本文整理汇总了C#中System.IdentityModel.Policy.EvaluationContext类的典型用法代码示例。如果您正苦于以下问题:C# EvaluationContext类的具体用法?C# EvaluationContext怎么用?C# EvaluationContext使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
EvaluationContext类属于System.IdentityModel.Policy命名空间,在下文中一共展示了EvaluationContext类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: Evaluate
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
// get claims from authorized issuer
ClaimSet issuedClaims = null;
foreach (ClaimSet cs in evaluationContext.ClaimSets)
{
// If the issuer of the ClaimSet is this STS...
if ( cs.Issuer.ContainsClaim ( Claim.CreateDnsClaim("IPKey")))
{
issuedClaims = cs;
}
}
if (issuedClaims == null)
{
throw new SecurityException("Unable to authenticate caller. Invalid claimset provided.");
}
CustomIdentity identity = new CustomIdentity("Claims");
CustomPrincipal newPrincipal = new CustomPrincipal(identity, issuedClaims);
evaluationContext.Properties["Principal"] = newPrincipal;
return true;
}示例2: Evaluate
// called after the authentication stage
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
IList<IIdentity> idents;
object identsObject;
if (evaluationContext.Properties.TryGetValue(
"Identities", out identsObject) && (idents =
identsObject as IList<IIdentity>) != null)
{
foreach (IIdentity ident in idents)
{
if (ident.IsAuthenticated &&
ident.AuthenticationType == "BiometricValidator")
{
StringReader reader = new StringReader(ident.Name);
System.Xml.Serialization.XmlSerializer deserializer = new System.Xml.Serialization.XmlSerializer(typeof(SecureContextCredentials));
SecureContextCredentials credentials = (SecureContextCredentials)deserializer.Deserialize(reader);
IdsIdentity i = new IdsIdentity(ident.IsAuthenticated, AuthenticationType.Bioemtrics, credentials.IdentityUid);
IdsPrincipal p = new IdsPrincipal(i, new List<string> { "LoggedIn" });
evaluationContext.Properties["Principal"] = p;
return true;
}
else
{
string userId = OperationContext.Current.IncomingMessageHeaders.GetHeader<string>("userId", "http://www.identitystream.com");
IdsIdentity i = new IdsIdentity(ident.IsAuthenticated, AuthenticationType.Certificate, userId);
IdsPrincipal p = new IdsPrincipal(i, new List<string> { "LoggedIn" });
evaluationContext.Properties["Principal"] = p;
return true;
}
}
}
return false;
}示例3: Evaluate
// called after the authentication stage
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
IList<IIdentity> idents;
object identsObject;
if (evaluationContext.Properties.TryGetValue(
"Identities", out identsObject) && (idents =
identsObject as IList<IIdentity>) != null)
{
foreach (IIdentity ident in idents)
{
if (ident.IsAuthenticated &&
ident.AuthenticationType == "BioUsernamePasswordVerifier")
{
//evaluationContext.Properties["Principal"]
// = new IdsPrincipal();
return true;
}
else
{
string userId = OperationContext.Current.IncomingMessageHeaders.GetHeader<string>("userId", "http://www.identitystream.com");
}
}
}
if (!evaluationContext.Properties.ContainsKey("Principal"))
{
//evaluationContext.Properties["Principal"] = new IdsPrincipal();
}
return false;
}示例4: Evaluate
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
var success = false;
var identity = GetClientIdentity(evaluationContext);
if (identity != null)
{
if (Roles.Enabled)
{
var provider = Roles.Provider;
var roles = provider.GetRolesForUser(identity.Name);
if (provider is AzManRoleProvider)
{
var azman = (AzManRoleProvider)provider;
var operations = azman.GetOperationsForUser(identity.Name);
evaluationContext.Properties["Principal"] = new AzManPrincipal(identity, roles, operations);
}
else
{
evaluationContext.Properties["Principal"] = new GenericPrincipal(identity, roles);
}
}
else
{
evaluationContext.Properties["Principal"] = new GenericPrincipal(identity, null);
}
success = true;
}
return success;
}示例5: Evaluate
/**
This method receives the claim sets evaluated so far by other authorization policies.
For example, it may include a claim set for each token passed in the request message,
* thus contain a WindowsClaimSet or UserNameClaimSet or x509 cliams set and so on.
*
* Responsible for inspecting claims based on the credentials provided,
* mapping those claims to normalized claims,
* and constructing a security principal for the request thread.
*
* The method should return false if this authorization policy was not able to complete its authorization.
*
* If false, the service model will invoke other authorization policies and then call this one once more, passing the updated claim sets.
* This gives the authorization policy another chance to authorize calls.
*
**/
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
object obj;
if (!evaluationContext.Properties.TryGetValue("Identities", out obj))
return false;
IList<IIdentity> identities = obj as IList<IIdentity>;
if (obj == null || identities.Count <= 0)
return false;
IIdentity identity = identities[0];
//This is claims conversion
ClaimSet claims = MapClaims(identity);
if (claims == null)
return false;
GenericPrincipal newPrincipal = new GenericPrincipal(identity, null);
evaluationContext.Properties["Principal"] = newPrincipal;
evaluationContext.AddClaimSet(this, claims);
return true;
}示例6: Evaluate
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
var client = GetClientIdentity(evaluationContext);
evaluationContext.Properties["Principal"] = PrincipalFactory.Create(client);
return true;
}示例7: MapClaims
private ClaimSet MapClaims(EvaluationContext evaluationContext, out IIdentity identity)
{
List<IIdentity> identities = evaluationContext.Properties["Identities"] as List<IIdentity>;
if (identities.Count == 0)
throw new SecurityException("Authorization failed, identity missing from evaluation context.");
identity = new CustomIdentity(identities[0].Name);
// TODO: check identity against credential store and
// determine the appropriate claims to allocate
// NOTE: in this sample, only partner certificates are provided,
// and at this point have passed authorization, so we will grant
// all custom claims
List<Claim> listClaims = new List<Claim>();
listClaims.Add(new Claim(CustomClaimTypes.Create, "Application", Rights.PossessProperty));
listClaims.Add(new Claim(CustomClaimTypes.Delete, "Application", Rights.PossessProperty));
listClaims.Add(new Claim(CustomClaimTypes.Read, "Application", Rights.PossessProperty));
listClaims.Add(new Claim(CustomClaimTypes.Update, "Application", Rights.PossessProperty));
return new DefaultClaimSet(this.m_issuer, listClaims);
}示例8: Evaluate
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
IPrincipal principal = null;
if (HttpContext.Current != null)
{
principal = HttpContext.Current.User;
}
if (principal != null)
{
// set the identity (for PrimaryIdentity)
evaluationContext.Properties["Identities"] =
new List<IIdentity>() { principal.Identity };
evaluationContext.Properties["Principal"] = principal;
var nameClaim = Claim.CreateNameClaim(principal.Identity.Name);
ClaimSet set;
if (HttpContext.Current != null)
{
set = new DefaultClaimSet(
nameClaim,
new Claim(ClaimTypes.Authentication, HttpContext.Current.User.Identity, Rights.Identity));
}
else
{
set = new DefaultClaimSet(nameClaim);
}
evaluationContext.AddClaimSet(this, set);
}
return true;
}示例9: Evaluate
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
var client = GetClientIdentity(evaluationContext);
evaluationContext.Properties["Principal"] = Thread.CurrentPrincipal;
return true;
}示例10: Evaluate
// this method gets called after the authentication stage
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
WebOperationContext ctx = WebOperationContext.Current;
string authHeader = ctx.IncomingRequest.Headers[HttpRequestHeader.Authorization];
if(!string.IsNullOrEmpty(authHeader))
{
string decryptedAuth = Common.Utils.Decrypt(authHeader.Substring(5).Trim());
if (!string.IsNullOrEmpty(decryptedAuth) && decryptedAuth.Split('|').Length == 2 && decryptedAuth.Split('|')[0] == "mitko" && decryptedAuth.Split('|')[1] == "[email protected]#mitko123")
{
evaluationContext.Properties["Principal"] = new CustomPrincipal(new CredentialsValidator.CustomIdeintity("Basic", true, "decryptedAuth[0]"));
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}示例11: Evaluate
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
evaluationContext.AddClaimSet(this, new DefaultClaimSet(Claim.CreateNameClaim(_principal.Identity.Name)));
evaluationContext.Properties["Identities"] = new List<IIdentity>(new[] {_principal.Identity});
evaluationContext.Properties["Principal"] = _principal;
return true;
}示例12: foreach
bool IAuthorizationPolicy.Evaluate( EvaluationContext evaluationContext, ref object state )
{
foreach ( ClaimSet issuance in _issuedClaimSets )
evaluationContext.AddClaimSet( this, issuance );
return true;
}示例13: Evaluate
// this method gets called after the authentication stage
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
// get the authenticated client identity
IIdentity client = GetClientIdentity(evaluationContext);
// set the custom principal
evaluationContext.Properties["Principal"] = new CustomPrincipal(client);
return true;
}示例14: Evaluate
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
IPrincipal user = OperationContext.Current.IncomingMessageProperties["Principal"] as IPrincipal;
evaluationContext.Properties["Principal"] = user;
evaluationContext.Properties["Identities"] = new List<IIdentity> { user.Identity };
return true;
}示例15: Evaluate
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
IIdentity identity = GetIdentityFromClient(evaluationContext);
CustomIdentity Identity = new CustomIdentity(identity.AuthenticationType, identity.Name);
evaluationContext.Properties["Principal"] = new CustomPrincipal(Identity, SecurityHelper.GetRolesByUserName(Identity.Name), SecurityHelper.GetPermissions());
return true;
}