Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / SamlSubject.cs / 1305376 / SamlSubject.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace System.IdentityModel.Tokens { using System.Collections; using System.Collections.Generic; using System.Collections.ObjectModel; using System.IdentityModel.Claims; using System.IdentityModel.Selectors; using System.Runtime.Serialization; using System.Security.Cryptography; using System.Security.Cryptography.Xml; using System.Security.Principal; using System.Security; using System.Xml; using System.Xml.Serialization; public class SamlSubject { // Saml SubjectConfirmation parts. readonly ImmutableCollectionconfirmationMethods = new ImmutableCollection (); string confirmationData; SecurityKeyIdentifier securityKeyIdentifier; SecurityKey crypto; SecurityToken subjectToken; // Saml NameIdentifier element parts. string name; string nameFormat; string nameQualifier; List claims; IIdentity identity; ClaimSet subjectKeyClaimset; bool isReadOnly = false; public SamlSubject() { } public SamlSubject(string nameFormat, string nameQualifier, string name) : this(nameFormat, nameQualifier, name, null, null, null) { } public SamlSubject(string nameFormat, string nameQualifier, string name, IEnumerable confirmations, string confirmationData, SecurityKeyIdentifier securityKeyIdentifier) { if (confirmations != null) { foreach (string method in confirmations) { if (String.IsNullOrEmpty(method)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLEntityCannotBeNullOrEmpty, XD.SamlDictionary.SubjectConfirmationMethod.Value)); this.confirmationMethods.Add(method); } } if ((this.confirmationMethods.Count == 0) && (String.IsNullOrEmpty(name))) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLSubjectRequiresNameIdentifierOrConfirmationMethod)); if ((this.confirmationMethods.Count == 0) && ((confirmationData != null) || (securityKeyIdentifier != null))) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLSubjectRequiresConfirmationMethodWhenConfirmationDataOrKeyInfoIsSpecified)); this.name = name; this.nameFormat = nameFormat; this.nameQualifier = nameQualifier; this.confirmationData = confirmationData; this.securityKeyIdentifier = securityKeyIdentifier; } public string Name { get { return this.name; } set { if (isReadOnly) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly))); if (String.IsNullOrEmpty(value)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLSubjectNameIdentifierRequiresNameValue)); this.name = value; } } public string NameFormat { get { return this.nameFormat; } set { if (isReadOnly) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly))); this.nameFormat = value; } } public string NameQualifier { get { return this.nameQualifier; } set { if (isReadOnly) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly))); this.nameQualifier = value; } } public static string NameClaimType { get { return ClaimTypes.NameIdentifier; } } public IList ConfirmationMethods { get { return this.confirmationMethods; } } internal IIdentity Identity { get { return this.identity; } } public string SubjectConfirmationData { get { return this.confirmationData; } set { if (value == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("value"); this.confirmationData = value; } } public SecurityKeyIdentifier KeyIdentifier { get { return this.securityKeyIdentifier; } set { if (isReadOnly) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly))); if (value == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("value"); this.securityKeyIdentifier = value; } } public SecurityKey Crypto { get { return this.crypto; } set { if (isReadOnly) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly))); if (value == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("value"); this.crypto = value; } } public bool IsReadOnly { get { return this.isReadOnly; } } public void MakeReadOnly() { if (!this.isReadOnly) { if (securityKeyIdentifier != null) securityKeyIdentifier.MakeReadOnly(); this.confirmationMethods.MakeReadOnly(); this.isReadOnly = true; } } void CheckObjectValidity() { if ((this.confirmationMethods.Count == 0) && (String.IsNullOrEmpty(name))) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectRequiresNameIdentifierOrConfirmationMethod))); if ((this.confirmationMethods.Count == 0) && ((this.confirmationData != null) || (this.securityKeyIdentifier != null))) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectRequiresConfirmationMethodWhenConfirmationDataOrKeyInfoIsSpecified))); } public virtual ReadOnlyCollection ExtractClaims() { if (this.claims == null) { this.claims = new List (); if (!String.IsNullOrEmpty(this.name)) { this.claims.Add(new Claim(ClaimTypes.NameIdentifier, new SamlNameIdentifierClaimResource(this.name, this.nameQualifier, this.nameFormat), Rights.Identity)); this.claims.Add(new Claim(ClaimTypes.NameIdentifier, new SamlNameIdentifierClaimResource(this.name, this.nameQualifier, this.nameFormat), Rights.PossessProperty)); } } return this.claims.AsReadOnly(); } public virtual ClaimSet ExtractSubjectKeyClaimSet(SamlSecurityTokenAuthenticator samlAuthenticator) { if ((this.subjectKeyClaimset == null) && (this.securityKeyIdentifier != null)) { if (samlAuthenticator == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlAuthenticator"); if (this.subjectToken != null) { this.subjectKeyClaimset = samlAuthenticator.ResolveClaimSet(this.subjectToken); this.identity = samlAuthenticator.ResolveIdentity(this.subjectToken); if ((this.identity == null) && (this.subjectKeyClaimset != null)) { Claim identityClaim = null; foreach (Claim claim in this.subjectKeyClaimset.FindClaims(null, Rights.Identity)) { identityClaim = claim; break; } if (identityClaim != null) { this.identity = SecurityUtils.CreateIdentity(identityClaim.Resource.ToString(), this.GetType().Name); } } } if (this.subjectKeyClaimset == null) { // Add the type of the primary claim as the Identity claim. this.subjectKeyClaimset = samlAuthenticator.ResolveClaimSet(this.securityKeyIdentifier); this.identity = samlAuthenticator.ResolveIdentity(this.securityKeyIdentifier); } } return this.subjectKeyClaimset; } public virtual void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver) { if (reader == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("samlSerializer"); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; reader.MoveToContent(); reader.Read(); if (reader.IsStartElement(dictionary.NameIdentifier, dictionary.Namespace)) { this.nameFormat = reader.GetAttribute(dictionary.NameIdentifierFormat, null); this.nameQualifier = reader.GetAttribute(dictionary.NameIdentifierNameQualifier, null); reader.MoveToContent(); this.name = reader.ReadString(); if (this.name == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLNameIdentifierMissingIdentifierValueOnRead))); reader.MoveToContent(); reader.ReadEndElement(); } if (reader.IsStartElement(dictionary.SubjectConfirmation, dictionary.Namespace)) { reader.MoveToContent(); reader.Read(); while (reader.IsStartElement(dictionary.SubjectConfirmationMethod, dictionary.Namespace)) { string method = reader.ReadString(); if (string.IsNullOrEmpty(method)) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.SubjectConfirmationMethod.Value))); this.confirmationMethods.Add(method); reader.MoveToContent(); reader.ReadEndElement(); } if (this.confirmationMethods.Count == 0) { // A SubjectConfirmaton clause should specify at least one // ConfirmationMethod. throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectConfirmationClauseMissingConfirmationMethodOnRead))); } if (reader.IsStartElement(dictionary.SubjectConfirmationData, dictionary.Namespace)) { reader.MoveToContent(); // An Authentication protocol specified in the confirmation method might need this // data. Just store this content value as string. this.confirmationData = reader.ReadString(); reader.MoveToContent(); reader.ReadEndElement(); } #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. if (reader.IsStartElement(samlSerializer.DictionaryManager.XmlSignatureDictionary.KeyInfo, samlSerializer.DictionaryManager.XmlSignatureDictionary.Namespace)) { XmlDictionaryReader dictionaryReader = XmlDictionaryReader.CreateDictionaryReader(reader); this.securityKeyIdentifier = SamlSerializer.ReadSecurityKeyIdentifier(dictionaryReader, keyInfoSerializer); this.crypto = SamlSerializer.ResolveSecurityKey(this.securityKeyIdentifier, outOfBandTokenResolver); if (this.crypto == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SamlUnableToExtractSubjectKey))); } this.subjectToken = SamlSerializer.ResolveSecurityToken(this.securityKeyIdentifier, outOfBandTokenResolver); } if ((this.confirmationMethods.Count == 0) && (String.IsNullOrEmpty(name))) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectRequiresNameIdentifierOrConfirmationMethodOnRead))); reader.MoveToContent(); reader.ReadEndElement(); } reader.MoveToContent(); reader.ReadEndElement(); } public virtual void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer) { CheckObjectValidity(); if (writer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer")); if (samlSerializer == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); #pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary; writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.Subject, dictionary.Namespace); if (this.name != null) { writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.NameIdentifier, dictionary.Namespace); if (this.nameFormat != null) { writer.WriteStartAttribute(dictionary.NameIdentifierFormat, null); writer.WriteString(this.nameFormat); writer.WriteEndAttribute(); } if (this.nameQualifier != null) { writer.WriteStartAttribute(dictionary.NameIdentifierNameQualifier, null); writer.WriteString(this.nameQualifier); writer.WriteEndAttribute(); } writer.WriteString(this.name); writer.WriteEndElement(); } if (this.confirmationMethods.Count > 0) { writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.SubjectConfirmation, dictionary.Namespace); foreach (string method in this.confirmationMethods) writer.WriteElementString(dictionary.SubjectConfirmationMethod, dictionary.Namespace, method); if (!string.IsNullOrEmpty(this.confirmationData)) writer.WriteElementString(dictionary.SubjectConfirmationData, dictionary.Namespace, this.confirmationData); if (this.securityKeyIdentifier != null) { XmlDictionaryWriter dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(writer); SamlSerializer.WriteSecurityKeyIdentifier(dictionaryWriter, this.securityKeyIdentifier, keyInfoSerializer); } writer.WriteEndElement(); } writer.WriteEndElement(); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TextDecorationCollection.cs
- InfoCardMasterKey.cs
- StreamGeometryContext.cs
- DataViewManagerListItemTypeDescriptor.cs
- SudsCommon.cs
- HealthMonitoringSectionHelper.cs
- HtmlWindowCollection.cs
- RegexCapture.cs
- SHA384Cng.cs
- WebPartRestoreVerb.cs
- XmlSchemaNotation.cs
- ClipboardData.cs
- MainMenu.cs
- CellTreeSimplifier.cs
- OptimalTextSource.cs
- DataGridCell.cs
- OneOf.cs
- DataContractJsonSerializer.cs
- COMException.cs
- ObjectDataSourceMethodEventArgs.cs
- DeleteIndexBinder.cs
- LinqDataSourceDeleteEventArgs.cs
- WindowsStatusBar.cs
- MultipartContentParser.cs
- CodeAttributeArgument.cs
- RSAPKCS1SignatureFormatter.cs
- InputLanguageCollection.cs
- ClientCultureInfo.cs
- AddressHeaderCollectionElement.cs
- ArcSegment.cs
- XsltException.cs
- MethodExpr.cs
- MetadataFile.cs
- CalendarDay.cs
- RankException.cs
- SelectionItemPattern.cs
- RenderingBiasValidation.cs
- StaticExtension.cs
- ECDiffieHellmanCngPublicKey.cs
- WSHttpBindingElement.cs
- RenamedEventArgs.cs
- ToolStripDropDownItem.cs
- ToolStripOverflowButton.cs
- CachedPathData.cs
- InternalSafeNativeMethods.cs
- _ServiceNameStore.cs
- FileUtil.cs
- PathSegmentCollection.cs
- MimeFormatExtensions.cs
- AutoGeneratedFieldProperties.cs
- sortedlist.cs
- AttachmentService.cs
- MetaModel.cs
- PackagePartCollection.cs
- HTMLTagNameToTypeMapper.cs
- DbConnectionClosed.cs
- SelectingProviderEventArgs.cs
- EtwTrace.cs
- RemoteEndpointMessageProperty.cs
- InfoCardSymmetricCrypto.cs
- FormClosingEvent.cs
- VisualProxy.cs
- CodeValidator.cs
- _BaseOverlappedAsyncResult.cs
- RadialGradientBrush.cs
- NativeMethods.cs
- ColorPalette.cs
- BCryptHashAlgorithm.cs
- ErrorReporting.cs
- ToolStripRenderEventArgs.cs
- MultipartContentParser.cs
- BufferModeSettings.cs
- Processor.cs
- Ticks.cs
- Size3DConverter.cs
- TextSerializer.cs
- ComboBoxAutomationPeer.cs
- CompilerErrorCollection.cs
- DataGridAddNewRow.cs
- GeometryDrawing.cs
- MatrixTransform.cs
- OleDbStruct.cs
- Itemizer.cs
- Gdiplus.cs
- SqlOuterApplyReducer.cs
- ListViewDataItem.cs
- NotificationContext.cs
- LayoutTableCell.cs
- ProxyHelper.cs
- DisplayInformation.cs
- XPathPatternParser.cs
- SvcMapFileSerializer.cs
- Material.cs
- LabelTarget.cs
- AuthenticationModulesSection.cs
- XmlDomTextWriter.cs
- EncryptedKeyHashIdentifierClause.cs
- ResXResourceSet.cs
- EmptyEnumerable.cs
- DurableTimerExtension.cs