mono/linux-packaging-mono
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
5a9d27f245ff6eb3ba4dcdb9872f009423a1e03a
linux-packaging-mono/mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SamlAuthorizationDecisionStatement.cs
Xamarin Public Jenkins (auto-signing) 966bba02bb Imported Upstream version 5.2.0.175 
Former-commit-id: bb0468d0f257ff100aa895eb5fe583fb5dfbf900
2017-06-07 13:16:24 +00:00

235 lines
7.6 KiB
C#
Raw Blame History

//
// SamlAuthorizationDecisionStatement.cs
//
// Author:
// Atsushi Enomoto <atsushi@ximian.com>
//
// Copyright (C) 2005 Novell, Inc. http://www.novell.com
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Collections.Generic;
using System.Xml;
using System.IdentityModel.Claims;
using System.IdentityModel.Policy;
using System.IdentityModel.Selectors;
namespace System.IdentityModel.Tokens
{
public class SamlAuthorizationDecisionStatement : SamlSubjectStatement
{
public static string ClaimType {
get { return "http://schemas.microsoft.com/mb/2005/09/ClaimType/SamlAuthorizationDecision"; }
}
public SamlAuthorizationDecisionStatement ()
{
}
public SamlAuthorizationDecisionStatement (
SamlSubject samlSubject, string resource,
SamlAccessDecision accessDecision,
IEnumerable<SamlAction> samlActions)
: base (samlSubject)
{
if (samlActions == null)
throw new ArgumentNullException ("samlActions");
if (resource == null || resource.Length == 0)
throw new SecurityTokenException ("non-zero length string must be set to Resource of SAML AuthorizationDecisionStatement.");
Resource = resource;
AccessDecision = accessDecision;
foreach (SamlAction a in samlActions) {
if (a == null)
throw new ArgumentException ("samlActions contain null item.");
actions.Add (a);
}
}
public SamlAuthorizationDecisionStatement (
SamlSubject samlSubject, string resource,
SamlAccessDecision accessDecision,
IEnumerable<SamlAction> samlActions,
SamlEvidence samlEvidence)
: this (samlSubject, resource, accessDecision, samlActions)
{
evidence = samlEvidence;
}
SamlAccessDecision access_decision;
SamlEvidence evidence;
string resource;
List<SamlAction> actions = new List<SamlAction> ();
public IList<SamlAction> SamlActions {
get { return actions; }
}
public SamlAccessDecision AccessDecision {
get { return access_decision; }
set {
CheckReadOnly ();
access_decision = value;
}
}
public SamlEvidence Evidence {
get { return evidence; }
set {
CheckReadOnly ();
evidence = value;
}
}
public string Resource {
get { return resource; }
set {
CheckReadOnly ();
if (value == null || value.Length == 0)
throw new ArgumentException ("non-zero length string must be set to Resource of SAML AuthorizationDecisionStatement.");
resource = value;
}
}
public override bool IsReadOnly {
get { return base.IsReadOnly; }
}
private void CheckReadOnly ()
{
if (IsReadOnly)
throw new InvalidOperationException ("This SAML assertion is read-only.");
}
public override void MakeReadOnly ()
{
base.MakeReadOnly ();
}
[MonoTODO]
protected override void AddClaimsToList (IList<Claim> claims)
{
throw new NotImplementedException ();
}
public override void ReadXml (XmlDictionaryReader reader,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer,
SecurityTokenResolver outOfBandTokenResolver)
{
if (reader == null)
throw new ArgumentNullException ("reader");
if (samlSerializer == null)
throw new ArgumentNullException ("samlSerializer");
string decision = reader.GetAttribute ("Decision");
switch (decision) {
case "Permit":
AccessDecision = SamlAccessDecision.Permit;
break;
case "Deny":
AccessDecision = SamlAccessDecision.Deny;
break;
case "Indeterminate":
AccessDecision = SamlAccessDecision.Indeterminate;
break;
default:
throw new SecurityTokenException (String.Format ("AccessDecision value is wrong: {0}", decision));
}
Resource = reader.GetAttribute ("Resource");
reader.ReadStartElement ("AuthorizationDecisionStatement", SamlConstants.Namespace);
reader.MoveToContent ();
SamlSubject = new SamlSubject ();
SamlSubject.ReadXml (reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
SamlActions.Clear ();
for (reader.MoveToContent ();
reader.LocalName == "Action" &&
reader.NamespaceURI == SamlConstants.Namespace;
reader.MoveToContent ()) {
SamlAction action = new SamlAction ();
action.ReadXml (reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
SamlActions.Add (action);
}
if (reader.LocalName == "Evidence" &&
reader.NamespaceURI == SamlConstants.Namespace) {
Evidence = new SamlEvidence ();
Evidence.ReadXml (reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
reader.MoveToContent ();
}
reader.ReadEndElement ();
// verify contents
if (SamlActions.Count == 0)
throw new SecurityTokenException ("SAML AuthorizationDecisionStatement must contain at least one Action.");
if (SamlSubject == null)
throw new SecurityTokenException ("SAML Subject must be set to SAML AuthorizationDecisionStatement before being written.");
if (Resource == null || Resource.Length == 0)
throw new SecurityTokenException ("non-zero string must be set to Resource on SAML AuthorizationDecisionStatement.");
}
public override void WriteXml (XmlDictionaryWriter writer,
SamlSerializer samlSerializer,
SecurityTokenSerializer keyInfoSerializer)
{
if (writer == null)
throw new ArgumentNullException ("writer");
if (samlSerializer == null)
throw new ArgumentNullException ("samlSerializer");
if (SamlActions.Count == 0)
throw new SecurityTokenException ("SAML AuthorizationDecisionStatement must contain at least one Action.");
if (SamlSubject == null)
throw new SecurityTokenException ("SAML Subject must be set to SAML AuthorizationDecisionStatement before being written.");
if (Resource == null || Resource.Length == 0)
throw new SecurityTokenException ("non-zero string must be set to Resource on SAML AuthorizationDecisionStatement.");
writer.WriteStartElement ("saml", "AuthorizationDecisionStatement", SamlConstants.Namespace);
writer.WriteStartAttribute ("Decision");
switch (AccessDecision) {
case SamlAccessDecision.Permit:
writer.WriteString ("Permit");
break;
case SamlAccessDecision.Deny:
writer.WriteString ("Deny");
break;
case SamlAccessDecision.Indeterminate:
writer.WriteString ("Indeterminate");
break;
default:
throw new ArgumentOutOfRangeException ("AccessDecision value is wrong.");
}
writer.WriteEndAttribute ();
writer.WriteAttributeString ("Resource", Resource);
SamlSubject.WriteXml (writer, samlSerializer, keyInfoSerializer);
foreach (SamlAction action in SamlActions)
action.WriteXml (writer, samlSerializer, keyInfoSerializer);
if (Evidence != null)
Evidence.WriteXml (writer, samlSerializer, keyInfoSerializer);
writer.WriteEndElement ();
}
}
}
Reference in New Issue View Git Blame Copy Permalink