Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / Security / TlsnegoTokenProvider.cs / 1 / TlsnegoTokenProvider.cs
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System;
using System.ServiceModel;
using System.Collections;
using System.Xml;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.IdentityModel.Claims;
using System.IdentityModel.Policy;
using System.IdentityModel.Tokens;
using System.IdentityModel.Selectors;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel.Security.Tokens;
using System.Runtime.InteropServices;
using System.Runtime.Serialization;
using SchProtocols = System.IdentityModel.SchProtocols;
class TlsnegoTokenProvider : SspiNegotiationTokenProvider
{
SecurityTokenAuthenticator serverTokenAuthenticator;
SecurityTokenProvider clientTokenProvider;
public TlsnegoTokenProvider()
: base()
{
// empty
}
public SecurityTokenAuthenticator ServerTokenAuthenticator
{
get
{
return this.serverTokenAuthenticator;
}
set
{
this.CommunicationObject.ThrowIfDisposedOrImmutable();
this.serverTokenAuthenticator = value;
}
}
public SecurityTokenProvider ClientTokenProvider
{
get
{
return this.clientTokenProvider;
}
set
{
this.CommunicationObject.ThrowIfDisposedOrImmutable();
this.clientTokenProvider = value;
}
}
// helpers
static X509SecurityToken ValidateToken(SecurityToken token)
{
X509SecurityToken result = token as X509SecurityToken;
if (result == null && token != null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TokenProviderReturnedBadToken, token.GetType().ToString())));
}
return result;
}
SspiNegotiationTokenProviderState CreateTlsSspiState(X509SecurityToken token)
{
X509Certificate2 clientCertificate;
if (token == null)
{
clientCertificate = null;
}
else
{
clientCertificate = token.Certificate;
}
TlsSspiNegotiation tlsNegotiation = new TlsSspiNegotiation(String.Empty, SchProtocols.Ssl3Client | SchProtocols.TlsClient, clientCertificate);
return new SspiNegotiationTokenProviderState(tlsNegotiation);
}
// overrides
public override XmlDictionaryString NegotiationValueType
{
get
{
if (this.StandardsManager.MessageSecurityVersion.TrustVersion == TrustVersion.WSTrustFeb2005)
{
return XD.TrustApr2004Dictionary.TlsnegoValueTypeUri;
}
else if (this.StandardsManager.MessageSecurityVersion.TrustVersion == TrustVersion.WSTrust13)
{
return DXD.TrustDec2005Dictionary.TlsnegoValueTypeUri;
}
// Not supported
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException());
}
}
protected override bool CreateNegotiationStateCompletesSynchronously(EndpointAddress target, Uri via)
{
if (this.ClientTokenProvider == null)
{
return true;
}
else
{
return false;
}
}
protected override IAsyncResult BeginCreateNegotiationState(EndpointAddress target, Uri via, TimeSpan timeout, AsyncCallback callback, object state)
{
EnsureEndpointAddressDoesNotRequireEncryption(target);
if (this.ClientTokenProvider == null)
{
return new TypedCompletedAsyncResult(CreateTlsSspiState(null),
callback, state);
}
else
{
return new CreateSspiStateAsyncResult(target, via, this, timeout, callback, state);
}
}
protected override SspiNegotiationTokenProviderState EndCreateNegotiationState(IAsyncResult result)
{
if (result is TypedCompletedAsyncResult)
{
return TypedCompletedAsyncResult.End(result);
}
else
{
return CreateSspiStateAsyncResult.End(result);
}
}
protected override SspiNegotiationTokenProviderState CreateNegotiationState(EndpointAddress target, Uri via, TimeSpan timeout)
{
EnsureEndpointAddressDoesNotRequireEncryption(target);
X509SecurityToken clientToken;
if (this.ClientTokenProvider == null)
{
clientToken = null;
}
else
{
SecurityToken token = this.ClientTokenProvider.GetToken(timeout);
clientToken = ValidateToken(token);
}
return CreateTlsSspiState(clientToken);
}
protected override ReadOnlyCollection ValidateSspiNegotiation(ISspiNegotiation sspiNegotiation)
{
TlsSspiNegotiation tlsNegotiation = (TlsSspiNegotiation)sspiNegotiation;
if (tlsNegotiation.IsValidContext == false)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(SR.GetString(SR.InvalidSspiNegotiation)));
}
X509Certificate2 serverCert = tlsNegotiation.RemoteCertificate;
if (serverCert == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityNegotiationException(SR.GetString(SR.ServerCertificateNotProvided)));
}
ReadOnlyCollection authzPolicies;
if (this.ServerTokenAuthenticator != null)
{
X509SecurityToken certToken = new X509SecurityToken(serverCert, false);
authzPolicies = this.ServerTokenAuthenticator.ValidateToken(certToken);
}
else
{
authzPolicies = EmptyReadOnlyCollection.Instance;
}
return authzPolicies;
}
public override void OnOpen(TimeSpan timeout)
{
TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
if (this.ClientTokenProvider != null)
{
SecurityUtils.OpenTokenProviderIfRequired(this.ClientTokenProvider, timeoutHelper.RemainingTime());
}
if (this.ServerTokenAuthenticator != null)
{
SecurityUtils.OpenTokenAuthenticatorIfRequired(this.ServerTokenAuthenticator, timeoutHelper.RemainingTime());
}
base.OnOpen(timeoutHelper.RemainingTime());
}
public override void OnClose(TimeSpan timeout)
{
TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
if (this.clientTokenProvider != null)
{
SecurityUtils.CloseTokenProviderIfRequired(this.ClientTokenProvider, timeoutHelper.RemainingTime());
this.clientTokenProvider = null;
}
if (this.serverTokenAuthenticator != null)
{
SecurityUtils.CloseTokenAuthenticatorIfRequired(this.ServerTokenAuthenticator, timeoutHelper.RemainingTime());
this.serverTokenAuthenticator = null;
}
base.OnClose(timeoutHelper.RemainingTime());
}
public override void OnAbort()
{
if (this.clientTokenProvider != null)
{
SecurityUtils.AbortTokenProviderIfRequired(this.ClientTokenProvider);
this.clientTokenProvider = null;
}
if (this.serverTokenAuthenticator != null)
{
SecurityUtils.AbortTokenAuthenticatorIfRequired(this.ServerTokenAuthenticator);
this.serverTokenAuthenticator = null;
}
base.OnAbort();
}
class CreateSspiStateAsyncResult : AsyncResult
{
static readonly AsyncCallback getTokensCallback = DiagnosticUtility.ThunkAsyncCallback(new AsyncCallback(GetTokensCallback));
TlsnegoTokenProvider tlsTokenProvider;
SspiNegotiationTokenProviderState sspiState;
public CreateSspiStateAsyncResult(EndpointAddress target, Uri via, TlsnegoTokenProvider tlsTokenProvider, TimeSpan timeout, AsyncCallback callback, object state)
: base(callback, state)
{
this.tlsTokenProvider = tlsTokenProvider;
IAsyncResult result = this.tlsTokenProvider.ClientTokenProvider.BeginGetToken(timeout, getTokensCallback, this);
if (!result.CompletedSynchronously)
{
return;
}
SecurityToken token = this.tlsTokenProvider.ClientTokenProvider.EndGetToken(result);
X509SecurityToken clientToken = ValidateToken(token);
this.sspiState = this.tlsTokenProvider.CreateTlsSspiState(clientToken);
base.Complete(true);
}
static void GetTokensCallback(IAsyncResult result)
{
if (result.CompletedSynchronously)
{
return;
}
CreateSspiStateAsyncResult typedResult = (CreateSspiStateAsyncResult)result.AsyncState;
try
{
SecurityToken token = typedResult.tlsTokenProvider.ClientTokenProvider.EndGetToken(result);
X509SecurityToken clientToken = TlsnegoTokenProvider.ValidateToken(token);
typedResult.sspiState = typedResult.tlsTokenProvider.CreateTlsSspiState(clientToken);
typedResult.Complete(false);
}
catch (Exception e)
{
if (DiagnosticUtility.IsFatal(e)) throw;
typedResult.Complete(false, e);
}
}
public static SspiNegotiationTokenProviderState End(IAsyncResult result)
{
CreateSspiStateAsyncResult asyncResult = AsyncResult.End(result);
return asyncResult.sspiState;
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DebugHandleTracker.cs
- NegotiateStream.cs
- CommandBindingCollection.cs
- ReadWriteSpinLock.cs
- UnmanagedMarshal.cs
- ModulesEntry.cs
- GlyphCollection.cs
- EncoderNLS.cs
- DashStyle.cs
- WebPartZone.cs
- ColumnClickEvent.cs
- TransactionInformation.cs
- Ray3DHitTestResult.cs
- ShortcutKeysEditor.cs
- DetailsViewPagerRow.cs
- EntityDataSourceChangedEventArgs.cs
- EditorPart.cs
- FillBehavior.cs
- FixedBufferAttribute.cs
- DataGridCell.cs
- SecurityUtils.cs
- SecurityUtils.cs
- PathFigureCollection.cs
- WebPartZoneCollection.cs
- PointCollectionValueSerializer.cs
- AutomationProperties.cs
- SamlAuthenticationStatement.cs
- ArgumentNullException.cs
- XmlProcessingInstruction.cs
- DetailsViewInsertedEventArgs.cs
- HttpCapabilitiesEvaluator.cs
- Clock.cs
- XmlSchemaValidator.cs
- InputLangChangeEvent.cs
- ManagedWndProcTracker.cs
- Debug.cs
- ValidatedControlConverter.cs
- DataGridGeneralPage.cs
- DataGridRowHeader.cs
- SymbolResolver.cs
- RuleSettings.cs
- ClientBuildManagerTypeDescriptionProviderBridge.cs
- HtmlWindow.cs
- WebPartTracker.cs
- SQLGuidStorage.cs
- DocumentReferenceCollection.cs
- StringReader.cs
- XmlSchemaObject.cs
- FlagsAttribute.cs
- XPathBuilder.cs
- ProfessionalColorTable.cs
- ProfileProvider.cs
- safesecurityhelperavalon.cs
- DragDeltaEventArgs.cs
- PropertySet.cs
- UriWriter.cs
- _ConnectOverlappedAsyncResult.cs
- DataGrid.cs
- LabelAutomationPeer.cs
- SecurityTokenValidationException.cs
- PeerNearMe.cs
- Root.cs
- CollectionViewProxy.cs
- ThemeInfoAttribute.cs
- ManagedWndProcTracker.cs
- DataGridViewElement.cs
- PriorityQueue.cs
- SHA1.cs
- SecurityTokenAuthenticator.cs
- RightsManagementEncryptedStream.cs
- MemoryFailPoint.cs
- TemplateBindingExtension.cs
- LocalizedNameDescriptionPair.cs
- BinarySerializer.cs
- QilUnary.cs
- CFStream.cs
- ImmutableAssemblyCacheEntry.cs
- HostExecutionContextManager.cs
- ConfigurationStrings.cs
- UIElementPropertyUndoUnit.cs
- TreeNodeStyle.cs
- DesignerRegionMouseEventArgs.cs
- Pts.cs
- EmbeddedMailObject.cs
- Sequence.cs
- ProcessHostServerConfig.cs
- Helper.cs
- ImageFormatConverter.cs
- PathSegment.cs
- XmlChoiceIdentifierAttribute.cs
- ConnectionManagementElement.cs
- PolicyDesigner.cs
- MenuItemStyleCollectionEditor.cs
- AmbientProperties.cs
- SEHException.cs
- ComponentRenameEvent.cs
- parserscommon.cs
- SystemFonts.cs
- PrincipalPermission.cs
- WindowVisualStateTracker.cs