1 //------------------------------------------------------------
2 // Copyright (c) Microsoft Corporation. All rights reserved.
3 //------------------------------------------------------------
5 namespace System.ServiceModel.Security
8 using System.ServiceModel.Channels;
9 using System.ServiceModel;
10 using System.ServiceModel.Description;
11 using System.Collections.Generic;
12 using System.Collections.ObjectModel;
13 using System.Diagnostics;
14 using System.Runtime.Serialization;
15 using System.IdentityModel.Claims;
16 using System.IdentityModel.Policy;
17 using System.IdentityModel.Selectors;
18 using System.IdentityModel.Tokens;
19 using System.Security.Principal;
20 using System.Security.Cryptography;
21 using System.ServiceModel.Security.Tokens;
25 abstract class TrustDriver
27 // issued tokens control
28 public virtual bool IsIssuedTokensSupported
36 // issued tokens feature
37 public virtual string IssuedTokensHeaderName
41 // PreSharp Bug: Property get methods should not throw exceptions.
42 #pragma warning suppress 56503
43 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TrustDriverVersionDoesNotSupportIssuedTokens)));
47 // issued tokens feature
48 public virtual string IssuedTokensHeaderNamespace
52 // PreSharp Bug: Property get methods should not throw exceptions.
53 #pragma warning suppress 56503
54 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TrustDriverVersionDoesNotSupportIssuedTokens)));
59 public virtual bool IsSessionSupported
67 public abstract XmlDictionaryString RequestSecurityTokenAction { get; }
69 public abstract XmlDictionaryString RequestSecurityTokenResponseAction { get; }
71 public abstract XmlDictionaryString RequestSecurityTokenResponseFinalAction { get; }
74 public virtual string RequestTypeClose
78 // PreSharp Bug: Property get methods should not throw exceptions.
79 #pragma warning suppress 56503
80 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TrustDriverVersionDoesNotSupportSession)));
84 public abstract string RequestTypeIssue { get; }
87 public virtual string RequestTypeRenew
91 // PreSharp Bug: Property get methods should not throw exceptions.
92 #pragma warning suppress 56503
93 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TrustDriverVersionDoesNotSupportSession)));
97 public abstract string ComputedKeyAlgorithm { get; }
99 public abstract SecurityStandardsManager StandardsManager { get; }
101 public abstract XmlDictionaryString Namespace { get; }
103 // RST specific method
104 public abstract RequestSecurityToken CreateRequestSecurityToken(XmlReader reader);
106 // RSTR specific method
107 public abstract RequestSecurityTokenResponse CreateRequestSecurityTokenResponse(XmlReader reader);
109 // RSTRC specific method
110 public abstract RequestSecurityTokenResponseCollection CreateRequestSecurityTokenResponseCollection(XmlReader xmlReader);
112 public abstract bool IsAtRequestSecurityTokenResponse(XmlReader reader);
114 public abstract bool IsAtRequestSecurityTokenResponseCollection(XmlReader reader);
116 public abstract bool IsRequestedSecurityTokenElement(string name, string nameSpace);
118 public abstract bool IsRequestedProofTokenElement(string name, string nameSpace);
120 public abstract T GetAppliesTo<T>(RequestSecurityToken rst, XmlObjectSerializer serializer);
122 public abstract T GetAppliesTo<T>(RequestSecurityTokenResponse rstr, XmlObjectSerializer serializer);
124 public abstract void GetAppliesToQName(RequestSecurityToken rst, out string localName, out string namespaceUri);
126 public abstract void GetAppliesToQName(RequestSecurityTokenResponse rstr, out string localName, out string namespaceUri);
128 public abstract bool IsAppliesTo(string localName, string namespaceUri);
130 // RSTR specific method
131 public abstract byte[] GetAuthenticator(RequestSecurityTokenResponse rstr);
133 // RST specific method
134 public abstract BinaryNegotiation GetBinaryNegotiation(RequestSecurityToken rst);
136 // RSTR specific method
137 public abstract BinaryNegotiation GetBinaryNegotiation(RequestSecurityTokenResponse rstr);
139 // RST specific method
140 public abstract SecurityToken GetEntropy(RequestSecurityToken rst, SecurityTokenResolver resolver);
142 // RSTR specific method
143 public abstract SecurityToken GetEntropy(RequestSecurityTokenResponse rstr, SecurityTokenResolver resolver);
145 // RSTR specific method
146 public abstract GenericXmlSecurityToken GetIssuedToken(RequestSecurityTokenResponse rstr, SecurityTokenResolver resolver, IList<SecurityTokenAuthenticator> allowedAuthenticators, SecurityKeyEntropyMode keyEntropyMode, byte[] requestorEntropy,
147 string expectedTokenType, ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies, int defaultKeySize, bool isBearerKeyType);
149 public abstract GenericXmlSecurityToken GetIssuedToken(RequestSecurityTokenResponse rstr, string expectedTokenType, ReadOnlyCollection<IAuthorizationPolicy> authorizationPolicies, RSA clientKey);
151 public abstract void OnRSTRorRSTRCMissingException();
153 // RST specific method
154 public abstract void WriteRequestSecurityToken(RequestSecurityToken rst, XmlWriter w);
156 // RSTR specific method
157 public abstract void WriteRequestSecurityTokenResponse(RequestSecurityTokenResponse rstr, XmlWriter w);
159 // RSTR Collection method
160 public abstract void WriteRequestSecurityTokenResponseCollection(RequestSecurityTokenResponseCollection rstrCollection, XmlWriter writer);
162 // Federation proxy creation
163 public abstract IChannelFactory<IRequestChannel> CreateFederationProxy(EndpointAddress address, Binding binding, KeyedByTypeCollection<IEndpointBehavior> channelBehaviors);
164 public abstract XmlElement CreateKeySizeElement(int keySize);
165 public abstract XmlElement CreateKeyTypeElement(SecurityKeyType keyType);
166 public abstract XmlElement CreateTokenTypeElement(string tokenTypeUri);
167 public abstract XmlElement CreateRequiredClaimsElement(IEnumerable<XmlElement> claimsList);
168 public abstract XmlElement CreateUseKeyElement(SecurityKeyIdentifier keyIdentifier, SecurityStandardsManager standardsManager);
169 public abstract XmlElement CreateSignWithElement(string signatureAlgorithm);
170 public abstract XmlElement CreateEncryptWithElement(string encryptionAlgorithm);
171 public abstract XmlElement CreateEncryptionAlgorithmElement(string encryptionAlgorithm);
172 public abstract XmlElement CreateCanonicalizationAlgorithmElement(string canonicalicationAlgorithm);
173 public abstract XmlElement CreateComputedKeyAlgorithmElement(string computedKeyAlgorithm);
174 public abstract Collection<XmlElement> ProcessUnknownRequestParameters(Collection<XmlElement> unknownRequestParameters, Collection<XmlElement> originalRequestParameters);
175 public abstract bool TryParseKeySizeElement(XmlElement element, out int keySize);
176 public abstract bool TryParseKeyTypeElement(XmlElement element, out SecurityKeyType keyType);
177 public abstract bool TryParseTokenTypeElement(XmlElement element, out string tokenType);
178 public abstract bool TryParseRequiredClaimsElement(XmlElement element, out Collection<XmlElement> requiredClaims);
179 // helper methods for the parsing standard binding elements
180 internal virtual bool IsSignWithElement(XmlElement element, out string signatureAlgorithm) { signatureAlgorithm = null; return false; }
181 internal virtual bool IsEncryptWithElement(XmlElement element, out string encryptWithAlgorithm) { encryptWithAlgorithm = null; return false; }
182 internal virtual bool IsEncryptionAlgorithmElement(XmlElement element, out string encryptionAlgorithm) { encryptionAlgorithm = null; return false; }
183 internal virtual bool IsCanonicalizationAlgorithmElement(XmlElement element, out string canonicalizationAlgorithm) { canonicalizationAlgorithm = null; return false; }
184 internal virtual bool IsKeyWrapAlgorithmElement(XmlElement element, out string keyWrapAlgorithm) { keyWrapAlgorithm = null; return false; }