122 lines
5.7 KiB
C#
122 lines
5.7 KiB
C#
|
//------------------------------------------------------------------------------
|
||
|
|
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||
|
|
//------------------------------------------------------------------------------
|
||
|
|
|
||
|
|
namespace System.ServiceModel.Configuration
|
||
|
|
{
|
||
|
|
using System;
|
||
|
|
using System.ServiceModel;
|
||
|
|
using System.Configuration;
|
||
|
|
using System.ServiceModel.Channels;
|
||
|
|
using System.ServiceModel.Security;
|
||
|
|
using System.Xml;
|
||
|
|
using System.Security.Cryptography.X509Certificates;
|
||
|
|
using System.IdentityModel.Selectors;
|
||
|
|
|
||
|
|
public sealed partial class X509ClientCertificateAuthenticationElement : ConfigurationElement
|
||
|
|
{
|
||
|
|
public X509ClientCertificateAuthenticationElement()
|
||
|
|
{
|
||
|
|
}
|
||
|
|
|
||
|
|
[ConfigurationProperty(ConfigurationStrings.CustomCertificateValidatorType, DefaultValue = "")]
|
||
|
|
[StringValidator(MinLength = 0)]
|
||
|
|
public string CustomCertificateValidatorType
|
||
|
|
{
|
||
|
|
get { return (string)base[ConfigurationStrings.CustomCertificateValidatorType]; }
|
||
|
|
set
|
||
|
|
{
|
||
|
|
if (String.IsNullOrEmpty(value))
|
||
|
|
{
|
||
|
|
value = String.Empty;
|
||
|
|
}
|
||
|
|
base[ConfigurationStrings.CustomCertificateValidatorType] = value;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
[ConfigurationProperty(ConfigurationStrings.CertificateValidationMode, DefaultValue = X509ClientCertificateAuthentication.DefaultCertificateValidationMode)]
|
||
|
|
[ServiceModelEnumValidator(typeof(X509CertificateValidationModeHelper))]
|
||
|
|
public X509CertificateValidationMode CertificateValidationMode
|
||
|
|
{
|
||
|
|
get { return (X509CertificateValidationMode)base[ConfigurationStrings.CertificateValidationMode]; }
|
||
|
|
set { base[ConfigurationStrings.CertificateValidationMode] = value; }
|
||
|
|
}
|
||
|
|
|
||
|
|
[ConfigurationProperty(ConfigurationStrings.RevocationMode, DefaultValue = X509ClientCertificateAuthentication.DefaultRevocationMode)]
|
||
|
|
[StandardRuntimeEnumValidator(typeof(X509RevocationMode))]
|
||
|
|
public X509RevocationMode RevocationMode
|
||
|
|
{
|
||
|
|
get { return (X509RevocationMode)base[ConfigurationStrings.RevocationMode]; }
|
||
|
|
set { base[ConfigurationStrings.RevocationMode] = value; }
|
||
|
|
}
|
||
|
|
|
||
|
|
[ConfigurationProperty(ConfigurationStrings.TrustedStoreLocation, DefaultValue = X509ClientCertificateAuthentication.DefaultTrustedStoreLocation)]
|
||
|
|
[StandardRuntimeEnumValidator(typeof(StoreLocation))]
|
||
|
|
public StoreLocation TrustedStoreLocation
|
||
|
|
{
|
||
|
|
get { return (StoreLocation)base[ConfigurationStrings.TrustedStoreLocation]; }
|
||
|
|
set { base[ConfigurationStrings.TrustedStoreLocation] = value; }
|
||
|
|
}
|
||
|
|
|
||
|
|
[ConfigurationProperty(ConfigurationStrings.IncludeWindowsGroups, DefaultValue = SspiSecurityTokenProvider.DefaultExtractWindowsGroupClaims)]
|
||
|
|
public bool IncludeWindowsGroups
|
||
|
|
{
|
||
|
|
get { return (bool)base[ConfigurationStrings.IncludeWindowsGroups]; }
|
||
|
|
set { base[ConfigurationStrings.IncludeWindowsGroups] = value; }
|
||
|
|
}
|
||
|
|
|
||
|
|
[ConfigurationProperty(ConfigurationStrings.MapClientCertificateToWindowsAccount, DefaultValue = X509ClientCertificateAuthentication.DefaultMapCertificateToWindowsAccount)]
|
||
|
|
public bool MapClientCertificateToWindowsAccount
|
||
|
|
{
|
||
|
|
get { return (bool)base[ConfigurationStrings.MapClientCertificateToWindowsAccount]; }
|
||
|
|
set { base[ConfigurationStrings.MapClientCertificateToWindowsAccount] = value; }
|
||
|
|
}
|
||
|
|
|
||
|
|
public void Copy(X509ClientCertificateAuthenticationElement from)
|
||
|
|
{
|
||
|
|
if (this.IsReadOnly())
|
||
|
|
{
|
||
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ConfigurationErrorsException(SR.GetString(SR.ConfigReadOnly)));
|
||
|
|
}
|
||
|
|
if (null == from)
|
||
|
|
{
|
||
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("from");
|
||
|
|
}
|
||
|
|
|
||
|
|
this.CertificateValidationMode = from.CertificateValidationMode;
|
||
|
|
this.RevocationMode = from.RevocationMode;
|
||
|
|
this.TrustedStoreLocation = from.TrustedStoreLocation;
|
||
|
|
this.IncludeWindowsGroups = from.IncludeWindowsGroups;
|
||
|
|
this.MapClientCertificateToWindowsAccount = from.MapClientCertificateToWindowsAccount;
|
||
|
|
this.CustomCertificateValidatorType = from.CustomCertificateValidatorType;
|
||
|
|
}
|
||
|
|
|
||
|
|
internal void ApplyConfiguration(X509ClientCertificateAuthentication cert)
|
||
|
|
{
|
||
|
|
if (cert == null)
|
||
|
|
{
|
||
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("cert");
|
||
|
|
}
|
||
|
|
|
||
|
|
cert.CertificateValidationMode = this.CertificateValidationMode;
|
||
|
|
cert.RevocationMode = this.RevocationMode;
|
||
|
|
cert.TrustedStoreLocation = this.TrustedStoreLocation;
|
||
|
|
cert.IncludeWindowsGroups = this.IncludeWindowsGroups;
|
||
|
|
cert.MapClientCertificateToWindowsAccount = this.MapClientCertificateToWindowsAccount;
|
||
|
|
if (!string.IsNullOrEmpty(this.CustomCertificateValidatorType))
|
||
|
|
{
|
||
|
|
Type validatorType = System.Type.GetType(this.CustomCertificateValidatorType, true);
|
||
|
|
if (!typeof(X509CertificateValidator).IsAssignableFrom(validatorType))
|
||
|
|
{
|
||
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ConfigurationErrorsException(
|
||
|
|
SR.GetString(SR.ConfigInvalidCertificateValidatorType, this.CustomCertificateValidatorType, typeof(X509CertificateValidator).ToString())));
|
||
|
|
}
|
||
|
|
cert.CustomCertificateValidator = (X509CertificateValidator)Activator.CreateInstance(validatorType);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
|