You've already forked linux-packaging-mono
Imported Upstream version 4.0.0~alpha1
Former-commit-id: 806294f5ded97629b74c85c09952f2a74fe182d9
This commit is contained in:
Jo Shields
269
external/referencesource/System.ServiceModel/System/ServiceModel/EndpointIdentity.cs
vendored
Normal file
269
external/referencesource/System.ServiceModel/System/ServiceModel/EndpointIdentity.cs
vendored
Normal file
@ -0,0 +1,269 @@
|
||||
//----------------------------------------------------------
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
//------------------------------------------------------------
|
||||
|
||||
namespace System.ServiceModel
|
||||
{
|
||||
using System;
|
||||
using System.Net;
|
||||
using System.Collections;
|
||||
using System.Collections.Generic;
|
||||
using System.Diagnostics;
|
||||
using System.DirectoryServices;
|
||||
using System.DirectoryServices.ActiveDirectory;
|
||||
using System.Security.Principal;
|
||||
using System.ServiceModel.Security;
|
||||
using System.IdentityModel.Claims;
|
||||
using System.IdentityModel.Policy;
|
||||
using System.ServiceModel.Channels;
|
||||
using System.ServiceModel.Diagnostics;
|
||||
using System.Security.Cryptography;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using System.Xml;
|
||||
using System.Xml.Serialization;
|
||||
|
||||
public abstract class EndpointIdentity
|
||||
{
|
||||
internal const StoreLocation defaultStoreLocation = StoreLocation.LocalMachine;
|
||||
internal const StoreName defaultStoreName = StoreName.My;
|
||||
internal const X509FindType defaultX509FindType = X509FindType.FindBySubjectDistinguishedName;
|
||||
|
||||
Claim identityClaim;
|
||||
IEqualityComparer<Claim> claimComparer;
|
||||
|
||||
protected EndpointIdentity()
|
||||
{
|
||||
}
|
||||
|
||||
protected void Initialize(Claim identityClaim)
|
||||
{
|
||||
if (identityClaim == null)
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("identityClaim");
|
||||
|
||||
Initialize(identityClaim, null);
|
||||
}
|
||||
|
||||
protected void Initialize(Claim identityClaim, IEqualityComparer<Claim> claimComparer)
|
||||
{
|
||||
if (identityClaim == null)
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("identityClaim");
|
||||
|
||||
this.identityClaim = identityClaim;
|
||||
this.claimComparer = claimComparer;
|
||||
}
|
||||
|
||||
public Claim IdentityClaim
|
||||
{
|
||||
get
|
||||
{
|
||||
if (this.identityClaim == null)
|
||||
{
|
||||
EnsureIdentityClaim();
|
||||
}
|
||||
return this.identityClaim;
|
||||
}
|
||||
}
|
||||
|
||||
public static EndpointIdentity CreateIdentity(Claim identity)
|
||||
{
|
||||
if (identity == null)
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("identity");
|
||||
|
||||
// PreSharp Bug: Parameter 'identity.ClaimType' to this public method must be validated: A null-dereference can occur here.
|
||||
#pragma warning suppress 56506 // Claim.ClaimType will never return null
|
||||
if (identity.ClaimType.Equals(ClaimTypes.Dns))
|
||||
{
|
||||
return new DnsEndpointIdentity(identity);
|
||||
}
|
||||
else if (identity.ClaimType.Equals(ClaimTypes.Spn))
|
||||
{
|
||||
return new SpnEndpointIdentity(identity);
|
||||
}
|
||||
else if (identity.ClaimType.Equals(ClaimTypes.Upn))
|
||||
{
|
||||
return new UpnEndpointIdentity(identity);
|
||||
}
|
||||
else if (identity.ClaimType.Equals(ClaimTypes.Rsa))
|
||||
{
|
||||
return new RsaEndpointIdentity(identity);
|
||||
}
|
||||
else
|
||||
{
|
||||
return new GeneralEndpointIdentity(identity);
|
||||
}
|
||||
}
|
||||
|
||||
public static EndpointIdentity CreateDnsIdentity(string dnsName)
|
||||
{
|
||||
return new DnsEndpointIdentity(dnsName);
|
||||
}
|
||||
|
||||
public static EndpointIdentity CreateSpnIdentity(string spnName)
|
||||
{
|
||||
return new SpnEndpointIdentity(spnName);
|
||||
}
|
||||
|
||||
public static EndpointIdentity CreateUpnIdentity(string upnName)
|
||||
{
|
||||
return new UpnEndpointIdentity(upnName);
|
||||
}
|
||||
|
||||
public static EndpointIdentity CreateRsaIdentity(string publicKey)
|
||||
{
|
||||
return new RsaEndpointIdentity(publicKey);
|
||||
}
|
||||
|
||||
public static EndpointIdentity CreateRsaIdentity(X509Certificate2 certificate)
|
||||
{
|
||||
return new RsaEndpointIdentity(certificate);
|
||||
}
|
||||
|
||||
public static EndpointIdentity CreateX509CertificateIdentity(X509Certificate2 certificate)
|
||||
{
|
||||
return new X509CertificateEndpointIdentity(certificate);
|
||||
}
|
||||
|
||||
public static EndpointIdentity CreateX509CertificateIdentity(X509Certificate2 primaryCertificate, X509Certificate2Collection supportingCertificates)
|
||||
{
|
||||
return new X509CertificateEndpointIdentity(primaryCertificate, supportingCertificates);
|
||||
}
|
||||
|
||||
internal static EndpointIdentity CreateX509CertificateIdentity(X509Chain certificateChain)
|
||||
{
|
||||
if (certificateChain == null)
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificateChain");
|
||||
|
||||
if (certificateChain.ChainElements.Count == 0)
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.X509ChainIsEmpty));
|
||||
|
||||
// The first element in the cert chain is the leaf certificate
|
||||
// we want.
|
||||
X509Certificate2 primaryCertificate = certificateChain.ChainElements[0].Certificate;
|
||||
X509Certificate2Collection certificateCollection = new X509Certificate2Collection();
|
||||
for (int i = 1; i < certificateChain.ChainElements.Count; ++i)
|
||||
{
|
||||
certificateCollection.Add(certificateChain.ChainElements[i].Certificate);
|
||||
}
|
||||
|
||||
return new X509CertificateEndpointIdentity(primaryCertificate, certificateCollection);
|
||||
}
|
||||
|
||||
internal virtual void EnsureIdentityClaim()
|
||||
{
|
||||
}
|
||||
|
||||
public override bool Equals(object obj)
|
||||
{
|
||||
if (obj == (object)this)
|
||||
return true;
|
||||
|
||||
// as handles null do we need the double null check?
|
||||
if (obj == null)
|
||||
return false;
|
||||
|
||||
EndpointIdentity otherIdentity = obj as EndpointIdentity;
|
||||
if (otherIdentity == null)
|
||||
return false;
|
||||
|
||||
return Matches(otherIdentity.IdentityClaim);
|
||||
}
|
||||
|
||||
public override int GetHashCode()
|
||||
{
|
||||
return GetClaimComparer().GetHashCode(this.IdentityClaim);
|
||||
}
|
||||
|
||||
public override string ToString()
|
||||
{
|
||||
return "identity(" + this.IdentityClaim + ")";
|
||||
}
|
||||
|
||||
internal bool Matches(Claim claim)
|
||||
{
|
||||
return GetClaimComparer().Equals(this.IdentityClaim, claim);
|
||||
}
|
||||
|
||||
IEqualityComparer<Claim> GetClaimComparer()
|
||||
{
|
||||
if (this.claimComparer == null)
|
||||
this.claimComparer = Claim.DefaultComparer;
|
||||
|
||||
return this.claimComparer;
|
||||
}
|
||||
|
||||
internal static EndpointIdentity ReadIdentity(XmlDictionaryReader reader)
|
||||
{
|
||||
if (reader == null)
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
|
||||
|
||||
EndpointIdentity readIdentity = null;
|
||||
|
||||
reader.MoveToContent();
|
||||
if (reader.IsEmptyElement)
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.UnexpectedEmptyElementExpectingClaim, XD.AddressingDictionary.Identity.Value, XD.AddressingDictionary.IdentityExtensionNamespace.Value)));
|
||||
|
||||
reader.ReadStartElement(XD.AddressingDictionary.Identity, XD.AddressingDictionary.IdentityExtensionNamespace);
|
||||
|
||||
if (reader.IsStartElement(XD.AddressingDictionary.Spn, XD.AddressingDictionary.IdentityExtensionNamespace))
|
||||
readIdentity = new SpnEndpointIdentity(reader.ReadElementString());
|
||||
else if (reader.IsStartElement(XD.AddressingDictionary.Upn, XD.AddressingDictionary.IdentityExtensionNamespace))
|
||||
readIdentity = new UpnEndpointIdentity(reader.ReadElementString());
|
||||
else if (reader.IsStartElement(XD.AddressingDictionary.Dns, XD.AddressingDictionary.IdentityExtensionNamespace))
|
||||
readIdentity = new DnsEndpointIdentity(reader.ReadElementString());
|
||||
else if (reader.IsStartElement(XD.XmlSignatureDictionary.KeyInfo, XD.XmlSignatureDictionary.Namespace))
|
||||
{
|
||||
reader.ReadStartElement();
|
||||
if (reader.IsStartElement(XD.XmlSignatureDictionary.X509Data, XD.XmlSignatureDictionary.Namespace))
|
||||
{
|
||||
readIdentity = new X509CertificateEndpointIdentity(reader);
|
||||
}
|
||||
else if (reader.IsStartElement(XD.XmlSignatureDictionary.RsaKeyValue, XD.XmlSignatureDictionary.Namespace))
|
||||
{
|
||||
readIdentity = new RsaEndpointIdentity(reader);
|
||||
}
|
||||
else
|
||||
{
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.UnrecognizedIdentityType, reader.Name, reader.NamespaceURI)));
|
||||
}
|
||||
reader.ReadEndElement();
|
||||
}
|
||||
else if (reader.NodeType == XmlNodeType.Element)
|
||||
{
|
||||
//
|
||||
// Something unknown
|
||||
//
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.UnrecognizedIdentityType, reader.Name, reader.NamespaceURI)));
|
||||
}
|
||||
else
|
||||
{
|
||||
//
|
||||
// EndpointIdentity element is empty or some other invalid xml
|
||||
//
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new XmlException(SR.GetString(SR.InvalidIdentityElement)));
|
||||
}
|
||||
|
||||
reader.ReadEndElement();
|
||||
|
||||
return readIdentity;
|
||||
}
|
||||
|
||||
internal void WriteTo(XmlDictionaryWriter writer)
|
||||
{
|
||||
if (writer == null)
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("writer");
|
||||
|
||||
writer.WriteStartElement(XD.AddressingDictionary.Identity, XD.AddressingDictionary.IdentityExtensionNamespace);
|
||||
|
||||
WriteContentsTo(writer);
|
||||
|
||||
writer.WriteEndElement();
|
||||
}
|
||||
|
||||
internal virtual void WriteContentsTo(XmlDictionaryWriter writer)
|
||||
{
|
||||
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UnrecognizedIdentityPropertyType, this.IdentityClaim.GetType().ToString())));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user