/// <summary>
/// Indicates whether the <see cref="SecurityKeyIdentifierClause"/> for an assertion matches the specified <see cref="SecurityKeyIdentifierClause"/>.
/// </summary>
/// <param name="assertionId">Id of the assertion</param>
/// <param name="keyIdentifierClause">A <see cref="SecurityKeyIdentifierClause"/> to match.</param>
/// <returns>'True' if the keyIdentifier matches this. 'False' otherwise.</returns>
public static bool Matches(string assertionId, SecurityKeyIdentifierClause keyIdentifierClause)
{
if (string.IsNullOrEmpty(assertionId))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("assertionId");
}
if (null == keyIdentifierClause)
{
return(false);
}
// Prefer our own type
Saml2AssertionKeyIdentifierClause saml2Clause = keyIdentifierClause as Saml2AssertionKeyIdentifierClause;
if (null != saml2Clause && StringComparer.Ordinal.Equals(assertionId, saml2Clause.Id))
{
return(true);
}
// For compatibility, match against the old WCF type.
// WCF will read SAML2-based key identifier clauses if our
// SecurityTokenSerializer doesn't get the chance. Unfortunately,
// the TokenTypeUri and ValueType properties are internal, so
// we can't check if they're for SAML2 or not. We're just going
// to go with the fact that SAML Assertion IDs, in both versions,
// are supposed to be sufficiently random as to not intersect.
// So, if the AssertionID matches our Id, we'll say that's good
// enough.
SamlAssertionKeyIdentifierClause wcfClause = keyIdentifierClause as SamlAssertionKeyIdentifierClause;
if (null != wcfClause && StringComparer.Ordinal.Equals(assertionId, wcfClause.AssertionId))
{
return(true);
}
// Out of options.
return(false);
}
/// <summary>
/// Creates an instance of <see cref="WrappedSaml2AssertionKeyIdentifierClause"/>
/// </summary>
/// <param name="clause">A <see cref="Saml2AssertionKeyIdentifierClause"/> to be wrapped.</param>
public WrappedSaml2AssertionKeyIdentifierClause(Saml2AssertionKeyIdentifierClause clause)
: base(clause.Id)
{
this.clause = clause;
}
/// <summary>
/// Creates an instance of <see cref="WrappedSaml2AssertionKeyIdentifierClause"/>
/// </summary>
/// <param name="clause">A <see cref="Saml2AssertionKeyIdentifierClause"/> to be wrapped.</param>
public WrappedSaml2AssertionKeyIdentifierClause(Saml2AssertionKeyIdentifierClause clause)
: base(clause.Id)
{
this.clause = clause;
}
/// <summary>
/// Determines if this token matches the keyIdentifierClause.
/// </summary>
/// <param name="keyIdentifierClause"><see cref="SecurityKeyIdentifierClause"/> to match.</param>
/// <returns>True if the keyIdentifierClause is matched. False otherwise.</returns>
public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause)
{
return(Saml2AssertionKeyIdentifierClause.Matches(this.Id, keyIdentifierClause) ||
base.MatchesKeyIdentifierClause(keyIdentifierClause));
}