[System.Security.Claims] Add basic support for Claims

mcs/class/System.IdentityModel/System.IdentityModel.dll.sources

@@ -91,3 +91,4 @@ System.IdentityModel.Tokens/X509SecurityToken.cs
 System.IdentityModel.Tokens/X509SubjectKeyIdentifierClause.cs
 System.IdentityModel.Tokens/X509ThumbprintKeyIdentifierClause.cs
 System.IdentityModel.Tokens/X509WindowsSecurityToken.cs
+System.Security.Claims/AuthenticationTypes.cs

mcs/class/System.IdentityModel/System.Security.Claims/AuthenticationTypes.cs

@@ -0,0 +1,13 @@
+namespace System.Security.Claims {
+
+	public static class AuthenticationTypes {
+		public const string Basic = "Basic";
+		public const string Federation = "Federation";
+		public const string Kerberos = "Kerberos";
+		public const string Negotiate = "Negotiate";
+		public const string Password = "Password";
+		public const string Signature = "Signature";
+		public const string Windows = "Windows";
+		public const string X509 = "X509";
+	}
+}

mcs/class/corlib/System.Security.Claims/AuthenticationTypes.cs

@@ -0,0 +1,42 @@
+//
+// Claim.cs
+//
+// Authors:
+//  Miguel de Icaza ([email protected])
+//
+// Copyright 2014 Xamarin Inc
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+using System;
+
+namespace System.Security.Claims {
+
+	public static class AuthenticationTypes {
+		public const string Basic = "Basic";
+		public const string Federation = "Federation";
+		public const string Kerberos = "Kerberos";
+		public const string Negotiate = "Negotiate";
+		public const string Password = "Password";
+		public const string Signature = "Signature";
+		public const string Windows = "Windows";
+		public const string X509 = "X509";
+	}
+}

mcs/class/corlib/System.Security.Claims/Claim.cs

@@ -0,0 +1,94 @@
+//
+// Claim.cs
+//
+// Authors:
+//  Miguel de Icaza ([email protected])
+//
+// Copyright 2014 Xamarin Inc
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+#if NET_4_5
+using System;
+using System.Collections.Generic;
+namespace System.Security.Claims {
+
+	[Serializable]
+	public class Claim {
+		public Claim (string type, string value)
+		: this (type, value, valueType: null, issuer: null, originalIssuer:null, subject: null)
+		{
+		}
+
+		public Claim (string type, string value, string valueType)
+		: this (type, value, valueType, issuer: null, originalIssuer: null, subject: null)
+		{
+		}
+
+		public Claim (string type, string value, string valueType, string issuer)
+		: this (type, value, valueType, issuer, originalIssuer: null, subject: null)
+		{
+		}
+		
+		public Claim (string type, string value, string valueType, string issuer, string originalIssuer)
+		: this (type, value, valueType, issuer, originalIssuer, subject: null)
+		{
+		}
+
+		public Claim (string type, string value, string valueType, string issuer, string originalIssuer, ClaimsIdentity subject)
+		{
+			if (type == null)
+				throw new ArgumentNullException ("type");
+			if (value == null)
+				throw new ArgumentNullException ("value");
+			Type = type;
+			Value = value;
+			ValueType = valueType == null ? ClaimValueTypes.String : valueType;
+			Issuer = issuer == null ? ClaimsIdentity.DefaultIssuer : issuer;
+			OriginalIssuer = originalIssuer == null ? Issuer : originalIssuer;
+			Subject = subject;
+		}
+
+		public string Type { get; private set; }
+		public string Value { get; private set; }
+		public string ValueType { get; private set; }
+		public string Issuer { get; private set; }
+		public string OriginalIssuer { get; private set; }
+		public ClaimsIdentity Subject { get; internal set; }
+		public IDictionary<string,string> Properties { get; private set; }
+
+		// The new copy does not have a Subject
+		public virtual Claim Clone ()
+		{
+			return Clone (null);
+		}
+
+		public virtual Claim Clone (ClaimsIdentity identity)
+		{
+			return new Claim (Type, Value, ValueType, Issuer, OriginalIssuer, identity);
+		}
+
+		public override string ToString ()
+		{
+			return String.Format ("{0}: {1}", Type, Value);
+		}
+	}
+}
+#endif

mcs/class/corlib/System.Security.Claims/ClaimValueTypes.cs

@@ -0,0 +1,63 @@
+//
+// Claim.cs
+//
+// Authors:
+//  Miguel de Icaza ([email protected])
+//
+// Copyright 2014 Xamarin Inc
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+#if NET_4_5
+using System;
+namespace System.Security.Claims {
+
+	public static class ClaimValueTypes {
+		public const string Base64Binary = "http://www.w3.org/2001/XMLSchema#base64Binary";
+		public const string Base64Octet = "http://www.w3.org/2001/XMLSchema#base64Octet";
+		public const string Boolean = "http://www.w3.org/2001/XMLSchema#boolean";
+		public const string Date = "http://www.w3.org/2001/XMLSchema#date";
+		public const string DateTime = "http://www.w3.org/2001/XMLSchema#dateTime";
+		public const string DaytimeDuration = "http://www.w3.org/TR/2002/WD-xquery-operators-20020816#dayTimeDuration";
+		public const string DnsName = "http://schemas.xmlsoap.org/claims/dns";
+		public const string Double = "http://www.w3.org/2001/XMLSchema#double";
+		public const string DsaKeyValue = "http://www.w3.org/2000/09/xmldsig#DSAKeyValue";
+		public const string Email = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress";
+		public const string Fqbn = "http://www.w3.org/2001/XMLSchema#fqbn";
+		public const string HexBinary = "http://www.w3.org/2001/XMLSchema#hexBinary";
+		public const string Integer = "http://www.w3.org/2001/XMLSchema#integer";
+		public const string Integer32 = "http://www.w3.org/2001/XMLSchema#integer32";
+		public const string Integer64 = "http://www.w3.org/2001/XMLSchema#integer64";
+		public const string KeyInfo = "http://www.w3.org/2000/09/xmldsig#KeyInfo";
+		public const string Rfc822Name = "urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name";
+		public const string Rsa = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa";
+		public const string RsaKeyValue = "http://www.w3.org/2000/09/xmldsig#RSAKeyValue";
+		public const string Sid = "http://www.w3.org/2001/XMLSchema#sid";
+		public const string String = "http://www.w3.org/2001/XMLSchema#string";
+		public const string Time = "http://www.w3.org/2001/XMLSchema#time";
+		public const string UInteger32 = "http://www.w3.org/2001/XMLSchema#uinteger32";
+		public const string UInteger64 = "http://www.w3.org/2001/XMLSchema#uinteger64";
+		public const string UpnName = "http://schemas.xmlsoap.org/claims/UPN";
+		public const string X500Name = "urn:oasis:names:tc:xacml:1.0:data-type:x500Name";
+		public const string YearMonthDuration = "http://www.w3.org/TR/2002/WD-xquery-operators-20020816#yearMonthDuration";
+
+	}
+}
+#endif

mcs/class/corlib/System.Security.Claims/ClaimsIdentity.cs

@@ -0,0 +1,262 @@
+//
+// ClaimIdentity.cs
+//
+// Authors:
+//  Miguel de Icaza ([email protected])
+//
+// Copyright 2014 Xamarin Inc
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+#if NET_4_5
+using System;
+using System.Collections.Generic;
+using System.Security.Principal;
+using System.Runtime.Serialization;
+namespace System.Security.Claims {
+
+	[Serializable]
+	public class ClaimsIdentity : IIdentity {
+		[NonSerializedAttribute]
+		public const string DefaultNameClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name";
+		[NonSerializedAttribute]
+		public const string DefaultRoleClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role";
+		[NonSerializedAttribute]
+		public const string DefaultIssuer = "LOCAL AUTHORITY";
+		
+		List<Claim> claims;
+		ClaimsIdentity actor;
+
+		public ClaimsIdentity ()
+			: this (claims: null, authenticationType: null, nameType: null, roleType: null)
+		{ }
+		
+		public ClaimsIdentity (string authenticationType)
+			: this (claims: null, authenticationType: authenticationType, nameType: null, roleType: null)
+		{ }
+
+		public ClaimsIdentity (IEnumerable<Claim> claims, string authenticationType) 
+			: this (claims, authenticationType, null, null)
+		{}
+		
+		public ClaimsIdentity (string authenticationType, string nameType, string roleType)
+			: this (claims: null, authenticationType: authenticationType, nameType: nameType, roleType: roleType)
+		{ }
+		
+		public ClaimsIdentity (IIdentity identity) : this (identity: identity, claims: null)
+		{
+		}
+		
+		public ClaimsIdentity(IEnumerable<Claim> claims, string authenticationType, string nameType, string roleType)
+			: this (identity: null, claims: claims, authenticationType: authenticationType, nameType: nameType, roleType: roleType)
+		{
+			claims = claims == null ? new List<Claim> (): new List<Claim> (claims);
+			
+			AuthenticationType = authenticationType;
+
+			// Special case: if empty, set to null.
+			if (authenticationType == "")
+				AuthenticationType = null;
+			
+			NameClaimType = nameType == null ? DefaultNameClaimType : nameType;
+			RoleClaimType = roleType == null ? DefaultRoleClaimType : roleType;
+		}
+
+		public ClaimsIdentity (IIdentity identity, IEnumerable<Claim> claims)
+			: this (identity, claims, authenticationType: null, nameType: null, roleType: null)
+		{ }
+		
+		public ClaimsIdentity (IIdentity identity, IEnumerable<Claim> claims, string authenticationType, string nameType, string roleType)
+		{
+			var ci = identity as ClaimsIdentity;
+			NameClaimType = nameType == null ? DefaultNameClaimType : nameType;
+			RoleClaimType = roleType == null ? DefaultRoleClaimType : roleType;
+			
+			this.claims = new List<Claim> ();
+			if (ci != null){
+				actor = ci.Actor;
+				BootstrapContext = ci.BootstrapContext;
+				foreach (var c in ci.Claims)
+					this.claims.Add (c);
+				
+				foreach (var c in claims)
+					this.claims.Add (c);
+				Label = ci.Label;
+				NameClaimType = ci.NameClaimType;
+				RoleClaimType = ci.RoleClaimType;
+			} 
+			AuthenticationType = identity.AuthenticationType;
+		}
+
+		[MonoTODO]
+		protected ClaimsIdentity (SerializationInfo info)
+		{
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected ClaimsIdentity (SerializationInfo info, StreamingContext context)
+		{
+			if (info == null)
+				throw new ArgumentNullException ("info");
+			throw new NotImplementedException ();
+		}
+		
+		public ClaimsIdentity Actor {
+			get {
+				return actor;
+			}
+			set {
+				if (actor == this)
+					throw new InvalidOperationException ("can not set the Actor property to this instance");
+				actor = value;
+			}
+		}
+
+		public virtual string AuthenticationType { get; private set; }
+		public object BootstrapContext { get; set; }
+		public string Label { get; set; }
+		public virtual string Name {
+			get {
+				var target = NameClaimType;
+				foreach (var c in claims){
+					if (c.Type == target)
+						return c.Value;
+				}
+				return null;
+			}
+		}
+		public string NameClaimType { get; private set; }
+		public string RoleClaimType { get; private set; }
+
+		public virtual IEnumerable<Claim> Claims {
+			get {
+				return claims;
+			}
+		}
+
+		public virtual bool IsAuthenticated {
+			get {
+				return AuthenticationType != null && AuthenticationType != "";
+			}
+		}
+
+		public virtual void AddClaim (Claim claim)
+		{
+			if (claim == null)
+				throw new ArgumentNullException ("claim");
+			claims.Add (claim);
+		}
+
+		public virtual void AddClaims (IEnumerable<Claim> claims)
+		{
+			if (claims == null)
+				throw new ArgumentNullException ("claims");
+			foreach (var c in claims)
+				this.claims.Add (c);
+		}
+
+		public virtual ClaimsIdentity Clone ()
+		{
+			return new ClaimsIdentity (null, claims, AuthenticationType, NameClaimType, RoleClaimType){
+				BootstrapContext = this.BootstrapContext,
+				Actor = this.Actor,
+				Label = this.Label
+			};
+		}
+
+		public virtual IEnumerable<Claim> FindAll(Predicate<Claim> match)
+		{
+			if (match == null)
+				throw new ArgumentNullException ("match");
+			foreach (var c in claims)
+				if (match (c))
+					yield return c;
+		}
+
+		public virtual IEnumerable<Claim> FindAll(string type)
+		{
+			if (type == null)
+				throw new ArgumentNullException ("type");
+			foreach (var c in claims)
+				if (c.Type == type)
+					yield return c;
+		}
+
+		public virtual Claim FindFirst (Predicate<Claim> match)
+		{
+			if (match == null)
+				throw new ArgumentNullException ("match");
+			foreach (var c in claims)
+				if (match (c))
+					return c;
+			return null;
+		}
+
+		public virtual Claim FindFirst (string type)
+		{
+			if (type == null)
+				throw new ArgumentNullException ("type");
+			foreach (var c in claims)
+				if (c.Type == type)
+					return c;
+			return null;
+		}
+
+		public virtual bool HasClaim (Predicate<Claim> match)
+		{
+			if (match == null)
+				throw new ArgumentNullException ("match");
+			foreach (var c in claims)
+				if (match (c))
+					return true;
+			return false;
+		}
+
+		public virtual bool HasClaim (string type, string value)
+		{
+			if (type == null)
+				throw new ArgumentNullException ("type");
+			if (value == null)
+				throw new ArgumentNullException ("value");
+			foreach (var c in claims){
+				if (c.Type == type && c.Value == value)
+					return true;
+			}
+			return false;
+		}
+
+		public virtual void RemoveClaim (Claim claim)
+		{
+			if (!TryRemoveClaim (claim))
+				throw new InvalidOperationException ();
+		}
+
+		[MonoTODO ("This one should return false if the claim is owned by someone else, this does not exist yet")]
+		public virtual bool TryRemoveClaim (Claim claim)
+		{
+			if (claim == null)
+				return true;
+			claims.Remove (claim);
+			return true;
+		}
+	}
+}
+#endif

mcs/class/corlib/corlib.dll.sources

@@ -1293,6 +1293,9 @@ System.Security.AccessControl/SddlAccessRight.cs
 System.Security.AccessControl/SecurityInfos.cs
 System.Security.AccessControl/SystemAcl.cs
 ../System.Core/System.Security.Cryptography/Aes.cs
+System.Security.Claims/Claim.cs
+System.Security.Claims/ClaimsIdentity.cs
+System.Security.Claims/ClaimValueTypes.cs
 System.Security.Cryptography/AsymmetricAlgorithm.cs
 System.Security.Cryptography/AsymmetricKeyExchangeDeformatter.cs
 System.Security.Cryptography/AsymmetricKeyExchangeFormatter.cs