public virtual SecurityKey ResolveKeyIdentifierClause(
SecurityKeyIdentifierClause keyIdentifierClause)
{
if (keyIdentifierClause == null)
{
throw new ArgumentNullException("keyIdentifierClause");
}
if (!MatchesKeyIdentifierClause(keyIdentifierClause))
{
throw new InvalidOperationException(String.Format("This '{0}' security token does not support resolving '{1}' key identifier clause.", GetType(), keyIdentifierClause));
}
if (keyIdentifierClause.CanCreateKey)
{
return(keyIdentifierClause.CreateKey());
}
// FIXME: examine it.
if (SecurityKeys.Count == 0)
{
throw new InvalidOperationException(String.Format("This '{0}' security token does not have any keys that can be resolved.", GetType(), keyIdentifierClause));
}
return(SecurityKeys [0]);
}
private static SecurityKey ResolveSecurityKey(SecurityKeyIdentifier ski, SecurityTokenResolver tokenResolver, out SecurityKeyIdentifierClause clause)
{
if (ski == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("ski");
}
clause = null;
if (tokenResolver != null)
{
for (int i = 0; i < ski.Count; ++i)
{
SecurityKey key = null;
if (tokenResolver.TryResolveSecurityKey(ski[i], out key))
{
clause = ski[i];
return(key);
}
}
}
if (ski.CanCreateKey)
{
foreach (var skiClause in ski)
{
if (skiClause.CanCreateKey)
{
clause = skiClause;
return(clause.CreateKey());
}
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.KeyIdentifierCannotCreateKey)));
}
return(null);
}