本文整理汇总了C#中System.IdentityModel.Tokens.SecurityToken类的典型用法代码示例。如果您正苦于以下问题:C# SecurityToken类的具体用法?C# SecurityToken怎么用?C# SecurityToken使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
SecurityToken类属于System.IdentityModel.Tokens命名空间,在下文中一共展示了SecurityToken类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: GetIssuerName
/// <summary>
/// Overrides the base class. Validates the given issuer token. For a incoming SAML token
/// the issuer token is the Certificate that signed the SAML token.
/// </summary>
/// <param name="securityToken">Issuer token to be validated.</param>
/// <returns>Friendly name representing the Issuer.</returns>
public override string GetIssuerName(SecurityToken securityToken)
{
CustomTextTraceSource ts = new CustomTextTraceSource("IdentityProviderSts.IdentityProviderIssuerNameRegistry.GetIssuerName",
"MyTraceSource", SourceLevels.Information);
X509SecurityToken x509Token = securityToken as X509SecurityToken;
if (x509Token != null)
{
// Warning: This sample does a simple compare of the Issuer Certificate
// to a subject name. This is not appropriate for production use.
// Check your validation policy and authenticate issuers based off the policy.
string commonName = x509Token.Certificate.GetNameInfo(X509NameType.SimpleName, false);
ts.TraceInformation("Certificate CN: " + commonName);
//if (String.Equals(x509Token.Certificate.SubjectName.Name, "O=CA for Ref GFIPM, [email protected], C=US, S=GA, CN=Reference GFIPM Federation") ||
// String.Equals(x509Token.Certificate.SubjectName.Name, "O=CISA, C=US, S=GA, CN=cisaidp.swbs.gtri.gatech.edu"))
//if (String.Equals(x509Token.Certificate.SubjectName.Name, "O=CISA, C=US, S=GA, CN=cisaidp.swbs.gtri.gatech.edu"))
if (String.Equals(commonName.ToUpper(), "HA50IDP"))
{
return x509Token.Certificate.SubjectName.Name;
}
}
ts.TraceInformation("Untrusted issuer");
throw new SecurityTokenException("Untrusted issuer.");
}示例2: TryResolveTokenCore
protected override bool TryResolveTokenCore(SecurityKeyIdentifier keyIdentifier, out SecurityToken token)
{
bool flag = false;
token = null;
flag = this.tokenResolver.TryResolveToken(keyIdentifier, false, false, out token);
if (!flag && (this.outOfBandTokenResolvers != null))
{
for (int i = 0; i < this.outOfBandTokenResolvers.Count; i++)
{
flag = this.outOfBandTokenResolvers[i].TryResolveToken(keyIdentifier, out token);
if (flag)
{
break;
}
}
}
if (!flag)
{
for (int j = 0; j < keyIdentifier.Count; j++)
{
if (this.TryResolveTokenFromIntrinsicKeyClause(keyIdentifier[j], out token))
{
return true;
}
}
}
return flag;
}示例3: ValidateToken
public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken)
{
//eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1bmlxdWVfbmFtZSI6Ikphc29uIExlZSIsInN1YiI6Ikphc29uIExlZSIsInJvbGUiOlsiTWFuYWdlciIsIlN1cGVydmlzb3IiXSwiaXNzIjoiaHR0cDovL2p3dGF1dGh6c3J2LmF6dXJld2Vic2l0ZXMubmV0IiwiYXVkIjoiUm9ja2V0IiwiZXhwIjoxNDQxOTgwMjE5LCJuYmYiOjE0NDE5NzY2MTl9.yegylhGkz5uasu5E--aEbCAHfi5aE9Z17_pZAE63Bog
validatedToken = null;
var key = "IxrAjDoa2FqElO7IhrSrUJELhUckePEPVpaePlS_Xaw";
try
{
var raw = JsonWebToken.Decode(securityToken, key);
var payLoad = JsonConvert.DeserializeObject<List<KeyValuePair<string, string>>>(raw);
var claims = new List<Claim>();
foreach (var row in payLoad)
{
var claim = new Claim(row.Key, row.Value);
claims.Add(claim);
}
var claimsIdentity = new ClaimsIdentity(claims, "jwt");
return new ClaimsPrincipal(claimsIdentity);
}
catch (Exception ex)
{
return null;
}
}示例4: GetIssuerName
/// <summary>
/// Overrides the base class. Validates the given issuer token. For a incoming SAML token
/// the issuer token is the Certificate that signed the SAML token.
/// </summary>
/// <param name="securityToken">Issuer token to be validated.</param>
/// <returns>Friendly name representing the Issuer.</returns>
public override string GetIssuerName(SecurityToken securityToken)
{
CustomTextTraceSource ts = new CustomTextTraceSource("IdpAds.IdpAdsIssuerNameRegistry.GetIssuerName",
"MyTraceSource", SourceLevels.Information);
//TraceSource ts = new TraceSource("System.ServiceModel");
X509SecurityToken x509Token = securityToken as X509SecurityToken;
if (x509Token != null)
{
// Warning: This sample does a simple compare of the Issuer Certificate
// to a subject name. This is not appropriate for production use.
// Check your validation policy and authenticate issuers based off the policy.
string commonName = x509Token.Certificate.GetNameInfo(X509NameType.SimpleName, false);
ts.TraceInformation("Certificate CN: " + commonName);
// TODO: Why this is different in the
if (CertificateUtil.ValidateCertificate(StoreName.TrustedPeople, StoreLocation.LocalMachine, x509Token.Certificate))
{
ts.TraceInformation("Certificate VALID");
return x509Token.Certificate.SubjectName.Name;
}
}
ts.TraceInformation("Untrusted issuer");
throw new SecurityTokenException("Untrusted issuer.");
}示例5: GetIssuedToken
public static SecurityToken GetIssuedToken(string STSUrl, string audience, string signingCertificateNameClient, SecurityToken bootstrapToken)
{
var certificate2Client = CertificateUtil.GetCertificate(StoreName.My, StoreLocation.LocalMachine, signingCertificateNameClient);
var certificate2Service = CertificateUtil.GetCertificate(StoreName.My, StoreLocation.LocalMachine, SigningCertificateNameSTS);
return TokenClient.GetIssuedToken(new Uri(audience), certificate2Client, certificate2Service, new Uri(STSUrl), bootstrapToken);
}示例6: ValidateToken
//public override bool CanReadToken(XmlReader reader)
//{
// bool canRead = false;
// if (reader != null)
// {
// if (reader.IsStartElement(BinarySecurityToken)
// && (reader.GetAttribute(ValueType) == SimpleWebTokenConstants.ValueTypeUri))
// {
// canRead = true;
// }
// }
// return canRead;
//}
public override ReadOnlyCollection<ClaimsIdentity> ValidateToken(SecurityToken token)
{
if (token == null)
{
throw new ArgumentNullException("token");
}
var saml2Token = token as Saml2SecurityToken;
if (saml2Token == null)
{
throw new ArgumentException("The token provided must be of type Saml2SecurityToken.");
}
if (DateTime.Compare(saml2Token.ValidTo.Add(Configuration.MaxClockSkew), DateTime.UtcNow) <= 0)
{
throw new SecurityTokenExpiredException(
"The incoming token has expired. Get a new access token from the Authorization Server.");
}
//this.ValidateSignature(simpleWebToken);
//ValidateAudience(simpleWebToken.Audience);
ClaimsIdentity claimsIdentity = CreateClaims(saml2Token);
//if (this.Configuration.SaveBootstrapContext)
//{
// claimsIdentity.BootstrapContext = new BootstrapContext(saml2Token.SerializedToken);
//}
var claimCollection = new List<ClaimsIdentity>(new[] { claimsIdentity });
return claimCollection.AsReadOnly();
}示例7: GetIssuerName
/// <summary>
/// Overrides the base class. Validates the given issuer token. For a incoming SAML token
/// the issuer token is the Certificate that signed the SAML token.
/// </summary>
/// <param name="securityToken">Issuer token to be validated.</param>
/// <returns>Friendly name representing the Issuer.</returns>
public override string GetIssuerName(SecurityToken securityToken)
{
Common.CustomTextTraceSource ts = new Common.CustomTextTraceSource("CommercialVehicleCollisionWebservice.WspTrustedIssuerNameRegistry.GetIssuerName",
"MyTraceSource", SourceLevels.Information);
X509SecurityToken x509Token = securityToken as X509SecurityToken;
if (x509Token != null)
{
// Warning: This sample does a simple compare of the Issuer Certificate
// to a subject name. This is not appropriate for production use.
// Check your validation policy and authenticate issuers based off the policy.
ts.TraceInformation("IssuerName: " + x509Token.Certificate.SubjectName.Name);
string commonName = x509Token.Certificate.GetNameInfo(X509NameType.SimpleName, false);
ts.TraceInformation("CommonName: " + commonName);
if (CertificateUtil.ValidateCertificate(StoreName.TrustedPeople, StoreLocation.LocalMachine, x509Token.Certificate))
{
ts.TraceInformation("Certificate is valid");
return x509Token.Certificate.SubjectName.Name;
}
else
{
ts.TraceInformation("Certificate is NOT VALID");
}
}
throw new SecurityTokenException("Untrusted issuer.");
}示例8: TryIssueToken
public bool TryIssueToken(EndpointReference appliesTo, ClaimsPrincipal principal, string tokenType,
out SecurityToken token)
{
token = null;
var rst = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = appliesTo,
KeyType = KeyTypes.Bearer,
TokenType = tokenType
};
try
{
var rstr = _sts.Issue(principal, rst);
token = rstr.RequestedSecurityToken.SecurityToken;
return true;
}
catch (Exception e)
{
Tracing.Error("Failed to issue token. An exception occurred. " + e);
return false;
}
}示例9: SamlToJwtAsync
public async Task<string> SamlToJwtAsync(SecurityToken token, string realm)
{
var samlToken = token as SamlSecurityToken;
if (samlToken == null) throw new ArgumentException("token not an instance of a SamlSecurityToken");
return await SamlToJwtAsync(samlToken.ToTokenXmlString(), realm);
}示例10: RequestSecurityTokenResponse
public RequestSecurityTokenResponse(string context, string tokenType, int keySize, EndpointAddress appliesTo, SecurityToken requestedSecurityToken, SecurityToken requestedProofToken, bool computeKey )
: base(context, tokenType, keySize, appliesTo)
{
this.m_requestedSecurityToken = requestedSecurityToken;
this.m_requestedProofToken = requestedProofToken;
this.m_computeKey = computeKey;
}示例11: ResolveSecurityToken
void ResolveSecurityToken()
{
if ( _securityToken == null )
{
lock ( _lock )
{
if ( _securityToken == null )
{
ClientCredentialsSecurityTokenManager.KerberosSecurityTokenProviderWrapper kerbTokenProvider = _tokenProvider
as ClientCredentialsSecurityTokenManager.KerberosSecurityTokenProviderWrapper;
if (kerbTokenProvider != null)
{
_securityToken = kerbTokenProvider.GetToken((new TimeoutHelper(_timeout)).RemainingTime(), _channelBinding);
}
else
{
_securityToken = _tokenProvider.GetToken((new TimeoutHelper(_timeout)).RemainingTime());
}
}
}
}
if ( _securityToken == null )
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new SecurityTokenException( SR.GetString( SR.SecurityTokenNotResolved, _tokenProvider.GetType().ToString() ) ) );
}
return;
}示例12: DerivedKeySecurityToken
internal DerivedKeySecurityToken(int generation, int offset, int length, string label, byte[] nonce, SecurityToken tokenToDerive, SecurityKeyIdentifierClause tokenToDeriveIdentifier, string derivationAlgorithm, string id)
{
this.length = -1;
this.offset = -1;
this.generation = -1;
this.Initialize(id, generation, offset, length, label, nonce, tokenToDerive, tokenToDeriveIdentifier, derivationAlgorithm, false);
}示例13: JwtAuthenticationOwinMiddleware
public JwtAuthenticationOwinMiddleware(AppFunc next, IEnumerable<string> AllowedAudiences, string Issuer, SecurityToken SigningToken)
{
this.next = next;
this.AllowedAudiences = AllowedAudiences;
this.Issuer = Issuer;
this.SigningToken = SigningToken;
}示例14: EnsureWrappedToken
private void EnsureWrappedToken(SecurityToken token, Message message)
{
if (!(token is WrappedKeySecurityToken))
{
throw TraceUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("IncomingSigningTokenMustBeAnEncryptedKey")), message);
}
}示例15: CreateKeyIdentifierClause
internal protected override SecurityKeyIdentifierClause CreateKeyIdentifierClause(SecurityToken token, SecurityTokenReferenceStyle referenceStyle)
{
if (token is GenericXmlSecurityToken)
return base.CreateGenericXmlTokenKeyIdentifierClause(token, referenceStyle);
else
return this.CreateKeyIdentifierClause<SecurityContextKeyIdentifierClause, LocalIdKeyIdentifierClause>(token, referenceStyle);
}