共用方式為


SecurityTokenProvider 類別

定義

表示安全性權杖提供者,這個提供者可處理 SOAP 訊息寄件者的安全性權杖。

public ref class SecurityTokenProvider abstract
public abstract class SecurityTokenProvider
type SecurityTokenProvider = class
Public MustInherit Class SecurityTokenProvider
繼承
SecurityTokenProvider
衍生

範例

using System;

using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;

using System.IO;

using System.ServiceModel.Security;

using System.Xml;

namespace Microsoft.ServiceModel.Samples
{
    /// <summary>
    /// class that derives from SecurityTokenProvider and returns a SecurityToken representing a SAML assertion
    /// </summary>
    public class SamlSecurityTokenProvider : SecurityTokenProvider
    {
        /// <summary>
        /// The SAML assertion that the SamlSecurityTokenProvider will return as a SecurityToken
        /// </summary>
        SamlAssertion assertion;

        /// <summary>
        /// The proof token associated with the SAML assertion
        /// </summary>
        SecurityToken proofToken;

        /// <summary>
        /// Constructor
        /// </summary>
        /// <param name="assertion">The SAML assertion that the SamlSecurityTokenProvider will return as a SecurityToken</param>
        /// <param name="proofToken">The proof token associated with the SAML assertion</param>
        public SamlSecurityTokenProvider(SamlAssertion assertion, SecurityToken proofToken )
        {
            this.assertion = assertion;
            this.proofToken = proofToken;
        }

        /// <summary>
        /// Creates the security token
        /// </summary>
        /// <param name="timeout">Maximum amount of time the method is supposed to take. Ignored in this implementation.</param>
        /// <returns>A SecurityToken corresponding the SAML assertion and proof key specified at construction time</returns>
        protected override SecurityToken GetTokenCore(TimeSpan timeout)
        {
            // Create a SamlSecurityToken from the provided assertion
            SamlSecurityToken samlToken = new SamlSecurityToken(assertion);

            // Create a SecurityTokenSerializer that will be used to serialize the SamlSecurityToken
            WSSecurityTokenSerializer ser = new WSSecurityTokenSerializer();

            // Create a memory stream to write the serialized token into
            // Use an initial size of 64Kb
            MemoryStream s = new MemoryStream(UInt16.MaxValue);

            // Create an XmlWriter over the stream
            XmlWriter xw = XmlWriter.Create(s);

            // Write the SamlSecurityToken into the stream
            ser.WriteToken(xw, samlToken);

            // Seek back to the beginning of the stream
            s.Seek(0, SeekOrigin.Begin);

            // Load the serialized token into a DOM
            XmlDocument dom = new XmlDocument();
            dom.Load(s);

            // Create a KeyIdentifierClause for the SamlSecurityToken
            SamlAssertionKeyIdentifierClause samlKeyIdentifierClause = samlToken.CreateKeyIdentifierClause<SamlAssertionKeyIdentifierClause>();

            // Return a GenericXmlToken from the XML for the SamlSecurityToken, the proof token, the valid from
            // and valid until times from the assertion and the key identifier clause created above
            return new GenericXmlSecurityToken(dom.DocumentElement, proofToken, assertion.Conditions.NotBefore, assertion.Conditions.NotOnOrAfter, samlKeyIdentifierClause, samlKeyIdentifierClause, null);
        }
    }
}
Imports System.IdentityModel.Selectors
Imports System.IdentityModel.Tokens

Imports System.IO

Imports System.ServiceModel.Security

Imports System.Xml


'/ <summary>
'/ class that derives from SecurityTokenProvider and returns a SecurityToken representing a SAML assertion
'/ </summary>

Public Class SamlSecurityTokenProvider
    Inherits SecurityTokenProvider
    '/ <summary>
    '/ The SAML assertion that the SamlSecurityTokenProvider will return as a SecurityToken
    '/ </summary>
    Private assertion As SamlAssertion

    '/ <summary>
    '/ The proof token associated with the SAML assertion
    '/ </summary>
    Private proofToken As SecurityToken


    '/ <summary>
    '/ Constructor
    '/ </summary>
    '/ <param name="assertion">The SAML assertion that the SamlSecurityTokenProvider will return as a SecurityToken</param>
    '/ <param name="proofToken">The proof token associated with the SAML assertion</param>
    Public Sub New(ByVal assertion As SamlAssertion, ByVal proofToken As SecurityToken)
        Me.assertion = assertion
        Me.proofToken = proofToken

    End Sub


    '/ <summary>
    '/ Creates the security token
    '/ </summary>
    '/ <param name="timeout">Maximum amount of time the method is supposed to take. Ignored in this implementation.</param>
    '/ <returns>A SecurityToken corresponding the SAML assertion and proof key specified at construction time</returns>
    Protected Overrides Function GetTokenCore(ByVal timeout As TimeSpan) As SecurityToken
        ' Create a SamlSecurityToken from the provided assertion
        Dim samlToken As New SamlSecurityToken(assertion)

        ' Create a SecurityTokenSerializer that will be used to serialize the SamlSecurityToken
        Dim ser As New WSSecurityTokenSerializer()

        ' Create a memory stream to write the serialized token into
        ' Use an initial size of 64Kb
        Dim s As New MemoryStream(UInt16.MaxValue)

        ' Create an XmlWriter over the stream
        Dim xw As XmlWriter = XmlWriter.Create(s)

        ' Write the SamlSecurityToken into the stream
        ser.WriteToken(xw, samlToken)

        ' Seek back to the beginning of the stream
        s.Seek(0, SeekOrigin.Begin)

        ' Load the serialized token into a DOM
        Dim dom As New XmlDocument()
        dom.Load(s)

        ' Create a KeyIdentifierClause for the SamlSecurityToken
        Dim samlKeyIdentifierClause As SamlAssertionKeyIdentifierClause = samlToken.CreateKeyIdentifierClause(Of SamlAssertionKeyIdentifierClause)()
        
        ' Return a GenericXmlToken from the XML for the SamlSecurityToken, the proof token, the valid from 
        ' and valid until times from the assertion and the key identifier clause created above            
        Return New GenericXmlSecurityToken(dom.DocumentElement, proofToken, assertion.Conditions.NotBefore, assertion.Conditions.NotOnOrAfter, samlKeyIdentifierClause, samlKeyIdentifierClause, Nothing)

    End Function 'GetTokenCore
End Class

備註

在需要自訂安全性權杖的情況下使用 SecurityTokenProvider 類別。 當 SOAP 訊息是由用戶端傳送而此時要使用安全性權杖來驗證該用戶端時,安全性權杖提供者的角色就是要負責取得此安全性權杖。 具體地說,這時會呼叫 GetToken 方法來取得安全性權杖。 使用 CancelTokenRenewToken 方法來取消和更新安全性時,也可以呼叫安全性權杖提供者。

衍生自 SecurityTokenManager 類別的類別會實作 CreateSecurityTokenProvider 方法,判定指定之安全性權杖所需要的安全性權杖提供者。

ClientCredentialsSecurityTokenManagerServiceCredentialsSecurityTokenManager 類別會提供內建安全性權杖型別的預設實作 (Implementation)。 在自訂安全性權杖案例中,您必須從 SecurityTokenManagerClientCredentialsSecurityTokenManagerServiceCredentialsSecurityTokenManager 其中一個類別衍生類別,並提供可以為自訂安全性權杖建立安全性權杖提供者、安全性權杖驗證程式和安全性權杖序列化程式的功能。 如需建立自訂權杖的詳細資訊,請參閱 如何:建立自訂權杖

建構函式

SecurityTokenProvider()

初始化 SecurityTokenProvider 類別的新執行個體。

屬性

SupportsTokenCancellation

取得值,這個值表示是否可以取消安全性權杖。

SupportsTokenRenewal

取得值,這個值表示是否可以更新安全性權杖。

方法

BeginCancelToken(TimeSpan, SecurityToken, AsyncCallback, Object)

開始非同步作業,以便取消安全性權杖。

BeginCancelTokenCore(TimeSpan, SecurityToken, AsyncCallback, Object)

開始非同步作業,以便取消安全性權杖。

BeginGetToken(TimeSpan, AsyncCallback, Object)

開始非同步作業,以便取得安全性權杖。

BeginGetTokenCore(TimeSpan, AsyncCallback, Object)

開始非同步作業,以便取得安全性權杖。

BeginRenewToken(TimeSpan, SecurityToken, AsyncCallback, Object)

開始非同步作業,以便更新安全性權杖。

BeginRenewTokenCore(TimeSpan, SecurityToken, AsyncCallback, Object)

開始非同步作業,以便更新安全性權杖。

CancelToken(TimeSpan, SecurityToken)

取消安全性權杖。

CancelTokenAsync(TimeSpan, SecurityToken)

取消安全性權杖。

CancelTokenCore(TimeSpan, SecurityToken)

取消安全性權杖。

CancelTokenCoreAsync(TimeSpan, SecurityToken)

取消安全性權杖。

EndCancelToken(IAsyncResult)

完成非同步作業,以便取消安全性權杖。

EndCancelTokenCore(IAsyncResult)

完成非同步作業,以便取消安全性權杖。

EndGetToken(IAsyncResult)

完成非同步作業,以便取得安全性權杖。

EndGetTokenCore(IAsyncResult)

完成非同步作業,以便取得安全性權杖。

EndRenewToken(IAsyncResult)

完成非同步作業,以便更新安全性權杖。

EndRenewTokenCore(IAsyncResult)

完成非同步作業,以便更新安全性權杖。

Equals(Object)

判斷指定的物件是否等於目前的物件。

(繼承來源 Object)
GetHashCode()

做為預設雜湊函式。

(繼承來源 Object)
GetToken(TimeSpan)

取得安全性權杖。

GetTokenAsync(TimeSpan)

取得安全性權杖。

GetTokenCore(TimeSpan)

取得安全性權杖。

GetTokenCoreAsync(TimeSpan)

取得安全性權杖。

GetType()

取得目前執行個體的 Type

(繼承來源 Object)
MemberwiseClone()

建立目前 Object 的淺層複製。

(繼承來源 Object)
RenewToken(TimeSpan, SecurityToken)

更新安全性權杖。

RenewTokenAsync(TimeSpan, SecurityToken)

更新安全性權杖。

RenewTokenCore(TimeSpan, SecurityToken)

更新安全性權杖。

RenewTokenCoreAsync(TimeSpan, SecurityToken)

更新安全性權杖。

ToString()

傳回代表目前物件的字串。

(繼承來源 Object)

適用於

另請參閱