183 lines
5.6 KiB
C#
183 lines
5.6 KiB
C#
//
|
|
// SecurityTokenResolver.cs
|
|
//
|
|
// Author:
|
|
// Atsushi Enomoto <atsushi@ximian.com>
|
|
//
|
|
// Copyright (C) 2005-2006 Novell, Inc. http://www.novell.com
|
|
//
|
|
// Permission is hereby granted, free of charge, to any person obtaining
|
|
// a copy of this software and associated documentation files (the
|
|
// "Software"), to deal in the Software without restriction, including
|
|
// without limitation the rights to use, copy, modify, merge, publish,
|
|
// distribute, sublicense, and/or sell copies of the Software, and to
|
|
// permit persons to whom the Software is furnished to do so, subject to
|
|
// the following conditions:
|
|
//
|
|
// The above copyright notice and this permission notice shall be
|
|
// included in all copies or substantial portions of the Software.
|
|
//
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
|
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
//
|
|
using System;
|
|
using System.Collections.ObjectModel;
|
|
using System.IdentityModel.Tokens;
|
|
|
|
namespace System.IdentityModel.Selectors
|
|
{
|
|
public abstract class SecurityTokenResolver
|
|
{
|
|
protected SecurityTokenResolver ()
|
|
{
|
|
}
|
|
|
|
public static SecurityTokenResolver CreateDefaultSecurityTokenResolver (
|
|
ReadOnlyCollection<SecurityToken> tokens,
|
|
bool canMatchLocalId)
|
|
{
|
|
return new DefaultSecurityTokenResolver (tokens, canMatchLocalId);
|
|
}
|
|
|
|
public SecurityKey ResolveSecurityKey (
|
|
SecurityKeyIdentifierClause keyIdentifierClause)
|
|
{
|
|
if (keyIdentifierClause == null)
|
|
throw new ArgumentNullException ("keyIdentifierClause");
|
|
SecurityKey ret;
|
|
if (!TryResolveSecurityKey (keyIdentifierClause, out ret))
|
|
throw new InvalidOperationException (String.Format ("Could not resolve security key with the key identifier clause '{0}'", keyIdentifierClause));
|
|
return ret;
|
|
}
|
|
|
|
public SecurityToken ResolveToken (
|
|
SecurityKeyIdentifier keyIdentifier)
|
|
{
|
|
if (keyIdentifier == null)
|
|
throw new ArgumentNullException ("keyIdentifierClause");
|
|
SecurityToken ret;
|
|
if (!TryResolveToken (keyIdentifier, out ret))
|
|
throw new InvalidOperationException (String.Format ("Could not resolve security token from the key identifier '{0}'", keyIdentifier));
|
|
return ret;
|
|
}
|
|
|
|
public SecurityToken ResolveToken (
|
|
SecurityKeyIdentifierClause keyIdentifierClause)
|
|
{
|
|
if (keyIdentifierClause == null)
|
|
throw new ArgumentNullException ("keyIdentifierClause");
|
|
SecurityToken ret;
|
|
if (!TryResolveToken (keyIdentifierClause, out ret))
|
|
throw new InvalidOperationException (String.Format ("Could not resolve security token from the key identifier clause '{0}'", keyIdentifierClause));
|
|
return ret;
|
|
}
|
|
|
|
public bool TryResolveSecurityKey (
|
|
SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key)
|
|
{
|
|
return TryResolveSecurityKeyCore (keyIdentifierClause, out key);
|
|
}
|
|
|
|
public bool TryResolveToken (
|
|
SecurityKeyIdentifier keyIdentifier,
|
|
out SecurityToken token)
|
|
{
|
|
return TryResolveTokenCore (keyIdentifier, out token);
|
|
}
|
|
|
|
public bool TryResolveToken (
|
|
SecurityKeyIdentifierClause keyIdentifierClause,
|
|
out SecurityToken token)
|
|
{
|
|
return TryResolveTokenCore (keyIdentifierClause, out token);
|
|
}
|
|
|
|
protected abstract bool TryResolveSecurityKeyCore (
|
|
SecurityKeyIdentifierClause keyIdentifierClause,
|
|
out SecurityKey key);
|
|
|
|
protected abstract bool TryResolveTokenCore (
|
|
SecurityKeyIdentifier keyIdentifier,
|
|
out SecurityToken token);
|
|
|
|
protected abstract bool TryResolveTokenCore (
|
|
SecurityKeyIdentifierClause keyIdentifierClause,
|
|
out SecurityToken token);
|
|
|
|
|
|
class DefaultSecurityTokenResolver : SecurityTokenResolver
|
|
{
|
|
ReadOnlyCollection<SecurityToken> tokens;
|
|
bool match_local;
|
|
|
|
public DefaultSecurityTokenResolver (
|
|
ReadOnlyCollection<SecurityToken> tokens,
|
|
bool canMatchLocalId)
|
|
{
|
|
this.tokens = tokens;
|
|
this.match_local = canMatchLocalId;
|
|
}
|
|
|
|
protected override bool TryResolveSecurityKeyCore (
|
|
SecurityKeyIdentifierClause clause,
|
|
out SecurityKey key)
|
|
{
|
|
if (clause == null)
|
|
throw new ArgumentNullException ("clause");
|
|
foreach (SecurityToken token in tokens)
|
|
if (TokenMatchesClause (token, clause)) {
|
|
key = token.ResolveKeyIdentifierClause (clause);
|
|
if (key != null)
|
|
return true;
|
|
}
|
|
key = null;
|
|
return false;
|
|
}
|
|
|
|
protected override bool TryResolveTokenCore (
|
|
SecurityKeyIdentifier keyIdentifier,
|
|
out SecurityToken token)
|
|
{
|
|
if (keyIdentifier == null)
|
|
throw new ArgumentNullException ("keyIdentifier");
|
|
foreach (SecurityKeyIdentifierClause kic in keyIdentifier)
|
|
if (TryResolveTokenCore (kic, out token))
|
|
return true;
|
|
token = null;
|
|
return false;
|
|
}
|
|
|
|
protected override bool TryResolveTokenCore (
|
|
SecurityKeyIdentifierClause clause,
|
|
out SecurityToken token)
|
|
{
|
|
if (clause == null)
|
|
throw new ArgumentNullException ("clause");
|
|
foreach (SecurityToken t in tokens)
|
|
if (TokenMatchesClause (t, clause)) {
|
|
token = t;
|
|
return true;
|
|
}
|
|
token = null;
|
|
return false;
|
|
}
|
|
|
|
bool TokenMatchesClause (SecurityToken token, SecurityKeyIdentifierClause clause)
|
|
{
|
|
if (token.MatchesKeyIdentifierClause (clause))
|
|
return true;
|
|
if (!match_local)
|
|
return false;
|
|
LocalIdKeyIdentifierClause l =
|
|
clause as LocalIdKeyIdentifierClause;
|
|
return l != null && l.Matches (token.Id, token.GetType ());
|
|
}
|
|
}
|
|
}
|
|
}
|