本文整理汇总了C#中System.IdentityModel.Protocols.WSTrust.RequestSecurityToken类的典型用法代码示例。如果您正苦于以下问题:C# RequestSecurityToken类的具体用法?C# RequestSecurityToken怎么用?C# RequestSecurityToken使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
RequestSecurityToken类属于System.IdentityModel.Protocols.WSTrust命名空间,在下文中一共展示了RequestSecurityToken类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C#代码示例。
示例1: GetScope
protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken request)
{
ValidateAppliesTo(request.AppliesTo);
var scope = new Scope(request.AppliesTo.Uri.AbsoluteUri, SecurityTokenServiceConfiguration.SigningCredentials);
if (Uri.IsWellFormedUriString(request.ReplyTo, UriKind.Absolute))
{
if (request.AppliesTo.Uri.Host != new Uri(request.ReplyTo).Host)
scope.ReplyToAddress = request.AppliesTo.Uri.AbsoluteUri;
else
scope.ReplyToAddress = request.ReplyTo;
}
else
{
Uri resultUri = null;
if (Uri.TryCreate(request.AppliesTo.Uri, request.ReplyTo, out resultUri))
scope.ReplyToAddress = resultUri.AbsoluteUri;
else
scope.ReplyToAddress = request.AppliesTo.Uri.ToString();
}
scope.TokenEncryptionRequired = false;
scope.SymmetricKeyEncryptionRequired = false;
return scope;
}
开发者ID:msopentechcn,项目名称:dynamics-crm-social-login-sts,代码行数:27,代码来源:CustomSecurityTokenService.cs
示例2: Main
static void Main(string[] args) {
string idpAddress = "https://idp.contoso.com/SecurityTokenService/Issue.svc/mixed/username";
string fedAddress = "https://sts.contoso.com/adfs/services/trust/13/IssuedTokenMixedSymmetricBasic256";
string svcAddress = "https://internalcrm.contoso.com";
var idpBinding = new UserNameWSTrustBinding() {
SecurityMode = SecurityMode.TransportWithMessageCredential
};
var fedBinding = new IssuedTokenWSTrustBinding(idpBinding, new EndpointAddress(idpAddress)) {
SecurityMode = SecurityMode.TransportWithMessageCredential,
//KeyType = SecurityKeyType.SymmetricKey
};
var channelFactory = new WSTrustChannelFactory(fedBinding, fedAddress);
channelFactory.Credentials.UserName.UserName = "[email protected]";
channelFactory.Credentials.UserName.Password = "pw";
var request = new RequestSecurityToken {
RequestType = RequestTypes.Issue,
AppliesTo = new EndpointReference(svcAddress),
//TokenType = Microsoft.IdentityModel.Tokens.SecurityTokenTypes.Saml2TokenProfile11,
//TokenType = SecurityTokenTypes.Saml,
};
var token = channelFactory.CreateChannel().Issue(request);
//return token;
}
开发者ID:RunLola,项目名称:Practices.IdentityProvider,代码行数:25,代码来源:Program.cs
示例3: GetOutputClaimsIdentity
protected override ClaimsIdentity GetOutputClaimsIdentity(ClaimsPrincipal principal, RequestSecurityToken request, Scope scope)
{
ClaimsIdentity sourceIdentity = principal.Identities.First();
ClaimsIdentity destinationIndentity = new ClaimsIdentity("Sample");
CopyClaim(sourceIdentity, destinationIndentity);
return destinationIndentity;
}
开发者ID:antonysamy931,项目名称:WCF-WsHttpBinding,代码行数:7,代码来源:STSService.cs
示例4: GetOutputClaimsIdentity
protected override ClaimsIdentity GetOutputClaimsIdentity(ClaimsPrincipal principal, RequestSecurityToken request, Scope scope)
{
if (principal == null)
{
throw new InvalidRequestException("The caller's principal is null.");
}
// check github
string ak = principal.FindFirst(Constants.CLAIM_TYPE_GITHUB_AK).Value;
string openid = Utility.GetOpenId(ak);
// check account
ADAccountInfo info = AccountHelper.GetHelper().GetAccount(openid);
if (info == null)
{
throw new InvalidRequestException("wrong github login or not binded, cannot login.");
}
var claims = new[]
{
new Claim(Constants.CLAIM_TYPE_PRIMARY_SID, info.primarysid),
new Claim(System.IdentityModel.Claims.ClaimTypes.Upn, info.upnUpper),
new Claim(System.IdentityModel.Claims.ClaimTypes.Upn, info.upnLower),
new Claim(System.IdentityModel.Claims.ClaimTypes.Name, info.name),
};
var id = new ClaimsIdentity(claims);
return id;
}
开发者ID:msopentechcn,项目名称:dynamics-crm-social-login-sts,代码行数:31,代码来源:CustomSecurityTokenService.cs
示例5: GetScope
/// <summary>
/// Analyzes the token request
/// </summary>
/// <param name="principal">The principal.</param>
/// <param name="request">The request.</param>
/// <returns>A PolicyScope that describes the relying party and policy options</returns>
protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken rst)
{
if (rst.AppliesTo == null)
{
Tracing.Error(string.Format("token request from {0} - but no realm specified.",
principal.Identity.Name));
throw new Exception();
//throw new MissingAppliesToException();
}
Tracing.Information(string.Format("Starting token request from {0} for {1}",
principal.Identity.Name,
rst.AppliesTo.Uri.AbsoluteUri));
Tracing.Information("Authentication method: " + principal.Identities.First().FindFirst(ClaimTypes.AuthenticationMethod).Value);
// analyze request
var request = new Request(GlobalConfiguration);
var details = request.Analyze(rst, principal);
// validate against policy
request.Validate(details);
// create scope
var scope = new RequestDetailsScope(
details,
SecurityTokenServiceConfiguration.SigningCredentials,
GlobalConfiguration.RequireEncryption);
return scope;
}
开发者ID:sevst,项目名称:Thinktecture.IdentityServer.45,代码行数:38,代码来源:TokenService.cs
示例6: GetToken
public string GetToken(string idpEndpoint, string rstsRealm)
{
var binding = new WindowsWSTrustBinding(SecurityMode.TransportWithMessageCredential);
var factory = new System.ServiceModel.Security.WSTrustChannelFactory(binding, new EndpointAddress(new Uri(idpEndpoint)));
factory.TrustVersion = TrustVersion.WSTrust13;
factory.Credentials.SupportInteractive = false;
var rst = new System.IdentityModel.Protocols.WSTrust.RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = new System.IdentityModel.Protocols.WSTrust.EndpointReference(rstsRealm),
KeyType = KeyTypes.Bearer,
TokenType = "urn:oasis:names:tc:SAML:1.0:assertion" // "urn:oasis:names:tc:SAML:2.0:assertion"
};
var channel = factory.CreateChannel();
RequestSecurityTokenResponse response = null;
try {
var securityToken = channel.Issue(rst, out response);
return Serialize(response);
}catch
{
var x = response;
}
return null;
}
开发者ID:FCSAmerica,项目名称:TokenGenerator,代码行数:29,代码来源:WSTrustTokenGenerator.cs
示例7: GetScope
protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken request)
{
ValidateAppliesTo(request.AppliesTo);
var scope = new Scope(request.AppliesTo.Uri.OriginalString, SecurityTokenServiceConfiguration.SigningCredentials);
if (!string.IsNullOrEmpty(ConfigurationManager.AppSettings["EncryptionCertificate"]))
{
// Important note on setting the encrypting credentials.
// In a production deployment, you would need to select a certificate that is specific to the RP that is requesting the token.
// You can examine the 'request' to obtain information to determine the certificate to use.
var encryptingCertificate = GetCertificate(ConfigurationManager.AppSettings["EncryptionCertificate"]);
var encryptingCredentials = new X509EncryptingCredentials(encryptingCertificate);
scope.EncryptingCredentials = encryptingCredentials;
}
else
{
// If there is no encryption certificate specified, the STS will not perform encryption.
// This will succeed for tokens that are created without keys (BearerTokens) or asymmetric keys.
scope.TokenEncryptionRequired = false;
}
scope.ReplyToAddress = request.ReplyTo;
return scope;
}
开发者ID:pombredanne,项目名称:STS,代码行数:27,代码来源:CustomSecurityTokenService.cs
示例8: GetOutputClaimsIdentity
protected override ClaimsIdentity GetOutputClaimsIdentity(ClaimsPrincipal principal, RequestSecurityToken request, Scope scope)
{
if (null == principal)
{
throw new ArgumentNullException("principal");
}
var outputIdentity = new ClaimsIdentity();
IEnumerable<Claim> outputClaims;
if (this.scopeModel.UseClaimsPolicyEngine)
{
IClaimsPolicyEvaluator evaluator = new ClaimsPolicyEvaluator(PolicyStoreFactory.Instance);
outputClaims = evaluator.Evaluate(new Uri(scope.AppliesToAddress), ((ClaimsIdentity)principal.Identity).Claims);
}
else
{
outputClaims = ((ClaimsIdentity)principal.Identity).Claims;
}
outputIdentity.AddClaims(outputClaims);
if (outputIdentity.Name == null && outputIdentity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.NameIdentifier) != null)
outputIdentity.AddClaim(new Claim(ClaimTypes.Name, outputIdentity.Claims.SingleOrDefault(c => c.Type == ClaimTypes.NameIdentifier).Value));
var isPersistent =
((ClaimsIdentity)principal.Identity).Claims.SingleOrDefault(c => c.Type == ClaimTypes.IsPersistent);
if (isPersistent != null)
{
outputIdentity.AddClaim(new Claim(ClaimTypes.IsPersistent, isPersistent.Value));
}
return outputIdentity;
}
开发者ID:Teleopti,项目名称:authbridge,代码行数:33,代码来源:MultiProtocolSecurityTokenService.cs
示例9: GetActAsToken
private SecurityToken GetActAsToken()
{
// Retrieve the token that was saved during initial user login
BootstrapContext bootstrapContext = ClaimsPrincipal.Current.Identities.First().BootstrapContext as BootstrapContext;
// Use the Thinktecture-implementation of the UserNameWSBinding to setup the channel factory to ADFS
var binding = new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential);
var factory = new WSTrustChannelFactory(binding, new EndpointAddress("https://[ADFS]/adfs/services/trust/13/usernamemixed"));
// For demo purposes, we're authenticating to ADFS using a user name and password representing the web application
// If the web server is domain-joined, you can use Windows Authentication instead
factory.Credentials.UserName.UserName = "authdemos\\sa_web";
factory.Credentials.UserName.Password = "Welkom01";
factory.TrustVersion = TrustVersion.WSTrust13;
// Setup the request details to ask for a token for the backend service, acting as the logged in user
var request = new RequestSecurityToken();
request.RequestType = Thinktecture.IdentityModel.Constants.WSTrust13Constants.RequestTypes.Issue;
request.AppliesTo = new EndpointReference("https://[BackendService]/Service.svc");
request.ActAs = new SecurityTokenElement(bootstrapContext.SecurityToken);
// Create the channel
var channel = factory.CreateChannel();
RequestSecurityTokenResponse response = null;
SecurityToken delegatedToken = channel.Issue(request, out response);
// Return the acquired token
return delegatedToken;
}
开发者ID:AnnejanBarelds,项目名称:AuthDemos,代码行数:30,代码来源:HomeController.cs
示例10: GetScope
protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken request)
{
// Validate the AppliesTo address
ValidateAppliesTo( request.AppliesTo );
// Create the scope using the request AppliesTo address and the RP identity
Scope scope = new Scope( request.AppliesTo.Uri.AbsoluteUri, _signingCreds );
if (Uri.IsWellFormedUriString(request.ReplyTo, UriKind.Absolute))
{
if (request.AppliesTo.Uri.Host != new Uri(request.ReplyTo).Host)
scope.ReplyToAddress = request.AppliesTo.Uri.AbsoluteUri;
else
scope.ReplyToAddress = request.ReplyTo;
}
else
{
Uri resultUri = null;
if (Uri.TryCreate(request.AppliesTo.Uri, request.ReplyTo, out resultUri))
scope.ReplyToAddress = resultUri.AbsoluteUri;
else
scope.ReplyToAddress = request.AppliesTo.Uri.ToString() ;
}
// Note: In this sample app only a single RP identity is shown, which is localhost, and the certificate of that RP is
// populated as _encryptingCreds
// If you have multiple RPs for the STS you would select the certificate that is specific to
// the RP that requests the token and then use that for _encryptingCreds
scope.EncryptingCredentials = _encryptingCreds;
return scope;
}
开发者ID:driverpt,项目名称:SI-1213SI,代码行数:32,代码来源:CustomSecurityTokenService.cs
示例11: TryIssueToken
public bool TryIssueToken(EndpointReference appliesTo, ClaimsPrincipal principal, string tokenType,
out SecurityToken token)
{
token = null;
var rst = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = appliesTo,
KeyType = KeyTypes.Bearer,
TokenType = tokenType
};
try
{
var rstr = _sts.Issue(principal, rst);
token = rstr.RequestedSecurityToken.SecurityToken;
return true;
}
catch (Exception e)
{
Tracing.Error("Failed to issue token. An exception occurred. " + e);
return false;
}
}
开发者ID:azhuang88,项目名称:IdentityServer,代码行数:25,代码来源:STS.cs
示例12: GetWindowsToken
private static string GetWindowsToken(string windowsAuthSiteEndPoint, string realm)
{
var identityProviderEndpoint = new EndpointAddress(new Uri(windowsAuthSiteEndPoint + TenantApiUri.WindowsAuthSite));
var identityProviderBinding = new WS2007HttpBinding(SecurityMode.Transport);
identityProviderBinding.Security.Message.EstablishSecurityContext = false;
identityProviderBinding.Security.Message.ClientCredentialType = MessageCredentialType.None;
identityProviderBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Windows;
var trustChannelFactory = new WSTrustChannelFactory(identityProviderBinding, identityProviderEndpoint)
{
TrustVersion = TrustVersion.WSTrust13,
};
trustChannelFactory.Credentials.ServiceCertificate.SslCertificateAuthentication = new X509ServiceCertificateAuthentication() { CertificateValidationMode = X509CertificateValidationMode.None };
var channel = trustChannelFactory.CreateChannel();
var rst = new RequestSecurityToken(RequestTypes.Issue)
{
AppliesTo = new EndpointReference(realm),
KeyType = KeyTypes.Bearer,
};
RequestSecurityTokenResponse rstr = null;
SecurityToken token = null;
token = channel.Issue(rst, out rstr);
var tokenString = (token as GenericXmlSecurityToken).TokenXml.InnerText;
var jwtString = Encoding.UTF8.GetString(Convert.FromBase64String(tokenString));
return jwtString;
}
开发者ID:appliedi,项目名称:WindowsAzurePackFacade,代码行数:31,代码来源:Authenticate.cs
示例13: Validate_NoRealm
public void Validate_NoRealm()
{
var rst = new RequestSecurityToken { RequestType = RequestTypes.Issue };
var details = request.Analyze(rst, _alice);
// unknown realm
request.Validate();
}
开发者ID:EduOrtega,项目名称:Thinktecture.IdentityServer.v2,代码行数:8,代码来源:PolicyEnforcementTest.cs
示例14: Issue
/// <summary>
/// Requests a token desribed by an RST.
/// </summary>
/// <param name="stsAddress">The STS address.</param>
/// <param name="binding">The binding.</param>
/// <param name="credentials">The credentials.</param>
/// <param name="rst">The RST.</param>
/// <param name="rstr">The RSTR.</param>
/// <returns>A SecurityToken</returns>
public static SecurityToken Issue(EndpointAddress stsAddress, Binding binding, ClientCredentials credentials, RequestSecurityToken rst, out RequestSecurityTokenResponse rstr)
{
var channel = CreateWSTrustChannel(
stsAddress,
binding,
credentials);
var token = channel.Issue(rst, out rstr);
return token;
}
开发者ID:Rameshcyadav,项目名称:Thinktecture.IdentityModel.45,代码行数:19,代码来源:WSTrustClient.cs
示例15: GetScope
protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken request)
{
return new Scope(
request.AppliesTo.Uri.AbsoluteUri,
this.SecurityTokenServiceConfiguration.SigningCredentials)
{
ReplyToAddress = request.ReplyTo,
TokenEncryptionRequired = false
};
}
开发者ID:RyanLiu99,项目名称:Thinktecture.IdentityModel,代码行数:10,代码来源:EmbeddedTokenService.cs
示例16: CreateBearerRst
private static RequestSecurityToken CreateBearerRst(EndpointAddress appliesTo)
{
var rst = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = new EndpointReference(appliesTo.Uri.AbsoluteUri),
KeyType = KeyTypes.Bearer
};
return rst;
}
开发者ID:Rameshcyadav,项目名称:Thinktecture.IdentityModel.45,代码行数:11,代码来源:WSTrustClient.cs
示例17: GetOutputClaimsIdentity
protected override ClaimsIdentity GetOutputClaimsIdentity(ClaimsPrincipal principal, RequestSecurityToken request, Scope scope)
{
var config = ClaimsConfiguration.ConfigurationFactory();
var realm = request.AppliesTo.Uri.AbsoluteUri;
var claims = new List<Claim>();
claims.AddRange(GetClaimsForRealm("common", config));
claims.AddRange(GetClaimsForRealm(realm,config));
return new ClaimsIdentity(claims);
}
开发者ID:bkydcmpr,项目名称:reece-example-code,代码行数:11,代码来源:DeveloperSecurityTokenService.cs
示例18: GetOutputClaimsIdentity
protected override ClaimsIdentity GetOutputClaimsIdentity(ClaimsPrincipal principal, RequestSecurityToken request, Scope scope)
{
var claims = new[]
{
new Claim(System.IdentityModel.Claims.ClaimTypes.Name, principal.Identity.Name),
new Claim(System.IdentityModel.Claims.ClaimTypes.NameIdentifier, principal.Identity.Name),
};
var identity = new ClaimsIdentity(claims);
return identity;
}
开发者ID:VqSoft,项目名称:SingleSignOn,代码行数:12,代码来源:CustomSecurityTokenService.cs
示例19: GetScope
protected override Scope GetScope(ClaimsPrincipal principal, RequestSecurityToken request)
{
var scope = new Scope(request.AppliesTo.Uri.AbsoluteUri,
this.SecurityTokenServiceConfiguration.SigningCredentials)
{
TokenEncryptionRequired = false
};
scope.ReplyToAddress = string.IsNullOrWhiteSpace(request.ReplyTo)
? scope.AppliesToAddress
: scope.ReplyToAddress;
return scope;
}
开发者ID:bkydcmpr,项目名称:reece-example-code,代码行数:12,代码来源:DeveloperSecurityTokenService.cs
示例20: ReadXmlElement
/// <summary>
/// Override of the base class that reads a child element inside the RST
/// </summary>
/// <param name="reader">Reader pointing at an element to read inside the RST.</param>
/// <param name="rst">The RequestSecurityToken element that is being populated from the reader.</param>
/// <param name="context">Current Serialization context.</param>
/// <exception cref="ArgumentNullException">Either reader or rst or context parameter is null.</exception>
/// <exception cref="WSTrustSerializationException">Unable to deserialize the current parameter.</exception>
public override void ReadXmlElement(XmlReader reader, RequestSecurityToken rst, WSTrustSerializationContext context)
{
if (reader == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("reader");
}
if (rst == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("rst");
}
if (context == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("context");
}
// special case SecondaryParameters, they cannot be embeded as per WS-Trust 1.3
if (reader.IsStartElement(WSTrust13Constants.ElementNames.SecondaryParameters, WSTrust13Constants.NamespaceURI))
{
rst.SecondaryParameters = this.ReadSecondaryParameters(reader, context);
return;
}
if (reader.IsStartElement(WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI))
{
rst.KeyWrapAlgorithm = reader.ReadElementContentAsString();
if (!UriUtil.CanCreateValidUri(rst.KeyWrapAlgorithm, UriKind.Absolute))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3135, WSTrust13Constants.ElementNames.KeyWrapAlgorithm, WSTrust13Constants.NamespaceURI, rst.KeyWrapAlgorithm)));
}
return;
}
if (reader.IsStartElement(WSTrust13Constants.ElementNames.ValidateTarget, WSTrust13Constants.NamespaceURI))
{
if (!reader.IsEmptyElement)
{
rst.ValidateTarget = new SecurityTokenElement(WSTrustSerializationHelper.ReadInnerXml(reader), context.SecurityTokenHandlers);
}
if (rst.ValidateTarget == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new WSTrustSerializationException(SR.GetString(SR.ID3221)));
}
return;
}
WSTrustSerializationHelper.ReadRSTXml(reader, rst, context, WSTrustConstantsAdapter.Trust13);
}
开发者ID:nlh774,项目名称:DotNetReferenceSource,代码行数:60,代码来源:WSTrust13RequestSerializer.cs
注:本文中的System.IdentityModel.Protocols.WSTrust.RequestSecurityToken类示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论