReadOnlyCollection <IAuthorizationPolicy> authorizationPolicies = SecurityUtils.CloneAuthorizationPoliciesIfNecessary(from._authorizationPolicies); _id = from._id; Initialize(from.ContextId, from._key, from._tokenEffectiveTime, from._tokenExpirationTime, authorizationPolicies, from.IsCookieMode, from.KeyGeneration, from.KeyEffectiveTime, from.KeyExpirationTime); CookieBlob = from.CookieBlob; BootstrapMessageProperty = (from.BootstrapMessageProperty == null) ? null : (SecurityMessageProperty)from.BootstrapMessageProperty.CreateCopy(); }
protected override ValueTask <ReadOnlyCollection <IAuthorizationPolicy> > ValidateTokenCoreAsync(SecurityToken token) { SecurityContextSecurityToken sct = (SecurityContextSecurityToken)token; if (!IsTimeValid(sct)) { ThrowExpiredContextFaultException(sct.ContextId, sct); } return(new ValueTask <ReadOnlyCollection <IAuthorizationPolicy> >(sct.AuthorizationPolicies)); }
protected override ReadOnlyCollection <IAuthorizationPolicy> ValidateTokenCore(SecurityToken token) { SecurityContextSecurityToken sct = (SecurityContextSecurityToken)token; if (!IsTimeValid(sct)) { this.ThrowExpiredContextFaultException(sct.ContextId, sct); } return(sct.AuthorizationPolicies); }
private bool IsTimeValid(SecurityContextSecurityToken sct) { DateTime utcNow = DateTime.UtcNow; return(sct.ValidFrom <= utcNow && sct.ValidTo >= utcNow && sct.KeyEffectiveTime <= utcNow); }
private void ThrowExpiredContextFaultException(UniqueId contextId, SecurityContextSecurityToken sct) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new Exception(SR.Format(SR.SecurityContextExpired, contextId, sct.KeyGeneration == null ? "none" : sct.KeyGeneration.ToString()))); }
public void UpdateContextCachingTime(SecurityContextSecurityToken context, DateTime expirationTime) { this.tokenCache.UpdateContextCachingTime(context, expirationTime); }
public bool TryAddContext(SecurityContextSecurityToken token) { return(this.tokenCache.TryAddContext(token)); }
public void AddContext(SecurityContextSecurityToken token) { this.tokenCache.AddContext(token); }
internal SecurityContextSecurityToken(SecurityContextSecurityToken sourceToken, string id) : this(sourceToken, id, sourceToken._key, sourceToken.KeyGeneration, sourceToken.KeyEffectiveTime, sourceToken.KeyExpirationTime, sourceToken.AuthorizationPolicies) { }