c
/
mono
同期ミラー https://github.com/mono/mono.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155
							//------------------------------------------------------------
// Copyright (c) Microsoft Corporation.  All rights reserved.
//------------------------------------------------------------

using System;
using System.Collections.Generic;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Runtime;
using System.Security.Cryptography;
using System.Security.Authentication.ExtendedProtection;
using System.ServiceModel.Diagnostics;

namespace System.ServiceModel.Security.Tokens
{
    /// <summary>
    /// The ProviderBackedSecurityToken was added for the ChannelBindingToken work for Win7.  
    /// It is used to delay the resolution of a token until it is needed.  
    /// For the CBT, this delay is necessary as the CBT is not available until SecurityAppliedMessage.OnWriteMessage is called.
    /// The CBT binds a token to the 
    /// </summary>
    internal class ProviderBackedSecurityToken : SecurityToken
    {
        SecurityTokenProvider _tokenProvider;

        // Double-checked locking pattern requires volatile for read/write synchronization
        volatile SecurityToken _securityToken;
        TimeSpan _timeout;
        ChannelBinding _channelBinding;

        object _lock;

        /// <summary>
        /// Constructor to create an instance of this class.
        /// </summary>
        /// <param name="securityToken">SecurityToken that represents the SecurityTokenElement element.</param>
        public ProviderBackedSecurityToken( SecurityTokenProvider tokenProvider, TimeSpan timeout )
        {
            _lock = new object();

            if ( tokenProvider == null )
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("tokenProvider"));
            }

            _tokenProvider = tokenProvider;
            _timeout = timeout;
        }

        public SecurityTokenProvider TokenProvider
        {
            get { return _tokenProvider; }
        }

        public ChannelBinding ChannelBinding
        {
            set { _channelBinding = value; }
        }

        void ResolveSecurityToken()
        {
            if ( _securityToken == null )
            {
                lock ( _lock )
                {
                    if ( _securityToken == null )
                    {
                        ClientCredentialsSecurityTokenManager.KerberosSecurityTokenProviderWrapper kerbTokenProvider = _tokenProvider 
                                                        as ClientCredentialsSecurityTokenManager.KerberosSecurityTokenProviderWrapper;
                        if (kerbTokenProvider != null)
                        {
                            _securityToken = kerbTokenProvider.GetToken((new TimeoutHelper(_timeout)).RemainingTime(), _channelBinding);
                        }
                        else
                        {
                            _securityToken = _tokenProvider.GetToken((new TimeoutHelper(_timeout)).RemainingTime());
                        }
                    }
                }
            }

            if ( _securityToken == null )
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new SecurityTokenException( SR.GetString( SR.SecurityTokenNotResolved, _tokenProvider.GetType().ToString() ) ) );
            }

            return;
        }

        public SecurityToken Token
        {
            get
            {
                if ( _securityToken == null )
                {
                    ResolveSecurityToken();
                }

                return _securityToken;
            }
        }

        public override string Id
        {
            get
            {
                if ( _securityToken == null )
                {
                    ResolveSecurityToken();
                }

                return _securityToken.Id;
            }
        }

        public override System.Collections.ObjectModel.ReadOnlyCollection<SecurityKey> SecurityKeys
        {
            get
            {
                if ( _securityToken == null )
                {
                    ResolveSecurityToken();
                }

                return _securityToken.SecurityKeys;
            }   
        }

        public override DateTime ValidFrom
        {
            get
            {
                if ( _securityToken == null )
                {
                    ResolveSecurityToken();
                }

                return _securityToken.ValidFrom;
            }
        }

        public override DateTime ValidTo
        {
            get
            {
                if ( _securityToken == null )
                {
                    ResolveSecurityToken();
                }

                return _securityToken.ValidTo;
            }   
        }
    }
}