Skip to content

Commit 997f90b

Browse files
HP712HP712
committed
Capturing StackFrames in an async and lamda world.
1 parent 0df5711 commit 997f90b

File tree

44 files changed

+2295
-1069
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

44 files changed

+2295
-1069
lines changed

src/Microsoft.IdentityModel.JsonWebTokens/Experimental/JsonWebTokenHandler.ReadToken.cs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ internal static ValidationResult<SecurityToken, ValidationError> ReadToken(
3838
catch (Exception ex)
3939
#pragma warning restore CA1031 // Do not catch general exception types
4040
{
41+
// TODO: coordinate with other handlers to ensure consistent error messages.
4142
return new ValidationError(
4243
new MessageDetail(LogMessages.IDX14107),
4344
ValidationFailureType.TokenReadingFailed,

src/Microsoft.IdentityModel.JsonWebTokens/Experimental/JsonWebTokenHandler.ValidateToken.Internal.cs

Lines changed: 176 additions & 60 deletions
Large diffs are not rendered by default.

src/Microsoft.IdentityModel.JsonWebTokens/Microsoft.IdentityModel.JsonWebTokens.csproj

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,10 @@
1717
<DebugSymbols>true</DebugSymbols>
1818
</PropertyGroup>
1919

20+
<PropertyGroup Condition="'$(TargetFramework)' == 'net462' or '$(TargetFramework)' == 'net472' ">
21+
<NoWarn>$(NoWarn);nullable</NoWarn>
22+
</PropertyGroup>
23+
2024
<ItemGroup>
2125
<None Include="..\..\README.md">
2226
<Pack>True</Pack>

src/Microsoft.IdentityModel.Tokens.Saml/InternalAPI.Unshipped.txt

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
1+
const Microsoft.IdentityModel.Tokens.Saml.LogMessages.IDX11138 = "IDX11138: SamlSerializer: '{0}' was unable to read a SAML Token" -> string
12
const Microsoft.IdentityModel.Tokens.Saml.LogMessages.IDX11315 = "IDX11315: Unable to validate token. SamlSecurityToken.Assertion is null or empty." -> string
3+
const Microsoft.IdentityModel.Tokens.Saml2.LogMessages.IDX13315 = "IDX13315: Saml2Serializer: '{0}' was unable to read a SAML2 Token" -> string
24
Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.CreateClaimsIdentity(Microsoft.IdentityModel.Tokens.Saml.SamlSecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity
35
Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.CreateClaimsIdentity(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity
46
override Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.CreateClaimsIdentityInternal(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity
@@ -7,11 +9,11 @@ override Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateTo
79
override Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.CreateClaimsIdentityInternal(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity
810
override Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.IdentityModel.Tokens.Experimental.ValidationResult<Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationError>>
911
override Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.IdentityModel.Tokens.Experimental.ValidationResult<Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationError>>
12+
static Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ReadToken(string token, Microsoft.IdentityModel.Tokens.Saml.SamlSerializer serializer, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult<Microsoft.IdentityModel.Tokens.SecurityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationError>
1013
static Microsoft.IdentityModel.Tokens.Saml.SamlTokenUtilities.ResolveTokenSigningKey(Microsoft.IdentityModel.Xml.KeyInfo keyInfo, System.Collections.Generic.IEnumerable<Microsoft.IdentityModel.Tokens.SecurityKey> signingKeys) -> Microsoft.IdentityModel.Tokens.SecurityKey
1114
static Microsoft.IdentityModel.Tokens.Saml.SamlTokenUtilities.SafeLogSamlToken(object obj) -> string
1215
static Microsoft.IdentityModel.Tokens.Saml.SamlTokenUtilities.ValidateSignature(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Xml.Signature signature, string canonicalString, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult<Microsoft.IdentityModel.Tokens.SecurityKey, Microsoft.IdentityModel.Tokens.Experimental.ValidationError>
16+
static Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ReadToken(string token, Microsoft.IdentityModel.Tokens.Saml2.Saml2Serializer serializer, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult<Microsoft.IdentityModel.Tokens.SecurityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationError>
1317
virtual Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ProcessStatements(Microsoft.IdentityModel.Tokens.Saml.SamlSecurityToken samlToken, string issuer, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters) -> System.Collections.Generic.IEnumerable<System.Security.Claims.ClaimsIdentity>
14-
virtual Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ReadSamlToken(string token, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult<Microsoft.IdentityModel.Tokens.SecurityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationError>
15-
virtual Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ReadSaml2Token(string token, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult<Microsoft.IdentityModel.Tokens.SecurityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationError>
1618
virtual Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateOneTimeUseCondition(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationError
1719
virtual Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateProxyRestriction(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationError

src/Microsoft.IdentityModel.Tokens.Saml/Saml/Experimental/SamlSecurityTokenHandler.ReadToken.cs

Lines changed: 15 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,6 @@
66
using System.Xml;
77
using Microsoft.IdentityModel.Logging;
88
using Microsoft.IdentityModel.Tokens.Experimental;
9-
using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages;
109

1110
namespace Microsoft.IdentityModel.Tokens.Saml
1211
{
@@ -16,29 +15,33 @@ public partial class SamlSecurityTokenHandler : SecurityTokenHandler
1615
/// Converts a string into an instance of <see cref="SamlSecurityToken"/>, returned inside of a <see cref="ValidationResult{SecurityToken, ValidationError}"/>.
1716
/// </summary>
1817
/// <param name="token">A Saml token as a string.</param>
18+
/// <param name="serializer"></param>
1919
/// <param name="callContext"></param>
2020
/// <returns>A <see cref="ValidationResult{SecurityToken, ValidationError}"/> with the <see cref="SamlSecurityToken"/> or a <see cref="ValidationError"/>.</returns>
21-
internal virtual ValidationResult<SecurityToken, ValidationError> ReadSamlToken(string token, CallContext callContext)
21+
internal static ValidationResult<SecurityToken, ValidationError> ReadToken(
22+
string token,
23+
SamlSerializer serializer,
24+
#pragma warning disable CA1801 // Remove unused parameter
25+
CallContext callContext)
26+
#pragma warning restore CA1801 // Remove unused parameter
2227
{
2328
if (string.IsNullOrEmpty(token))
2429
return ValidationError.NullParameter(
2530
nameof(token),
2631
ValidationError.GetCurrentStackFrame());
2732

28-
if (token.Length > MaximumTokenSizeInBytes)
29-
return new ValidationError(
30-
new MessageDetail(
31-
TokenLogMessages.IDX10209,
32-
LogHelper.MarkAsNonPII(token.Length),
33-
LogHelper.MarkAsNonPII(MaximumTokenSizeInBytes)),
34-
ValidationFailureType.TokenExceedsMaximumSize,
35-
ValidationError.GetCurrentStackFrame());
36-
3733
try
3834
{
3935
using (var reader = XmlDictionaryReader.CreateTextReader(Encoding.UTF8.GetBytes(token), XmlDictionaryReaderQuotas.Max))
4036
{
41-
return ReadSamlToken(reader);
37+
var assertion = serializer.ReadAssertion(reader);
38+
if (assertion == null)
39+
return new ValidationError(
40+
new MessageDetail(LogMessages.IDX11138, LogHelper.MarkAsNonPII(serializer.GetType())),
41+
ValidationFailureType.TokenReadingFailed,
42+
ValidationError.GetCurrentStackFrame());
43+
44+
return new SamlSecurityToken(assertion);
4245
}
4346
}
4447
#pragma warning disable CA1031 // Do not catch general exception types

0 commit comments

Comments
 (0)