示例#1
0
 internal IList <SupportingTokenAuthenticatorSpecification> GetSupportingTokenAuthenticators(string action, out bool expectSignedTokens, out bool expectBasicTokens, out bool expectEndorsingTokens)
 {
     if (this.mergedSupportingTokenAuthenticatorsMap != null && this.mergedSupportingTokenAuthenticatorsMap.Count > 0)
     {
         if (action != null && this.mergedSupportingTokenAuthenticatorsMap.ContainsKey(action))
         {
             MergedSupportingTokenAuthenticatorSpecification mergedSpec = this.mergedSupportingTokenAuthenticatorsMap[action];
             expectSignedTokens    = mergedSpec.ExpectSignedTokens;
             expectBasicTokens     = mergedSpec.ExpectBasicTokens;
             expectEndorsingTokens = mergedSpec.ExpectEndorsingTokens;
             return(mergedSpec.SupportingTokenAuthenticators);
         }
         else if (this.mergedSupportingTokenAuthenticatorsMap.ContainsKey(MessageHeaders.WildcardAction))
         {
             MergedSupportingTokenAuthenticatorSpecification mergedSpec = this.mergedSupportingTokenAuthenticatorsMap[MessageHeaders.WildcardAction];
             expectSignedTokens    = mergedSpec.ExpectSignedTokens;
             expectBasicTokens     = mergedSpec.ExpectBasicTokens;
             expectEndorsingTokens = mergedSpec.ExpectEndorsingTokens;
             return(mergedSpec.SupportingTokenAuthenticators);
         }
     }
     expectSignedTokens    = this.expectChannelSignedTokens;
     expectBasicTokens     = this.expectChannelBasicTokens;
     expectEndorsingTokens = this.expectChannelEndorsingTokens;
     // in case the channelSupportingTokenAuthenticators is empty return null so that its Count does not get accessed.
     return((Object.ReferenceEquals(this.channelSupportingTokenAuthenticatorSpecification, EmptyTokenAuthenticators)) ? null : (IList <SupportingTokenAuthenticatorSpecification>) this.channelSupportingTokenAuthenticatorSpecification);
 }
示例#2
0
        private void MergeSupportingTokenAuthenticators(TimeSpan timeout)
        {
            if (this.scopedSupportingTokenAuthenticatorSpecification.Count == 0)
            {
                this.mergedSupportingTokenAuthenticatorsMap = null;
            }
            else
            {
                TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
                this.expectSupportingTokens = true;
                this.mergedSupportingTokenAuthenticatorsMap = new Dictionary <string, MergedSupportingTokenAuthenticatorSpecification>();
                foreach (string action in this.scopedSupportingTokenAuthenticatorSpecification.Keys)
                {
                    ICollection <SupportingTokenAuthenticatorSpecification> scopedAuthenticators = this.scopedSupportingTokenAuthenticatorSpecification[action];
                    if (scopedAuthenticators == null || scopedAuthenticators.Count == 0)
                    {
                        continue;
                    }
                    Collection <SupportingTokenAuthenticatorSpecification> mergedAuthenticators = new Collection <SupportingTokenAuthenticatorSpecification>();
                    bool expectSignedTokens    = this.expectChannelSignedTokens;
                    bool expectBasicTokens     = this.expectChannelBasicTokens;
                    bool expectEndorsingTokens = this.expectChannelEndorsingTokens;
                    foreach (SupportingTokenAuthenticatorSpecification spec in this.channelSupportingTokenAuthenticatorSpecification)
                    {
                        mergedAuthenticators.Add(spec);
                    }
                    foreach (SupportingTokenAuthenticatorSpecification spec in scopedAuthenticators)
                    {
                        SecurityUtils.OpenTokenAuthenticatorIfRequiredAsync(spec.TokenAuthenticator, timeoutHelper.GetCancellationToken());

                        mergedAuthenticators.Add(spec);
                        if (spec.SecurityTokenAttachmentMode == SecurityTokenAttachmentMode.Endorsing ||
                            spec.SecurityTokenAttachmentMode == SecurityTokenAttachmentMode.SignedEndorsing)
                        {
                            if (spec.TokenParameters.RequireDerivedKeys && !spec.TokenParameters.HasAsymmetricKey)
                            {
                                this.expectKeyDerivation = true;
                            }
                        }
                        SecurityTokenAttachmentMode mode = spec.SecurityTokenAttachmentMode;
                        if (mode == SecurityTokenAttachmentMode.SignedEncrypted ||
                            mode == SecurityTokenAttachmentMode.Signed ||
                            mode == SecurityTokenAttachmentMode.SignedEndorsing)
                        {
                            expectSignedTokens = true;
                            if (mode == SecurityTokenAttachmentMode.SignedEncrypted)
                            {
                                expectBasicTokens = true;
                            }
                        }
                        if (mode == SecurityTokenAttachmentMode.Endorsing || mode == SecurityTokenAttachmentMode.SignedEndorsing)
                        {
                            expectEndorsingTokens = true;
                        }
                    }
                    VerifyTypeUniqueness(mergedAuthenticators);
                    MergedSupportingTokenAuthenticatorSpecification mergedSpec = new MergedSupportingTokenAuthenticatorSpecification();
                    mergedSpec.SupportingTokenAuthenticators = mergedAuthenticators;
                    mergedSpec.ExpectBasicTokens             = expectBasicTokens;
                    mergedSpec.ExpectEndorsingTokens         = expectEndorsingTokens;
                    mergedSpec.ExpectSignedTokens            = expectSignedTokens;
                    mergedSupportingTokenAuthenticatorsMap.Add(action, mergedSpec);
                }
            }
        }