|
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------------------------
namespace System.ServiceModel.Configuration
{
using System;
using System.Configuration;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Security.Cryptography.X509Certificates;
using System.ServiceModel;
using System.ServiceModel.Security;
using System.Xml;
public sealed partial class IssuedTokenServiceElement : ConfigurationElement
{
public IssuedTokenServiceElement()
{
}
[ConfigurationProperty(ConfigurationStrings.AllowedAudienceUris)]
public AllowedAudienceUriElementCollection AllowedAudienceUris
{
get { return (AllowedAudienceUriElementCollection)base[ConfigurationStrings.AllowedAudienceUris]; }
}
[ConfigurationProperty(ConfigurationStrings.AudienceUriMode, DefaultValue = IssuedTokenServiceCredential.DefaultAudienceUriMode)]
[ServiceModelEnumValidator(typeof(AudienceUriModeValidationHelper))]
public AudienceUriMode AudienceUriMode
{
get { return (AudienceUriMode)base[ConfigurationStrings.AudienceUriMode]; }
set { base[ConfigurationStrings.AudienceUriMode] = value; }
}
[ConfigurationProperty(ConfigurationStrings.CustomCertificateValidatorType, DefaultValue = "")]
[StringValidator(MinLength = 0)]
public string CustomCertificateValidatorType
{
get { return (string)base[ConfigurationStrings.CustomCertificateValidatorType]; }
set
{
if (String.IsNullOrEmpty(value))
{
value = String.Empty;
}
base[ConfigurationStrings.CustomCertificateValidatorType] = value;
}
}
[ConfigurationProperty(ConfigurationStrings.CertificateValidationMode, DefaultValue = IssuedTokenServiceCredential.DefaultCertificateValidationMode)]
[ServiceModelEnumValidator(typeof(X509CertificateValidationModeHelper))]
public X509CertificateValidationMode CertificateValidationMode
{
get { return (X509CertificateValidationMode)base[ConfigurationStrings.CertificateValidationMode]; }
set { base[ConfigurationStrings.CertificateValidationMode] = value; }
}
[ConfigurationProperty(ConfigurationStrings.RevocationMode, DefaultValue = IssuedTokenServiceCredential.DefaultRevocationMode)]
[StandardRuntimeEnumValidator(typeof(X509RevocationMode))]
public X509RevocationMode RevocationMode
{
get { return (X509RevocationMode)base[ConfigurationStrings.RevocationMode]; }
set { base[ConfigurationStrings.RevocationMode] = value; }
}
[ConfigurationProperty(ConfigurationStrings.TrustedStoreLocation, DefaultValue = IssuedTokenServiceCredential.DefaultTrustedStoreLocation)]
[StandardRuntimeEnumValidator(typeof(StoreLocation))]
public StoreLocation TrustedStoreLocation
{
get { return (StoreLocation)base[ConfigurationStrings.TrustedStoreLocation]; }
set { base[ConfigurationStrings.TrustedStoreLocation] = value; }
}
[ConfigurationProperty(ConfigurationStrings.SamlSerializerType, DefaultValue = "")]
[StringValidator(MinLength = 0)]
public string SamlSerializerType
{
get { return (string)base[ConfigurationStrings.SamlSerializerType]; }
set
{
if (String.IsNullOrEmpty(value))
{
value = String.Empty;
}
base[ConfigurationStrings.SamlSerializerType] = value;
}
}
[ConfigurationProperty(ConfigurationStrings.KnownCertificates)]
public X509CertificateTrustedIssuerElementCollection KnownCertificates
{
get { return (X509CertificateTrustedIssuerElementCollection)base[ConfigurationStrings.KnownCertificates]; }
}
[ConfigurationProperty(ConfigurationStrings.AllowUntrustedRsaIssuers, DefaultValue = IssuedTokenServiceCredential.DefaultAllowUntrustedRsaIssuers)]
public bool AllowUntrustedRsaIssuers
{
get { return (bool)base[ConfigurationStrings.AllowUntrustedRsaIssuers]; }
set { base[ConfigurationStrings.AllowUntrustedRsaIssuers] = value; }
}
public void Copy(IssuedTokenServiceElement from)
{
if (this.IsReadOnly())
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ConfigurationErrorsException(SR.GetString(SR.ConfigReadOnly)));
}
if (null == from)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("from");
}
this.SamlSerializerType = from.SamlSerializerType;
#pragma warning suppress 56506 // Microsoft; ElementInformation is never null.
PropertyInformationCollection propertyInfo = from.ElementInformation.Properties;
if (propertyInfo[ConfigurationStrings.KnownCertificates].ValueOrigin != PropertyValueOrigin.Default)
{
this.KnownCertificates.Clear();
foreach (X509CertificateTrustedIssuerElement src in from.KnownCertificates)
{
X509CertificateTrustedIssuerElement copy = new X509CertificateTrustedIssuerElement();
copy.Copy(src);
this.KnownCertificates.Add(copy);
}
}
if (propertyInfo[ConfigurationStrings.AllowedAudienceUris].ValueOrigin != PropertyValueOrigin.Default)
{
this.AllowedAudienceUris.Clear();
foreach (AllowedAudienceUriElement src in from.AllowedAudienceUris)
{
AllowedAudienceUriElement copy = new AllowedAudienceUriElement();
copy.AllowedAudienceUri = src.AllowedAudienceUri;
this.AllowedAudienceUris.Add(copy);
}
}
this.AllowUntrustedRsaIssuers = from.AllowUntrustedRsaIssuers;
this.CertificateValidationMode = from.CertificateValidationMode;
this.AudienceUriMode = from.AudienceUriMode;
this.CustomCertificateValidatorType = from.CustomCertificateValidatorType;
this.RevocationMode = from.RevocationMode;
this.TrustedStoreLocation = from.TrustedStoreLocation;
}
internal void ApplyConfiguration(IssuedTokenServiceCredential issuedToken)
{
if (issuedToken == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("issuedToken");
}
issuedToken.CertificateValidationMode = this.CertificateValidationMode;
issuedToken.RevocationMode = this.RevocationMode;
issuedToken.TrustedStoreLocation = this.TrustedStoreLocation;
issuedToken.AudienceUriMode = this.AudienceUriMode;
if (!string.IsNullOrEmpty(this.CustomCertificateValidatorType))
{
Type type = System.Type.GetType(this.CustomCertificateValidatorType, true);
if (!typeof(X509CertificateValidator).IsAssignableFrom(type))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ConfigurationErrorsException(
SR.GetString(SR.ConfigInvalidCertificateValidatorType, this.CustomCertificateValidatorType, typeof(X509CertificateValidator).ToString())));
}
issuedToken.CustomCertificateValidator = (X509CertificateValidator)Activator.CreateInstance(type);
}
if (!string.IsNullOrEmpty(this.SamlSerializerType))
{
Type type = System.Type.GetType(this.SamlSerializerType, true);
if (!typeof(SamlSerializer).IsAssignableFrom(type))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ConfigurationErrorsException(
SR.GetString(SR.ConfigInvalidSamlSerializerType, this.SamlSerializerType, typeof(SamlSerializer).ToString())));
}
issuedToken.SamlSerializer = (SamlSerializer)Activator.CreateInstance(type);
}
PropertyInformationCollection propertyInfo = this.ElementInformation.Properties;
if (propertyInfo[ConfigurationStrings.KnownCertificates].ValueOrigin != PropertyValueOrigin.Default)
{
foreach (X509CertificateTrustedIssuerElement src in this.KnownCertificates)
{
issuedToken.KnownCertificates.Add(SecurityUtils.GetCertificateFromStore(src.StoreName, src.StoreLocation, src.X509FindType, src.FindValue, null));
}
}
if (propertyInfo[ConfigurationStrings.AllowedAudienceUris].ValueOrigin != PropertyValueOrigin.Default)
{
foreach (AllowedAudienceUriElement src in this.AllowedAudienceUris)
{
issuedToken.AllowedAudienceUris.Add(src.AllowedAudienceUri);
}
}
issuedToken.AllowUntrustedRsaIssuers = this.AllowUntrustedRsaIssuers;
}
}
}
|