1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
|
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IdentityModel;
using System.IdentityModel.Policy;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Security.Claims;
using System.ServiceModel;
using System.ServiceModel.Security;
using System.ServiceModel.Security.Tokens;
using System.Xml;
namespace System.IdentityModel.Tokens
{
/// <summary>
/// This class derives from System.IdentityModel.Selectors.SecurityTokenSerializer and wraps a collection of SecurityTokenHandlers.
/// Any call to this serilaizer is delegated to the token handler and delegated to the base class if no token handler
/// is registered to handle this particular token or KeyIdentifier.
/// </summary>
class SecurityTokenSerializerAdapter : SecurityTokenSerializer
{
SecurityTokenHandlerCollection _securityTokenHandlers;
/// <summary>
/// Initializes an instance of <see cref="SecurityTokenSerializerAdapter"/>
/// </summary>
/// <param name="securityTokenHandlerCollection">
/// The <see cref="SecurityTokenHandlerCollection" /> containing the set of <see cref="SecurityTokenHandler" />
/// </param>
public SecurityTokenSerializerAdapter(SecurityTokenHandlerCollection securityTokenHandlerCollection)
{
if (securityTokenHandlerCollection == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenHandlerCollection");
}
_securityTokenHandlers = securityTokenHandlerCollection;
KeyInfoSerializer serializer = securityTokenHandlerCollection.KeyInfoSerializer as KeyInfoSerializer;
if (serializer != null)
{
serializer.InnerSecurityTokenSerializer = this;
}
}
/// <summary>
/// Gets the SecurityTokenHandlerCollection.
/// </summary>
public SecurityTokenHandlerCollection SecurityTokenHandlers
{
get
{
return _securityTokenHandlers;
}
}
/// <summary>
/// Checks if one of the wrapped SecurityTokenHandlers or the base WSSecurityTokenSerializer
/// can read the security token.
/// </summary>
/// <param name="reader">Reader to a Security token.</param>
/// <returns>'True' if the serializer can read the given Security Token.</returns>
protected override bool CanReadTokenCore(XmlReader reader)
{
return _securityTokenHandlers.CanReadToken(reader);
}
/// <summary>
/// Checks if one of the wrapped SecurityTokenHandlers or the base WSSecurityTokenSerializer
/// can write the given security token.
/// </summary>
/// <param name="token">SecurityToken instance.</param>
/// <returns>'True' if the serializer can write the given security token.</returns>
protected override bool CanWriteTokenCore(SecurityToken token)
{
return _securityTokenHandlers.CanWriteToken(token);
}
/// <summary>
/// Deserializes the SecurityToken from the given XmlReader.
/// </summary>
/// <param name="reader">Reader to a Security token.</param>
/// <param name="tokenResolver">Instance of SecurityTokenResolver.</param>
/// <returns>'True' if the serializer can read the given Security Token.</returns>
protected override SecurityToken ReadTokenCore(XmlReader reader, SecurityTokenResolver tokenResolver)
{
return _securityTokenHandlers.ReadToken(reader);
}
/// <summary>
/// Serializes the SecurityToken to the XmlWriter.
/// </summary>
/// <param name="writer">XmlWriter to write to.</param>
/// <param name="token">The SecurityToken to serializer.</param>
/// <exception cref="ArgumentNullException">The input parameter 'writer' or 'token' is null.</exception>
protected override void WriteTokenCore(XmlWriter writer, SecurityToken token)
{
_securityTokenHandlers.WriteToken(writer, token);
}
/// <summary>
/// Checks if one of the wrapped SecurityTokenHandlers or the base WSSecurityTokenSerializer
/// can read the security key identifier.
/// </summary>
/// <param name="reader">Reader pointing at a Security Key Identifier {ds:Keyinfo}.</param>
/// <returns>'True' if the serializer can read the given Security Key Identifier.</returns>
/// <exception cref="ArgumentNullException">The <paramref name="reader"/> is null.</exception>
protected override bool CanReadKeyIdentifierCore(XmlReader reader)
{
return (reader.IsStartElement(XmlSignatureConstants.Elements.KeyInfo, XmlSignatureConstants.Namespace));
}
/// <summary>
/// Reads an SecurityKeyIdentifier from a XML stream.
/// </summary>
/// <param name="reader">An XML reader positioned at an SecurityKeyIdentifier (ds: KeyInfo) as defined in 'http://www.w3.org/TR/xmldsig-core'.</param>
/// <returns>SecurityKeyIdentifier.</returns>
/// <exception cref="ArgumentNullException">The <paramref name="reader"/> is null.</exception>
/// <exception cref="InvalidOperationException">If the <paramref name="reader"/> is not positioned at KeyInfo element.</exception>
protected override SecurityKeyIdentifier ReadKeyIdentifierCore(XmlReader reader)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
}
if (reader.IsStartElement(XmlSignatureConstants.Elements.KeyInfo, XmlSignatureConstants.Namespace))
{
KeyInfo keyInfo = new KeyInfo(this);
keyInfo.ReadXml(XmlDictionaryReader.CreateDictionaryReader(reader));
return keyInfo.KeyIdentifier;
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperXml(reader, SR.GetString(SR.ID4192));
}
}
protected override bool CanWriteKeyIdentifierCore(SecurityKeyIdentifier keyIdentifier)
{
return _securityTokenHandlers.KeyInfoSerializer == null ? false : _securityTokenHandlers.KeyInfoSerializer.CanWriteKeyIdentifier(keyIdentifier);
}
protected override void WriteKeyIdentifierCore(XmlWriter writer, SecurityKeyIdentifier keyIdentifier)
{
_securityTokenHandlers.KeyInfoSerializer.WriteKeyIdentifier(writer, keyIdentifier);
}
/// <summary>
/// Checks if the wrapped SecurityTokenHandler can read the
/// SecurityKeyIdentifierClause.
/// </summary>
/// <param name="reader">Reader to a SecurityKeyIdentifierClause.</param>
/// <returns>'True' if the SecurityKeyIdentifierCause can be read.</returns>
/// <exception cref="ArgumentNullException">The input parameter 'reader' is null.</exception>
protected override bool CanReadKeyIdentifierClauseCore(XmlReader reader)
{
foreach (SecurityTokenHandler securityTokenHandler in _securityTokenHandlers)
{
if (securityTokenHandler.CanReadKeyIdentifierClause(reader))
{
return true;
}
}
return (_securityTokenHandlers.KeyInfoSerializer == null) ? false : _securityTokenHandlers.KeyInfoSerializer.CanReadKeyIdentifierClause(reader);
}
/// <summary>
/// Checks if the wrapped SecurityTokenHandler or the base WSSecurityTokenSerializer can write the
/// given SecurityKeyIdentifierClause.
/// </summary>
/// <param name="keyIdentifierClause">SecurityKeyIdentifierClause to be checked.</param>
/// <returns>'True' if the SecurityTokenKeyIdentifierClause can be written.</returns>
/// <exception cref="ArgumentNullException">The input parameter 'keyIdentifierClause' is null.</exception>
protected override bool CanWriteKeyIdentifierClauseCore(SecurityKeyIdentifierClause keyIdentifierClause)
{
foreach (SecurityTokenHandler securityTokenHandler in _securityTokenHandlers)
{
if (securityTokenHandler.CanWriteKeyIdentifierClause(keyIdentifierClause))
{
return true;
}
}
return (_securityTokenHandlers.KeyInfoSerializer == null) ? false : _securityTokenHandlers.KeyInfoSerializer.CanWriteKeyIdentifierClause(keyIdentifierClause);
}
/// <summary>
/// Deserializes a SecurityKeyIdentifierClause from the given reader.
/// </summary>
/// <param name="reader">XmlReader to a SecurityKeyIdentifierClause.</param>
/// <returns>The deserialized SecurityKeyIdentifierClause.</returns>
protected override SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore(XmlReader reader)
{
return _securityTokenHandlers.ReadKeyIdentifierClause(reader);
}
/// <summary>
/// Serializes the given SecurityKeyIdentifierClause in a XmlWriter.
/// </summary>
/// <param name="writer">XmlWriter to write into.</param>
/// <param name="keyIdentifierClause">SecurityKeyIdentifierClause to be written.</param>
protected override void WriteKeyIdentifierClauseCore(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause)
{
_securityTokenHandlers.WriteKeyIdentifierClause(writer, keyIdentifierClause);
}
}
}
|
