SamlAuthorizationDecisionStatement.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / SamlAuthorizationDecisionStatement.cs / 1305376 / SamlAuthorizationDecisionStatement.cs

                            //------------------------------------------------------------------------------ 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------------------------

namespace System.IdentityModel.Tokens 
{
    using System.Collections; 
    using System.Collections.Generic; 
    using System.Collections.ObjectModel;
    using System.Globalization; 
    using System.IdentityModel;
    using System.IdentityModel.Claims;
    using System.IdentityModel.Selectors;
    using System.Runtime.Serialization; 
    using System.Xml;
    using System.Xml.Serialization; 
 
    public class SamlAuthorizationDecisionStatement : SamlSubjectStatement
    { 

        SamlEvidence evidence;
        readonly ImmutableCollection actions = new ImmutableCollection();
        SamlAccessDecision accessDecision; 
        string resource;
        bool isReadOnly = false; 
 
        public SamlAuthorizationDecisionStatement()
        { 
        }

        public SamlAuthorizationDecisionStatement(SamlSubject samlSubject, string resource, SamlAccessDecision accessDecision, IEnumerable samlActions)
            : this(samlSubject, resource, accessDecision, samlActions, null) 
        {
        } 
 
        public SamlAuthorizationDecisionStatement(SamlSubject samlSubject, string resource, SamlAccessDecision accessDecision, IEnumerable samlActions, SamlEvidence samlEvidence)
            : base(samlSubject) 
        {
            if (samlActions == null)
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlActions"));
 
            foreach (SamlAction action in samlActions)
            { 
                if (action == null) 
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLEntityCannotBeNullOrEmpty, XD.SamlDictionary.Action.Value));
 
                this.actions.Add(action);
            }

            this.evidence = samlEvidence; 
            this.accessDecision = accessDecision;
            this.resource = resource; 
 
            CheckObjectValidity();
        } 

        public static string ClaimType
        {
            get 
            {
                return ClaimTypes.AuthorizationDecision; 
            } 
        }
 
        public IList SamlActions
        {
            get { return this.actions; }
        } 

        public SamlAccessDecision AccessDecision 
        { 
            get { return this.accessDecision; }
            set 
            {
                if (isReadOnly)
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly)));
 
                this.accessDecision = value;
            } 
        } 

        public SamlEvidence Evidence 
        {
            get { return this.evidence; }
            set
            { 
                if (isReadOnly)
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly))); 
 
                this.evidence = value;
            } 
        }

        public string Resource
        { 
            get { return this.resource; }
            set 
            { 
                if (isReadOnly)
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ObjectIsReadOnly))); 

                if (String.IsNullOrEmpty(value))
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(SR.GetString(SR.SAMLAuthorizationDecisionResourceRequired));
 
                this.resource = value;
            } 
        } 

        public override bool IsReadOnly 
        {
            get { return this.isReadOnly; }
        }
 
        public override void MakeReadOnly()
        { 
            if (!this.isReadOnly) 
            {
                if (this.evidence != null) 
                    this.evidence.MakeReadOnly();

                foreach (SamlAction action in this.actions)
                { 
                    action.MakeReadOnly();
                } 
 
                this.actions.MakeReadOnly();
 
                this.isReadOnly = true;
            }
        }
 
        protected override void AddClaimsToList(IList claims)
        { 
            if (claims == null) 
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("claims"));
 
            for (int i = 0; i < this.actions.Count; ++i)
            {
                claims.Add(new Claim(ClaimTypes.AuthorizationDecision, new SamlAuthorizationDecisionClaimResource(this.resource, this.accessDecision, this.actions[i].Namespace, this.actions[i].Action), Rights.PossessProperty));
            } 
        }
 
        void CheckObjectValidity() 
        {
            if (this.SamlSubject == null) 
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLSubjectStatementRequiresSubject)));

            if (String.IsNullOrEmpty(this.resource))
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionResourceRequired))); 

            if (this.actions.Count == 0) 
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionShouldHaveOneAction))); 
        }
 
        public override void ReadXml(XmlDictionaryReader reader, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer, SecurityTokenResolver outOfBandTokenResolver)
        {
            if (reader == null)
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("reader")); 

            if (samlSerializer == null) 
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer")); 

#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. 
            SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;

            this.resource = reader.GetAttribute(dictionary.Resource, null);
            if (String.IsNullOrEmpty(this.resource)) 
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingResourceAttributeOnRead)));
 
            string decisionString = reader.GetAttribute(dictionary.Decision, null); 
            if (String.IsNullOrEmpty(decisionString))
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingDecisionAttributeOnRead))); 

            if (decisionString.Equals(SamlAccessDecision.Deny.ToString(), StringComparison.OrdinalIgnoreCase))
                this.accessDecision = SamlAccessDecision.Deny;
            else if (decisionString.Equals(SamlAccessDecision.Permit.ToString(), StringComparison.OrdinalIgnoreCase)) 
                this.accessDecision = SamlAccessDecision.Permit;
            else 
                accessDecision = SamlAccessDecision.Indeterminate; 

            reader.MoveToContent(); 
            reader.Read();

            if (reader.IsStartElement(dictionary.Subject, dictionary.Namespace))
            { 
                SamlSubject subject = new SamlSubject();
                subject.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver); 
                base.SamlSubject = subject; 
            }
            else 
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionStatementMissingSubjectOnRead)));

            while (reader.IsStartElement())
            { 
                if (reader.IsStartElement(dictionary.Action, dictionary.Namespace))
                { 
                    SamlAction action = new SamlAction(); 
                    action.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
                    this.actions.Add(action); 
                }
                else if (reader.IsStartElement(dictionary.Evidence, dictionary.Namespace))
                {
                    if (this.evidence != null) 
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionHasMoreThanOneEvidence)));
 
                    this.evidence = new SamlEvidence(); 
                    this.evidence.ReadXml(reader, samlSerializer, keyInfoSerializer, outOfBandTokenResolver);
                } 
                else
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLBadSchema, dictionary.AuthorizationDecisionStatement)));
            }
 
            if (this.actions.Count == 0)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenException(SR.GetString(SR.SAMLAuthorizationDecisionShouldHaveOneActionOnRead))); 
 
            reader.MoveToContent();
            reader.ReadEndElement(); 
        }

        public override void WriteXml(XmlDictionaryWriter writer, SamlSerializer samlSerializer, SecurityTokenSerializer keyInfoSerializer)
        { 
            CheckObjectValidity();
 
            if (writer == null) 
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("writer"));
 
            if (samlSerializer == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("samlSerializer"));

#pragma warning suppress 56506 // samlSerializer.DictionaryManager is never null. 
            SamlDictionary dictionary = samlSerializer.DictionaryManager.SamlDictionary;
 
            writer.WriteStartElement(dictionary.PreferredPrefix.Value, dictionary.AuthorizationDecisionStatement, dictionary.Namespace); 

            writer.WriteStartAttribute(dictionary.Decision, null); 
            writer.WriteString(this.accessDecision.ToString());
            writer.WriteEndAttribute();

            writer.WriteStartAttribute(dictionary.Resource, null); 
            writer.WriteString(this.resource);
            writer.WriteEndAttribute(); 
 
            this.SamlSubject.WriteXml(writer, samlSerializer, keyInfoSerializer);
 
            foreach (SamlAction action in this.actions)
                action.WriteXml(writer, samlSerializer, keyInfoSerializer);

            if (this.evidence != null) 
                this.evidence.WriteXml(writer, samlSerializer, keyInfoSerializer);
 
            writer.WriteEndElement(); 
        }
    } 
}


// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK