ServiceCredentialsSecurityTokenManager.CreateSecurityTokenProvider Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Creates a security token provider based on the SecurityTokenRequirement.
public:
override System::IdentityModel::Selectors::SecurityTokenProvider ^ CreateSecurityTokenProvider(System::IdentityModel::Selectors::SecurityTokenRequirement ^ requirement);public override System.IdentityModel.Selectors.SecurityTokenProvider CreateSecurityTokenProvider(System.IdentityModel.Selectors.SecurityTokenRequirement requirement);override this.CreateSecurityTokenProvider : System.IdentityModel.Selectors.SecurityTokenRequirement -> System.IdentityModel.Selectors.SecurityTokenProviderPublic Overrides Function CreateSecurityTokenProvider (requirement As SecurityTokenRequirement) As SecurityTokenProviderParameters
- requirement
- SecurityTokenRequirement
The security token requirement.
Returns
The security token provider.
Exceptions
requirement is null.
A security token provider cannot be created for the requirement that was passed in.
Examples
The following code shows how to override this method.
internal class MyServiceCredentialsSecurityTokenManager :
ServiceCredentialsSecurityTokenManager
{
MyServiceCredentials credentials;
public MyServiceCredentialsSecurityTokenManager(
MyServiceCredentials credentials)
: base(credentials)
{
this.credentials = credentials;
}
public override SecurityTokenProvider CreateSecurityTokenProvider(
SecurityTokenRequirement requirement)
{
SecurityTokenProvider result = null;
if (requirement.TokenType == SecurityTokenTypes.X509Certificate)
{
MessageDirection direction = requirement.
GetProperty<MessageDirection>(
ServiceModelSecurityTokenRequirement.
MessageDirectionProperty);
if (direction == MessageDirection.Input)
{
if (requirement.KeyUsage == SecurityKeyUsage.Exchange)
{
result = new X509SecurityTokenProvider(
credentials.ServiceEncryptingCertificate);
}
else
{
result = new X509SecurityTokenProvider(
credentials.ClientSigningCertificate);
}
}
else
{
if (requirement.KeyUsage == SecurityKeyUsage.Signature)
{
result = new X509SecurityTokenProvider(
credentials.ServiceSigningCertificate);
}
else
{
result = new X509SecurityTokenProvider(
credentials.ClientEncryptingCertificate);
}
}
}
else
{
result = base.CreateSecurityTokenProvider(requirement);
}
return result;
}
}
Friend Class MyServiceCredentialsSecurityTokenManager
Inherits ServiceCredentialsSecurityTokenManager
Private credentials As MyServiceCredentials
Public Sub New(ByVal credentials As MyServiceCredentials)
MyBase.New(credentials)
Me.credentials = credentials
End Sub
Public Overrides Function CreateSecurityTokenProvider(ByVal requirement As SecurityTokenRequirement) As SecurityTokenProvider
Dim result As SecurityTokenProvider = Nothing
If requirement.TokenType = SecurityTokenTypes.X509Certificate Then
Dim direction As MessageDirection = requirement. GetProperty(Of MessageDirection)(ServiceModelSecurityTokenRequirement. MessageDirectionProperty)
If direction = MessageDirection.Input Then
If requirement.KeyUsage = SecurityKeyUsage.Exchange Then
result = New X509SecurityTokenProvider(credentials.ServiceEncryptingCertificate)
Else
result = New X509SecurityTokenProvider(credentials.ClientSigningCertificate)
End If
Else
If requirement.KeyUsage = SecurityKeyUsage.Signature Then
result = New X509SecurityTokenProvider(credentials.ServiceSigningCertificate)
Else
result = New X509SecurityTokenProvider(credentials.ClientEncryptingCertificate)
End If
End If
Else
result = MyBase.CreateSecurityTokenProvider(requirement)
End If
Return result
End Function
End Class
Remarks
The SecurityTokenProvider class is responsible for obtaining tokens for a given ServiceModelSecurityTokenRequirement. Optionally, token providers can support renewing and canceling tokens as well. The token provider can cache tokens if it is configured to do so.
