|
//-----------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace System.ServiceModel.Security.Tokens
{
using System.Xml;
using System.ServiceModel;
using System.Collections.ObjectModel;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
public class SecurityContextSecurityTokenResolver : SecurityTokenResolver, ISecurityContextSecurityTokenCache
{
SecurityContextTokenCache tokenCache;
bool removeOldestTokensOnCacheFull;
int capacity;
TimeSpan clockSkew = SecurityProtocolFactory.defaultMaxClockSkew;
public SecurityContextSecurityTokenResolver( int securityContextCacheCapacity, bool removeOldestTokensOnCacheFull )
: this( securityContextCacheCapacity, removeOldestTokensOnCacheFull, SecurityProtocolFactory.defaultMaxClockSkew )
{
}
public SecurityContextSecurityTokenResolver(int securityContextCacheCapacity, bool removeOldestTokensOnCacheFull, TimeSpan clockSkew)
{
if (securityContextCacheCapacity <= 0)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("securityContextCacheCapacity", SR.GetString(SR.ValueMustBeGreaterThanZero)));
}
if ( clockSkew < TimeSpan.Zero )
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new ArgumentOutOfRangeException( "clockSkew", SR.GetString( SR.TimeSpanCannotBeLessThanTimeSpanZero ) ) );
}
this.capacity = securityContextCacheCapacity;
this.removeOldestTokensOnCacheFull = removeOldestTokensOnCacheFull;
this.clockSkew = clockSkew;
this.tokenCache = new SecurityContextTokenCache(this.capacity, this.removeOldestTokensOnCacheFull, clockSkew);
}
public int SecurityContextTokenCacheCapacity
{
get
{
return this.capacity;
}
}
public TimeSpan ClockSkew
{
get
{
return this.clockSkew;
}
}
public bool RemoveOldestTokensOnCacheFull
{
get
{
return this.removeOldestTokensOnCacheFull;
}
}
public void AddContext(SecurityContextSecurityToken token)
{
this.tokenCache.AddContext(token);
}
public bool TryAddContext(SecurityContextSecurityToken token)
{
return this.tokenCache.TryAddContext(token);
}
public void ClearContexts()
{
this.tokenCache.ClearContexts();
}
public void RemoveContext(UniqueId contextId, UniqueId generation)
{
this.tokenCache.RemoveContext(contextId, generation, false);
}
public void RemoveAllContexts(UniqueId contextId)
{
this.tokenCache.RemoveAllContexts(contextId);
}
public SecurityContextSecurityToken GetContext(UniqueId contextId, UniqueId generation)
{
return this.tokenCache.GetContext(contextId, generation);
}
public Collection<SecurityContextSecurityToken> GetAllContexts(UniqueId contextId)
{
return this.tokenCache.GetAllContexts(contextId);
}
public void UpdateContextCachingTime(SecurityContextSecurityToken context, DateTime expirationTime)
{
this.tokenCache.UpdateContextCachingTime(context, expirationTime);
}
protected override bool TryResolveTokenCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityToken token)
{
SecurityContextKeyIdentifierClause sctSkiClause = keyIdentifierClause as SecurityContextKeyIdentifierClause;
if (sctSkiClause != null)
{
token = this.tokenCache.GetContext(sctSkiClause.ContextId, sctSkiClause.Generation);
}
else
{
token = null;
}
return (token != null);
}
protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key)
{
SecurityToken sct;
if (TryResolveTokenCore(keyIdentifierClause, out sct))
{
key = ((SecurityContextSecurityToken)sct).SecurityKeys[0];
return true;
}
else
{
key = null;
return false;
}
}
protected override bool TryResolveTokenCore(SecurityKeyIdentifier keyIdentifier, out SecurityToken token)
{
SecurityContextKeyIdentifierClause sctSkiClause;
if (keyIdentifier.TryFind<SecurityContextKeyIdentifierClause>(out sctSkiClause))
{
return TryResolveToken(sctSkiClause, out token);
}
else
{
token = null;
return false;
}
}
}
}
|