1 //
2 // WSHttpBinding.cs
3 //
4 // Author:
5 //	Atsushi Enomoto <atsushi@ximian.com>
6 //
7 // Copyright (C) 2005-2006 Novell, Inc.  http://www.novell.com
8 //
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
16 //
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
19 //
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
27 //
28 using System;
29 using System.Collections.Generic;
30 using System.Net.Security;
31 using System.ServiceModel.Channels;
32 using System.ServiceModel.Description;
33 using System.ServiceModel.Security;
34 using System.ServiceModel.Security.Tokens;
35 
36 namespace System.ServiceModel
37 {
38 	public class WSHttpBinding : WSHttpBindingBase
39 	{
40 		WSHttpSecurity security;
41 		bool allow_cookies;
42 
WSHttpBinding()43 		public WSHttpBinding ()
44 			: this (SecurityMode.Message)
45 		{
46 		}
47 
WSHttpBinding(SecurityMode securityMode)48 		public WSHttpBinding (SecurityMode securityMode)
49 			: this (securityMode, false)
50 		{
51 		}
52 
WSHttpBinding(SecurityMode securityMode, bool reliableSessionEnabled)53 		public WSHttpBinding (SecurityMode securityMode,
54 			bool reliableSessionEnabled)
55 			: base (reliableSessionEnabled)
56 		{
57 			security = new WSHttpSecurity (securityMode);
58 		}
59 
60 		[MonoTODO]
WSHttpBinding(string configName)61 		public WSHttpBinding (string configName)
62 		{
63 			throw new NotImplementedException ();
64 		}
65 
66 		[MonoTODO]
67 		public bool AllowCookies {
68 			get { return allow_cookies; }
69 			set { allow_cookies = value; }
70 		}
71 
72 		[MonoTODO]
73 		public WSHttpSecurity Security {
74 			get { return security; }
75 		}
76 
77 		[MonoTODO]
CreateBindingElements()78         	public override BindingElementCollection CreateBindingElements ()
79 		{
80 			BindingElementCollection bc = base.CreateBindingElements ();
81 			// message security element is returned only when
82 			// it is enabled (while CreateMessageSecurity() still
83 			// returns non-null instance).
84 			switch (Security.Mode) {
85 			case SecurityMode.None:
86 			case SecurityMode.Transport:
87 				bc.RemoveAll<SecurityBindingElement> ();
88 				break;
89 			}
90 			return bc;
91 		}
92 
93 		[MonoTODO]
CreateMessageSecurity()94 		protected override SecurityBindingElement CreateMessageSecurity ()
95 		{
96 			if (Security.Mode == SecurityMode.Transport ||
97 			    Security.Mode == SecurityMode.None)
98 				return null;
99 
100 			SymmetricSecurityBindingElement element =
101 				new SymmetricSecurityBindingElement ();
102 
103 			element.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
104 			element.RequireSignatureConfirmation = true;
105 
106 			switch (Security.Message.ClientCredentialType) {
107 			case MessageCredentialType.Certificate:
108 				X509SecurityTokenParameters p =
109 					new X509SecurityTokenParameters (X509KeyIdentifierClauseType.Thumbprint);
110 				p.RequireDerivedKeys = false;
111 				element.EndpointSupportingTokenParameters.Endorsing.Add (p);
112 				goto default;
113 			case MessageCredentialType.IssuedToken:
114 				IssuedSecurityTokenParameters istp =
115 					new IssuedSecurityTokenParameters ();
116 				// FIXME: issuer binding must be secure.
117 				istp.IssuerBinding = new CustomBinding (
118 					new TextMessageEncodingBindingElement (),
119 					GetTransport ());
120 				element.EndpointSupportingTokenParameters.Endorsing.Add (istp);
121 				goto default;
122 			case MessageCredentialType.UserName:
123 				element.EndpointSupportingTokenParameters.SignedEncrypted.Add (
124 					new UserNameSecurityTokenParameters ());
125 				element.RequireSignatureConfirmation = false;
126 				goto default;
127 			case MessageCredentialType.Windows:
128 				if (Security.Message.NegotiateServiceCredential) {
129 					// No SSPI on Linux though...
130 					element.ProtectionTokenParameters =
131 						// FIXME: fill proper parameters
132 						new SspiSecurityTokenParameters ();
133 				} else {
134 					// and no Kerberos ...
135 					element.ProtectionTokenParameters =
136 						new KerberosSecurityTokenParameters ();
137 				}
138 				break;
139 			default: // including .None
140 				if (Security.Message.NegotiateServiceCredential) {
141 					element.ProtectionTokenParameters =
142 						// FIXME: fill proper parameters
143 						new SslSecurityTokenParameters (false, true);
144 				} else {
145 					element.ProtectionTokenParameters =
146 						new X509SecurityTokenParameters (X509KeyIdentifierClauseType.Thumbprint, SecurityTokenInclusionMode.Never);
147 					element.ProtectionTokenParameters.RequireDerivedKeys = true;
148 				}
149 				break;
150 			}
151 
152 			if (!Security.Message.EstablishSecurityContext)
153 				return element;
154 
155 			// SecureConversation enabled
156 
157 			ChannelProtectionRequirements reqs =
158 				new ChannelProtectionRequirements ();
159 			// FIXME: fill the reqs
160 
161 			return SecurityBindingElement.CreateSecureConversationBindingElement (
162 				// FIXME: requireCancellation
163 				element, true, reqs);
164 		}
165 
166 		[MonoTODO]
GetTransport()167 		protected override TransportBindingElement GetTransport ()
168 		{
169 			switch (Security.Mode) {
170 			case SecurityMode.Transport:
171 			case SecurityMode.TransportWithMessageCredential:
172 				return new HttpsTransportBindingElement ();
173 			default:
174 				return new HttpTransportBindingElement ();
175 			}
176 		}
177 	}
178 }
179