Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / SamlAuthorizationDecisionStatement.cs / 1305376 / SamlAuthorizationDecisionStatement.cs
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.IdentityModel.Tokens
{
using System.Collections;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.Globalization;
using System.IdentityModel;
using System.IdentityModel.Claims;
using System.IdentityModel.Selectors;
using System.Runtime.Serialization;
using System.Xml;
using System.Xml.Serialization;
public class SamlAuthorizationDecisionStatement : SamlSubjectStatement
{
SamlEvidence evidence;
readonly ImmutableCollection actions = new ImmutableCollection();
SamlAccessDecision accessDecision;
string resource;
bool isReadOnly = false;
public SamlAuthorizationDecisionStatement()
{
}
public SamlAuthorizationDecisionStatement(SamlSubject samlSubject, string resource, SamlAccessDecision accessDecision, IEnumerable samlActions)
: this(samlSubject, resource, accessDecision, samlActions, null)
{
}
public SamlAuthorizationDecisionStatement(SamlSubject samlSubject, string resource, SamlAccessDecision accessDecision, IEnumerable samlActions, SamlEvidence samlEvidence)
: base(samlSubject)
{
if (samlActions == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlActions"));
foreach (SamlAction action in samlActions)
{
if (action == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLEntityCannotBeNullOrEmpty, XD.SamlDictionary.Action.Value));
this.actions.Add(action);
}
this.evidence = samlEvidence;
this.accessDecision = accessDecision;
this.resource = resource;
CheckObjectValidity();
}
public static string ClaimType
{
get
{
return ClaimTypes.AuthorizationDecision;
}
}
public IList SamlActions
{
get { return this.actions; }
}
public SamlAccessDecision AccessDecision
{
get { return this.accessDecision; }
set
{
if (isReadOnly)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
this.accessDecision = value;
}
}
public SamlEvidence Evidence
{
get { return this.evidence; }
set
{
if (isReadOnly)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
this.evidence = value;
}
}
public string Resource
{
get { return this.resource; }
set
{
if (isReadOnly)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
if (String.IsNullOrEmpty(value))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAuthorizationDecisionResourceRequired));
this.resource = value;
}
}
public override bool IsReadOnly
{
get { return this.isReadOnly; }
}
public override void MakeReadOnly()
{
if (!this.isReadOnly)
{
if (this.evidence != null)
this.evidence.MakeReadOnly();
foreach (SamlAction action in this.actions)
{
action.MakeReadOnly();
}
this.actions.MakeReadOnly();
this.isReadOnly = true;
}
}
protected override void AddClaimsToList(IList claims)
{
if (claims == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("claims"));
for (int i = 0; i < this.actions.Count; ++i)
{
claims.Add(new Claim(ClaimTypes.AuthorizationDecision, new SamlAuthorizationDecisionClaimResource(this.resource, this.accessDecision, this.actions[i].Namespace, this.actions[i].Action), Rights.PossessProperty));
}
}
void CheckObjectValidity()
{
if (this.SamlSubject == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectStatementRequiresSubject)));
if (String.IsNullOrEmpty(this.resource))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionResourceRequired)));
if (this.actions.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionShouldHaveOneAction)));
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
this.resource = reader.GetAttribute(dictionary.Resource, null);
if (String.IsNullOrEmpty(this.resource))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingResourceAttributeOnRead)));
string decisionString = reader.GetAttribute(dictionary.Decision, null);
if (String.IsNullOrEmpty(decisionString))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingDecisionAttributeOnRead)));
if (decisionString.Equals(SamlAccessDecision.Deny.ToString(), StringComparison.OrdinalIgnoreCase))
this.accessDecision = SamlAccessDecision.Deny;
else if (decisionString.Equals(SamlAccessDecision.Permit.ToString(), StringComparison.OrdinalIgnoreCase))
this.accessDecision = SamlAccessDecision.Permit;
else
accessDecision = SamlAccessDecision.Indeterminate;
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace))
{
SamlSubject subject = new SamlSubject();
subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
base.SamlSubject = subject;
}
else
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingSubjectOnRead)));
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Action, dictionary.Namespace))
{
SamlAction action = new SamlAction();
action.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.actions.Add(action);
}
else if (reader.IsStartElement(dictionary.Evidence, dictionary.Namespace))
{
if (this.evidence != null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionHasMoreThanOneEvidence)));
this.evidence = new SamlEvidence();
this.evidence.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
}
else
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.AuthorizationDecisionStatement)));
}
if (this.actions.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionShouldHaveOneActionOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
CheckObjectValidity();
if (writer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AuthorizationDecisionStatement, dictionary.Namespace);
writer.WriteStartAttribute(dictionary.Decision, null);
writer.WriteString(this.accessDecision.ToString());
writer.WriteEndAttribute();
writer.WriteStartAttribute(dictionary.Resource, null);
writer.WriteString(this.resource);
writer.WriteEndAttribute();
this.SamlSubject.WriteXml(writer, samlSerializer, keyInfoSerializer);
foreach (SamlAction action in this.actions)
action.WriteXml(writer, samlSerializer, keyInfoSerializer);
if (this.evidence != null)
this.evidence.WriteXml(writer, samlSerializer, keyInfoSerializer);
writer.WriteEndElement();
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.IdentityModel.Tokens
{
using System.Collections;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.Globalization;
using System.IdentityModel;
using System.IdentityModel.Claims;
using System.IdentityModel.Selectors;
using System.Runtime.Serialization;
using System.Xml;
using System.Xml.Serialization;
public class SamlAuthorizationDecisionStatement : SamlSubjectStatement
{
SamlEvidence evidence;
readonly ImmutableCollection actions = new ImmutableCollection();
SamlAccessDecision accessDecision;
string resource;
bool isReadOnly = false;
public SamlAuthorizationDecisionStatement()
{
}
public SamlAuthorizationDecisionStatement(SamlSubject samlSubject, string resource, SamlAccessDecision accessDecision, IEnumerable samlActions)
: this(samlSubject, resource, accessDecision, samlActions, null)
{
}
public SamlAuthorizationDecisionStatement(SamlSubject samlSubject, string resource, SamlAccessDecision accessDecision, IEnumerable samlActions, SamlEvidence samlEvidence)
: base(samlSubject)
{
if (samlActions == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlActions"));
foreach (SamlAction action in samlActions)
{
if (action == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLEntityCannotBeNullOrEmpty, XD.SamlDictionary.Action.Value));
this.actions.Add(action);
}
this.evidence = samlEvidence;
this.accessDecision = accessDecision;
this.resource = resource;
CheckObjectValidity();
}
public static string ClaimType
{
get
{
return ClaimTypes.AuthorizationDecision;
}
}
public IList SamlActions
{
get { return this.actions; }
}
public SamlAccessDecision AccessDecision
{
get { return this.accessDecision; }
set
{
if (isReadOnly)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
this.accessDecision = value;
}
}
public SamlEvidence Evidence
{
get { return this.evidence; }
set
{
if (isReadOnly)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
this.evidence = value;
}
}
public string Resource
{
get { return this.resource; }
set
{
if (isReadOnly)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
if (String.IsNullOrEmpty(value))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAuthorizationDecisionResourceRequired));
this.resource = value;
}
}
public override bool IsReadOnly
{
get { return this.isReadOnly; }
}
public override void MakeReadOnly()
{
if (!this.isReadOnly)
{
if (this.evidence != null)
this.evidence.MakeReadOnly();
foreach (SamlAction action in this.actions)
{
action.MakeReadOnly();
}
this.actions.MakeReadOnly();
this.isReadOnly = true;
}
}
protected override void AddClaimsToList(IList claims)
{
if (claims == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("claims"));
for (int i = 0; i < this.actions.Count; ++i)
{
claims.Add(new Claim(ClaimTypes.AuthorizationDecision, new SamlAuthorizationDecisionClaimResource(this.resource, this.accessDecision, this.actions[i].Namespace, this.actions[i].Action), Rights.PossessProperty));
}
}
void CheckObjectValidity()
{
if (this.SamlSubject == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectStatementRequiresSubject)));
if (String.IsNullOrEmpty(this.resource))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionResourceRequired)));
if (this.actions.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionShouldHaveOneAction)));
}
public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
this.resource = reader.GetAttribute(dictionary.Resource, null);
if (String.IsNullOrEmpty(this.resource))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingResourceAttributeOnRead)));
string decisionString = reader.GetAttribute(dictionary.Decision, null);
if (String.IsNullOrEmpty(decisionString))
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingDecisionAttributeOnRead)));
if (decisionString.Equals(SamlAccessDecision.Deny.ToString(), StringComparison.OrdinalIgnoreCase))
this.accessDecision = SamlAccessDecision.Deny;
else if (decisionString.Equals(SamlAccessDecision.Permit.ToString(), StringComparison.OrdinalIgnoreCase))
this.accessDecision = SamlAccessDecision.Permit;
else
accessDecision = SamlAccessDecision.Indeterminate;
reader.MoveToContent();
reader.Read();
if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace))
{
SamlSubject subject = new SamlSubject();
subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
base.SamlSubject = subject;
}
else
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingSubjectOnRead)));
while (reader.IsStartElement())
{
if (reader.IsStartElement(dictionary.Action, dictionary.Namespace))
{
SamlAction action = new SamlAction();
action.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
this.actions.Add(action);
}
else if (reader.IsStartElement(dictionary.Evidence, dictionary.Namespace))
{
if (this.evidence != null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionHasMoreThanOneEvidence)));
this.evidence = new SamlEvidence();
this.evidence.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
}
else
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.AuthorizationDecisionStatement)));
}
if (this.actions.Count == 0)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionShouldHaveOneActionOnRead)));
reader.MoveToContent();
reader.ReadEndElement();
}
public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
{
CheckObjectValidity();
if (writer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
if (samlSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));
#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null.
SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AuthorizationDecisionStatement, dictionary.Namespace);
writer.WriteStartAttribute(dictionary.Decision, null);
writer.WriteString(this.accessDecision.ToString());
writer.WriteEndAttribute();
writer.WriteStartAttribute(dictionary.Resource, null);
writer.WriteString(this.resource);
writer.WriteEndAttribute();
this.SamlSubject.WriteXml(writer, samlSerializer, keyInfoSerializer);
foreach (SamlAction action in this.actions)
action.WriteXml(writer, samlSerializer, keyInfoSerializer);
if (this.evidence != null)
this.evidence.WriteXml(writer, samlSerializer, keyInfoSerializer);
writer.WriteEndElement();
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ColorAnimationBase.cs
- XPathNavigatorKeyComparer.cs
- SByteConverter.cs
- AuthenticationService.cs
- ImageFormat.cs
- EpmContentSerializerBase.cs
- ReflectEventDescriptor.cs
- WebPartHeaderCloseVerb.cs
- ScriptControlManager.cs
- ConfigurationErrorsException.cs
- PolygonHotSpot.cs
- DbParameterCollectionHelper.cs
- Column.cs
- Utils.cs
- CustomErrorsSectionWrapper.cs
- UserControlAutomationPeer.cs
- WebServiceEnumData.cs
- ListViewItem.cs
- HttpListenerRequest.cs
- OutputCacheSection.cs
- MethodExpression.cs
- SQLGuid.cs
- HierarchicalDataBoundControlAdapter.cs
- KerberosRequestorSecurityToken.cs
- ReflectionUtil.cs
- TextServicesCompartment.cs
- VisualBrush.cs
- EdmValidator.cs
- TypeHelper.cs
- StringUtil.cs
- OutOfMemoryException.cs
- TextServicesHost.cs
- GeometryCollection.cs
- IntSecurity.cs
- ObjectConverter.cs
- DataControlField.cs
- ServerProtocol.cs
- TimeSpanMinutesConverter.cs
- Profiler.cs
- EpmAttributeNameBuilder.cs
- RequestNavigateEventArgs.cs
- ThreadInterruptedException.cs
- DataColumnMappingCollection.cs
- RNGCryptoServiceProvider.cs
- StrongNameIdentityPermission.cs
- ILGen.cs
- FlatButtonAppearance.cs
- ADMembershipUser.cs
- TiffBitmapEncoder.cs
- XmlSchemaComplexContent.cs
- UserUseLicenseDictionaryLoader.cs
- InputLangChangeEvent.cs
- XamlSerializationHelper.cs
- XPathNode.cs
- BezierSegment.cs
- CipherData.cs
- HtmlForm.cs
- BrushConverter.cs
- designeractionbehavior.cs
- SQLCharsStorage.cs
- BooleanExpr.cs
- TextElementEditingBehaviorAttribute.cs
- DetailsViewRowCollection.cs
- SchemaSetCompiler.cs
- ParseChildrenAsPropertiesAttribute.cs
- SpellerInterop.cs
- IndependentlyAnimatedPropertyMetadata.cs
- TypeGeneratedEventArgs.cs
- WebPageTraceListener.cs
- FreezableOperations.cs
- processwaithandle.cs
- XamlClipboardData.cs
- Win32SafeHandles.cs
- ErrorRuntimeConfig.cs
- StylusLogic.cs
- ISAPIRuntime.cs
- Publisher.cs
- ResolvedKeyFrameEntry.cs
- ContentPosition.cs
- MetadataConversionError.cs
- ItemMap.cs
- KeyPullup.cs
- NumericUpDown.cs
- Block.cs
- EntityTemplateFactory.cs
- LockedBorderGlyph.cs
- DataSourceControlBuilder.cs
- TextSelection.cs
- HttpListenerTimeoutManager.cs
- ValidationRule.cs
- RoutedCommand.cs
- Crypto.cs
- XhtmlBasicPanelAdapter.cs
- XmlObjectSerializerContext.cs
- SafeFileHandle.cs
- SizeFConverter.cs
- DefaultValidator.cs
- GuidelineCollection.cs
- GlobalEventManager.cs
- Grammar.cs