//----------------------------------------------------------------------------- // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace System.ServiceModel.Security.Tokens { using System.IdentityModel.Tokens; using System.ServiceModel.Channels; using System.IdentityModel.Selectors; using System.ServiceModel; using System.ServiceModel.Security; using System.Text; using System.Globalization; public class SecureConversationSecurityTokenParameters : SecurityTokenParameters { internal const bool defaultRequireCancellation = true; internal const bool defaultCanRenewSession = true; SecurityBindingElement bootstrapSecurityBindingElement; ChannelProtectionRequirements bootstrapProtectionRequirements; bool requireCancellation; bool canRenewSession = defaultCanRenewSession; BindingContext issuerBindingContext; protected SecureConversationSecurityTokenParameters(SecureConversationSecurityTokenParameters other) : base(other) { this.requireCancellation = other.requireCancellation; this.canRenewSession = other.canRenewSession; if (other.bootstrapSecurityBindingElement != null) this.bootstrapSecurityBindingElement = (SecurityBindingElement)other.bootstrapSecurityBindingElement.Clone(); if (other.bootstrapProtectionRequirements != null) this.bootstrapProtectionRequirements = new ChannelProtectionRequirements(other.bootstrapProtectionRequirements); if (other.issuerBindingContext != null) this.issuerBindingContext = other.issuerBindingContext.Clone(); } public SecureConversationSecurityTokenParameters() : this(null, defaultRequireCancellation, null) { // empty } public SecureConversationSecurityTokenParameters(SecurityBindingElement bootstrapSecurityBindingElement) : this(bootstrapSecurityBindingElement, defaultRequireCancellation, null) { // empty } public SecureConversationSecurityTokenParameters(SecurityBindingElement bootstrapSecurityBindingElement, bool requireCancellation) : this(bootstrapSecurityBindingElement, requireCancellation, true) { // empty } public SecureConversationSecurityTokenParameters(SecurityBindingElement bootstrapSecurityBindingElement, bool requireCancellation, bool canRenewSession) : this(bootstrapSecurityBindingElement, requireCancellation, canRenewSession, null) { // empty } public SecureConversationSecurityTokenParameters(SecurityBindingElement bootstrapSecurityBindingElement, bool requireCancellation, ChannelProtectionRequirements bootstrapProtectionRequirements) : this(bootstrapSecurityBindingElement, requireCancellation, defaultCanRenewSession, null) { // empty } public SecureConversationSecurityTokenParameters(SecurityBindingElement bootstrapSecurityBindingElement, bool requireCancellation, bool canRenewSession, ChannelProtectionRequirements bootstrapProtectionRequirements) : base() { this.bootstrapSecurityBindingElement = bootstrapSecurityBindingElement; this.canRenewSession = canRenewSession; if (bootstrapProtectionRequirements != null) this.bootstrapProtectionRequirements = new ChannelProtectionRequirements(bootstrapProtectionRequirements); else { this.bootstrapProtectionRequirements = new ChannelProtectionRequirements(); this.bootstrapProtectionRequirements.IncomingEncryptionParts.AddParts(new MessagePartSpecification(true)); this.bootstrapProtectionRequirements.IncomingSignatureParts.AddParts(new MessagePartSpecification(true)); this.bootstrapProtectionRequirements.OutgoingEncryptionParts.AddParts(new MessagePartSpecification(true)); this.bootstrapProtectionRequirements.OutgoingSignatureParts.AddParts(new MessagePartSpecification(true)); } this.requireCancellation = requireCancellation; } internal protected override bool HasAsymmetricKey { get { return false; } } public SecurityBindingElement BootstrapSecurityBindingElement { get { return this.bootstrapSecurityBindingElement; } set { this.bootstrapSecurityBindingElement = value; } } public ChannelProtectionRequirements BootstrapProtectionRequirements { get { return this.bootstrapProtectionRequirements; } } internal BindingContext IssuerBindingContext { get { return this.issuerBindingContext; } set { if (value != null) { value = value.Clone(); } this.issuerBindingContext = value; } } ISecurityCapabilities BootstrapSecurityCapabilities { get { return this.bootstrapSecurityBindingElement.GetIndividualProperty(); } } public bool RequireCancellation { get { return this.requireCancellation; } set { this.requireCancellation = value; } } public bool CanRenewSession { get { return this.canRenewSession; } set { this.canRenewSession = value; } } internal protected override bool SupportsClientAuthentication { get { return this.BootstrapSecurityCapabilities == null ? false : this.BootstrapSecurityCapabilities.SupportsClientAuthentication; } } internal protected override bool SupportsServerAuthentication { get { return this.BootstrapSecurityCapabilities == null ? false : this.BootstrapSecurityCapabilities.SupportsServerAuthentication; } } internal protected override bool SupportsClientWindowsIdentity { get { return this.BootstrapSecurityCapabilities == null ? false : this.BootstrapSecurityCapabilities.SupportsClientWindowsIdentity; } } protected override SecurityTokenParameters CloneCore() { return new SecureConversationSecurityTokenParameters(this); } internal protected override SecurityKeyIdentifierClause CreateKeyIdentifierClause(SecurityToken token, SecurityTokenReferenceStyle referenceStyle) { if (token is GenericXmlSecurityToken) return base.CreateGenericXmlTokenKeyIdentifierClause(token, referenceStyle); else return this.CreateKeyIdentifierClause(token, referenceStyle); } protected internal override void InitializeSecurityTokenRequirement(SecurityTokenRequirement requirement) { requirement.TokenType = ServiceModelSecurityTokenTypes.SecureConversation; requirement.KeyType = SecurityKeyType.SymmetricKey; requirement.RequireCryptographicToken = true; requirement.Properties[ServiceModelSecurityTokenRequirement.SupportSecurityContextCancellationProperty] = this.RequireCancellation; requirement.Properties[ServiceModelSecurityTokenRequirement.SecureConversationSecurityBindingElementProperty] = this.BootstrapSecurityBindingElement; requirement.Properties[ServiceModelSecurityTokenRequirement.IssuerBindingContextProperty] = this.IssuerBindingContext.Clone(); requirement.Properties[ServiceModelSecurityTokenRequirement.IssuedSecurityTokenParametersProperty] = this.Clone(); } public override string ToString() { StringBuilder sb = new StringBuilder(); sb.AppendLine(base.ToString()); sb.AppendLine(String.Format(CultureInfo.InvariantCulture, "RequireCancellation: {0}", this.requireCancellation.ToString())); if (this.bootstrapSecurityBindingElement == null) { sb.AppendLine(String.Format(CultureInfo.InvariantCulture, "BootstrapSecurityBindingElement: null")); } else { sb.AppendLine(String.Format(CultureInfo.InvariantCulture, "BootstrapSecurityBindingElement:")); sb.AppendLine(" " + this.BootstrapSecurityBindingElement.ToString().Trim().Replace("\n", "\n ")); } return sb.ToString().Trim(); } } }