1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
|
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.Collections;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.Diagnostics;
using System.Globalization;
using System.IO;
using System.Text;
using System.Threading;
using System.Xml;
using System.IdentityModel.Claims;
using System.IdentityModel.Policy;
using System.IdentityModel.Tokens;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel.Security.Tokens;
using HexBinary = System.Runtime.Remoting.Metadata.W3cXsd2001.SoapHexBinary;
using System.ServiceModel.Channels;
using System.ServiceModel.Security;
using System.Runtime.Serialization;
using System.ServiceModel.Dispatcher;
using KeyIdentifierEntry = WSSecurityTokenSerializer.KeyIdentifierEntry;
using KeyIdentifierClauseEntry = WSSecurityTokenSerializer.KeyIdentifierClauseEntry;
using TokenEntry = WSSecurityTokenSerializer.TokenEntry;
using StrEntry = WSSecurityTokenSerializer.StrEntry;
class WSTrustDec2005 : WSTrustFeb2005
{
public WSTrustDec2005(WSSecurityTokenSerializer tokenSerializer)
: base(tokenSerializer)
{
}
public override TrustDictionary SerializerDictionary
{
get { return DXD.TrustDec2005Dictionary; }
}
public class DriverDec2005 : WSTrustFeb2005.DriverFeb2005
{
public DriverDec2005(SecurityStandardsManager standardsManager)
: base(standardsManager)
{
}
public override TrustDictionary DriverDictionary
{
get
{
return DXD.TrustDec2005Dictionary;
}
}
public override XmlDictionaryString RequestSecurityTokenResponseFinalAction
{
get
{
return DXD.TrustDec2005Dictionary.RequestSecurityTokenCollectionIssuanceFinalResponse;
}
}
public override XmlElement CreateKeyTypeElement(SecurityKeyType keyType)
{
if (keyType == SecurityKeyType.BearerKey)
{
XmlDocument doc = new XmlDocument();
XmlElement result = doc.CreateElement(this.DriverDictionary.Prefix.Value, this.DriverDictionary.KeyType.Value,
this.DriverDictionary.Namespace.Value);
result.AppendChild(doc.CreateTextNode(DXD.TrustDec2005Dictionary.BearerKeyType.Value));
return result;
}
return base.CreateKeyTypeElement(keyType);
}
public override bool TryParseKeyTypeElement(XmlElement element, out SecurityKeyType keyType)
{
if (element == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("element");
if (element.LocalName == this.DriverDictionary.KeyType.Value
&& element.NamespaceURI == this.DriverDictionary.Namespace.Value
&& element.InnerText == DXD.TrustDec2005Dictionary.BearerKeyType.Value)
{
keyType = SecurityKeyType.BearerKey;
return true;
}
return base.TryParseKeyTypeElement(element, out keyType);
}
public override XmlElement CreateRequiredClaimsElement(IEnumerable<XmlElement> claimsList)
{
XmlElement result = base.CreateRequiredClaimsElement(claimsList);
XmlAttribute dialectAttribute = result.OwnerDocument.CreateAttribute(DXD.TrustDec2005Dictionary.Dialect.Value);
dialectAttribute.Value = DXD.TrustDec2005Dictionary.DialectType.Value;
result.Attributes.Append(dialectAttribute);
return result;
}
public override IChannelFactory<IRequestChannel> CreateFederationProxy(EndpointAddress address, Binding binding, KeyedByTypeCollection<IEndpointBehavior> channelBehaviors)
{
if (channelBehaviors == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("channelBehaviors");
ChannelFactory<IWsTrustDec2005SecurityTokenService> result = new ChannelFactory<IWsTrustDec2005SecurityTokenService>(binding, address);
SetProtectionLevelForFederation(result.Endpoint.Contract.Operations);
// remove the default client credentials that gets added to channel factories
result.Endpoint.Behaviors.Remove<ClientCredentials>();
for (int i = 0; i < channelBehaviors.Count; ++i)
{
result.Endpoint.Behaviors.Add(channelBehaviors[i]);
}
// add a behavior that removes the UI channel initializer added by the client credentials since there should be no UI
// initializer popped up as part of obtaining the federation token (the UI should already have been popped up for the main channel)
result.Endpoint.Behaviors.Add(new WSTrustFeb2005.DriverFeb2005.InteractiveInitializersRemovingBehavior());
return new WSTrustFeb2005.DriverFeb2005.RequestChannelFactory<IWsTrustDec2005SecurityTokenService>(result);
}
public override Collection<XmlElement> ProcessUnknownRequestParameters(Collection<XmlElement> unknownRequestParameters, Collection<XmlElement> originalRequestParameters)
{
// For WS-Trust 1.3 we want everything in the requestSecurityTokenTemplate parameters to endup as Addtional parameters.
// The parameters will appear as a child element under a XmlElement named secondaryParameters.
if (originalRequestParameters == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("originalRequestParameters");
if (originalRequestParameters.Count > 0 && originalRequestParameters[0] != null && originalRequestParameters[0].OwnerDocument != null)
{
XmlElement secondaryParamElement = originalRequestParameters[0].OwnerDocument.CreateElement(DXD.TrustDec2005Dictionary.Prefix.Value, DXD.TrustDec2005Dictionary.SecondaryParameters.Value, DXD.TrustDec2005Dictionary.Namespace.Value);
for (int i = 0; i < originalRequestParameters.Count; ++i)
{
secondaryParamElement.AppendChild(originalRequestParameters[i]);
}
Collection<XmlElement> tempCollection = new Collection<XmlElement>();
tempCollection.Add(secondaryParamElement);
return tempCollection;
}
return originalRequestParameters;
}
internal virtual bool IsSecondaryParametersElement(XmlElement element)
{
return ((element.LocalName == DXD.TrustDec2005Dictionary.SecondaryParameters.Value) &&
(element.NamespaceURI == DXD.TrustDec2005Dictionary.Namespace.Value));
}
public virtual XmlElement CreateKeyWrapAlgorithmElement(string keyWrapAlgorithm)
{
if (keyWrapAlgorithm == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyWrapAlgorithm");
}
XmlDocument doc = new XmlDocument();
XmlElement result = doc.CreateElement(DXD.TrustDec2005Dictionary.Prefix.Value, DXD.TrustDec2005Dictionary.KeyWrapAlgorithm.Value,
DXD.TrustDec2005Dictionary.Namespace.Value);
result.AppendChild(doc.CreateTextNode(keyWrapAlgorithm));
return result;
}
internal override bool IsKeyWrapAlgorithmElement(XmlElement element, out string keyWrapAlgorithm)
{
return CheckElement(element, DXD.TrustDec2005Dictionary.KeyWrapAlgorithm.Value, DXD.TrustDec2005Dictionary.Namespace.Value, out keyWrapAlgorithm);
}
[ServiceContract]
internal interface IWsTrustDec2005SecurityTokenService
{
[OperationContract(IsOneWay = false,
Action = TrustDec2005Strings.RequestSecurityTokenIssuance,
ReplyAction = TrustDec2005Strings.RequestSecurityTokenCollectionIssuanceFinalResponse)]
[FaultContract(typeof(string), Action = "*", ProtectionLevel = System.Net.Security.ProtectionLevel.Sign)]
Message RequestToken(Message message);
}
}
}
}
|
