public SecurityListenerSettingsLifetimeManager(SecurityProtocolFactory securityProtocolFactory, SecuritySessionServerSettings sessionSettings, bool sessionMode)
{
this.securityProtocolFactory = securityProtocolFactory;
this.sessionSettings = sessionSettings;
this.sessionMode = sessionMode;
referenceCount = 1;
}
protected SecurityProtocol(SecurityProtocolFactory factory, EndpointAddress target, Uri via)
{
SecurityProtocolFactory = factory;
Target = target;
Via = via;
CommunicationObject = new WrapperSecurityCommunicationObject(this);
}
internal SecurityProtocolFactory(SecurityProtocolFactory factory) : this()
{
if (factory == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(factory));
}
ActAsInitiator = factory.ActAsInitiator;
_addTimestamp = factory._addTimestamp;
_detectReplays = factory._detectReplays;
_incomingAlgorithmSuite = factory._incomingAlgorithmSuite;
_maxCachedNonces = factory._maxCachedNonces;
_maxClockSkew = factory._maxClockSkew;
_outgoingAlgorithmSuite = factory._outgoingAlgorithmSuite;
_replayWindow = factory._replayWindow;
ChannelSupportingTokenAuthenticatorSpecification = new Collection <SupportingTokenAuthenticatorSpecification>(new List <SupportingTokenAuthenticatorSpecification>(factory.ChannelSupportingTokenAuthenticatorSpecification));
ScopedSupportingTokenAuthenticatorSpecification = new Dictionary <string, ICollection <SupportingTokenAuthenticatorSpecification> >(factory.ScopedSupportingTokenAuthenticatorSpecification);
_standardsManager = factory._standardsManager;
_timestampValidityDuration = factory._timestampValidityDuration;
// this.auditLogLocation = factory.auditLogLocation;
_suppressAuditFailure = factory._suppressAuditFailure;
// this.serviceAuthorizationAuditLevel = factory.serviceAuthorizationAuditLevel;
// this.messageAuthenticationAuditLevel = factory.messageAuthenticationAuditLevel;
if (factory._securityBindingElement != null)
{
_securityBindingElement = (SecurityBindingElement)factory._securityBindingElement.Clone();
}
_securityTokenManager = factory._securityTokenManager;
_privacyNoticeUri = factory._privacyNoticeUri;
_privacyNoticeVersion = factory._privacyNoticeVersion;
_endpointFilterTable = factory._endpointFilterTable;
ExtendedProtectionPolicy = factory.ExtendedProtectionPolicy;
_nonceCache = factory._nonceCache;
}
protected IList <SupportingTokenAuthenticatorSpecification> GetSupportingTokenAuthenticatorsAndSetExpectationFlags(SecurityProtocolFactory factory, Message message,
ReceiveSecurityHeader securityHeader)
{
if (message == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("message");
}
bool expectBasicTokens;
bool expectSignedTokens;
bool expectEndorsingTokens;
IList <SupportingTokenAuthenticatorSpecification> authenticators = factory.GetSupportingTokenAuthenticators(message.Headers.Action,
out expectSignedTokens, out expectBasicTokens, out expectEndorsingTokens);
securityHeader.ExpectBasicTokens = expectBasicTokens;
securityHeader.ExpectEndorsingTokens = expectEndorsingTokens;
securityHeader.ExpectSignedTokens = expectSignedTokens;
return(authenticators);
}
internal async Task <IList <SupportingTokenSpecification> > TryGetSupportingTokensAsync(SecurityProtocolFactory factory, EndpointAddress target, Uri via, Message message, TimeSpan timeout)
{
IList <SupportingTokenSpecification> supportingTokens = null;
if (!factory.ActAsInitiator)
{
return(null);
}
if (message == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull(nameof(message));
}
TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
IList <SupportingTokenProviderSpecification> supportingTokenProviders = GetSupportingTokenProviders(message.Headers.Action);
if (supportingTokenProviders != null && supportingTokenProviders.Count > 0)
{
supportingTokens = new Collection <SupportingTokenSpecification>();
for (int i = 0; i < supportingTokenProviders.Count; ++i)
{
SupportingTokenProviderSpecification spec = supportingTokenProviders[i];
SecurityToken supportingToken;
supportingToken = await spec.TokenProvider.GetTokenAsync(timeoutHelper.GetCancellationToken());
supportingTokens.Add(new SupportingTokenSpecification(supportingToken, EmptyReadOnlyCollection <IAuthorizationPolicy> .Instance, spec.SecurityTokenAttachmentMode, spec.TokenParameters));
}
}
// add any runtime supporting tokens
AddMessageSupportingTokens(message, ref supportingTokens);
return(supportingTokens);
}
private SendSecurityHeader CreateSendSecurityHeader(Message message, string actor, SecurityProtocolFactory factory, bool requireMessageProtection)
{
MessageDirection transferDirection = factory.ActAsInitiator ? MessageDirection.Input : MessageDirection.Output;
SendSecurityHeader sendSecurityHeader = factory.StandardsManager.CreateSendSecurityHeader(
message,
actor, true, false,
factory.OutgoingAlgorithmSuite, transferDirection);
sendSecurityHeader.Layout = factory.SecurityHeaderLayout;
sendSecurityHeader.RequireMessageProtection = requireMessageProtection;
SetSecurityHeaderId(sendSecurityHeader, message);
if (factory.AddTimestamp)
{
sendSecurityHeader.AddTimestamp(factory.TimestampValidityDuration);
}
sendSecurityHeader.StreamBufferManager = factory.StreamBufferManager;
return(sendSecurityHeader);
}
protected SendSecurityHeader CreateSendSecurityHeaderForTransportProtocol(Message message, string actor, SecurityProtocolFactory factory)
{
return(CreateSendSecurityHeader(message, actor, factory, false));
}
protected SendSecurityHeader CreateSendSecurityHeader(Message message, string actor, SecurityProtocolFactory factory)
{
return(CreateSendSecurityHeader(message, actor, factory, true));
}