InternalClientCredentials(InternalClientCredentials other)
: base(other)
{
m_relyingPartyIssuer = other.m_relyingPartyIssuer;
m_clientCredentials = other.m_clientCredentials;
m_infocardChannelParameter = other.InfoCardChannelParameter;
}
//
// Summary:
// Constructs the policy chain and determines the depth at which to invoke the InfoCard system.
//
// Parameters
// target - Target specified in CreateChannel call. This will fully specify a referral chain.
// parameters - Security parameters for current invocation.
//
public InternalClientCredentials(
ClientCredentials infocardCredentials,
EndpointAddress target,
Uri relyingPartyIssuer,
InfoCardChannelParameter infocardChannelParameter)
: base(infocardCredentials)
{
m_relyingPartyIssuer = relyingPartyIssuer;
m_clientCredentials = infocardCredentials;
m_infocardChannelParameter = infocardChannelParameter;
}
public static bool TryCreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement, ClientCredentialsSecurityTokenManager clientCredentialsTokenManager, out SecurityTokenProvider provider)
{
if (tokenRequirement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenRequirement");
}
if (clientCredentialsTokenManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("clientCredentialsTokenManager");
}
provider = null;
if ((clientCredentialsTokenManager.ClientCredentials.SupportInteractive && ((null == clientCredentialsTokenManager.ClientCredentials.IssuedToken.LocalIssuerAddress) || (clientCredentialsTokenManager.ClientCredentials.IssuedToken.LocalIssuerBinding == null))) && clientCredentialsTokenManager.IsIssuedSecurityTokenRequirement(tokenRequirement))
{
ChannelParameterCollection parameters;
Uri uri;
int num;
InfoCardChannelParameter infocardChannelParameter = null;
if (tokenRequirement.TryGetProperty <ChannelParameterCollection>(ServiceModelSecurityTokenRequirement.ChannelParametersCollectionProperty, out parameters))
{
foreach (object obj2 in parameters)
{
if (obj2 is InfoCardChannelParameter)
{
infocardChannelParameter = (InfoCardChannelParameter)obj2;
break;
}
}
}
if ((infocardChannelParameter == null) || !infocardChannelParameter.RequiresInfoCard)
{
return(false);
}
EndpointAddress property = tokenRequirement.GetProperty <EndpointAddress>(ServiceModelSecurityTokenRequirement.TargetAddressProperty);
IssuedSecurityTokenParameters parameters2 = tokenRequirement.GetProperty <IssuedSecurityTokenParameters>(ServiceModelSecurityTokenRequirement.IssuedSecurityTokenParametersProperty);
if (!tokenRequirement.TryGetProperty <Uri>(ServiceModelSecurityTokenRequirement.PrivacyNoticeUriProperty, out uri))
{
uri = null;
}
if (!tokenRequirement.TryGetProperty <int>(ServiceModelSecurityTokenRequirement.PrivacyNoticeVersionProperty, out num))
{
num = 0;
}
provider = CreateTokenProviderForNextLeg(tokenRequirement, property, parameters2.IssuerAddress, infocardChannelParameter.RelyingPartyIssuer, clientCredentialsTokenManager, infocardChannelParameter);
}
return(provider != null);
}
public InternalClientCredentialsSecurityTokenManager(InternalClientCredentials internalClientCredentials, InfoCardChannelParameter infocardChannelParameter)
: base(internalClientCredentials)
{
m_relyingPartyIssuer = internalClientCredentials.m_relyingPartyIssuer;
m_infocardChannelParameter = infocardChannelParameter;
}
public InternalInfoCardTokenProvider(InfoCardChannelParameter infocardChannelParameter)
{
this.m_infocardChannelParameter = infocardChannelParameter;
}
// Summary:
// If interactive support is requested and an IssuedSecurityTokenParameters is specified this method
// will return an instance of an InfoCardTokenProvider.
// Otherwise this method defers to the base implementation.
//
// Parameters
// parameters - The security token parameters associated with this ChannelFactory.
//
// Note
// The target and issuer information will not be available in this call
//
public static bool TryCreateSecurityTokenProvider(SecurityTokenRequirement tokenRequirement, ClientCredentialsSecurityTokenManager clientCredentialsTokenManager, out SecurityTokenProvider provider)
{
if (tokenRequirement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenRequirement");
}
if (clientCredentialsTokenManager == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("clientCredentialsTokenManager");
}
provider = null;
if (!clientCredentialsTokenManager.ClientCredentials.SupportInteractive ||
(null != clientCredentialsTokenManager.ClientCredentials.IssuedToken.LocalIssuerAddress && null != clientCredentialsTokenManager.ClientCredentials.IssuedToken.LocalIssuerBinding) ||
!clientCredentialsTokenManager.IsIssuedSecurityTokenRequirement(tokenRequirement)
)
{
//IDT.TraceDebug("ICARDTOKPROV: Non Issued SecurityToken requirement submitted to InfoCardClientCredentialsSecurityTokenManager:\n{0}", tokenRequirement);
//IDT.TraceDebug("ICARDTOKPROV: Defering to the base class to create the token provider");
}
else
{
ChannelParameterCollection channelParameter;
InfoCardChannelParameter infocardChannelParameter = null;
if (tokenRequirement.TryGetProperty <ChannelParameterCollection>(ServiceModelSecurityTokenRequirement.ChannelParametersCollectionProperty, out channelParameter))
{
foreach (object obj in channelParameter)
{
if (obj is InfoCardChannelParameter)
{
infocardChannelParameter = (InfoCardChannelParameter)obj;
break;
}
}
}
if (null == infocardChannelParameter || !infocardChannelParameter.RequiresInfoCard)
{
return(false);
}
EndpointAddress target = tokenRequirement.GetProperty <EndpointAddress>(ServiceModelSecurityTokenRequirement.TargetAddressProperty);
IssuedSecurityTokenParameters issuedTokenParameters = tokenRequirement.GetProperty <IssuedSecurityTokenParameters>(ServiceModelSecurityTokenRequirement.IssuedSecurityTokenParametersProperty);
Uri privacyNoticeLink;
if (!tokenRequirement.TryGetProperty <Uri>(ServiceModelSecurityTokenRequirement.PrivacyNoticeUriProperty, out privacyNoticeLink))
{
privacyNoticeLink = null;
}
int privacyNoticeVersion;
if (!tokenRequirement.TryGetProperty <int>(ServiceModelSecurityTokenRequirement.PrivacyNoticeVersionProperty, out privacyNoticeVersion))
{
privacyNoticeVersion = 0;
}
//
// This analysis of this chain indicates that interactive support will be required
// The InternalClientCredentials class handles that.
//
provider = CreateTokenProviderForNextLeg(tokenRequirement, target, issuedTokenParameters.IssuerAddress, infocardChannelParameter.RelyingPartyIssuer, clientCredentialsTokenManager, infocardChannelParameter);
}
return(provider != null);
}
static SecurityTokenProvider CreateTokenProviderForNextLeg(SecurityTokenRequirement tokenRequirement, EndpointAddress target, EndpointAddress issuerAddress, Uri relyingPartyIssuer, ClientCredentialsSecurityTokenManager clientCredentialsTokenManager, InfoCardChannelParameter infocardChannelParameter)
{
if (((null == relyingPartyIssuer && null == issuerAddress) || issuerAddress.Uri == relyingPartyIssuer))
{
return(new InternalInfoCardTokenProvider(infocardChannelParameter));
}
else
{
// create a federation token provider and add an internal client credentials shim that contains the chain
IssuedSecurityTokenProvider federationTokenProvider = (IssuedSecurityTokenProvider)clientCredentialsTokenManager.CreateSecurityTokenProvider(tokenRequirement, true);
federationTokenProvider.IssuerChannelBehaviors.Remove <SecurityCredentialsManager>();
federationTokenProvider.IssuerChannelBehaviors.Add(new InternalClientCredentials(clientCredentialsTokenManager.ClientCredentials, target, relyingPartyIssuer, infocardChannelParameter));
return(federationTokenProvider);
}
}
private static SecurityTokenProvider CreateTokenProviderForNextLeg(SecurityTokenRequirement tokenRequirement, EndpointAddress target, EndpointAddress issuerAddress, Uri relyingPartyIssuer, ClientCredentialsSecurityTokenManager clientCredentialsTokenManager, InfoCardChannelParameter infocardChannelParameter)
{
if (((null == relyingPartyIssuer) && (null == issuerAddress)) || (issuerAddress.Uri == relyingPartyIssuer))
{
return(new InternalInfoCardTokenProvider(infocardChannelParameter));
}
IssuedSecurityTokenProvider provider = (IssuedSecurityTokenProvider)clientCredentialsTokenManager.CreateSecurityTokenProvider(tokenRequirement, true);
provider.IssuerChannelBehaviors.Remove <SecurityCredentialsManager>();
provider.IssuerChannelBehaviors.Add(new InternalClientCredentials(clientCredentialsTokenManager.ClientCredentials, target, relyingPartyIssuer, infocardChannelParameter));
return(provider);
}