/// <summary>
/// Writes the given SamlAction to the XmlWriter.
/// </summary>
/// <param name="writer">XmlWriter to serialize the SamlAction into.</param>
/// <param name="action">SamlAction to serialize.</param>
/// <exception cref="ArgumentNullException">The parameter 'writer' or 'action' is null.</exception>
protected virtual void WriteAction(XmlWriter writer, SamlAction action)
{
if (writer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
}
if (action == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("action");
}
writer.WriteStartElement(SamlConstants.Prefix, SamlConstants.ElementNames.Action, SamlConstants.Namespace);
if (!string.IsNullOrEmpty(action.Namespace))
{
writer.WriteAttributeString(SamlConstants.AttributeNames.Namespace, null, action.Namespace);
}
writer.WriteString(action.Action);
writer.WriteEndElement();
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
SamlDictionary samlDictionary = samlSerializer.DictionaryManager.SamlDictionary;
this.resource = reader.GetAttribute(samlDictionary.Resource, null);
if (string.IsNullOrEmpty(this.resource))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorizationDecisionStatementMissingResourceAttributeOnRead")));
}
string attribute = reader.GetAttribute(samlDictionary.Decision, null);
if (string.IsNullOrEmpty(attribute))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorizationDecisionStatementMissingDecisionAttributeOnRead")));
}
if (attribute.Equals(SamlAccessDecision.Deny.ToString(), StringComparison.OrdinalIgnoreCase))
{
this.accessDecision = SamlAccessDecision.Deny;
}
else if (attribute.Equals(SamlAccessDecision.Permit.ToString(), StringComparison.OrdinalIgnoreCase))
{
this.accessDecision = SamlAccessDecision.Permit;
}
else
{
this.accessDecision = SamlAccessDecision.Indeterminate;
}
reader.MoveToContent();
reader.Read();
if (!reader.IsStartElement(samlDictionary.Subject, samlDictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorizationDecisionStatementMissingSubjectOnRead")));
}
SamlSubject subject = new SamlSubject();
subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
base.SamlSubject = subject;
while (reader.IsStartElement())
{
if (reader.IsStartElement(samlDictionary.Action, samlDictionary.Namespace))
{
SamlAction item = new SamlAction();
item.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.actions.Add(item);
}
else
{
if (!reader.IsStartElement(samlDictionary.Evidence, samlDictionary.Namespace))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLBadSchema", new object[] { samlDictionary.AuthorizationDecisionStatement })));
}
if (this.evidence != null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorizationDecisionHasMoreThanOneEvidence")));
}
this.evidence = new SamlEvidence();
this.evidence.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
}
}
if (this.actions.Count == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(System.IdentityModel.SR.GetString("SAMLAuthorizationDecisionShouldHaveOneActionOnRead")));
}
reader.MoveToContent();
reader.ReadEndElement();
}
public void SetNamespaceNull ()
{
SamlAction a = new SamlAction ();
a.Namespace = null;
}
public void WriteXmlNullAction ()
{
SamlAction c = new SamlAction ();
StringWriter sw = new StringWriter ();
using (XmlDictionaryWriter dw = CreateWriter (sw)) {
c.WriteXml (dw, new SamlSerializer (), null);
}
}
public void SetActionNull ()
{
SamlAction a = new SamlAction ();
a.Action = null;
}
public void SetActionEmpty ()
{
SamlAction a = new SamlAction ();
a.Action = String.Empty;
}
public void ReadXml1 ()
{
SamlSerializer ser = new SamlSerializer ();
string xml = String.Format ("<saml:Action Namespace=\"urn:myNS\" xmlns:saml=\"{0}\">urn:myAction</saml:Action>", SamlConstants.Namespace);
XmlDictionaryReader reader = CreateReader (xml);
reader.MoveToContent ();
SamlAction s = new SamlAction ();
s.ReadXml (reader, ser, null, null);
Assert.AreEqual ("urn:myAction", s.Action, "#1");
Assert.AreEqual ("urn:myNS", s.Namespace, "#2");
}
public void DefaultValues ()
{
SamlAction a = new SamlAction ();
Assert.IsNull (a.Action, "#1");
Assert.IsNull (a.Namespace, "#2");
}
public void WriteXml1 ()
{
SamlAction c = new SamlAction ("urn:myAction", "urn:myNS");
StringWriter sw = new StringWriter ();
using (XmlDictionaryWriter dw = CreateWriter (sw)) {
c.WriteXml (dw, new SamlSerializer (), null);
}
Assert.AreEqual (String.Format ("<?xml version=\"1.0\" encoding=\"utf-16\"?><saml:Action Namespace=\"urn:myNS\" xmlns:saml=\"{0}\">urn:myAction</saml:Action>", SamlConstants.Namespace), sw.ToString ());
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
}
if (samlSerializer == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
}
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
this.resource = reader.GetAttribute(dictionary.Resource, null);
if (string.IsNullOrEmpty(this.resource))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingResourceAttributeOnRead)));
}
string decisionString = reader.GetAttribute(dictionary.Decision, null);
if (string.IsNullOrEmpty(decisionString))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingDecisionAttributeOnRead)));
}
if (decisionString.Equals(SamlAccessDecision.Deny.ToString(), StringComparison.OrdinalIgnoreCase))
{
this.accessDecision = SamlAccessDecision.Deny;
}
else if (decisionString.Equals(SamlAccessDecision.Permit.ToString(), StringComparison.OrdinalIgnoreCase))
{
this.accessDecision = SamlAccessDecision.Permit;
}
else
{
accessDecision = SamlAccessDecision.Indeterminate;
}
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace))
{
SamlSubject subject = new SamlSubject();
subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
base.SamlSubject = subject;
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingSubjectOnRead)));
}
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Action, dictionary.Namespace))
{
SamlAction action = new SamlAction();
action.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.actions.Add(action);
}
else if (reader.IsStartElement(dictionary.Evidence, dictionary.Namespace))
{
if (this.evidence != null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionHasMoreThanOneEvidence)));
}
this.evidence = new SamlEvidence();
this.evidence.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.AuthorizationDecisionStatement)));
}
}
if (this.actions.Count == 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionShouldHaveOneActionOnRead)));
}
reader.MoveToContent();
reader.ReadEndElement();
}
public override void ReadXml(XmlDictionaryReader reader,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer,
SecurityTokenResolver resolver)
{
if (reader == null)
{
throw new ArgumentNullException("reader");
}
if (samlSerializer == null)
{
throw new ArgumentNullException("samlSerializer");
}
string decision = reader.GetAttribute("Decision");
switch (decision)
{
case "Permit":
AccessDecision = SamlAccessDecision.Permit;
break;
case "Deny":
AccessDecision = SamlAccessDecision.Deny;
break;
case "Indeterminate":
AccessDecision = SamlAccessDecision.Indeterminate;
break;
default:
throw new SecurityTokenException(String.Format("AccessDecision value is wrong: {0}", decision));
}
Resource = reader.GetAttribute("Resource");
reader.ReadStartElement("AuthorizationDecisionStatement", SamlConstants.Namespace);
reader.MoveToContent();
SamlSubject = new SamlSubject();
SamlSubject.ReadXml(reader, samlSerializer, keyInfoSerializer, resolver);
SamlActions.Clear();
for (reader.MoveToContent();
reader.LocalName == "Action" &&
reader.NamespaceURI == SamlConstants.Namespace;
reader.MoveToContent())
{
SamlAction action = new SamlAction();
action.ReadXml(reader, samlSerializer, keyInfoSerializer, resolver);
SamlActions.Add(action);
}
if (reader.LocalName == "Evidence" &&
reader.NamespaceURI == SamlConstants.Namespace)
{
Evidence = new SamlEvidence();
Evidence.ReadXml(reader, samlSerializer, keyInfoSerializer, resolver);
reader.MoveToContent();
}
reader.ReadEndElement();
// verify contents
if (SamlActions.Count == 0)
{
throw new SecurityTokenException("SAML AuthorizationDecisionStatement must contain at least one Action.");
}
if (SamlSubject == null)
{
throw new SecurityTokenException("SAML Subject must be set to SAML AuthorizationDecisionStatement before being written.");
}
if (Resource == null || Resource.Length == 0)
{
throw new SecurityTokenException("non-zero string must be set to Resource on SAML AuthorizationDecisionStatement.");
}
}
public override void ReadXml (XmlDictionaryReader reader,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer,
SecurityTokenResolver resolver)
{
if (reader == null)
throw new ArgumentNullException ("reader");
if (samlSerializer == null)
throw new ArgumentNullException ("samlSerializer");
string decision = reader.GetAttribute ("Decision");
switch (decision) {
case "Permit":
AccessDecision = SamlAccessDecision.Permit;
break;
case "Deny":
AccessDecision = SamlAccessDecision.Deny;
break;
case "Indeterminate":
AccessDecision = SamlAccessDecision.Indeterminate;
break;
default:
throw new SecurityTokenException (String.Format ("AccessDecision value is wrong: {0}", decision));
}
Resource = reader.GetAttribute ("Resource");
reader.ReadStartElement ("AuthorizationDecisionStatement", SamlConstants.Namespace);
reader.MoveToContent ();
SamlSubject = new SamlSubject ();
SamlSubject.ReadXml (reader, samlSerializer, keyInfoSerializer, resolver);
SamlActions.Clear ();
for (reader.MoveToContent ();
reader.LocalName == "Action" &&
reader.NamespaceURI == SamlConstants.Namespace;
reader.MoveToContent ()) {
SamlAction action = new SamlAction ();
action.ReadXml (reader, samlSerializer, keyInfoSerializer, resolver);
SamlActions.Add (action);
}
if (reader.LocalName == "Evidence" &&
reader.NamespaceURI == SamlConstants.Namespace) {
Evidence = new SamlEvidence ();
Evidence.ReadXml (reader, samlSerializer, keyInfoSerializer, resolver);
reader.MoveToContent ();
}
reader.ReadEndElement ();
// verify contents
if (SamlActions.Count == 0)
throw new SecurityTokenException ("SAML AuthorizationDecisionStatement must contain at least one Action.");
if (SamlSubject == null)
throw new SecurityTokenException ("SAML Subject must be set to SAML AuthorizationDecisionStatement before being written.");
if (Resource == null || Resource.Length == 0)
throw new SecurityTokenException ("non-zero string must be set to Resource on SAML AuthorizationDecisionStatement.");
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
this.resource = reader.GetAttribute(dictionary.Resource, null);
if (string.IsNullOrEmpty(this.resource))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingResourceAttributeOnRead)));
string decisionString = reader.GetAttribute(dictionary.Decision, null);
if (string.IsNullOrEmpty(decisionString))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingDecisionAttributeOnRead)));
if (decisionString.Equals(SamlAccessDecision.Deny.ToString(), StringComparison.OrdinalIgnoreCase))
this.accessDecision = SamlAccessDecision.Deny;
else if (decisionString.Equals(SamlAccessDecision.Permit.ToString(), StringComparison.OrdinalIgnoreCase))
this.accessDecision = SamlAccessDecision.Permit;
else
accessDecision = SamlAccessDecision.Indeterminate;
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace))
{
SamlSubject subject = new SamlSubject();
subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
base.SamlSubject = subject;
}
else
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingSubjectOnRead)));
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Action, dictionary.Namespace))
{
SamlAction action = new SamlAction();
action.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.actions.Add(action);
}
else if (reader.IsStartElement(dictionary.Evidence, dictionary.Namespace))
{
if (this.evidence != null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionHasMoreThanOneEvidence)));
this.evidence = new SamlEvidence();
this.evidence.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
}
else
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.AuthorizationDecisionStatement)));
}
if (this.actions.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionShouldHaveOneActionOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
