ServiceCredentialsSecurityTokenManager.CreateSecurityTokenProvider(SecurityTokenRequirement) Method

Definition

Creates a security token provider based on the SecurityTokenRequirement.

public:
 override System::IdentityModel::Selectors::SecurityTokenProvider ^ CreateSecurityTokenProvider(System::IdentityModel::Selectors::SecurityTokenRequirement ^ requirement);
public override System.IdentityModel.Selectors.SecurityTokenProvider CreateSecurityTokenProvider (System.IdentityModel.Selectors.SecurityTokenRequirement requirement);
override this.CreateSecurityTokenProvider : System.IdentityModel.Selectors.SecurityTokenRequirement -> System.IdentityModel.Selectors.SecurityTokenProvider
Public Overrides Function CreateSecurityTokenProvider (requirement As SecurityTokenRequirement) As SecurityTokenProvider

Parameters

requirement
SecurityTokenRequirement

The security token requirement.

Returns

SecurityTokenProvider

The security token provider.

Exceptions

requirement is null.

A security token provider cannot be created for the requirement that was passed in.

Examples

The following code shows how to override this method.

internal class MyServiceCredentialsSecurityTokenManager :
    ServiceCredentialsSecurityTokenManager
{
    MyServiceCredentials credentials;

    public MyServiceCredentialsSecurityTokenManager(
        MyServiceCredentials credentials)
        : base(credentials)
    {
        this.credentials = credentials;
    }

    public override SecurityTokenProvider CreateSecurityTokenProvider(
        SecurityTokenRequirement requirement)
    {
        SecurityTokenProvider result = null;
        if (requirement.TokenType == SecurityTokenTypes.X509Certificate)
        {
            MessageDirection direction = requirement.
                GetProperty<MessageDirection>(
                ServiceModelSecurityTokenRequirement.
                MessageDirectionProperty);
            if (direction == MessageDirection.Input)
            {
                if (requirement.KeyUsage == SecurityKeyUsage.Exchange)
                {
                    result = new X509SecurityTokenProvider(
                        credentials.ServiceEncryptingCertificate);
                }
                else
                {
                    result = new X509SecurityTokenProvider(
                        credentials.ClientSigningCertificate);
                }
            }
            else
            {
                if (requirement.KeyUsage == SecurityKeyUsage.Signature)
                {
                    result = new X509SecurityTokenProvider(
                        credentials.ServiceSigningCertificate);
                }
                else
                {
                    result = new X509SecurityTokenProvider(
                        credentials.ClientEncryptingCertificate);
                }
            }
        }
        else
        {
            result = base.CreateSecurityTokenProvider(requirement);
        }
        return result;
    }
}
Friend Class MyServiceCredentialsSecurityTokenManager
    Inherits ServiceCredentialsSecurityTokenManager
    Private credentials As MyServiceCredentials

    Public Sub New(ByVal credentials As MyServiceCredentials)
        MyBase.New(credentials)
        Me.credentials = credentials
    End Sub

    Public Overrides Function CreateSecurityTokenProvider(ByVal requirement As SecurityTokenRequirement) As SecurityTokenProvider
        Dim result As SecurityTokenProvider = Nothing
        If requirement.TokenType = SecurityTokenTypes.X509Certificate Then
            Dim direction As MessageDirection = requirement. GetProperty(Of MessageDirection)(ServiceModelSecurityTokenRequirement. MessageDirectionProperty)
            If direction = MessageDirection.Input Then
                If requirement.KeyUsage = SecurityKeyUsage.Exchange Then
                    result = New X509SecurityTokenProvider(credentials.ServiceEncryptingCertificate)
                Else
                    result = New X509SecurityTokenProvider(credentials.ClientSigningCertificate)
                End If
            Else
                If requirement.KeyUsage = SecurityKeyUsage.Signature Then
                    result = New X509SecurityTokenProvider(credentials.ServiceSigningCertificate)
                Else
                    result = New X509SecurityTokenProvider(credentials.ClientEncryptingCertificate)
                End If
            End If
        Else
            result = MyBase.CreateSecurityTokenProvider(requirement)
        End If
        Return result
    End Function
End Class

Remarks

The SecurityTokenProvider class is responsible for obtaining tokens for a given ServiceModelSecurityTokenRequirement. Optionally, token providers can support renewing and canceling tokens as well. The token provider can cache tokens if it is configured to do so.

Applies to