1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.IdentityModel.Policy;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Security.Claims;
namespace System.ServiceModel.Security
{
internal class SecurityTokenAuthenticatorAdapter : SecurityTokenAuthenticator
{
SecurityTokenHandler _securityTokenHandler;
ExceptionMapper _exceptionMapper;
public SecurityTokenAuthenticatorAdapter(SecurityTokenHandler securityTokenHandler, ExceptionMapper exceptionMapper)
{
if (securityTokenHandler == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("securityTokenHandler");
}
if (exceptionMapper == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("exceptionMapper");
}
_securityTokenHandler = securityTokenHandler;
_exceptionMapper = exceptionMapper;
}
protected override bool CanValidateTokenCore(SecurityToken token)
{
if (token == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token");
}
return ((token.GetType() == _securityTokenHandler.TokenType) && (_securityTokenHandler.CanValidateToken));
}
protected sealed override ReadOnlyCollection<IAuthorizationPolicy> ValidateTokenCore(SecurityToken token)
{
IEnumerable<ClaimsIdentity> subjectCollection = null;
try
{
subjectCollection = _securityTokenHandler.ValidateToken(token);
}
catch (Exception ex)
{
if (!_exceptionMapper.HandleSecurityTokenProcessingException(ex))
{
throw;
}
}
List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>(1);
policies.Add(new AuthorizationPolicy(subjectCollection));
return policies.AsReadOnly();
}
}
}
|
