//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //------------------------------------------------------------ namespace System.ServiceModel.Channels { using System.Collections.Generic; using System.ServiceModel.Description; using System.Net; using System.Net.Security; using System.Runtime.Serialization; using System.Security.Cryptography.X509Certificates; using System.ServiceModel; using System.ServiceModel.Activation; using System.ServiceModel.Security; using System.Xml; using System.ComponentModel; public class HttpsTransportBindingElement : HttpTransportBindingElement, ITransportTokenAssertionProvider { bool requireClientCertificate; MessageSecurityVersion messageSecurityVersion; public HttpsTransportBindingElement() : base() { this.requireClientCertificate = TransportDefaults.RequireClientCertificate; } protected HttpsTransportBindingElement(HttpsTransportBindingElement elementToBeCloned) : base(elementToBeCloned) { this.requireClientCertificate = elementToBeCloned.requireClientCertificate; this.messageSecurityVersion = elementToBeCloned.messageSecurityVersion; } HttpsTransportBindingElement(HttpTransportBindingElement elementToBeCloned) : base(elementToBeCloned) { } [DefaultValue(TransportDefaults.RequireClientCertificate)] public bool RequireClientCertificate { get { return this.requireClientCertificate; } set { this.requireClientCertificate = value; } } public override string Scheme { get { return "https"; } } public override BindingElement Clone() { return new HttpsTransportBindingElement(this); } internal override bool GetSupportsClientAuthenticationImpl(AuthenticationSchemes effectiveAuthenticationSchemes) { return this.requireClientCertificate || base.GetSupportsClientAuthenticationImpl(effectiveAuthenticationSchemes); } internal override bool GetSupportsClientWindowsIdentityImpl(AuthenticationSchemes effectiveAuthenticationSchemes) { return this.requireClientCertificate || base.GetSupportsClientWindowsIdentityImpl(effectiveAuthenticationSchemes); } // In order to generate sp:HttpsToken with the right policy. // See CSD 3105 for detail. internal MessageSecurityVersion MessageSecurityVersion { get { return this.messageSecurityVersion; } set { if (value == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("value")); } this.messageSecurityVersion = value; } } public override IChannelFactory BuildChannelFactory(BindingContext context) { if (context == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); } if (this.MessageHandlerFactory != null) { throw FxTrace.Exception.AsError(new InvalidOperationException(SR.GetString(SR.HttpPipelineNotSupportedOnClientSide, "MessageHandlerFactory"))); } if (!this.CanBuildChannelFactory(context)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("TChannel", SR.GetString(SR.ChannelTypeNotSupported, typeof(TChannel))); } return (IChannelFactory)(object)new HttpsChannelFactory(this, context); } public override IChannelListener BuildChannelListener(BindingContext context) { if (context == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); } HttpChannelListener listener; if (!this.CanBuildChannelListener(context)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("TChannel", SR.GetString(SR.ChannelTypeNotSupported, typeof(TChannel))); } this.UpdateAuthenticationSchemes(context); listener = new HttpsChannelListener(this, context); AspNetEnvironment.Current.ApplyHostedContext(listener, context); return (IChannelListener)(object)listener; } internal static HttpsTransportBindingElement CreateFromHttpBindingElement(HttpTransportBindingElement elementToBeCloned) { return new HttpsTransportBindingElement(elementToBeCloned); } public override T GetProperty(BindingContext context) { if (context == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context"); } if (typeof(T) == typeof(ISecurityCapabilities)) { AuthenticationSchemes effectiveAuthenticationSchemes = HttpTransportBindingElement.GetEffectiveAuthenticationSchemes(this.AuthenticationScheme, context.BindingParameters); return (T)(object)new SecurityCapabilities(this.GetSupportsClientAuthenticationImpl(effectiveAuthenticationSchemes), true, this.GetSupportsClientWindowsIdentityImpl(effectiveAuthenticationSchemes), ProtectionLevel.EncryptAndSign, ProtectionLevel.EncryptAndSign); } else { return base.GetProperty(context); } } internal override void OnExportPolicy(MetadataExporter exporter, PolicyConversionContext context) { base.OnExportPolicy(exporter, context); SecurityBindingElement.ExportPolicyForTransportTokenAssertionProviders(exporter, context); } internal override void OnImportPolicy(MetadataImporter importer, PolicyConversionContext policyContext) { base.OnImportPolicy(importer, policyContext); WSSecurityPolicy sp = null; if (WSSecurityPolicy.TryGetSecurityPolicyDriver(policyContext.GetBindingAssertions(), out sp)) sp.TryImportWsspHttpsTokenAssertion(importer, policyContext.GetBindingAssertions(), this); } #region ITransportTokenAssertionProvider Members public XmlElement GetTransportTokenAssertion() { return null; } #endregion } }