|
//-----------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Security.Tokens
{
using System.IdentityModel.Claims;
using System.ServiceModel;
using System.IdentityModel.Policy;
using System.IdentityModel.Tokens;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.Security.Principal;
using System.Net;
public class SspiSecurityToken : SecurityToken
{
string id;
TokenImpersonationLevel impersonationLevel;
bool allowNtlm;
NetworkCredential networkCredential;
bool extractGroupsForWindowsAccounts;
bool allowUnauthenticatedCallers = SspiSecurityTokenProvider.DefaultAllowUnauthenticatedCallers;
DateTime effectiveTime;
DateTime expirationTime;
public SspiSecurityToken(TokenImpersonationLevel impersonationLevel, bool allowNtlm, NetworkCredential networkCredential)
{
this.impersonationLevel = impersonationLevel;
this.allowNtlm = allowNtlm;
this.networkCredential = SecurityUtils.GetNetworkCredentialsCopy(networkCredential);
this.effectiveTime = DateTime.UtcNow;
this.expirationTime = this.effectiveTime.AddHours(10);
}
public SspiSecurityToken(NetworkCredential networkCredential, bool extractGroupsForWindowsAccounts, bool allowUnauthenticatedCallers)
{
this.networkCredential = SecurityUtils.GetNetworkCredentialsCopy(networkCredential);
this.extractGroupsForWindowsAccounts = extractGroupsForWindowsAccounts;
this.allowUnauthenticatedCallers = allowUnauthenticatedCallers;
this.effectiveTime = DateTime.UtcNow;
this.expirationTime = this.effectiveTime.AddHours(10);
}
public override string Id
{
get
{
if (this.id == null)
this.id = SecurityUniqueId.Create().Value;
return this.id;
}
}
public override DateTime ValidFrom
{
get { return this.effectiveTime; }
}
public override DateTime ValidTo
{
get { return this.expirationTime; }
}
public bool AllowUnauthenticatedCallers
{
get
{
return this.allowUnauthenticatedCallers;
}
}
public TokenImpersonationLevel ImpersonationLevel
{
get
{
return this.impersonationLevel;
}
}
public bool AllowNtlm
{
get
{
return this.allowNtlm;
}
}
public NetworkCredential NetworkCredential
{
get
{
return this.networkCredential;
}
}
public bool ExtractGroupsForWindowsAccounts
{
get
{
return this.extractGroupsForWindowsAccounts;
}
}
public override ReadOnlyCollection<SecurityKey> SecurityKeys
{
get
{
return EmptyReadOnlyCollection<SecurityKey>.Instance;
}
}
}
}
|