2 // SamlSecurityTokenAuthenticator.cs
5 // Atsushi Enomoto <atsushi@ximian.com>
7 // Copyright (C) 2006 Novell, Inc. http://www.novell.com
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Collections.Generic;
30 using System.Collections.ObjectModel;
31 using System.IdentityModel.Claims;
32 using System.IdentityModel.Policy;
33 using System.IdentityModel.Tokens;
34 using System.Security.Principal;
37 namespace System.IdentityModel.Selectors
39 public class SamlSecurityTokenAuthenticator
40 : SecurityTokenAuthenticator
42 IList<SecurityTokenAuthenticator> authenticators;
43 TimeSpan max_clock_skew;
45 public SamlSecurityTokenAuthenticator (
46 IList<SecurityTokenAuthenticator> supportingAuthenticators)
47 : this (supportingAuthenticators, TimeSpan.MaxValue)
51 public SamlSecurityTokenAuthenticator (
52 IList<SecurityTokenAuthenticator> supportingAuthenticators,
53 TimeSpan maxClockSkew)
55 if (supportingAuthenticators == null)
56 throw new ArgumentNullException ("supportingAuthenticators");
57 authenticators = supportingAuthenticators;
58 max_clock_skew = maxClockSkew;
61 protected override bool CanValidateTokenCore (SecurityToken token)
63 return token is SamlSecurityToken;
67 protected override ReadOnlyCollection<IAuthorizationPolicy>
68 ValidateTokenCore (SecurityToken token)
70 throw new NotImplementedException ();
74 public virtual ClaimSet ResolveClaimSet (SecurityKeyIdentifier keyIdentifier)
76 throw new NotImplementedException ();
79 public virtual ClaimSet ResolveClaimSet (SecurityToken token)
81 return ResolveClaimSet (new SecurityKeyIdentifier (
82 token.CreateKeyIdentifierClause<SamlAssertionKeyIdentifierClause> ()));
86 public virtual IIdentity ResolveIdentity (SecurityKeyIdentifier keyIdentifier)
88 throw new NotImplementedException ();
91 public virtual IIdentity ResolveIdentity (SecurityToken token)
93 return ResolveIdentity (new SecurityKeyIdentifier (
94 token.CreateKeyIdentifierClause<SamlAssertionKeyIdentifierClause> ()));
97 class SamlAuthorizationPolicy : SystemIdentityAuthorizationPolicy
99 SamlSecurityTokenAuthenticator authenticator;
100 SamlSecurityToken token;
102 public SamlAuthorizationPolicy (SamlSecurityTokenAuthenticator authenticator, SamlSecurityToken token)
103 : base (new UniqueId ().ToString ())
105 this.authenticator = authenticator;
109 public override DateTime ExpirationTime {
110 get { return token.ValidTo; }
113 public override ClaimSet CreateClaims ()
115 return authenticator.ResolveClaimSet (token);
118 public override IIdentity CreateIdentity ()
120 return authenticator.ResolveIdentity (token);