228 lines
9.2 KiB
C#
Raw Normal View History

//----------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//----------------------------------------------------------------------------
namespace System.ServiceModel.Description
{
using System;
using System.Collections.ObjectModel;
using System.Net;
using System.ServiceModel;
using System.ServiceModel.Channels;
using System.ServiceModel.Dispatcher;
using System.ServiceModel.Security;
using System.ServiceModel.Security.Tokens;
public sealed class ServiceAuthenticationBehavior : IServiceBehavior
{
internal ServiceAuthenticationManager defaultServiceAuthenticationManager;
ServiceAuthenticationManager serviceAuthenticationManager;
AuthenticationSchemes authenticationSchemes;
bool isAuthenticationManagerSet;
bool isAuthenticationSchemesSet;
bool isReadOnly;
public ServiceAuthenticationBehavior()
{
this.ServiceAuthenticationManager = defaultServiceAuthenticationManager;
this.authenticationSchemes = AuthenticationSchemes.None;
}
ServiceAuthenticationBehavior(ServiceAuthenticationBehavior other)
{
this.serviceAuthenticationManager = other.ServiceAuthenticationManager;
this.authenticationSchemes = other.authenticationSchemes;
this.isReadOnly = other.isReadOnly;
this.isAuthenticationManagerSet = other.isAuthenticationManagerSet;
this.isAuthenticationSchemesSet = other.isAuthenticationSchemesSet;
}
public ServiceAuthenticationManager ServiceAuthenticationManager
{
get
{
return this.serviceAuthenticationManager;
}
set
{
ThrowIfImmutable();
this.serviceAuthenticationManager = value;
this.isAuthenticationManagerSet = value != null;
}
}
public AuthenticationSchemes AuthenticationSchemes
{
get
{
return this.authenticationSchemes;
}
set
{
ThrowIfImmutable();
this.authenticationSchemes = value;
this.isAuthenticationSchemesSet = true;
}
}
public bool ShouldSerializeServiceAuthenticationManager()
{
return this.isAuthenticationManagerSet;
}
public bool ShouldSerializeAuthenticationSchemes()
{
return this.isAuthenticationSchemesSet;
}
void IServiceBehavior.Validate(ServiceDescription description, ServiceHostBase serviceHostBase)
{
}
void IServiceBehavior.AddBindingParameters(ServiceDescription description, ServiceHostBase serviceHostBase, Collection<ServiceEndpoint> endpoints, BindingParameterCollection parameters)
{
if (parameters == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("parameters");
}
if (this.serviceAuthenticationManager != null)
{
// throw if bindingParameters already has a AuthenticationManager
ServiceAuthenticationManager otherAuthenticationManager = parameters.Find<ServiceAuthenticationManager>();
if (otherAuthenticationManager != null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.MultipleAuthenticationManagersInServiceBindingParameters, otherAuthenticationManager)));
}
parameters.Add(this.serviceAuthenticationManager);
}
if (this.authenticationSchemes != AuthenticationSchemes.None)
{
// throw if bindingParameters already has an AuthenticationSchemes
AuthenticationSchemesBindingParameter otherAuthenticationSchemesBindingParameter = parameters.Find<AuthenticationSchemesBindingParameter>();
if (otherAuthenticationSchemesBindingParameter != null)
{
if (otherAuthenticationSchemesBindingParameter.AuthenticationSchemes != authenticationSchemes)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.MultipleAuthenticationSchemesInServiceBindingParameters, otherAuthenticationSchemesBindingParameter.AuthenticationSchemes)));
}
}
else
{
parameters.Add(new AuthenticationSchemesBindingParameter(this.authenticationSchemes));
}
}
}
void IServiceBehavior.ApplyDispatchBehavior(ServiceDescription description, ServiceHostBase serviceHostBase)
{
if (description == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("description"));
if (serviceHostBase == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("serviceHostBase"));
if (this.serviceAuthenticationManager == null)
{
return;
}
for (int i = 0; i < serviceHostBase.ChannelDispatchers.Count; i++)
{
ChannelDispatcher channelDispatcher = serviceHostBase.ChannelDispatchers[i] as ChannelDispatcher;
if (channelDispatcher != null && !ServiceMetadataBehavior.IsHttpGetMetadataDispatcher(description, channelDispatcher))
{
foreach (EndpointDispatcher endpointDispatcher in channelDispatcher.Endpoints)
{
DispatchRuntime behavior = endpointDispatcher.DispatchRuntime;
behavior.ServiceAuthenticationManager = this.serviceAuthenticationManager;
ServiceEndpoint endpoint = FindMatchingServiceEndpoint(description, endpointDispatcher);
if (endpoint != null)
{
bool isSecureConversationBinding = IsSecureConversationBinding(endpoint.Binding);
if (isSecureConversationBinding)
{
SecurityStandardsManager standardsManager = GetConfiguredSecurityStandardsManager(endpoint.Binding);
behavior.ServiceAuthenticationManager = new ServiceAuthenticationManagerWrapper(this.serviceAuthenticationManager, new string[] { standardsManager.SecureConversationDriver.CloseAction.Value });
}
}
}
}
}
}
internal ServiceAuthenticationBehavior Clone()
{
return new ServiceAuthenticationBehavior(this);
}
internal void MakeReadOnly()
{
this.isReadOnly = true;
}
void ThrowIfImmutable()
{
if (this.isReadOnly)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
}
}
ServiceEndpoint FindMatchingServiceEndpoint(ServiceDescription description, EndpointDispatcher endpointDispatcher)
{
foreach (ServiceEndpoint endpoint in description.Endpoints)
{
if (endpoint.Address.Equals(endpointDispatcher.EndpointAddress))
{
return endpoint;
}
}
return null;
}
bool IsSecureConversationBinding(Binding binding)
{
if (binding == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("binding");
SecurityBindingElement securityBindingElement = binding.CreateBindingElements().Find<SecurityBindingElement>();
if (securityBindingElement == null)
{
return false;
}
foreach (SecurityTokenParameters tokenParam in new SecurityTokenParametersEnumerable(securityBindingElement, true))
{
if (tokenParam is SecureConversationSecurityTokenParameters)
{
return true;
}
}
return false;
}
SecurityStandardsManager GetConfiguredSecurityStandardsManager(Binding binding)
{
if (binding == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("binding");
SecurityBindingElement securityBindingElement = binding.CreateBindingElements().Find<SecurityBindingElement>();
if (securityBindingElement == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("binding", SR.GetString(SR.NoSecurityBindingElementFound));
}
return new SecurityStandardsManager(securityBindingElement.MessageSecurityVersion, new WSSecurityTokenSerializer(securityBindingElement.MessageSecurityVersion.SecurityVersion));
}
}
}