2 // SecurityContextSecretSecurityToken.cs
5 // Atsushi Enomoto <atsushi@ximian.com>
7 // Copyright (C) 2006-2007 Novell, Inc. http://www.novell.com
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Collections.ObjectModel;
31 using System.IdentityModel.Policy;
32 using System.IdentityModel.Tokens;
34 namespace System.ServiceModel.Security.Tokens
36 public class SecurityContextSecurityToken : SecurityToken
38 #region Static members
40 public static SecurityContextSecurityToken CreateCookieSecurityContextToken (
46 ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies,
47 SecurityStateEncoder securityStateEncoder)
49 return CreateCookieSecurityContextToken (
50 contextId, id, key, validFrom, validTo, new UniqueId (Guid.NewGuid ()), validFrom, validTo, authorizationPolicies, securityStateEncoder);
53 public static SecurityContextSecurityToken CreateCookieSecurityContextToken (
59 UniqueId keyGeneration,
60 DateTime keyEffectiveTime,
61 DateTime keyExpirationTime,
62 ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies,
63 SecurityStateEncoder securityStateEncoder)
65 if (securityStateEncoder == null)
66 throw new ArgumentNullException ("securityStateEncoder");
68 SecurityContextSecurityToken sct = new SecurityContextSecurityToken (
69 contextId, id, key, validFrom, validTo,
70 keyGeneration, keyEffectiveTime,
71 keyExpirationTime, authorizationPolicies);
72 byte [] rawdata = SslnegoCookieResolver.CreateData (
73 contextId, keyGeneration, key,
75 keyEffectiveTime, keyExpirationTime);
76 sct.cookie = securityStateEncoder.EncodeSecurityState (rawdata);
83 InMemorySymmetricSecurityKey key;
84 ReadOnlyCollection<SecurityKey> keys;
85 DateTime token_since, token_until, key_since, key_until;
86 UniqueId context_id, key_generation;
87 ReadOnlyCollection<IAuthorizationPolicy> policies;
90 public SecurityContextSecurityToken (
95 : this (contextId, new UniqueId ().ToString (), key, validFrom, validTo)
99 public SecurityContextSecurityToken (
105 : this (contextId, id, key, validFrom, validTo, null)
109 public SecurityContextSecurityToken (
115 ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies)
117 context_id = contextId;
119 this.key = new InMemorySymmetricSecurityKey (key);
120 token_since = validFrom;
121 token_until = validTo;
122 if (authorizationPolicies == null)
123 authorizationPolicies = new ReadOnlyCollection<IAuthorizationPolicy> (new Collection<IAuthorizationPolicy> ());
124 policies = authorizationPolicies;
127 public SecurityContextSecurityToken (
133 UniqueId keyGeneration,
134 DateTime keyEffectiveTime,
135 DateTime keyExpirationTime,
136 ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies)
137 : this (contextId, id, key, validFrom, validTo, authorizationPolicies)
139 key_generation = keyGeneration;
140 key_since = keyEffectiveTime;
141 key_until = keyExpirationTime;
144 public ReadOnlyCollection<IAuthorizationPolicy> AuthorizationPolicies {
145 get { return policies; }
148 public UniqueId ContextId {
149 get { return context_id; }
152 public UniqueId KeyGeneration {
153 get { return key_generation; }
156 public DateTime KeyEffectiveTime {
157 get { return key_since; }
160 public DateTime KeyExpirationTime {
161 get { return key_until; }
164 public override DateTime ValidFrom {
165 get { return token_since; }
168 public override DateTime ValidTo {
169 get { return token_until; }
172 public override string Id {
176 public override ReadOnlyCollection<SecurityKey> SecurityKeys {
179 keys = new ReadOnlyCollection<SecurityKey> (new SecurityKey [] {key});
184 internal byte [] Cookie {
185 get { return cookie; }
186 set { cookie = value; }
189 public override bool CanCreateKeyIdentifierClause<T> ()
191 return typeof (T) == typeof (SecurityContextKeyIdentifierClause);
194 public override T CreateKeyIdentifierClause<T> ()
197 if (t == typeof (SecurityContextKeyIdentifierClause))
198 return (T) (object) new SecurityContextKeyIdentifierClause (ContextId, KeyGeneration);
200 throw new NotSupportedException (String.Format ("X509SecurityToken does not support creation of {0}.", t));
203 public override bool MatchesKeyIdentifierClause (SecurityKeyIdentifierClause clause)
205 SecurityContextKeyIdentifierClause sctic =
206 clause as SecurityContextKeyIdentifierClause;
207 return sctic != null && sctic.ContextId == ContextId &&
208 sctic.Generation == KeyGeneration;
212 public override string ToString ()
214 return base.ToString ();
projects / mono.git / blob