Minimal implementation of classes and methods necessary to support the JWT functionality in System.IdentityModel.Tokens.Jwt (https://github.com/MSOpenTech/azure-activedirectory-identitymodel-extensions-for-dotnet). This change is released under the MIT license.

mcs/class/System.IdentityModel/System.IdentityModel-net_4_5.csproj

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -11,7 +11,6 @@
     <OutputPath>./../../class/lib/net_4_5</OutputPath>
     <NoStdLib>True</NoStdLib>
     <NoConfig>True</NoConfig>
-    
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>
     </RootNamespace>
@@ -19,7 +18,6 @@
     <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
   </PropertyGroup>
-  
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <DebugSymbols>true</DebugSymbols>
     <DebugType>full</DebugType>
@@ -55,10 +53,23 @@
     <Compile Include="System.IdentityModel.Claims\Rights.cs" />
     <Compile Include="System.IdentityModel.Claims\WindowsClaimSet.cs" />
     <Compile Include="System.IdentityModel.Claims\X509CertificateClaimSet.cs" />
+    <Compile Include="System.IdentityModel.Configuration\ICustomIdentityConfiguration.cs" />
+    <Compile Include="System.IdentityModel.Configuration\IdentityModelCaches.cs" />
     <Compile Include="System.IdentityModel.Policy\AuthorizationContext.cs" />
     <Compile Include="System.IdentityModel.Policy\EvaluationContext.cs" />
     <Compile Include="System.IdentityModel.Policy\IAuthorizationComponent.cs" />
     <Compile Include="System.IdentityModel.Policy\IAuthorizationPolicy.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\BinaryExchange.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\EndpointReference.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\Entropy.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\Lifetime.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\ProtectedKey.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\RequestedProofToken.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\RequestedSecurityToken.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\RequestSecurityTokenResponse.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\Status.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\UseKey.cs" />
+    <Compile Include="System.IdentityModel.Protocols\WSTrust\WSTrustMessage.cs" />
     <Compile Include="System.IdentityModel.Selectors\AudienceUriMode.cs" />
     <Compile Include="System.IdentityModel.Selectors\CustomUserNameSecurityTokenAuthenticator.cs" />
     <Compile Include="System.IdentityModel.Selectors\KerberosSecurityTokenAuthenticator.cs" />
@@ -82,13 +93,19 @@
     <Compile Include="System.IdentityModel.Selectors\X509SecurityTokenAuthenticator.cs" />
     <Compile Include="System.IdentityModel.Selectors\X509SecurityTokenProvider.cs" />
     <Compile Include="System.IdentityModel.Tokens\AsymmetricSecurityKey.cs" />
+    <Compile Include="System.IdentityModel.Tokens\AudienceRestriction.cs" />
+    <Compile Include="System.IdentityModel.Tokens\AuthenticationContext.cs" />
+    <Compile Include="System.IdentityModel.Tokens\AuthenticationInformation.cs" />
     <Compile Include="System.IdentityModel.Tokens\BinaryKeyIdentifierClause.cs" />
     <Compile Include="System.IdentityModel.Tokens\EncryptedKeyIdentifierClause.cs" />
+    <Compile Include="System.IdentityModel.Tokens\EncryptingCredentials.cs" />
     <Compile Include="System.IdentityModel.Tokens\GenericXmlSecurityToken.cs" />
     <Compile Include="System.IdentityModel.Tokens\InMemorySymmetricSecurityKey.cs" />
+    <Compile Include="System.IdentityModel.Tokens\IssuerNameRegistry.cs" />
     <Compile Include="System.IdentityModel.Tokens\KerberosReceiverSecurityToken.cs" />
     <Compile Include="System.IdentityModel.Tokens\KerberosRequestorSecurityToken.cs" />
     <Compile Include="System.IdentityModel.Tokens\LocalIdKeyIdentifierClause.cs" />
+    <Compile Include="System.IdentityModel.Tokens\ProofDescriptor.cs" />
     <Compile Include="System.IdentityModel.Tokens\RsaKeyIdentifierClause.cs" />
     <Compile Include="System.IdentityModel.Tokens\RsaSecurityKey.cs" />
     <Compile Include="System.IdentityModel.Tokens\RsaSecurityToken.cs" />
@@ -123,22 +140,36 @@
     <Compile Include="System.IdentityModel.Tokens\SecurityKeyType.cs" />
     <Compile Include="System.IdentityModel.Tokens\SecurityKeyUsage.cs" />
     <Compile Include="System.IdentityModel.Tokens\SecurityToken.cs" />
+    <Compile Include="System.IdentityModel.Tokens\SecurityTokenDescriptor.cs" />
     <Compile Include="System.IdentityModel.Tokens\SecurityTokenException.cs" />
+    <Compile Include="System.IdentityModel.Tokens\SecurityTokenHandler.cs" />
+    <Compile Include="System.IdentityModel.Tokens\SecurityTokenHandlerCollection.cs" />
+    <Compile Include="System.IdentityModel.Tokens\SecurityTokenHandlerConfiguration.cs" />
     <Compile Include="System.IdentityModel.Tokens\SecurityTokenTypes.cs" />
     <Compile Include="System.IdentityModel.Tokens\SecurityTokenValidationException.cs" />
+    <Compile Include="System.IdentityModel.Tokens\SessionSecurityTokenCache.cs" />
+    <Compile Include="System.IdentityModel.Tokens\SessionSecurityTokenCacheKey.cs" />
+    <Compile Include="System.IdentityModel.Tokens\SessionSecurityTokenHandler.cs" />
+    <Compile Include="System.IdentityModel.Tokens\SessionSecurityToken.cs" />
     <Compile Include="System.IdentityModel.Tokens\SigningCredentials.cs" />
     <Compile Include="System.IdentityModel.Tokens\SymmetricSecurityKey.cs" />
     <Compile Include="System.IdentityModel.Tokens\TlsHMAC.cs" />
+    <Compile Include="System.IdentityModel.Tokens\TokenReplayCache.cs" />
     <Compile Include="System.IdentityModel.Tokens\UserNameSecurityToken.cs" />
     <Compile Include="System.IdentityModel.Tokens\WindowsSecurityToken.cs" />
     <Compile Include="System.IdentityModel.Tokens\X509AsymmetricSecurityKey.cs" />
     <Compile Include="System.IdentityModel.Tokens\X509IssuerSerialKeyIdentifierClause.cs" />
     <Compile Include="System.IdentityModel.Tokens\X509RawDataKeyIdentifierClause.cs" />
     <Compile Include="System.IdentityModel.Tokens\X509SecurityToken.cs" />
+    <Compile Include="System.IdentityModel.Tokens\X509SigningCredentials.cs" />
     <Compile Include="System.IdentityModel.Tokens\X509SubjectKeyIdentifierClause.cs" />
     <Compile Include="System.IdentityModel.Tokens\X509ThumbprintKeyIdentifierClause.cs" />
     <Compile Include="System.IdentityModel.Tokens\X509WindowsSecurityToken.cs" />
-    <Compile Include="System.Security.Claims\AuthenticationTypes.cs" />
  </ItemGroup>
+    <Compile Include="System.IdentityModel\CookieTransform.cs" />
+    <Compile Include="System.IdentityModel\OpenObject.cs" />
+    <Compile Include="System.Security.Claims\AuthenticationTypes.cs" />
+    <Compile Include="System.ServiceModel.Security\X509CertificateValidationMode.cs" />
+  </ItemGroup>
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.
   <Target Name="BeforeBuild">
@@ -147,18 +178,13 @@
   </Target>
   -->
   <PropertyGroup>
-    <PreBuildEvent Condition=" '$(OS)' != 'Windows_NT' ">
-
-    </PreBuildEvent>
-    <PreBuildEvent Condition=" '$(OS)' == 'Windows_NT' ">
-
-    </PreBuildEvent>
-
-    <PostBuildEvent Condition=" '$(OS)' != 'Windows_NT' ">
-
-    </PostBuildEvent>
-    <PostBuildEvent Condition=" '$(OS)' == 'Windows_NT' ">
-
+    <PreBuildEvent Condition=" '$(OS)' != 'Windows_NT' ">
+    </PreBuildEvent>
+    <PreBuildEvent Condition=" '$(OS)' == 'Windows_NT' ">
+    </PreBuildEvent>
+    <PostBuildEvent Condition=" '$(OS)' != 'Windows_NT' ">
+    </PostBuildEvent>
+    <PostBuildEvent Condition=" '$(OS)' == 'Windows_NT' ">
     </PostBuildEvent>
   </PropertyGroup>
   <ItemGroup>
@@ -202,5 +228,8 @@
   <ItemGroup>
     <Folder Include="Properties\" />
   </ItemGroup>
-</Project>
-
+  <ItemGroup>
+    <Reference Include="System" />
+    <Reference Include="System.IdentityModel" />
+  </ItemGroup>
+</Project>

mcs/class/System.IdentityModel/System.IdentityModel.Configuration/ICustomIdentityConfiguration.cs

@@ -0,0 +1,9 @@
+using System.Xml;
+
+namespace System.IdentityModel.Configuration
+{
+	public interface ICustomIdentityConfiguration
+	{
+		void LoadCustomConfiguration(XmlNodeList nodeList);
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Configuration/IdentityModelCaches.cs

@@ -0,0 +1,10 @@
+using System.IdentityModel.Tokens;
+
+namespace System.IdentityModel.Configuration
+{
+	public sealed class IdentityModelCaches
+	{
+		public SessionSecurityTokenCache SessionSecurityTokenCache { get; set; }
+		public TokenReplayCache TokenReplayCache { get; set; }
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/BinaryExchange.cs

@@ -0,0 +1,23 @@
+using System;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class BinaryExchange
+	{
+		private const string defaultEncodingTypeUrl = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
+
+		public byte[] BinaryData { get; private set; }
+		public Uri EncodingType { get; private set; }
+		public Uri ValueType { get; private set; }
+
+		public BinaryExchange (byte[] binaryData, Uri valueType)
+			: this (binaryData, valueType, new Uri (defaultEncodingTypeUrl))
+		{ }
+
+		public BinaryExchange (byte[] binaryData, Uri valueType, Uri encodingType) {
+			BinaryData = binaryData;
+			ValueType = valueType;
+			EncodingType = encodingType;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/EndpointReference.cs

@@ -0,0 +1,34 @@
+using System;
+using System.Collections.ObjectModel;
+using System.Xml;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class EndpointReference
+	{
+		private Collection<XmlElement> details = new Collection<XmlElement> ();
+		private Uri uri = null;
+
+		public Collection<XmlElement> Details { get { return details; } }
+		public Uri Uri { get { return uri; } }
+
+		public EndpointReference (string uri) {
+			this.uri = new Uri (uri);
+		}
+
+		[MonoTODO]
+		public static EndpointReference ReadFrom (XmlDictionaryReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public static EndpointReference ReadFrom(Xml.XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public void WriteTo (XmlWriter writer) {
+			throw new NotImplementedException ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/Entropy.cs

@@ -0,0 +1,31 @@
+using System;
+using System.IdentityModel.Tokens;
+using System.Security.Cryptography;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class Entropy : ProtectedKey
+	{
+		public Entropy (ProtectedKey protectedKey) : base (protectedKey.GetKeyBytes (), protectedKey.WrappingCredentials)
+		{ }
+
+		public Entropy (byte[] secret) : base (secret)
+		{ }
+
+		public Entropy (int entropySizeInBits)
+			: this(Entropy.GetRandomByteArray(entropySizeInBits / 8))
+		{ }
+
+		public Entropy (byte[] secret, EncryptingCredentials wrappingCredentials) : base (secret, wrappingCredentials)
+		{ }
+
+		private static byte[] GetRandomByteArray (int arraySize) {
+			byte[] b = new byte[arraySize];
+
+			RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
+			rng.GetNonZeroBytes(b);
+
+			return b;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/Lifetime.cs

@@ -0,0 +1,19 @@
+using System;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class Lifetime
+	{
+		public DateTime? Created { get; set; }
+		public DateTime? Expires { get; set; }
+
+		public Lifetime (DateTime created, DateTime expires)
+			: this ((DateTime?)created, (DateTime?)expires)
+		{ }
+
+		public Lifetime (DateTime? created, DateTime? expires) {
+			if (created.HasValue) { Created = created.Value.ToUniversalTime (); }
+			if (expires.HasValue) { Expires = expires.Value.ToUniversalTime (); }
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/ProtectedKey.cs

@@ -0,0 +1,25 @@
+using System;
+using System.IdentityModel.Tokens;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class ProtectedKey
+	{
+		private byte[] secret;
+
+		public EncryptingCredentials WrappingCredentials { get; private set; }
+
+		public ProtectedKey (byte[] secret) {
+			this.secret = secret;
+		}
+
+		public ProtectedKey (byte[] secret, EncryptingCredentials wrappingCredentials) {
+			this.secret = secret;
+			WrappingCredentials = wrappingCredentials;
+		}
+
+		public byte[] GetKeyBytes () {
+			return secret;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/RequestSecurityTokenResponse.cs

@@ -0,0 +1,25 @@
+using System.IdentityModel.Tokens;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class RequestSecurityTokenResponse : WSTrustMessage
+	{
+		public bool IsFinal { get; set; }
+		public SecurityKeyIdentifierClause RequestedAttachedReference { get; set; }
+		public RequestedProofToken RequestedProofToken { get; set; }
+		public RequestedSecurityToken RequestedSecurityToken { get; set; }
+		public bool RequestedTokenCancelled { get; set; }
+		public SecurityKeyIdentifierClause RequestedUnattachedReference { get; set; }
+		public Status Status { get; set; }
+
+		public RequestSecurityTokenResponse ()
+		{ }
+
+		public RequestSecurityTokenResponse (WSTrustMessage message) {
+			Context = message.Context;
+			KeyType = message.KeyType;
+			KeySizeInBits = message.KeySizeInBits;
+			RequestType = message.RequestType;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/RequestedProofToken.cs

@@ -0,0 +1,27 @@
+using System;
+using System.IdentityModel.Tokens;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class RequestedProofToken
+	{
+		public string ComputedKeyAlgorithm { get; private set; }
+		public ProtectedKey ProtectedKey { get; private set; }
+
+		public RequestedProofToken (ProtectedKey protectedKey) {
+			ProtectedKey = protectedKey;
+		}
+
+		public RequestedProofToken (Byte[] secret) {
+			ProtectedKey = new ProtectedKey (secret);
+		}
+
+		public RequestedProofToken (string computedKeyAlgorithm) {
+			ComputedKeyAlgorithm = computedKeyAlgorithm;
+		}
+
+		public RequestedProofToken (Byte[] secret, EncryptingCredentials wrappingCredentials) {
+			ProtectedKey = new ProtectedKey (secret, wrappingCredentials);
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/RequestedSecurityToken.cs

@@ -0,0 +1,20 @@
+using System;
+using System.IdentityModel.Tokens;
+using System.Xml;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class RequestedSecurityToken
+	{
+		public SecurityToken SecurityToken { get; private set; }
+		public virtual XmlElement SecurityTokenXml { get; private set; }
+
+		public RequestedSecurityToken (SecurityToken token) {
+			SecurityToken = token;
+		}
+
+		public RequestedSecurityToken (XmlElement tokenAsXml) {
+			SecurityTokenXml = tokenAsXml;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/Status.cs

@@ -0,0 +1,15 @@
+using System;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class Status
+	{
+		public string Code { get; set; }
+		public string Reason { get; set; }
+
+		public Status (string code, string reason) {
+			Code = code;
+			Reason = reason;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/UseKey.cs

@@ -0,0 +1,27 @@
+using System;
+using System.IdentityModel.Tokens;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public class UseKey
+	{
+		public SecurityKeyIdentifier SecurityKeyIdentifier { get; private set; }
+		public SecurityToken Token { get; private set; }
+
+		public UseKey () : this (null, null)
+		{ }
+
+		public UseKey (SecurityKeyIdentifier ski)
+			: this (ski, null)
+		{ }
+
+		public UseKey (SecurityToken token)
+			: this (null, token)
+		{ }
+
+		public UseKey (SecurityKeyIdentifier ski, SecurityToken token) {
+			SecurityKeyIdentifier = ski;
+			Token = token;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Protocols/WSTrust/WSTrustMessage.cs

@@ -0,0 +1,28 @@
+using System;
+using System.IdentityModel;
+
+namespace System.IdentityModel.Protocols.WSTrust
+{
+	public abstract class WSTrustMessage : OpenObject
+	{
+		public bool AllowPostdating { get; set; }
+		public EndpointReference AppliesTo { get; set; }
+		public string AuthenticationType { get; set; }
+		public BinaryExchange BinaryExchange { get; set; }
+		public string CanonicalizationAlgorithm { get; set; }
+		public string Context { get; set; }
+		public string EncryptionAlgorithm { get; set; }
+		public string EncryptWith { get; set; }
+		public Entropy Entropy { get; set; }
+		public int? KeySizeInBits { get; set; }
+		public string KeyType { get; set; }
+		public string KeyWrapAlgorithm { get; set; }
+		public Lifetime Lifetime { get; set; }
+		public string ReplyTo { get; set; }
+		public string RequestType { get; set; }
+		public string SignatureAlgorithm { get; set; }
+		public string SignWith { get; set; }
+		public string TokenType { get; set; }
+		public UseKey UseKey { get; set; }
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/AudienceRestriction.cs

@@ -0,0 +1,21 @@
+using System.Collections.ObjectModel;
+using System.IdentityModel.Selectors;
+
+namespace System.IdentityModel.Tokens
+{
+	public class AudienceRestriction
+	{
+		public Collection<Uri> AllowedAudienceUris { get; private set; }
+		public AudienceUriMode AudienceMode { get; set; }
+
+		public AudienceRestriction () {
+			AllowedAudienceUris = new Collection<Uri>();
+		}
+
+		public AudienceRestriction (AudienceUriMode audienceMode)
+			: this ()
+		{
+			AudienceMode = audienceMode;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/AuthenticationContext.cs

@@ -0,0 +1,16 @@
+using System;
+using System.Collections.ObjectModel;
+
+namespace System.IdentityModel.Tokens
+{
+	public class AuthenticationContext
+	{
+		public Collection<string> Authorities { get; private set; }
+		public string ContextClass { get; set; }
+		public string ContextDeclaration { get; set; }
+
+		public AuthenticationContext () {
+			Authorities = new Collection<string> ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/AuthenticationInformation.cs

@@ -0,0 +1,17 @@
+using System;
+using System.Collections.ObjectModel;
+using System.IdentityModel.Tokens;
+
+namespace System.Security.Claims
+{
+	public class AuthenticationInformation
+	{
+		private Collection<AuthenticationContext> authorizationContexts = new Collection<AuthenticationContext> ();
+
+		public String Address { get; set; }
+		public Collection<AuthenticationContext> AuthorizationContexts { get { return authorizationContexts; } }
+		public String DnsName { get; set; }
+		public Nullable<DateTime> NotOnOrAfter { get; set; }
+		public String Session { get; set; }
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/EncryptingCredentials.cs

@@ -0,0 +1,18 @@
+namespace System.IdentityModel.Tokens
+{
+	public class EncryptingCredentials
+	{
+		public string Algorithm { get; set; }
+		public SecurityKey SecurityKey { get; set; }
+		public SecurityKeyIdentifier SecurityKeyIdentifier { get; set; }
+
+		public EncryptingCredentials ()
+		{ }
+
+		public EncryptingCredentials (SecurityKey key, SecurityKeyIdentifier keyIdentifier, string algorithm) {
+			SecurityKey = key;
+			SecurityKeyIdentifier = keyIdentifier;
+			Algorithm = algorithm;
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/IssuerNameRegistry.cs

@@ -0,0 +1,25 @@
+using System.IdentityModel.Configuration;
+using System.Xml;
+
+namespace System.IdentityModel.Tokens
+{
+	public abstract class IssuerNameRegistry : ICustomIdentityConfiguration
+	{
+		public abstract string GetIssuerName (SecurityToken securityToken);
+
+		[MonoTODO]
+		public virtual string GetIssuerName (SecurityToken securityToken, System.String requestedIssuerName) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public virtual string GetWindowsIssuerName() {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public virtual void LoadCustomConfiguration(XmlNodeList nodelist) {
+			throw new NotImplementedException ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/ProofDescriptor.cs

@@ -0,0 +1,11 @@
+using System.IdentityModel.Protocols.WSTrust;
+
+namespace System.IdentityModel.Tokens
+{
+	public abstract class ProofDescriptor
+	{
+		public abstract SecurityKeyIdentifier KeyIdentifier { get; }
+
+		public abstract void ApplyTo (RequestSecurityTokenResponse response);
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SecurityKeyIdentifierClause.cs

@@ -68,6 +68,8 @@ namespace System.IdentityModel.Tokens
 			return nonce != null ? (byte []) nonce.Clone () : null;
 		}
 
+		public string Id { get; set; }
+
 		public virtual SecurityKey CreateKey ()
 		{
 			throw new NotSupportedException (String.Format ("This '{0}' identifier clause does not support key creation.", GetType ()));

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SecurityTokenDescriptor.cs

@@ -0,0 +1,44 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Threading.Tasks;
+using System.IdentityModel.Protocols.WSTrust;
+using System.Security.Claims;
+
+namespace System.IdentityModel.Tokens
+{
+	public class SecurityTokenDescriptor
+	{
+		private Dictionary<string, Object> properties = new Dictionary<string, object> ();
+
+		public string AppliesToAddress { get; set; }
+		public SecurityKeyIdentifierClause AttachedReference { get; set; }
+		public AuthenticationInformation AuthenticationInfo { get; set; }
+		public EncryptingCredentials EncryptingCredentials { get; set; }
+		public Lifetime Lifetime { get; set; }
+		public ProofDescriptor Proof { get; set; }
+		public Dictionary<string, Object> Properties { get { return properties; } }
+		public string ReplyToAddress { get; set; }
+		public SigningCredentials SigningCredentials { get; set; }
+		public ClaimsIdentity Subject { get; set; }
+		public SecurityToken Token { get; set; }
+		public string TokenIssuerName { get; set; }
+		public string TokenType { get; set; }
+		public SecurityKeyIdentifierClause UnattachedReference { get; set; }
+
+		[MonoTODO]
+		public void AddAuthenticationClaims (string authType) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public void AddAuthenticationClaims (string authType, DateTime time) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public virtual void ApplyTo (RequestSecurityTokenResponse response) {
+			throw new NotImplementedException ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SecurityTokenHandler.cs

@@ -0,0 +1,93 @@
+using System;
+using System.Collections.ObjectModel;
+using System.IdentityModel.Configuration;
+using System.IdentityModel.Selectors;
+using System.Security.Claims;
+using System.Xml;
+
+namespace System.IdentityModel.Tokens
+{
+	public abstract class SecurityTokenHandler : ICustomIdentityConfiguration
+	{
+		public virtual bool CanValidateToken { get { return false; } }
+		public virtual bool CanWriteToken { get { return false; } }
+		public SecurityTokenHandlerConfiguration Configuration { get; set; }
+		public SecurityTokenHandlerCollection ContainingCollection { get; internal set; }
+		public abstract Type TokenType { get; }
+
+		public virtual bool CanReadKeyIdentifierClause (XmlReader reader) {
+			return false;
+		}
+
+		public virtual bool CanReadToken (string tokenString) {
+			return false;
+		}
+
+		public virtual bool CanReadToken (XmlReader reader) {
+			return false;
+		}
+
+		public virtual bool CanWriteKeyIdentifierClause (SecurityKeyIdentifierClause securityKeyIdentifierClause) {
+			return false;
+		}
+
+		public virtual SecurityKeyIdentifierClause CreateSecurityTokenReference (SecurityToken token, bool attached) {
+			throw new NotImplementedException ();
+		}
+
+		public virtual SecurityToken CreateToken (SecurityTokenDescriptor tokenDescriptor) {
+			throw new NotImplementedException ();
+		}
+
+		protected virtual void DetectReplayedToken (SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+
+		public abstract string[] GetTokenTypeIdentifiers ();
+
+		public virtual void LoadCustomConfiguration (XmlNodeList nodelist) {
+			throw new NotImplementedException ();
+		}
+
+		public virtual SecurityKeyIdentifierClause ReadKeyIdentifierClause (XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+
+		public virtual SecurityToken ReadToken (string tokenString) {
+			throw new NotImplementedException ();
+		}
+
+		public virtual SecurityToken ReadToken (XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		public virtual SecurityToken ReadToken (XmlReader reader, SecurityTokenResolver tokenResolver) {
+			return this.ReadToken (reader);
+		}
+
+		protected void TraceTokenValidationFailure (SecurityToken token, string errorMessage) {
+			throw new NotImplementedException ();
+		}
+
+		protected void TraceTokenValidationSuccess (SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+
+		public virtual ReadOnlyCollection<ClaimsIdentity> ValidateToken (SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+
+		public virtual void WriteKeyIdentifierClause (XmlWriter writer, SecurityKeyIdentifierClause securityKeyIdentifierClause) {
+			throw new NotImplementedException ();
+		}
+
+		public virtual string WriteToken (SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+
+		public virtual void WriteToken (XmlWriter writer, SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SecurityTokenHandlerCollection.cs

@@ -0,0 +1,167 @@
+using System;
+using System.Collections.Generic;
+using System.Collections.ObjectModel;
+using System.IdentityModel.Selectors;
+using System.Security.Claims;
+using System.Xml;
+
+namespace System.IdentityModel.Tokens
+{
+	public class SecurityTokenHandlerCollection : Collection<SecurityTokenHandler>
+	{
+		private SecurityTokenHandlerConfiguration config;
+		private IEnumerable<string> tokenTypeIdentifiers = new List<string> ();
+		private IEnumerable<Type> tokenTypes = new List<Type> ();
+
+		public SecurityTokenHandlerConfiguration Configuration { get { return this.config; } }
+		public IEnumerable<string> TokenTypeIdentifiers { get { return tokenTypeIdentifiers; } }
+		public IEnumerable<Type> TokenTypes { get { return tokenTypes; } }
+		public SecurityTokenHandler this[SecurityToken token] {
+			get {
+				if (token == null) { return null; }
+
+				return this[token.GetType ()];
+			}
+		}
+		[MonoTODO]
+		public SecurityTokenHandler this[string tokenTypeIdentifier] {
+			get {
+				throw new NotImplementedException ();
+			}
+		}
+		[MonoTODO]
+		public SecurityTokenHandler this[Type tokenType] {
+			get {
+				throw new NotImplementedException ();
+			}
+		}
+
+		public SecurityTokenHandlerCollection ()
+			: this(new SecurityTokenHandlerConfiguration ())
+		{ }
+
+		public SecurityTokenHandlerCollection (SecurityTokenHandlerConfiguration configuration) {
+			config = configuration;
+		}
+
+		public SecurityTokenHandlerCollection (IEnumerable<SecurityTokenHandler> handlers)
+			: this (handlers, new SecurityTokenHandlerConfiguration ())
+		{ }
+
+		public SecurityTokenHandlerCollection (IEnumerable<SecurityTokenHandler> handlers, SecurityTokenHandlerConfiguration configuration) : this (configuration) {
+			foreach (var handler in handlers) {
+				Add (handler);
+			}
+		}
+
+		[MonoTODO]
+		public void AddOrReplace(SecurityTokenHandler handler) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public bool CanReadKeyIdentifierClause(XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected virtual bool CanReadKeyIdentifierClauseCore(XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public bool CanReadToken(string tokenString) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public bool CanReadToken(XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public bool CanWriteToken(SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected override void ClearItems() {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public static SecurityTokenHandlerCollection CreateDefaultSecurityTokenHandlerCollection() {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public static SecurityTokenHandlerCollection CreateDefaultSecurityTokenHandlerCollection(SecurityTokenHandlerConfiguration configuration) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public SecurityToken CreateToken(SecurityTokenDescriptor tokenDescriptor) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected override void InsertItem(int index, SecurityTokenHandler item) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public SecurityKeyIdentifierClause ReadKeyIdentifierClause(XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected virtual SecurityKeyIdentifierClause ReadKeyIdentifierClauseCore(XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public SecurityToken ReadToken(string tokenString) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public SecurityToken ReadToken(XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected override void RemoveItem(int index) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected override void SetItem(int index, SecurityTokenHandler item) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public ReadOnlyCollection<ClaimsIdentity> ValidateToken(SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public void WriteKeyIdentifierClause(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected virtual void WriteKeyIdentifierClauseCore(XmlWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public string WriteToken(SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public void WriteToken(XmlWriter writer, SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SecurityTokenHandlerConfiguration.cs

@@ -0,0 +1,36 @@
+using System;
+using System.IdentityModel.Configuration;
+using System.IdentityModel.Selectors;
+using System.Security.Cryptography.X509Certificates;
+using System.ServiceModel.Security;
+
+namespace System.IdentityModel.Tokens
+{
+	public class SecurityTokenHandlerConfiguration
+	{
+		public static readonly X509CertificateValidationMode DefaultCertificateValidationMode;
+		public static readonly X509CertificateValidator DefaultCertificateValidator;
+		public static readonly bool DefaultDetectReplayedTokens;
+		public static readonly IssuerNameRegistry DefaultIssuerNameRegistry;
+		public static readonly SecurityTokenResolver DefaultIssuerTokenResolver;
+		public static readonly TimeSpan DefaultMaxClockSkew;
+		public static readonly X509RevocationMode DefaultRevocationMode;
+		public static readonly bool DefaultSaveBootstrapContext;
+		public static readonly TimeSpan DefaultTokenReplayCacheExpirationPeriod;
+		public static readonly StoreLocation DefaultTrustedStoreLocation;
+
+		public AudienceRestriction AudienceRestriction { get; set; }
+		public IdentityModelCaches Caches { get; set; }
+		public X509CertificateValidationMode CertificateValidationMode { get; set; }
+		public X509CertificateValidator CertificateValidator { get; set; }
+		public bool DetectReplayedTokens { get; set; }
+		public IssuerNameRegistry IssuerNameRegistry { get; set; }
+		public SecurityTokenResolver IssuerTokenResolver { get; set; }
+		public TimeSpan MaxClockSkew { get; set; }
+		public X509RevocationMode RevocationMode { get; set; }
+		public bool SaveBootstrapContext { get; set; }
+		public SecurityTokenResolver ServiceTokenResolver { get; set; }
+		public TimeSpan TokenReplayCacheExpirationPeriod { get; set; }
+		public StoreLocation TrustedStoreLocation { get; set; }
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SessionSecurityToken.cs

@@ -0,0 +1,79 @@
+using System;
+using System.Collections.ObjectModel;
+using System.Runtime.Serialization;
+using System.Security.Claims;
+using System.Xml;
+
+namespace System.IdentityModel.Tokens
+{
+	[Serializable]
+	public class SessionSecurityToken : SecurityToken
+	{
+		private ReadOnlyCollection<SecurityKey> securityKeys;
+		private DateTime validFrom;
+		private DateTime validTo;
+
+		public ClaimsPrincipal ClaimsPrincipal { get; private set; }
+		public string Context { get; private set; }
+		public UniqueId ContextId { get; private set; }
+		public string EndpointId { get; private set; }
+		[MonoTODO]
+		public override string Id { get { throw new NotImplementedException (); } }
+		public bool IsPersistent { get; set; }
+		public bool IsReferenceMode { get; set; }
+		public DateTime KeyEffectiveTime { get; private set; }
+		public DateTime KeyExpirationTime { get; private set; }
+		public UniqueId KeyGeneration { get; private set; }
+		public Uri SecureConversationVersion { get; private set; }
+		public override ReadOnlyCollection<SecurityKey> SecurityKeys { get { return securityKeys; } }
+		public override DateTime ValidFrom { get { return validFrom; } }
+		public override DateTime ValidTo { get { return validTo; } }
+
+		public SessionSecurityToken (ClaimsPrincipal claimsPrincipal)
+			: this (claimsPrincipal, null)
+		{ }
+
+		protected SessionSecurityToken (SerializationInfo info, StreamingContext context) {
+			throw new NotImplementedException ();
+		}
+
+		public SessionSecurityToken (ClaimsPrincipal claimsPrincipal, string context)
+			: this (claimsPrincipal, context, DateTime.UtcNow, DateTime.UtcNow + SessionSecurityTokenHandler.DefaultTokenLifetime)
+		{ }
+
+		public SessionSecurityToken (ClaimsPrincipal claimsPrincipal, TimeSpan lifetime)
+			: this (claimsPrincipal, null, DateTime.UtcNow, DateTime.UtcNow + lifetime)
+		{ }
+
+		public SessionSecurityToken (ClaimsPrincipal claimsPrincipal, string context, DateTime? validFrom, DateTime? validTo)
+			: this (claimsPrincipal, new UniqueId (), context, String.Empty, validFrom, validTo, null)
+		{ }
+
+		public SessionSecurityToken (ClaimsPrincipal claimsPrincipal, string context, string endpointId, DateTime? validFrom, DateTime? validTo)
+			: this(claimsPrincipal, new UniqueId (), context, endpointId, validFrom, validTo, null)
+		{ }
+
+		public SessionSecurityToken (ClaimsPrincipal claimsPrincipal, UniqueId contextId, string context, string endpointId, TimeSpan lifetime, SymmetricSecurityKey key)
+			: this (claimsPrincipal, contextId, context, endpointId, DateTime.UtcNow, lifetime, key)
+		{ }
+
+		public SessionSecurityToken (ClaimsPrincipal claimsPrincipal, UniqueId contextId, string context, string endpointId, DateTime validFrom, TimeSpan lifetime, SymmetricSecurityKey key)
+			: this (claimsPrincipal, contextId, context, endpointId, validFrom, validFrom + lifetime, key)
+		{ }
+
+		public SessionSecurityToken (ClaimsPrincipal claimsPrincipal, UniqueId contextId, string context, string endpointId, DateTime? validFrom, DateTime? validTo, SymmetricSecurityKey key) {
+			ClaimsPrincipal = claimsPrincipal;
+			ContextId = contextId;
+			Context = context;
+			EndpointId = endpointId;
+			validFrom = (validFrom.HasValue) ? validFrom.Value.ToUniversalTime () : DateTime.UtcNow;
+			validTo = (validTo.HasValue) ? validTo.Value.ToUniversalTime () : ValidFrom + SessionSecurityTokenHandler.DefaultTokenLifetime;
+			securityKeys = new ReadOnlyCollection<SecurityKey> (new SecurityKey[] { new InMemorySymmetricSecurityKey ((key == null) ? null : key.GetSymmetricKey ()) });
+		}
+
+		[MonoTODO]
+		public virtual void GetObjectData (SerializationInfo info, StreamingContext context) {
+			throw new NotImplementedException ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SessionSecurityTokenCache.cs

@@ -0,0 +1,21 @@
+using System;
+using System.Collections.Generic;
+using System.IdentityModel.Configuration;
+using System.Xml;
+
+namespace System.IdentityModel.Tokens
+{
+	public abstract class SessionSecurityTokenCache : ICustomIdentityConfiguration
+	{
+		public abstract void AddOrUpdate (SessionSecurityTokenCacheKey key, SessionSecurityToken value, DateTime expiryTime);
+		public abstract SessionSecurityToken Get (SessionSecurityTokenCacheKey key);
+		public abstract IEnumerable<SessionSecurityToken> GetAll (string endpointId, UniqueId contextId);
+		[MonoTODO]
+		public virtual void LoadCustomConfiguration (XmlNodeList nodelist) {
+			throw new NotImplementedException ();
+		}
+		public abstract void Remove (SessionSecurityTokenCacheKey key);
+		public abstract void RemoveAll (string endpointId);
+		public abstract void RemoveAll (string endpointId, UniqueId contextId);
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SessionSecurityTokenCacheKey.cs

@@ -0,0 +1,44 @@
+using System;
+using System.Xml;
+
+namespace System.IdentityModel.Tokens
+{
+	public class SessionSecurityTokenCacheKey
+	{
+		[MonoTODO]
+		public static bool operator !=(SessionSecurityTokenCacheKey first, SessionSecurityTokenCacheKey second) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public static bool operator ==(SessionSecurityTokenCacheKey first, SessionSecurityTokenCacheKey second) {
+			throw new NotImplementedException ();
+		}
+
+		public UniqueId ContextId { get; private set; }
+		public string EndpointId { get; private set; }
+		public bool IgnoreKeyGeneration { get; set; }
+		public UniqueId KeyGeneration { get; private set; }
+
+		public SessionSecurityTokenCacheKey (string endpointId, UniqueId contextId, UniqueId keyGeneration) {
+			EndpointId = endpointId;
+			ContextId = contextId;
+			KeyGeneration = keyGeneration;
+		}
+
+		[MonoTODO]
+		public override bool Equals (System.Object obj) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override int GetHashCode () {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override string ToString () {
+			throw new NotImplementedException ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/SessionSecurityTokenHandler.cs

@@ -0,0 +1,118 @@
+using System;
+using System.Collections.Generic;
+using System.Collections.ObjectModel;
+using System.IdentityModel.Selectors;
+using System.Security.Claims;
+using System.Xml;
+
+namespace System.IdentityModel.Tokens
+{
+	public class SessionSecurityTokenHandler : SecurityTokenHandler
+	{
+		public static readonly ReadOnlyCollection<CookieTransform> DefaultCookieTransforms;
+		public static readonly TimeSpan DefaultLifetime = TimeSpan.FromHours (10);
+
+		private bool canValidateToken;
+		private bool canWriteToken;
+		private string cookieElementName;
+		private string cookieNamespace;
+		private Type tokenType;
+
+		public override bool CanValidateToken { get { return canValidateToken; } }
+		public override bool CanWriteToken { get { return canWriteToken; } }
+		public virtual string CookieElementName { get { return cookieElementName; } }
+		public virtual string CookieNamespace { get { return cookieNamespace; } }
+		public static TimeSpan DefaultTokenLifetime { get { return SessionSecurityTokenHandler.DefaultLifetime; } }
+		public virtual TimeSpan TokenLifetime { get; set; }
+		public override Type TokenType { get { return tokenType; } }
+		public ReadOnlyCollection<CookieTransform> Transforms { get; private set; }
+
+		public SessionSecurityTokenHandler ()
+			: this (SessionSecurityTokenHandler.DefaultCookieTransforms)
+		{ }
+
+		public SessionSecurityTokenHandler (ReadOnlyCollection<CookieTransform> transforms)
+			: this (transforms, SessionSecurityTokenHandler.DefaultLifetime)
+		{ }
+
+		public SessionSecurityTokenHandler (ReadOnlyCollection<CookieTransform> transforms, TimeSpan tokenLifetime) {
+			Transforms = transforms;
+			TokenLifetime = tokenLifetime;
+		}
+
+		[MonoTODO]
+		protected virtual byte[] ApplyTransforms (byte[] cookie, bool outbound) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override bool CanReadToken (XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public virtual SessionSecurityToken CreateSessionSecurityToken (ClaimsPrincipal principal, string context, string endpointId, DateTime validFrom, DateTime validTo) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override SecurityToken CreateToken (SecurityTokenDescriptor tokenDescriptor) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override string[] GetTokenTypeIdentifiers () {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override void LoadCustomConfiguration (XmlNodeList customConfigElements) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override SecurityToken ReadToken (XmlReader reader) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public virtual SecurityToken ReadToken (byte[] token, SecurityTokenResolver tokenResolver) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override SecurityToken ReadToken(XmlReader reader, SecurityTokenResolver tokenResolver) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected void SetTransforms (IEnumerable<CookieTransform> transforms) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		protected virtual void ValidateSession (SessionSecurityToken securityToken) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override ReadOnlyCollection<ClaimsIdentity> ValidateToken (SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public virtual ReadOnlyCollection<ClaimsIdentity> ValidateToken (SessionSecurityToken token, string endpointId) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public virtual byte[] WriteToken (SessionSecurityToken sessionToken) {
+			throw new NotImplementedException ();
+		}
+
+		[MonoTODO]
+		public override void WriteToken (XmlWriter writer, SecurityToken token) {
+			throw new NotImplementedException ();
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/TokenReplayCache.cs

@@ -0,0 +1,22 @@
+using System;
+using System.IdentityModel.Configuration;
+using System.Xml;
+
+namespace System.IdentityModel.Tokens
+{
+	public abstract class TokenReplayCache : ICustomIdentityConfiguration
+	{
+		public abstract void AddOrUpdate (string key, SecurityToken securityToken, DateTime expirationTime);
+
+		public abstract bool Contains (string key);
+
+		public abstract SecurityToken Get (string key);
+
+		[MonoTODO]
+		public virtual void LoadCustomConfiguration (XmlNodeList nodelist) {
+			throw new NotImplementedException ();
+		}
+
+		public abstract void Remove (string key);
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/X509AsymmetricSecurityKey.cs

@@ -84,24 +84,62 @@ namespace System.IdentityModel.Tokens
 			switch (algorithm) {
 			//case SignedXml.XmlDsigDSAUrl: // it is documented as supported, but it isn't in reality and it wouldn't be possible.
 			case SignedXml.XmlDsigRSASHA1Url:
-				return new HMACSHA1 ();
+				return new SHA1Managed ();
 			case SecurityAlgorithms.RsaSha256Signature:
-				return new HMACSHA256 ();
+				return new SHA256Managed ();
 			default:
 				throw new NotSupportedException (String.Format ("'{0}' Hash algorithm is not supported in this security key.", algorithm));
 			}
 		}
 
-		[MonoTODO]
 		public override AsymmetricSignatureDeformatter GetSignatureDeformatter (string algorithm)
 		{
-			throw new NotImplementedException ();
+			switch (algorithm) {
+				//case SignedXml.XmlDsigDSAUrl:
+				//	DSA dsa = (cert.PublicKey.Key as DSA);
+				//	if (dsa == null) {
+				//		throw new NotSupportedException (String.Format ("The certificate does not contain DSA public key while '{0}' requires it.", algorithm));
+				//	}
+				//	else {
+				//		return new DSASignatureDeformatter(dsa);
+				//	}
+				case SignedXml.XmlDsigRSASHA1Url:
+				case SecurityAlgorithms.RsaSha256Signature:
+					RSA rsa = (cert.PublicKey.Key as RSA);
+					if (rsa == null) {
+						throw new NotSupportedException (String.Format ("The certificate does not contain RSA public key while '{0}' requires it.", algorithm));
+					}
+					else {
+						return new RSAPKCS1SignatureDeformatter (rsa);
+					}
+				default:
+					throw new NotSupportedException (String.Format ("'{0}' Hash algorithm is not supported in this security key.", algorithm));
+			}
 		}
 
-		[MonoTODO]
 		public override AsymmetricSignatureFormatter GetSignatureFormatter (string algorithm)
 		{
-			throw new NotImplementedException ();
+			switch (algorithm) {
+				//case SignedXml.XmlDsigDSAUrl:
+				//	DSA dsa = (cert.PrivateKey as DSA);
+				//	if (dsa == null) {
+				//		throw new NotSupportedException (String.Format ("The certificate does not contain DSA private key while '{0}' requires it.", algorithm));
+				//	}
+				//	else {
+				//		return new DSASignatureFormatter(dsa);
+				//	}
+				case SignedXml.XmlDsigRSASHA1Url:
+				case SecurityAlgorithms.RsaSha256Signature:
+					RSA rsa = (cert.PrivateKey as RSA);
+					if (rsa == null) {
+						throw new NotSupportedException (String.Format ("The certificate does not contain RSA private key while '{0}' requires it.", algorithm));
+					}
+					else {
+						return new RSAPKCS1SignatureFormatter (rsa);
+					}
+				default:
+					throw new NotSupportedException (String.Format ("'{0}' Hash algorithm is not supported in this security key.", algorithm));
+			}
 		}
 
 		public override bool HasPrivateKey ()

mcs/class/System.IdentityModel/System.IdentityModel.Tokens/X509SigningCredentials.cs

@@ -0,0 +1,32 @@
+using System;
+using System.Security.Cryptography.X509Certificates;
+
+namespace System.IdentityModel.Tokens
+{
+	public class X509SigningCredentials : SigningCredentials
+	{
+		public X509Certificate2 Certificate { get; private set; }
+
+		public X509SigningCredentials (X509Certificate2 certificate)
+			: this (certificate, X509SigningCredentials.GetSecurityKeyIdentifier (certificate), SecurityAlgorithms.RsaSha256Signature, SecurityAlgorithms.Sha256Digest)
+		{ }
+
+		public X509SigningCredentials (X509Certificate2 certificate, SecurityKeyIdentifier ski)
+			: this (certificate, ski, SecurityAlgorithms.RsaSha256Signature, SecurityAlgorithms.Sha256Digest)
+		{ }
+
+		public X509SigningCredentials (X509Certificate2 certificate, string signatureAlgorithm, string digestAlgorithm)
+			: this (certificate, X509SigningCredentials.GetSecurityKeyIdentifier (certificate), signatureAlgorithm, digestAlgorithm)
+		{ }
+
+		public X509SigningCredentials (X509Certificate2 certificate, SecurityKeyIdentifier ski, string signatureAlgorithm, string digestAlgorithm)
+			: base (new X509SecurityToken (certificate).SecurityKeys[0], signatureAlgorithm, digestAlgorithm, ski)
+		{
+			Certificate = certificate;
+		}
+
+		private static SecurityKeyIdentifier GetSecurityKeyIdentifier (X509Certificate2 certificate) {
+			return new SecurityKeyIdentifier (new X509SecurityToken (certificate).CreateKeyIdentifierClause<X509RawDataKeyIdentifierClause> ());
+		}
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel.dll.sources

@@ -1,6 +1,8 @@
 ../../build/common/Consts.cs
 ../../build/common/MonoTODOAttribute.cs
 Assembly/AssemblyInfo.cs
+System.IdentityModel/CookieTransform.cs
+System.IdentityModel/OpenObject.cs
 System.IdentityModel.Claims/Claim.cs
 System.IdentityModel.Claims/ClaimSet.cs
 System.IdentityModel.Claims/ClaimTypes.cs
@@ -8,10 +10,23 @@ System.IdentityModel.Claims/DefaultClaimSet.cs
 System.IdentityModel.Claims/Rights.cs
 System.IdentityModel.Claims/WindowsClaimSet.cs
 System.IdentityModel.Claims/X509CertificateClaimSet.cs
+System.IdentityModel.Configuration/ICustomIdentityConfiguration.cs
+System.IdentityModel.Configuration/IdentityModelCaches.cs
 System.IdentityModel.Policy/AuthorizationContext.cs
 System.IdentityModel.Policy/EvaluationContext.cs
 System.IdentityModel.Policy/IAuthorizationComponent.cs
 System.IdentityModel.Policy/IAuthorizationPolicy.cs
+System.IdentityModel.Protocols/WSTrust/BinaryExchange.cs
+System.IdentityModel.Protocols/WSTrust/EndpointReference.cs
+System.IdentityModel.Protocols/WSTrust/Entropy.cs
+System.IdentityModel.Protocols/WSTrust/Lifetime.cs
+System.IdentityModel.Protocols/WSTrust/ProtectedKey.cs
+System.IdentityModel.Protocols/WSTrust/RequestSecurityTokenResponse.cs
+System.IdentityModel.Protocols/WSTrust/RequestedProofToken.cs
+System.IdentityModel.Protocols/WSTrust/RequestedSecurityToken.cs
+System.IdentityModel.Protocols/WSTrust/Status.cs
+System.IdentityModel.Protocols/WSTrust/UseKey.cs
+System.IdentityModel.Protocols/WSTrust/WSTrustMessage.cs
 System.IdentityModel.Selectors/AudienceUriMode.cs
 System.IdentityModel.Selectors/CustomUserNameSecurityTokenAuthenticator.cs
 System.IdentityModel.Selectors/KerberosSecurityTokenAuthenticator.cs
@@ -35,13 +50,19 @@ System.IdentityModel.Selectors/X509CertificateValidator.cs
 System.IdentityModel.Selectors/X509SecurityTokenAuthenticator.cs
 System.IdentityModel.Selectors/X509SecurityTokenProvider.cs
 System.IdentityModel.Tokens/AsymmetricSecurityKey.cs
+System.IdentityModel.Tokens/AudienceRestriction.cs
+System.IdentityModel.Tokens/AuthenticationContext.cs
+System.IdentityModel.Tokens/AuthenticationInformation.cs
 System.IdentityModel.Tokens/BinaryKeyIdentifierClause.cs
 System.IdentityModel.Tokens/EncryptedKeyIdentifierClause.cs
+System.IdentityModel.Tokens/EncryptingCredentials.cs
 System.IdentityModel.Tokens/GenericXmlSecurityToken.cs
 System.IdentityModel.Tokens/InMemorySymmetricSecurityKey.cs
+System.IdentityModel.Tokens/IssuerNameRegistry.cs
 System.IdentityModel.Tokens/KerberosReceiverSecurityToken.cs
 System.IdentityModel.Tokens/KerberosRequestorSecurityToken.cs
 System.IdentityModel.Tokens/LocalIdKeyIdentifierClause.cs
+System.IdentityModel.Tokens/ProofDescriptor.cs
 System.IdentityModel.Tokens/RsaKeyIdentifierClause.cs
 System.IdentityModel.Tokens/RsaSecurityKey.cs
 System.IdentityModel.Tokens/RsaSecurityToken.cs
@@ -76,19 +97,30 @@ System.IdentityModel.Tokens/SecurityKeyIdentifierClause.cs
 System.IdentityModel.Tokens/SecurityKeyType.cs
 System.IdentityModel.Tokens/SecurityKeyUsage.cs
 System.IdentityModel.Tokens/SecurityToken.cs
+System.IdentityModel.Tokens/SecurityTokenDescriptor.cs
 System.IdentityModel.Tokens/SecurityTokenException.cs
+System.IdentityModel.Tokens/SecurityTokenHandler.cs
+System.IdentityModel.Tokens/SecurityTokenHandlerCollection.cs
+System.IdentityModel.Tokens/SecurityTokenHandlerConfiguration.cs
 System.IdentityModel.Tokens/SecurityTokenTypes.cs
 System.IdentityModel.Tokens/SecurityTokenValidationException.cs
+System.IdentityModel.Tokens/SessionSecurityToken.cs
+System.IdentityModel.Tokens/SessionSecurityTokenCache.cs
+System.IdentityModel.Tokens/SessionSecurityTokenCacheKey.cs
+System.IdentityModel.Tokens/SessionSecurityTokenHandler.cs
 System.IdentityModel.Tokens/SigningCredentials.cs
 System.IdentityModel.Tokens/SymmetricSecurityKey.cs
 System.IdentityModel.Tokens/TlsHMAC.cs
+System.IdentityModel.Tokens/TokenReplayCache.cs
 System.IdentityModel.Tokens/UserNameSecurityToken.cs
 System.IdentityModel.Tokens/WindowsSecurityToken.cs
 System.IdentityModel.Tokens/X509AsymmetricSecurityKey.cs
 System.IdentityModel.Tokens/X509IssuerSerialKeyIdentifierClause.cs
 System.IdentityModel.Tokens/X509RawDataKeyIdentifierClause.cs
 System.IdentityModel.Tokens/X509SecurityToken.cs
+System.IdentityModel.Tokens/X509SigningCredentials.cs
 System.IdentityModel.Tokens/X509SubjectKeyIdentifierClause.cs
 System.IdentityModel.Tokens/X509ThumbprintKeyIdentifierClause.cs
 System.IdentityModel.Tokens/X509WindowsSecurityToken.cs
-System.Security.Claims/AuthenticationTypes.cs
+System.Security.Claims/AuthenticationTypes.cs
+System.ServiceModel.Security/X509CertificateValidationMode.cs

mcs/class/System.IdentityModel/System.IdentityModel/CookieTransform.cs

@@ -0,0 +1,9 @@
+using System;
+
+namespace System.IdentityModel
+{
+	public abstract class CookieTransform
+	{
+		public abstract byte[] Encode (byte[] value);
+	}
+}

mcs/class/System.IdentityModel/System.IdentityModel/OpenObject.cs

@@ -0,0 +1,12 @@
+using System;
+using System.Collections.Generic;
+
+namespace System.IdentityModel
+{
+	public abstract class OpenObject
+	{
+		private Dictionary<string, object> properties = new Dictionary<string, object> ();
+
+		public Dictionary<string, object> Properties { get { return properties; } }
+	}
+}

mcs/class/System.IdentityModel/System.ServiceModel.Security/X509CertificateValidationMode.cs

@@ -0,0 +1,11 @@
+namespace System.ServiceModel.Security
+{
+	public enum X509CertificateValidationMode
+	{
+		None = 0,
+		PeerTrust = 1,
+		ChainTrust = 2,
+		PeerOrChainTrust = 3,
+		Custom = 4,
+	}
+}

mcs/class/System.Web.Extensions/System.Web.Script.Serialization/JavaScriptSerializer.cs

@@ -203,6 +203,10 @@ namespace System.Web.Script.Serialization
 			return ConvertToType<T> (DeserializeObjectInternal(input));
 		}
 
+		public object Deserialize (string input, Type targetType) {
+			return DeserializeObjectInternal (input);
+		}
+
 		static object Evaluate (object value) {
 			return Evaluate (value, false);
 		}