1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
|
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System;
using System.ServiceModel.Channels;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.Diagnostics;
using System.Runtime.Serialization;
using System.IdentityModel.Claims;
using System.IdentityModel.Policy;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Security.Principal;
using System.Security.Cryptography;
using System.ServiceModel.Security.Tokens;
using System.Xml;
abstract class TrustDriver
{
// issued tokens control
public virtual bool IsIssuedTokensSupported
{
get
{
return false;
}
}
// issued tokens feature
public virtual string IssuedTokensHeaderName
{
get
{
// PreSharp Bug: Property get methods should not throw exceptions.
#pragma warning suppress 56503
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TrustDriverVersionDoesNotSupportIssuedTokens)));
}
}
// issued tokens feature
public virtual string IssuedTokensHeaderNamespace
{
get
{
// PreSharp Bug: Property get methods should not throw exceptions.
#pragma warning suppress 56503
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TrustDriverVersionDoesNotSupportIssuedTokens)));
}
}
// session control
public virtual bool IsSessionSupported
{
get
{
return false;
}
}
public abstract XmlDictionaryString RequestSecurityTokenAction { get; }
public abstract XmlDictionaryString RequestSecurityTokenResponseAction { get; }
public abstract XmlDictionaryString RequestSecurityTokenResponseFinalAction { get; }
// session feature
public virtual string RequestTypeClose
{
get
{
// PreSharp Bug: Property get methods should not throw exceptions.
#pragma warning suppress 56503
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TrustDriverVersionDoesNotSupportSession)));
}
}
public abstract string RequestTypeIssue { get; }
// session feature
public virtual string RequestTypeRenew
{
get
{
// PreSharp Bug: Property get methods should not throw exceptions.
#pragma warning suppress 56503
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TrustDriverVersionDoesNotSupportSession)));
}
}
public abstract string ComputedKeyAlgorithm { get; }
public abstract SecurityStandardsManager StandardsManager { get; }
public abstract XmlDictionaryString Namespace { get; }
// RST specific method
public abstract RequestSecurityToken CreateRequestSecurityToken(XmlReader reader);
// RSTR specific method
public abstract RequestSecurityTokenResponse CreateRequestSecurityTokenResponse(XmlReader reader);
// RSTRC specific method
public abstract RequestSecurityTokenResponseCollection CreateRequestSecurityTokenResponseCollection(XmlReader xmlReader);
public abstract bool IsAtRequestSecurityTokenResponse(XmlReader reader);
public abstract bool IsAtRequestSecurityTokenResponseCollection(XmlReader reader);
public abstract bool IsRequestedSecurityTokenElement(string name, string nameSpace);
public abstract bool IsRequestedProofTokenElement(string name, string nameSpace);
public abstract T GetAppliesTo<T>(RequestSecurityToken rst, XmlObjectSerializer serializer);
public abstract T GetAppliesTo<T>(RequestSecurityTokenResponse rstr, XmlObjectSerializer serializer);
public abstract void GetAppliesToQName(RequestSecurityToken rst, out string localName, out string namespaceUri);
public abstract void GetAppliesToQName(RequestSecurityTokenResponse rstr, out string localName, out string namespaceUri);
public abstract bool IsAppliesTo(string localName, string namespaceUri);
// RSTR specific method
public abstract byte[] GetAuthenticator(RequestSecurityTokenResponse rstr);
// RST specific method
public abstract BinaryNegotiation GetBinaryNegotiation(RequestSecurityToken rst);
// RSTR specific method
public abstract BinaryNegotiation GetBinaryNegotiation(RequestSecurityTokenResponse rstr);
// RST specific method
public abstract SecurityToken GetEntropy(RequestSecurityToken rst, SecurityTokenResolver resolver);
// RSTR specific method
public abstract SecurityToken GetEntropy(RequestSecurityTokenResponse rstr, SecurityTokenResolver resolver);
// RSTR specific method
public abstract GenericXmlSecurityToken GetIssuedToken(RequestSecurityTokenResponse rstr, SecurityTokenResolver resolver, IList<SecurityTokenAuthenticator> allowedAuthenticators, SecurityKeyEntropyMode keyEntropyMode, byte[] requestorEntropy,
string expectedTokenType, ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies, int defaultKeySize, bool isBearerKeyType);
public abstract GenericXmlSecurityToken GetIssuedToken(RequestSecurityTokenResponse rstr, string expectedTokenType, ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies, RSA clientKey);
public abstract void OnRSTRorRSTRCMissingException();
// RST specific method
public abstract void WriteRequestSecurityToken(RequestSecurityToken rst, XmlWriter w);
// RSTR specific method
public abstract void WriteRequestSecurityTokenResponse(RequestSecurityTokenResponse rstr, XmlWriter w);
// RSTR Collection method
public abstract void WriteRequestSecurityTokenResponseCollection(RequestSecurityTokenResponseCollection rstrCollection, XmlWriter writer);
// Federation proxy creation
public abstract IChannelFactory<IRequestChannel> CreateFederationProxy(EndpointAddress address, Binding binding, KeyedByTypeCollection<IEndpointBehavior> channelBehaviors);
public abstract XmlElement CreateKeySizeElement(int keySize);
public abstract XmlElement CreateKeyTypeElement(SecurityKeyType keyType);
public abstract XmlElement CreateTokenTypeElement(string tokenTypeUri);
public abstract XmlElement CreateRequiredClaimsElement(IEnumerable<XmlElement> claimsList);
public abstract XmlElement CreateUseKeyElement(SecurityKeyIdentifier keyIdentifier, SecurityStandardsManager standardsManager);
public abstract XmlElement CreateSignWithElement(string signatureAlgorithm);
public abstract XmlElement CreateEncryptWithElement(string encryptionAlgorithm);
public abstract XmlElement CreateEncryptionAlgorithmElement(string encryptionAlgorithm);
public abstract XmlElement CreateCanonicalizationAlgorithmElement(string canonicalicationAlgorithm);
public abstract XmlElement CreateComputedKeyAlgorithmElement(string computedKeyAlgorithm);
public abstract Collection<XmlElement> ProcessUnknownRequestParameters(Collection<XmlElement> unknownRequestParameters, Collection<XmlElement> originalRequestParameters);
public abstract bool TryParseKeySizeElement(XmlElement element, out int keySize);
public abstract bool TryParseKeyTypeElement(XmlElement element, out SecurityKeyType keyType);
public abstract bool TryParseTokenTypeElement(XmlElement element, out string tokenType);
public abstract bool TryParseRequiredClaimsElement(XmlElement element, out Collection<XmlElement> requiredClaims);
// helper methods for the parsing standard binding elements
internal virtual bool IsSignWithElement(XmlElement element, out string signatureAlgorithm) { signatureAlgorithm = null; return false; }
internal virtual bool IsEncryptWithElement(XmlElement element, out string encryptWithAlgorithm) { encryptWithAlgorithm = null; return false; }
internal virtual bool IsEncryptionAlgorithmElement(XmlElement element, out string encryptionAlgorithm) { encryptionAlgorithm = null; return false; }
internal virtual bool IsCanonicalizationAlgorithmElement(XmlElement element, out string canonicalizationAlgorithm) { canonicalizationAlgorithm = null; return false; }
internal virtual bool IsKeyWrapAlgorithmElement(XmlElement element, out string keyWrapAlgorithm) { keyWrapAlgorithm = null; return false; }
}
}
|
