Imported Upstream version 4.6.0.125

Former-commit-id: a2155e9bd80020e49e72e86c44da02a8ac0e57a4
2016-08-03 10:59:49 +00:00
parent a569aebcfd
commit e79aa3c0ed
17047 changed files with 3137615 additions and 392334 deletions
--- a/mcs/class/referencesource/System.IdentityModel/System/IdentityModel/Tokens/SamlSubjectStatement.cs
+++ b/mcs/class/referencesource/System.IdentityModel/System/IdentityModel/Tokens/SamlSubjectStatement.cs
@ -0,0 +1,102 @@
+//-----------------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation.  All rights reserved.
+//-----------------------------------------------------------------------------
+
+namespace System.IdentityModel.Tokens
+{
+    using System.Collections.Generic;
+    using System.Collections.ObjectModel;
+    using System.IdentityModel.Claims;
+    using System.IdentityModel.Policy;
+    using System.IdentityModel.Selectors;
+    using System.Security.Principal;
+
+    public abstract class SamlSubjectStatement : SamlStatement
+    {
+        SamlSubject subject;
+        IAuthorizationPolicy policy;
+        bool isReadOnly = false;
+
+        protected SamlSubjectStatement()
+        {
+        }
+
+        protected SamlSubjectStatement(SamlSubject samlSubject)
+        {
+            if (samlSubject == null)
+                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSubject"));
+
+            this.subject = samlSubject;
+        }
+
+        public SamlSubject SamlSubject
+        {
+            get { return this.subject; }
+            set
+            {
+                if (isReadOnly)
+                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
+
+                if (value == null)
+                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("value"));
+
+                this.subject = value;
+            }
+        }
+
+        public override bool IsReadOnly
+        {
+            get { return this.isReadOnly; }
+        }
+
+        public override void MakeReadOnly()
+        {
+            if (!this.isReadOnly)
+            {
+                subject.MakeReadOnly();
+                this.isReadOnly = true;
+            }
+        }
+
+        public override IAuthorizationPolicy CreatePolicy(ClaimSet issuer, SamlSecurityTokenAuthenticator samlAuthenticator)
+        {
+            if (issuer == null)
+                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("issuer");
+
+            // SupportingTokenAuthenticator collection can be null when the Subject does not
+            // contain a key.
+
+            if (this.policy == null)
+            {
+                List<ClaimSet> claimSets = new List<ClaimSet>();
+                ClaimSet subjectKeyClaimset = this.subject.ExtractSubjectKeyClaimSet(samlAuthenticator);
+                if (subjectKeyClaimset != null)
+                    claimSets.Add(subjectKeyClaimset);
+
+                List<Claim> claims = new List<Claim>();
+                ReadOnlyCollection<Claim> subjectClaims = this.subject.ExtractClaims();
+                for (int i = 0; i < subjectClaims.Count; ++i)
+                {
+                    claims.Add(subjectClaims[i]);
+                }
+
+                AddClaimsToList(claims);
+                claimSets.Add(new DefaultClaimSet(issuer, claims));
+                this.policy = new UnconditionalPolicy(this.subject.Identity, claimSets.AsReadOnly(), SecurityUtils.MaxUtcDateTime);
+            }
+
+            return this.policy;
+        }
+
+        protected void SetSubject(SamlSubject samlSubject)
+        {
+            if (samlSubject == null)
+                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSubject"));
+
+            this.subject = samlSubject;
+        }
+
+        protected abstract void AddClaimsToList(IList<Claim> claims);
+    }
+
+}