|
//-----------------------------------------------------------------------
// <copyright file="Saml2AssertionKeyIdentifierClause.cs" company="Microsoft">
// Copyright (c) Microsoft Corporation. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace System.IdentityModel.Tokens
{
using System;
using System.Collections.Generic;
/// <summary>
/// A SecurityKeyIdentifierClause for referencing SAML2-based security tokens.
/// </summary>
public class Saml2AssertionKeyIdentifierClause : SecurityKeyIdentifierClause
{
/// <summary>
/// Creates a Saml2AssertionKeyIdentifierClause for a given id.
/// </summary>
/// <param name="id">The id defining the clause to create.</param>
public Saml2AssertionKeyIdentifierClause(string id)
: this(id, null, 0)
{
}
/// <summary>
/// Creates a Saml2AssertionKeyIdentifierClause for a given id.
/// </summary>
/// <param name="id">The id defining the clause to create.</param>
/// <param name="derivationNonce">
/// An array of System.Byte that contains the nonce that was used to create a
/// derived key. Sets the value that is returned by the System.IdentityModel.Tokens.SecurityKeyIdentifierClause.GetDerivationNonce()
/// method.
/// </param>
/// <param name="derivationLength">The size of the derived key. Sets the value of the System.IdentityModel.Tokens.SecurityKeyIdentifierClause.DerivationLength
/// property.
/// </param>
public Saml2AssertionKeyIdentifierClause(string id, byte[] derivationNonce, int derivationLength)
: base(null, derivationNonce, derivationLength)
{
if (string.IsNullOrEmpty(id))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");
}
this.Id = id;
}
/// <summary>
/// Indicates whether the <see cref="SecurityKeyIdentifierClause"/> for an assertion matches the specified <see cref="SecurityKeyIdentifierClause"/>.
/// </summary>
/// <param name="assertionId">Id of the assertion</param>
/// <param name="keyIdentifierClause">A <see cref="SecurityKeyIdentifierClause"/> to match.</param>
/// <returns>'True' if the keyIdentifier matches this. 'False' otherwise.</returns>
public static bool Matches(string assertionId, SecurityKeyIdentifierClause keyIdentifierClause)
{
if (string.IsNullOrEmpty(assertionId))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("assertionId");
}
if (null == keyIdentifierClause)
{
return false;
}
// Prefer our own type
Saml2AssertionKeyIdentifierClause saml2Clause = keyIdentifierClause as Saml2AssertionKeyIdentifierClause;
if (null != saml2Clause && StringComparer.Ordinal.Equals(assertionId, saml2Clause.Id))
{
return true;
}
// For compatibility, match against the old WCF type.
// WCF will read SAML2-based key identifier clauses if our
// SecurityTokenSerializer doesn't get the chance. Unfortunately,
// the TokenTypeUri and ValueType properties are internal, so
// we can't check if they're for SAML2 or not. We're just going
// to go with the fact that SAML Assertion IDs, in both versions,
// are supposed to be sufficiently random as to not intersect.
// So, if the AssertionID matches our Id, we'll say that's good
// enough.
SamlAssertionKeyIdentifierClause wcfClause = keyIdentifierClause as SamlAssertionKeyIdentifierClause;
if (null != wcfClause && StringComparer.Ordinal.Equals(assertionId, wcfClause.AssertionId))
{
return true;
}
// Out of options.
return false;
}
/// <summary>
/// Indicates whether the <see cref="SecurityKeyIdentifierClause"/> for this instance is matches the specified <see cref="SecurityKeyIdentifierClause"/>.
/// </summary>
/// <param name="keyIdentifierClause">A <see cref="SecurityKeyIdentifierClause"/> to match.</param>
/// <returns>True if the keyIdentifier matches this. False otherwise.</returns>
public override bool Matches(SecurityKeyIdentifierClause keyIdentifierClause)
{
return ReferenceEquals(this, keyIdentifierClause) || Matches(Id, keyIdentifierClause);
}
/// <summary>
/// Returns a <see cref="String"/> that represents the current <see cref="Object"/>.
/// </summary>
/// <returns>The Id of this instance as a string.</returns>
public override string ToString()
{
return "Saml2AssertionKeyIdentifierClause( Id = '" + Id + "' )";
}
}
}
|