本文整理汇总了C#中System.IdentityModel.Tokens.SecurityTokenHandlerConfiguration类的典型用法代码示例。如果您正苦于以下问题:C# SecurityTokenHandlerConfiguration类的具体用法?C# SecurityTokenHandlerConfiguration怎么用?C# SecurityTokenHandlerConfiguration使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
SecurityTokenHandlerConfiguration类属于System.IdentityModel.Tokens命名空间,在下文中一共展示了SecurityTokenHandlerConfiguration类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: GetDefaultAuthenticationHandler
private static AuthenticationHandler GetDefaultAuthenticationHandler()
{
var authConfig = new AuthenticationConfiguration();
#region Basic Authentication
authConfig.AddBasicAuthentication((userName, password) => { return userName == password; });
#endregion
//#region SWT
//authConfig.Handler.AddSimpleWebToken(
// "SWT",
// Constants.Issuer,
// Constants.Realm,
// "Dc9Mpi3jbooUpBQpB/4R7XtUsa3D/ALSjTVvK8IUZbg=");
//#endregion
#region SAML2 tokens
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer("D263DDCF598E716F0037380796A4A62DF017ADB8", "TEST");
var saml2Config = new SecurityTokenHandlerConfiguration();
saml2Config.AudienceRestriction.AllowedAudienceUris.Add(new Uri("https://test"));
saml2Config.IssuerNameRegistry = registry;
saml2Config.CertificateValidator = X509CertificateValidator.None;
authConfig.AddSaml2(saml2Config, AuthenticationOptions.ForAuthorizationHeader("Saml2"));
#endregion
var authHandler = new AuthenticationHandler(authConfig);
return authHandler;
}示例2: ValidUserNameCredentialWithTokenValidation
public void ValidUserNameCredentialWithTokenValidation()
{
var client = new OAuth2Client(new Uri(baseAddress));
var response = client.RequestAccessTokenUserName(
Constants.Credentials.ValidUserName,
Constants.Credentials.ValidPassword,
scope);
Assert.IsTrue(response != null, "response is null");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.AccessToken), "access token is null");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.TokenType), "token type is null");
Assert.IsTrue(response.ExpiresIn > 0, "expiresIn is 0");
Trace.WriteLine(response.AccessToken);
var config = new SecurityTokenHandlerConfiguration();
var registry = new WebTokenIssuerNameRegistry();
registry.AddTrustedIssuer("http://identityserver45.thinktecture.com/trust/changethis", "http://identityserver45.thinktecture.com/trust/initial");
config.IssuerNameRegistry = registry;
var issuerResolver = new WebTokenIssuerTokenResolver();
issuerResolver.AddSigningKey("http://identityserver45.thinktecture.com/trust/changethis", "3ihK5qGVhp8ptIk9+TDucXQW4Aaengg3d5m6gU8nzc8=");
config.IssuerTokenResolver = issuerResolver;
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri(scope));
var handler = new JsonWebTokenHandler();
handler.Configuration = config;
var jwt = handler.ReadToken(response.AccessToken);
var id = handler.ValidateToken(jwt);
}示例3: ValidateSwtToken
private static void ValidateSwtToken(string tokenString)
{
var configuration = new SecurityTokenHandlerConfiguration();
var validationKey = new InMemorySymmetricSecurityKey(Convert.FromBase64String(signingKey));
// audience validation
configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(realm));
// signature & issuer validation
var resolverTable = new Dictionary<string, IList<SecurityKey>>
{
{ issuerUri, new SecurityKey[] { validationKey } }
};
configuration.IssuerTokenResolver = new NamedKeyIssuerTokenResolver(resolverTable);
var handler = new SimpleWebTokenHandler();
handler.Configuration = configuration;
var token = handler.ReadToken(tokenString);
var ids = handler.ValidateToken(token);
"\n\nValidated Claims:".ConsoleYellow();
foreach (var claim in ids.First().Claims)
{
Console.WriteLine("{0}\n {1}\n", claim.Type, claim.Value);
}
}示例4: Validate
public ClaimsPrincipal Validate(string userName, string password)
{
var binding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
var credentials = new ClientCredentials();
credentials.UserName.UserName = userName;
credentials.UserName.Password = password;
GenericXmlSecurityToken genericToken;
genericToken = WSTrustClient.Issue(
new EndpointAddress(_address),
new EndpointAddress(_realm),
binding,
credentials) as GenericXmlSecurityToken;
var config = new SecurityTokenHandlerConfiguration();
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri(_realm));
config.CertificateValidationMode = X509CertificateValidationMode.None;
config.CertificateValidator = X509CertificateValidator.None;
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer(_issuerThumbprint, _address);
config.IssuerNameRegistry = registry;
var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(config);
ClaimsPrincipal principal;
var token = genericToken.ToSecurityToken();
principal = new ClaimsPrincipal(handler.ValidateToken(token));
Tracing.Information("Successfully requested token for user via WS-Trust");
return FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager.Authenticate("ResourceOwnerPasswordValidation", principal);
}开发者ID:Excelsior-Charles,项目名称:Thinktecture.AuthorizationServer,代码行数:33,代码来源:WSTrustResourceOwnerCredentialValidation.cs
示例5: ToSecurityToken
/// <summary>
/// Turns a supported generic XML security token to a security token.
/// </summary>
/// <param name="token">The token.</param>
/// <param name="decryptionCertificate">The decryption certificate.</param>
/// <returns>A SecurityToken</returns>
public static SecurityToken ToSecurityToken(this GenericXmlSecurityToken token, X509Certificate2 decryptionCertificate)
{
var configuration = new SecurityTokenHandlerConfiguration();
configuration.ServiceTokenResolver = decryptionCertificate.CreateSecurityTokenResolver();
var handler = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(configuration);
return token.ToSecurityToken(handler);
}示例6: HttpsSecurityTokenHandler
public HttpsSecurityTokenHandler()
: base(X509CertificateValidator.None)
{
Configuration = new SecurityTokenHandlerConfiguration
{
IssuerNameRegistry = new HttpsIssuerNameRegistry()
};
}示例7: HandlerCreateRoundtripSingleClaimTypes
public void HandlerCreateRoundtripSingleClaimTypes()
{
var signinKey = SymmetricKeyGenerator.Create(32);
var identity = new ClaimsIdentity(new List<Claim>
{
new Claim(ClaimTypes.Name, "dominick"),
new Claim(ClaimTypes.Email, "[email protected]"),
}, "Custom");
var descriptor = new SecurityTokenDescriptor
{
Subject = identity,
SigningCredentials = new HmacSigningCredentials(signinKey),
TokenIssuerName = "dominick",
Lifetime = new Lifetime(DateTime.UtcNow, DateTime.UtcNow.AddHours(8)),
AppliesToAddress = "http://foo.com"
};
var handler = new JsonWebTokenHandler();
var token = handler.CreateToken(descriptor);
var tokenString = handler.WriteToken(token);
Trace.WriteLine(tokenString);
// token should not be empty
Assert.IsTrue(!string.IsNullOrWhiteSpace(tokenString));
// token with signature needs to be 3 parts
var parts = tokenString.Split('.');
Assert.IsTrue(parts.Length == 3, "JWT should have excactly 3 parts");
// signature must be 256 bits
var sig = Base64Url.Decode(parts[2]);
Assert.IsTrue(sig.Length == 32, "Signature is not 32 bits");
var jwtToken = handler.ReadToken(tokenString);
var config = new SecurityTokenHandlerConfiguration();
var registry = new WebTokenIssuerNameRegistry();
registry.AddTrustedIssuer("dominick", "dominick");
config.IssuerNameRegistry = registry;
var issuerResolver = new WebTokenIssuerTokenResolver();
issuerResolver.AddSigningKey("dominick", Convert.ToBase64String(signinKey));
config.IssuerTokenResolver = issuerResolver;
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri("http://foo.com"));
handler.Configuration = config;
var identity2 = handler.ValidateToken(jwtToken).First();
Assert.IsTrue(identity.Claims.Count() == 2);
//Assert.IsTrue(identity.Claims.First().Issuer == "dominick");
}示例8: AddSaml2SecurityTokenHandler
public void AddSaml2SecurityTokenHandler(string scheme, SecurityTokenHandlerConfiguration configuration)
{
var collection = new SecurityTokenHandlerCollection(configuration)
{
new HttpSaml2SecurityTokenHandler()
};
Add(scheme, collection);
}开发者ID:wenz,项目名称:Thinktecture.IdentityModel.Http,代码行数:9,代码来源:HttpSecurityTokenHandlerCollectionManager.cs
示例9: CreateSecurityTokenHandlerCollection
private static SecurityTokenHandlerCollection CreateSecurityTokenHandlerCollection(IApplicationSettings settings)
{
var config = new SecurityTokenHandlerConfiguration();
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri(settings.FedAuthRealm));
config.CertificateValidator = X509CertificateValidator.None;
config.IssuerNameRegistry = new CustomIssuerNameRegistry(settings.FedAuthCertificateThumbprint);
var handlers = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(config);
handlers.AddOrReplace(new MachineKeySessionSecurityTokenHandler());
return handlers;
}示例10: AddSaml11SecurityTokenHandler
public void AddSaml11SecurityTokenHandler(string scheme, SecurityTokenHandlerConfiguration configuration)
{
var collection = new SecurityTokenHandlerCollection(configuration)
{
new WebSaml11SecurityTokenHandler(),
new EncryptedSecurityTokenHandler()
};
Add(scheme, collection);
}开发者ID:1nv4d3r5,项目名称:Thinktecture.IdentityModel.Web,代码行数:10,代码来源:WebSecurityTokenHandlerCollectionManager.cs
示例11: ConfigureHandler
private static void ConfigureHandler(SecurityTokenHandlerConfiguration configuration)
{
var issuerTokens = new List<SecurityToken> { new X509SecurityToken(GetSigningCertificate()) }.AsReadOnly();
configuration.IssuerTokenResolver = SecurityTokenResolver.CreateDefaultSecurityTokenResolver(
issuerTokens, false);
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer(GetSigningCertificate().Thumbprint, "TecTeacher");
configuration.IssuerNameRegistry = registry;
}示例12: CreateSecurityTokenHandlerCollection
private static SecurityTokenHandlerCollection CreateSecurityTokenHandlerCollection(string realm, string thumbprint)
{
var config = new SecurityTokenHandlerConfiguration();
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri(realm));
config.CertificateValidator = X509CertificateValidator.None;
config.IssuerNameRegistry = new CustomIssuerNameRegistry(thumbprint);
var handlers = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(config);
handlers.AddOrReplace(new MachineKeySessionSecurityTokenHandler());
FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlers.AddOrReplace(new MachineKeySessionSecurityTokenHandler());
return handlers;
}示例13: Saml2AssertionFactory
public Saml2AssertionFactory(ISaml2AssertionValidationOptions options)
{
if (options.Audience == null)
throw new ArgumentNullException("Audience");
if (options.Recipient == null)
throw new ArgumentNullException("Recipient");
if (options.Certificate == null)
throw new ArgumentNullException("certificate");
configuration = GetSecurityTokenHandlerConfiguration(options);
tokenHandler = new Saml2BearerGrantSecurityTokenHandler(options.Recipient);
tokenHandler.Configuration = configuration;
}示例14: CustomSaml2SecurityTokenHandler
public CustomSaml2SecurityTokenHandler()
{
var registry = new ConfigurationBasedIssuerNameRegistry();
registry.AddTrustedIssuer("fb369e5dcf3ae82dcbe95a922baff3112fcde352", "McKesson");
registry.AddTrustedIssuer("17bfb6a73bc53bbfdc64e4e64f77b206471e9c08","Cerner");
var handlerConfig = new SecurityTokenHandlerConfiguration
{
AudienceRestriction = new AudienceRestriction(AudienceUriMode.Never),
MaxClockSkew = new TimeSpan(50000000),
IssuerNameRegistry = registry
};
Configuration = handlerConfig;
}示例15: Saml2PSecurityTokenHandler
public Saml2PSecurityTokenHandler(ISPOptions spOptions)
{
if (spOptions == null)
{
throw new ArgumentNullException(nameof(spOptions));
}
Configuration = new SecurityTokenHandlerConfiguration
{
IssuerNameRegistry = new ReturnRequestedIssuerNameRegistry(),
AudienceRestriction = GetAudienceRestriction(spOptions),
SaveBootstrapContext = spOptions.SystemIdentityModelIdentityConfiguration.SaveBootstrapContext
};
}