You've already forked linux-packaging-mono
							
							
		
			
	
	
		
			116 lines
		
	
	
		
			4.7 KiB
		
	
	
	
		
			C#
		
	
	
	
	
	
		
		
			
		
	
	
			116 lines
		
	
	
		
			4.7 KiB
		
	
	
	
		
			C#
		
	
	
	
	
	
|   | //------------------------------------------------------------ | ||
|  | // Copyright (c) Microsoft Corporation.  All rights reserved. | ||
|  | //------------------------------------------------------------ | ||
|  | 
 | ||
|  | using System; | ||
|  | using System.IdentityModel.Selectors; | ||
|  | using System.IdentityModel.Tokens; | ||
|  | using System.Collections.ObjectModel; | ||
|  | using System.IdentityModel.Policy; | ||
|  | using System.ServiceModel; | ||
|  | using System.Collections.Generic; | ||
|  | using System.IdentityModel.Claims; | ||
|  | using System.ServiceModel.Security.Tokens; | ||
|  | using System.IdentityModel; | ||
|  | 
 | ||
|  | namespace System.ServiceModel.Security | ||
|  | { | ||
|  |     /// <summary> | ||
|  |     /// Creates a security token provider that produces a security token as an issued token | ||
|  |     /// for federated bindings. | ||
|  |     /// </summary> | ||
|  |     public class SimpleSecurityTokenProvider : SecurityTokenProvider | ||
|  |     { | ||
|  |         SecurityToken _securityToken; | ||
|  | 
 | ||
|  |         /// <summary> | ||
|  |         /// Creates a security token provider that produces a security token as an issued token | ||
|  |         /// for federated bindings. | ||
|  |         /// </summary> | ||
|  |         /// <param name="token">The security token to provide.</param> | ||
|  |         /// <param name="tokenRequirement"> | ||
|  |         /// The requirements described by the binding that will use <paramref name="token"/> to secure | ||
|  |         /// messages. | ||
|  |         /// </param> | ||
|  |         /// <exception cref="ArgumentNullException"><paramref name="token"/> is set to null.</exception> | ||
|  |         public SimpleSecurityTokenProvider(SecurityToken token, SecurityTokenRequirement tokenRequirement) | ||
|  |         { | ||
|  |             if (token == null) | ||
|  |             { | ||
|  |                 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("token"); | ||
|  |             } | ||
|  | 
 | ||
|  |             GenericXmlSecurityToken xmlIssuedToken = token as GenericXmlSecurityToken; | ||
|  |             if (xmlIssuedToken != null) | ||
|  |             { | ||
|  |                 _securityToken = WrapWithAuthPolicy(xmlIssuedToken, tokenRequirement); | ||
|  |             } | ||
|  |             else | ||
|  |             { | ||
|  |                 _securityToken = token; | ||
|  |             } | ||
|  |         } | ||
|  | 
 | ||
|  |         /// <summary> | ||
|  |         /// Creates a security token according to a gieven timeout. | ||
|  |         /// </summary> | ||
|  |         /// <param name="timeout">The <see cref="TimeSpan"/>.</param> | ||
|  |         /// <returns></returns> | ||
|  |         protected override SecurityToken GetTokenCore(TimeSpan timeout) | ||
|  |         { | ||
|  |             return _securityToken; | ||
|  |         } | ||
|  | 
 | ||
|  |         /// <summary> | ||
|  |         /// Gets a GenericXmlSecurityToken that wraps the provided issued token | ||
|  |         /// with the authorization policies necessary. | ||
|  |         /// </summary> | ||
|  |         static GenericXmlSecurityToken WrapWithAuthPolicy(GenericXmlSecurityToken issuedToken, | ||
|  |                                                            SecurityTokenRequirement tokenRequirement) | ||
|  |         { | ||
|  |             EndpointIdentity endpointIdentity = null; | ||
|  | 
 | ||
|  |             var issuedTokenRequirement = tokenRequirement as InitiatorServiceModelSecurityTokenRequirement; | ||
|  |             if (issuedTokenRequirement != null) | ||
|  |             { | ||
|  |                 EndpointAddress targetAddress = issuedTokenRequirement.TargetAddress; | ||
|  |                 if (targetAddress.Uri.IsAbsoluteUri) | ||
|  |                 { | ||
|  |                     endpointIdentity = EndpointIdentity.CreateDnsIdentity(targetAddress.Uri.DnsSafeHost); | ||
|  |                 } | ||
|  |             } | ||
|  | 
 | ||
|  |             ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies | ||
|  |                 = GetServiceAuthorizationPolicies(endpointIdentity); | ||
|  | 
 | ||
|  |             return new GenericXmlSecurityToken(issuedToken.TokenXml, | ||
|  |                                                 issuedToken.ProofToken, | ||
|  |                                                 issuedToken.ValidFrom, | ||
|  |                                                 issuedToken.ValidTo, | ||
|  |                                                 issuedToken.InternalTokenReference, | ||
|  |                                                 issuedToken.ExternalTokenReference, | ||
|  |                                                 authorizationPolicies); | ||
|  |         } | ||
|  | 
 | ||
|  |         // | ||
|  |         // Modeled after WCF's CoreFederatedTokenProvider.GetServiceAuthorizationPolicies | ||
|  |         // | ||
|  |         static ReadOnlyCollection<IAuthorizationPolicy> GetServiceAuthorizationPolicies(EndpointIdentity endpointIdentity) | ||
|  |         { | ||
|  |             if (endpointIdentity != null) | ||
|  |             { | ||
|  |                 List<Claim> claims = new List<Claim>(1); | ||
|  |                 claims.Add(endpointIdentity.IdentityClaim); | ||
|  |                 List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>(1); | ||
|  |                 policies.Add(new UnconditionalPolicy(SecurityUtils.CreateIdentity(endpointIdentity.IdentityClaim.Resource.ToString()), | ||
|  |                                new DefaultClaimSet(ClaimSet.System, claims))); | ||
|  |                 return policies.AsReadOnly(); | ||
|  |             } | ||
|  |             else | ||
|  |             { | ||
|  |                 return EmptyReadOnlyCollection<IAuthorizationPolicy>.Instance; | ||
|  |             } | ||
|  |         } | ||
|  |     } | ||
|  | } |