search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Updates referencesource to .NET 4.7
[mono-project.git] / mcs / class / referencesource / System.ServiceModel / System / ServiceModel / Channels / HttpChannelFactory.cs
blob323b25415036cc194c261f3816596e1df5ef4d89
1 //------------------------------------------------------------
2 // Copyright (c) Microsoft Corporation. All rights reserved.
3 //------------------------------------------------------------
4 namespace System.ServiceModel.Channels
5 {
6 using System.Collections.ObjectModel;
7 using System.Diagnostics;
8 using System.IdentityModel.Policy;
9 using System.IdentityModel.Selectors;
10 using System.IdentityModel.Tokens;
11 using System.IO;
12 using System.Net;
13 using System.Net.Cache;
14 using System.Net.Security;
15 using System.Runtime;
16 using System.Runtime.CompilerServices;
17 using System.Runtime.Diagnostics;
18 using System.Security;
19 using System.Security.Authentication.ExtendedProtection;
20 using System.Security.Cryptography;
21 using System.Security.Permissions;
22 using System.Security.Principal;
23 using System.ServiceModel;
24 using System.ServiceModel.Description;
25 using System.ServiceModel.Diagnostics;
26 using System.ServiceModel.Diagnostics.Application;
27 using System.ServiceModel.Security;
28 using System.ServiceModel.Security.Tokens;
29 using System.Text;
30 using System.Threading;
31
32 class HttpChannelFactory<TChannel>
33 : TransportChannelFactory<TChannel>,
34 IHttpTransportFactorySettings
35 {
36 static bool httpWebRequestWebPermissionDenied = false;
37 static RequestCachePolicy requestCachePolicy = new RequestCachePolicy(RequestCacheLevel.BypassCache);
38 static long connectionGroupNamePrefix = 0;
39
40 readonly ClientWebSocketFactory clientWebSocketFactory;
41
42 bool allowCookies;
43 AuthenticationSchemes authenticationScheme;
44 HttpCookieContainerManager httpCookieContainerManager;
45
46 // Double-checked locking pattern requires volatile for read/write synchronization
47 volatile MruCache<Uri, Uri> credentialCacheUriPrefixCache;
48 bool decompressionEnabled;
49
50 // Double-checked locking pattern requires volatile for read/write synchronization
51 [Fx.Tag.SecurityNote(Critical = "This cache stores strings that contain domain/user name/password. Must not be settable from PT code.")]
52 [SecurityCritical]
53 volatile MruCache<string, string> credentialHashCache;
54
55 [Fx.Tag.SecurityNote(Critical = "This hash algorithm takes strings that contain domain/user name/password. Must not be settable from PT code.")]
56 [SecurityCritical]
57 HashAlgorithm hashAlgorithm;
58 bool keepAliveEnabled;
59 int maxBufferSize;
60 IWebProxy proxy;
61 WebProxyFactory proxyFactory;
62 SecurityCredentialsManager channelCredentials;
63 SecurityTokenManager securityTokenManager;
64 TransferMode transferMode;
65 ISecurityCapabilities securityCapabilities;
66 WebSocketTransportSettings webSocketSettings;
67 ConnectionBufferPool bufferPool;
68 Lazy<string> webSocketSoapContentType;
69 string uniqueConnectionGroupNamePrefix;
70
71 internal HttpChannelFactory(HttpTransportBindingElement bindingElement, BindingContext context)
72 : base(bindingElement, context, HttpTransportDefaults.GetDefaultMessageEncoderFactory())
73 {
74 // validate setting interactions
75 if (bindingElement.TransferMode == TransferMode.Buffered)
76 {
77 if (bindingElement.MaxReceivedMessageSize > int.MaxValue)
78 {
79 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
80 new ArgumentOutOfRangeException("bindingElement.MaxReceivedMessageSize",
81 SR.GetString(SR.MaxReceivedMessageSizeMustBeInIntegerRange)));
82 }
83
84 if (bindingElement.MaxBufferSize != bindingElement.MaxReceivedMessageSize)
85 {
86 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement",
87 SR.GetString(SR.MaxBufferSizeMustMatchMaxReceivedMessageSize));
88 }
89 }
90 else
91 {
92 if (bindingElement.MaxBufferSize > bindingElement.MaxReceivedMessageSize)
93 {
94 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement",
95 SR.GetString(SR.MaxBufferSizeMustNotExceedMaxReceivedMessageSize));
96 }
97 }
98
99 if (TransferModeHelper.IsRequestStreamed(bindingElement.TransferMode) &&
100 bindingElement.AuthenticationScheme != AuthenticationSchemes.Anonymous)
101 {
102 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("bindingElement", SR.GetString(
103 SR.HttpAuthDoesNotSupportRequestStreaming));
104 }
105
106 this.allowCookies = bindingElement.AllowCookies;
107 #pragma warning disable 618
108 if (!this.allowCookies)
109 {
110 Collection<HttpCookieContainerBindingElement> httpCookieContainerBindingElements = context.BindingParameters.FindAll<HttpCookieContainerBindingElement>();
111 if (httpCookieContainerBindingElements.Count > 1)
112 {
113 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.MultipleCCbesInParameters, typeof(HttpCookieContainerBindingElement))));
114 }
115 if (httpCookieContainerBindingElements.Count == 1)
116 {
117 this.allowCookies = true;
118 context.BindingParameters.Remove<HttpCookieContainerBindingElement>();
119 }
120 }
121 #pragma warning restore 618
122
123 if (this.allowCookies)
124 {
125 this.httpCookieContainerManager = new HttpCookieContainerManager();
126 }
127
128 if (!bindingElement.AuthenticationScheme.IsSingleton())
129 {
130 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("value", SR.GetString(SR.HttpRequiresSingleAuthScheme,
131 bindingElement.AuthenticationScheme));
132 }
133
134 this.authenticationScheme = bindingElement.AuthenticationScheme;
135 this.decompressionEnabled = bindingElement.DecompressionEnabled;
136 this.keepAliveEnabled = bindingElement.KeepAliveEnabled;
137 this.maxBufferSize = bindingElement.MaxBufferSize;
138 this.transferMode = bindingElement.TransferMode;
139
140 if (bindingElement.Proxy != null)
141 {
142 this.proxy = bindingElement.Proxy;
143 }
144 else if (bindingElement.ProxyAddress != null)
145 {
146 if (bindingElement.UseDefaultWebProxy)
147 {
148 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.UseDefaultWebProxyCantBeUsedWithExplicitProxyAddress)));
149 }
150
151 if (bindingElement.ProxyAuthenticationScheme == AuthenticationSchemes.Anonymous)
152 {
153 this.proxy = new WebProxy(bindingElement.ProxyAddress, bindingElement.BypassProxyOnLocal);
154 }
155 else
156 {
157 this.proxy = null;
158 this.proxyFactory =
159 new WebProxyFactory(bindingElement.ProxyAddress, bindingElement.BypassProxyOnLocal,
160 bindingElement.ProxyAuthenticationScheme);
161 }
162 }
163 else if (!bindingElement.UseDefaultWebProxy)
164 {
165 this.proxy = new WebProxy();
166 }
167
168 this.channelCredentials = context.BindingParameters.Find<SecurityCredentialsManager>();
169 this.securityCapabilities = bindingElement.GetProperty<ISecurityCapabilities>(context);
170 this.webSocketSettings = WebSocketHelper.GetRuntimeWebSocketSettings(bindingElement.WebSocketSettings);
171
172 int webSocketBufferSize = WebSocketHelper.ComputeClientBufferSize(this.MaxReceivedMessageSize);
173 this.bufferPool = new ConnectionBufferPool(webSocketBufferSize);
174
175 Collection<ClientWebSocketFactory> clientWebSocketFactories = context.BindingParameters.FindAll<ClientWebSocketFactory>();
176 if (clientWebSocketFactories.Count > 1)
177 {
178 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(
179 "context",
180 SR.GetString(SR.MultipleClientWebSocketFactoriesSpecified, typeof(BindingContext).Name, typeof(ClientWebSocketFactory).Name));
181 }
182 else
183 {
184 this.clientWebSocketFactory = clientWebSocketFactories.Count == 0 ? null : clientWebSocketFactories[0];
185 }
186
187 this.webSocketSoapContentType = new Lazy<string>(() => { return this.MessageEncoderFactory.CreateSessionEncoder().ContentType; }, LazyThreadSafetyMode.ExecutionAndPublication);
188
189 if (ServiceModelAppSettings.HttpTransportPerFactoryConnectionPool)
190 {
191 this.uniqueConnectionGroupNamePrefix = Interlocked.Increment(ref connectionGroupNamePrefix).ToString();
192 }
193 else
194 {
195 this.uniqueConnectionGroupNamePrefix = string.Empty;
196 }
197 }
198
199 public bool AllowCookies
200 {
201 get
202 {
203 return this.allowCookies;
204 }
205 }
206
207 public AuthenticationSchemes AuthenticationScheme
208 {
209 get
210 {
211 return this.authenticationScheme;
212 }
213 }
214
215 public bool DecompressionEnabled
216 {
217 get
218 {
219 return this.decompressionEnabled;
220 }
221 }
222
223 public virtual bool IsChannelBindingSupportEnabled
224 {
225 get
226 {
227 return false;
228 }
229 }
230
231 public bool KeepAliveEnabled
232 {
233 get
234 {
235 return this.keepAliveEnabled;
236 }
237 }
238
239 public SecurityTokenManager SecurityTokenManager
240 {
241 get
242 {
243 return this.securityTokenManager;
244 }
245 }
246
247 public int MaxBufferSize
248 {
249 get
250 {
251 return maxBufferSize;
252 }
253 }
254
255 public IWebProxy Proxy
256 {
257 get
258 {
259 return this.proxy;
260 }
261 }
262
263 public TransferMode TransferMode
264 {
265 get
266 {
267 return transferMode;
268 }
269 }
270
271 public override string Scheme
272 {
273 get
274 {
275 return Uri.UriSchemeHttp;
276 }
277 }
278
279 public WebSocketTransportSettings WebSocketSettings
280 {
281 get { return this.webSocketSettings; }
282 }
283
284 internal string WebSocketSoapContentType
285 {
286 get
287 {
288 return this.webSocketSoapContentType.Value;
289 }
290 }
291
292 protected ConnectionBufferPool WebSocketBufferPool
293 {
294 get { return this.bufferPool; }
295 }
296
297 // must be called under lock (this.credentialHashCache)
298 HashAlgorithm HashAlgorithm
299 {
300 [SecurityCritical]
301 get
302 {
303 if (this.hashAlgorithm == null)
304 {
305 this.hashAlgorithm = CryptoHelper.CreateHashAlgorithm(SecurityAlgorithms.Sha1Digest);
306 }
307 else
308 {
309 this.hashAlgorithm.Initialize();
310 }
311
312 return this.hashAlgorithm;
313 }
314 }
315
316 int IHttpTransportFactorySettings.MaxBufferSize
317 {
318 get { return MaxBufferSize; }
319 }
320
321 TransferMode IHttpTransportFactorySettings.TransferMode
322 {
323 get { return TransferMode; }
324 }
325
326 protected ClientWebSocketFactory ClientWebSocketFactory
327 {
328 get
329 {
330 return this.clientWebSocketFactory;
331 }
332 }
333
334 public override T GetProperty<T>()
335 {
336 if (typeof(T) == typeof(ISecurityCapabilities))
337 {
338 return (T)(object)this.securityCapabilities;
339 }
340 if (typeof(T) == typeof(IHttpCookieContainerManager))
341 {
342 return (T)(object)this.GetHttpCookieContainerManager();
343 }
344
345 return base.GetProperty<T>();
346 }
347
348 [PermissionSet(SecurityAction.Demand, Unrestricted = true), SecuritySafeCritical]
349 [MethodImpl(MethodImplOptions.NoInlining)]
350 private HttpCookieContainerManager GetHttpCookieContainerManager()
351 {
352 return this.httpCookieContainerManager;
353 }
354
355 internal virtual SecurityMessageProperty CreateReplySecurityProperty(HttpWebRequest request,
356 HttpWebResponse response)
357 {
358 // Don't pull in System.Authorization if we don't need to!
359 if (!response.IsMutuallyAuthenticated)
360 {
361 return null;
362 }
363
364 return CreateMutuallyAuthenticatedReplySecurityProperty(response);
365 }
366
367 internal Exception CreateToMustEqualViaException(Uri to, Uri via)
368 {
369 return new ArgumentException(SR.GetString(SR.HttpToMustEqualVia, to, via));
370 }
371
372 [MethodImpl(MethodImplOptions.NoInlining)]
373 SecurityMessageProperty CreateMutuallyAuthenticatedReplySecurityProperty(HttpWebResponse response)
374 {
375 string spn = AuthenticationManager.CustomTargetNameDictionary[response.ResponseUri.AbsoluteUri];
376 if (spn == null)
377 {
378 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.HttpSpnNotFound,
379 response.ResponseUri)));
380 }
381 ReadOnlyCollection<IAuthorizationPolicy> spnPolicies = SecurityUtils.CreatePrincipalNameAuthorizationPolicies(spn);
382 SecurityMessageProperty remoteSecurity = new SecurityMessageProperty();
383 remoteSecurity.TransportToken = new SecurityTokenSpecification(null, spnPolicies);
384 remoteSecurity.ServiceSecurityContext = new ServiceSecurityContext(spnPolicies);
385 return remoteSecurity;
386 }
387
388 internal override int GetMaxBufferSize()
389 {
390 return MaxBufferSize;
391 }
392
393 SecurityTokenProviderContainer CreateAndOpenTokenProvider(TimeSpan timeout, AuthenticationSchemes authenticationScheme,
394 EndpointAddress target, Uri via, ChannelParameterCollection channelParameters)
395 {
396 SecurityTokenProvider tokenProvider = null;
397 switch (authenticationScheme)
398 {
399 case AuthenticationSchemes.Anonymous:
400 break;
401 case AuthenticationSchemes.Basic:
402 tokenProvider = TransportSecurityHelpers.GetUserNameTokenProvider(this.SecurityTokenManager, target, via, this.Scheme, authenticationScheme, channelParameters);
403 break;
404 case AuthenticationSchemes.Negotiate:
405 case AuthenticationSchemes.Ntlm:
406 tokenProvider = TransportSecurityHelpers.GetSspiTokenProvider(this.SecurityTokenManager, target, via, this.Scheme, authenticationScheme, channelParameters);
407 break;
408 case AuthenticationSchemes.Digest:
409 tokenProvider = TransportSecurityHelpers.GetDigestTokenProvider(this.SecurityTokenManager, target, via, this.Scheme, authenticationScheme, channelParameters);
410 break;
411 default:
412 // The setter for this property should prevent this.
413 throw Fx.AssertAndThrow("CreateAndOpenTokenProvider: Invalid authentication scheme");
414 }
415 SecurityTokenProviderContainer result;
416 if (tokenProvider != null)
417 {
418 result = new SecurityTokenProviderContainer(tokenProvider);
419 result.Open(timeout);
420 }
421 else
422 {
423 result = null;
424 }
425 return result;
426 }
427
428 protected virtual void ValidateCreateChannelParameters(EndpointAddress remoteAddress, Uri via)
429 {
430 base.ValidateScheme(via);
431
432 if (this.MessageVersion.Addressing == AddressingVersion.None && remoteAddress.Uri != via)
433 {
434 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(CreateToMustEqualViaException(remoteAddress.Uri, via));
435 }
436 }
437
438 protected override TChannel OnCreateChannel(EndpointAddress remoteAddress, Uri via)
439 {
440 EndpointAddress httpRemoteAddress = remoteAddress != null && WebSocketHelper.IsWebSocketUri(remoteAddress.Uri) ?
441 new EndpointAddress(WebSocketHelper.NormalizeWsSchemeWithHttpScheme(remoteAddress.Uri), remoteAddress) :
442 remoteAddress;
443
444 Uri httpVia = WebSocketHelper.IsWebSocketUri(via) ? WebSocketHelper.NormalizeWsSchemeWithHttpScheme(via) : via;
445 return this.OnCreateChannelCore(httpRemoteAddress, httpVia);
446 }
447
448 protected virtual TChannel OnCreateChannelCore(EndpointAddress remoteAddress, Uri via)
449 {
450 ValidateCreateChannelParameters(remoteAddress, via);
451 this.ValidateWebSocketTransportUsage();
452
453 if (typeof(TChannel) == typeof(IRequestChannel))
454 {
455 return (TChannel)(object)new HttpRequestChannel((HttpChannelFactory<IRequestChannel>)(object)this, remoteAddress, via, ManualAddressing);
456 }
457 else
458 {
459 return (TChannel)(object)new ClientWebSocketTransportDuplexSessionChannel((HttpChannelFactory<IDuplexSessionChannel>)(object)this, this.clientWebSocketFactory, remoteAddress, via, this.WebSocketBufferPool);
460 }
461 }
462
463 protected void ValidateWebSocketTransportUsage()
464 {
465 Type channelType = typeof(TChannel);
466 if (channelType == typeof(IRequestChannel) && this.WebSocketSettings.TransportUsage == WebSocketTransportUsage.Always)
467 {
468 throw FxTrace.Exception.AsError(new InvalidOperationException(SR.GetString(
469 SR.WebSocketCannotCreateRequestClientChannelWithCertainWebSocketTransportUsage,
470 typeof(TChannel),
471 WebSocketTransportSettings.TransportUsageMethodName,
472 typeof(WebSocketTransportSettings).Name,
473 this.WebSocketSettings.TransportUsage)));
474
475 }
476 else if (channelType == typeof(IDuplexSessionChannel))
477 {
478 if (this.WebSocketSettings.TransportUsage == WebSocketTransportUsage.Never)
479 {
480 throw FxTrace.Exception.AsError(new InvalidOperationException(SR.GetString(
481 SR.WebSocketCannotCreateRequestClientChannelWithCertainWebSocketTransportUsage,
482 typeof(TChannel),
483 WebSocketTransportSettings.TransportUsageMethodName,
484 typeof(WebSocketTransportSettings).Name,
485 this.WebSocketSettings.TransportUsage)));
486 }
487 else if (!WebSocketHelper.OSSupportsWebSockets() && this.ClientWebSocketFactory == null)
488 {
489 throw FxTrace.Exception.AsError(new PlatformNotSupportedException(SR.GetString(SR.WebSocketsClientSideNotSupported, typeof(ClientWebSocketFactory).FullName)));
490 }
491 }
492 }
493
494 [MethodImpl(MethodImplOptions.NoInlining)]
495 void InitializeSecurityTokenManager()
496 {
497 if (this.channelCredentials == null)
498 {
499 this.channelCredentials = ClientCredentials.CreateDefaultCredentials();
500 }
501 this.securityTokenManager = this.channelCredentials.CreateSecurityTokenManager();
502 }
503
504 protected virtual bool IsSecurityTokenManagerRequired()
505 {
506 if (this.AuthenticationScheme != AuthenticationSchemes.Anonymous)
507 {
508 return true;
509 }
510 if (this.proxyFactory != null && this.proxyFactory.AuthenticationScheme != AuthenticationSchemes.Anonymous)
511 {
512 return true;
513 }
514 else
515 {
516 return false;
517 }
518 }
519
520 protected override IAsyncResult OnBeginOpen(TimeSpan timeout, AsyncCallback callback, object state)
521 {
522 this.OnOpen(timeout);
523 return new CompletedAsyncResult(callback, state);
524 }
525
526 protected override void OnEndOpen(IAsyncResult result)
527 {
528 CompletedAsyncResult.End(result);
529 }
530
531 protected override void OnOpen(TimeSpan timeout)
532 {
533 if (IsSecurityTokenManagerRequired())
534 {
535 this.InitializeSecurityTokenManager();
536 }
537
538 if (this.AllowCookies &&
539 !this.httpCookieContainerManager.IsInitialized) // We don't want to overwrite the CookieContainer if someone has set it already.
540 {
541 this.httpCookieContainerManager.CookieContainer = new CookieContainer();
542 }
543
544 // we need to make sure System.Net will buffer faults (sent as 500 requests) up to our allowed size
545 // Their value is in Kbytes and ours is in bytes. We round up so that the KB value is large enough to
546 // encompass our MaxReceivedMessageSize. See MB#20860 and related for details
547
548 if (!httpWebRequestWebPermissionDenied && HttpWebRequest.DefaultMaximumErrorResponseLength != -1)
549 {
550 int MaxReceivedMessageSizeKbytes;
551 if (MaxBufferSize >= (int.MaxValue - 1024)) // make sure NCL doesn't overflow
552 {
553 MaxReceivedMessageSizeKbytes = -1;
554 }
555 else
556 {
557 MaxReceivedMessageSizeKbytes = (int)(MaxBufferSize / 1024);
558 if (MaxReceivedMessageSizeKbytes * 1024 < MaxBufferSize)
559 {
560 MaxReceivedMessageSizeKbytes++;
561 }
562 }
563
564 if (MaxReceivedMessageSizeKbytes == -1
565 || MaxReceivedMessageSizeKbytes > HttpWebRequest.DefaultMaximumErrorResponseLength)
566 {
567 try
568 {
569 HttpWebRequest.DefaultMaximumErrorResponseLength = MaxReceivedMessageSizeKbytes;
570 }
571 catch (SecurityException exception)
572 {
573 // CSDMain\33725 - setting DefaultMaximumErrorResponseLength should not fail HttpChannelFactory.OnOpen
574 // if the user does not have the permission to do so.
575 httpWebRequestWebPermissionDenied = true;
576
577 DiagnosticUtility.TraceHandledException(exception, TraceEventType.Warning);
578 }
579 }
580 }
581 }
582
583 protected override void OnClosed()
584 {
585 base.OnClosed();
586 if (this.bufferPool != null)
587 {
588 this.bufferPool.Close();
589 }
590 }
591
592 static internal void TraceResponseReceived(HttpWebResponse response, Message message, object receiver)
593 {
594 if (DiagnosticUtility.ShouldTraceVerbose)
595 {
596 if (response != null && response.ResponseUri != null)
597 {
598 TraceUtility.TraceEvent(TraceEventType.Verbose, TraceCode.HttpResponseReceived, SR.GetString(SR.TraceCodeHttpResponseReceived), new StringTraceRecord("ResponseUri", response.ResponseUri.ToString()), receiver, null, message);
599 }
600 else
601 {
602 TraceUtility.TraceEvent(TraceEventType.Verbose, TraceCode.HttpResponseReceived, SR.GetString(SR.TraceCodeHttpResponseReceived), receiver, message);
603 }
604 }
605 }
606
607 [Fx.Tag.SecurityNote(Critical = "Uses unsafe critical method AppendWindowsAuthenticationInfo to access the credential domain/user name/password.")]
608 [SecurityCritical]
609 [MethodImpl(MethodImplOptions.NoInlining)]
610 string AppendWindowsAuthenticationInfo(string inputString, NetworkCredential credential,
611 AuthenticationLevel authenticationLevel, TokenImpersonationLevel impersonationLevel)
612 {
613 return SecurityUtils.AppendWindowsAuthenticationInfo(inputString, credential, authenticationLevel, impersonationLevel);
614 }
615
616 protected virtual string OnGetConnectionGroupPrefix(HttpWebRequest httpWebRequest, SecurityTokenContainer clientCertificateToken)
617 {
618 return string.Empty;
619 }
620
621 internal static bool IsWindowsAuth(AuthenticationSchemes authScheme)
622 {
623 Fx.Assert(authScheme.IsSingleton(), "authenticationScheme used in an Http(s)ChannelFactory must be a singleton value.");
624
625 return authScheme == AuthenticationSchemes.Negotiate ||
626 authScheme == AuthenticationSchemes.Ntlm;
627 }
628
629 [Fx.Tag.SecurityNote(Critical = "Uses unsafe critical method AppendWindowsAuthenticationInfo to access the credential domain/user name/password.",
630 Safe = "Uses the domain/user name/password to store and compute a hash. The store is SecurityCritical. The hash leaks but" +
631 "the hash cannot be reversed to the domain/user name/password.")]
632 [SecuritySafeCritical]
633 string GetConnectionGroupName(HttpWebRequest httpWebRequest, NetworkCredential credential, AuthenticationLevel authenticationLevel,
634 TokenImpersonationLevel impersonationLevel, SecurityTokenContainer clientCertificateToken)
635 {
636 if (this.credentialHashCache == null)
637 {
638 lock (ThisLock)
639 {
640 if (this.credentialHashCache == null)
641 {
642 this.credentialHashCache = new MruCache<string, string>(5);
643 }
644 }
645 }
646
647 // The following line is a work-around for VSWhidbey 558605. In particular, we need to isolate our
648 // connection groups based on whether we are streaming the request.
649 string inputString = TransferModeHelper.IsRequestStreamed(this.TransferMode) ? "streamed" : string.Empty;
650
651 if (IsWindowsAuth(this.AuthenticationScheme))
652 {
653 // for NTLM & Negotiate, System.Net doesn't pool connections by default. This is because
654 // IIS doesn't re-authenticate NTLM connections (made for a perf reason), and HttpWebRequest
655 // shared connections among multiple callers.
656 // This causes Indigo a performance problem in turn. We mitigate this by (1) enabling
657 // connection sharing for NTLM connections on our pool, and (2) scoping the pool we use
658 // to be based on the NetworkCredential that is being used to authenticate the connection.
659 // Therefore we're only sharing connections among the same Credential.
660
661 // Setting this will fail in partial trust, and that's ok since this is an optimization.
662 if (!httpWebRequestWebPermissionDenied)
663 {
664 try
665 {
666 httpWebRequest.UnsafeAuthenticatedConnectionSharing = true;
667 }
668 catch (SecurityException e)
669 {
670 DiagnosticUtility.TraceHandledException(e, TraceEventType.Information);
671 httpWebRequestWebPermissionDenied = true;
672 }
673 }
674
675 inputString = AppendWindowsAuthenticationInfo(inputString, credential, authenticationLevel, impersonationLevel);
676 }
677
678 string prefix = this.OnGetConnectionGroupPrefix(httpWebRequest, clientCertificateToken);
679 inputString = string.Concat(this.uniqueConnectionGroupNamePrefix, prefix, inputString);
680
681 string credentialHash = null;
682
683 // we have to lock around each call to TryGetValue since the MruCache modifies the
684 // contents of it's mruList in a single-threaded manner underneath TryGetValue
685
686 if (!string.IsNullOrEmpty(inputString))
687 {
688 lock (this.credentialHashCache)
689 {
690 if (!this.credentialHashCache.TryGetValue(inputString, out credentialHash))
691 {
692 byte[] inputBytes = new UTF8Encoding().GetBytes(inputString);
693 byte[] digestBytes = this.HashAlgorithm.ComputeHash(inputBytes);
694 credentialHash = Convert.ToBase64String(digestBytes);
695 this.credentialHashCache.Add(inputString, credentialHash);
696 }
697 }
698 }
699
700 return credentialHash;
701 }
702
703 Uri GetCredentialCacheUriPrefix(Uri via)
704 {
705 Uri result;
706
707 if (this.credentialCacheUriPrefixCache == null)
708 {
709 lock (ThisLock)
710 {
711 if (this.credentialCacheUriPrefixCache == null)
712 {
713 this.credentialCacheUriPrefixCache = new MruCache<Uri, Uri>(10);
714 }
715 }
716 }
717
718 lock (this.credentialCacheUriPrefixCache)
719 {
720 if (!this.credentialCacheUriPrefixCache.TryGetValue(via, out result))
721 {
722 result = new UriBuilder(via.Scheme, via.Host, via.Port).Uri;
723 this.credentialCacheUriPrefixCache.Add(via, result);
724 }
725 }
726
727 return result;
728 }
729
730 // core code for creating an HttpWebRequest
731 HttpWebRequest GetWebRequest(EndpointAddress to, Uri via, NetworkCredential credential,
732 TokenImpersonationLevel impersonationLevel, AuthenticationLevel authenticationLevel,
733 SecurityTokenProviderContainer proxyTokenProvider, SecurityTokenContainer clientCertificateToken, TimeSpan timeout, bool isWebSocketRequest)
734 {
735 Uri httpWebRequestUri = isWebSocketRequest ? WebSocketHelper.GetWebSocketUri(via) : via;
736 HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create(httpWebRequestUri);
737 Fx.Assert(httpWebRequest.Method.Equals("GET", StringComparison.OrdinalIgnoreCase), "the default HTTP method of HttpWebRequest should be 'Get'.");
738
739 if (!isWebSocketRequest)
740 {
741 httpWebRequest.Method = "POST";
742
743 if (TransferModeHelper.IsRequestStreamed(TransferMode))
744 {
745 httpWebRequest.SendChunked = true;
746 httpWebRequest.AllowWriteStreamBuffering = false;
747 }
748 else
749 {
750 httpWebRequest.AllowWriteStreamBuffering = true;
751 }
752 }
753
754 httpWebRequest.CachePolicy = requestCachePolicy;
755 httpWebRequest.KeepAlive = this.keepAliveEnabled;
756
757 if (this.decompressionEnabled)
758 {
759 httpWebRequest.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate;
760 }
761 else
762 {
763 httpWebRequest.AutomaticDecompression = DecompressionMethods.None;
764 }
765
766 if (credential != null)
767 {
768 CredentialCache credentials = new CredentialCache();
769 credentials.Add(this.GetCredentialCacheUriPrefix(via),
770 AuthenticationSchemesHelper.ToString(this.authenticationScheme), credential);
771 httpWebRequest.Credentials = credentials;
772 }
773 httpWebRequest.AuthenticationLevel = authenticationLevel;
774 httpWebRequest.ImpersonationLevel = impersonationLevel;
775
776 string connectionGroupName = GetConnectionGroupName(httpWebRequest, credential, authenticationLevel, impersonationLevel, clientCertificateToken);
777
778 X509CertificateEndpointIdentity remoteCertificateIdentity = to.Identity as X509CertificateEndpointIdentity;
779 if (remoteCertificateIdentity != null)
780 {
781 connectionGroupName = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}[{1}]", connectionGroupName, remoteCertificateIdentity.Certificates[0].Thumbprint);
782 }
783
784 if (!string.IsNullOrEmpty(connectionGroupName))
785 {
786 httpWebRequest.ConnectionGroupName = connectionGroupName;
787 }
788
789 if (AuthenticationScheme == AuthenticationSchemes.Basic)
790 {
791 httpWebRequest.PreAuthenticate = true;
792 }
793
794 if (this.proxy != null)
795 {
796 httpWebRequest.Proxy = this.proxy;
797 }
798 else if (this.proxyFactory != null)
799 {
800 httpWebRequest.Proxy = this.proxyFactory.CreateWebProxy(httpWebRequest, proxyTokenProvider, timeout);
801 }
802
803 if (this.AllowCookies)
804 {
805 httpWebRequest.CookieContainer = this.httpCookieContainerManager.CookieContainer;
806 }
807
808 // we do this at the end so that we access the correct ServicePoint
809 httpWebRequest.ServicePoint.UseNagleAlgorithm = false;
810
811 return httpWebRequest;
812 }
813
814 void ApplyManualAddressing(ref EndpointAddress to, ref Uri via, Message message)
815 {
816 if (ManualAddressing)
817 {
818 Uri toHeader = message.Headers.To;
819 if (toHeader == null)
820 {
821 throw TraceUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ManualAddressingRequiresAddressedMessages)), message);
822 }
823
824 to = new EndpointAddress(toHeader);
825
826 if (this.MessageVersion.Addressing == AddressingVersion.None)
827 {
828 via = toHeader;
829 }
830 }
831
832 // now apply query string property
833 object property;
834 if (message.Properties.TryGetValue(HttpRequestMessageProperty.Name, out property))
835 {
836 HttpRequestMessageProperty requestProperty = (HttpRequestMessageProperty)property;
837 if (!string.IsNullOrEmpty(requestProperty.QueryString))
838 {
839 UriBuilder uriBuilder = new UriBuilder(via);
840
841 if (requestProperty.QueryString.StartsWith("?", StringComparison.Ordinal))
842 {
843 uriBuilder.Query = requestProperty.QueryString.Substring(1);
844 }
845 else
846 {
847 uriBuilder.Query = requestProperty.QueryString;
848 }
849
850 via = uriBuilder.Uri;
851 }
852 }
853 }
854
855 [MethodImpl(MethodImplOptions.NoInlining)]
856 void CreateAndOpenTokenProvidersCore(EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout, out SecurityTokenProviderContainer tokenProvider, out SecurityTokenProviderContainer proxyTokenProvider)
857 {
858 TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
859 tokenProvider = CreateAndOpenTokenProvider(timeoutHelper.RemainingTime(), this.AuthenticationScheme, to, via, channelParameters);
860 if (this.proxyFactory != null)
861 {
862 proxyTokenProvider = CreateAndOpenTokenProvider(timeoutHelper.RemainingTime(), this.proxyFactory.AuthenticationScheme, to, via, channelParameters);
863 }
864 else
865 {
866 proxyTokenProvider = null;
867 }
868 }
869
870 internal void CreateAndOpenTokenProviders(EndpointAddress to, Uri via, ChannelParameterCollection channelParameters, TimeSpan timeout, out SecurityTokenProviderContainer tokenProvider, out SecurityTokenProviderContainer proxyTokenProvider)
871 {
872 if (!IsSecurityTokenManagerRequired())
873 {
874 tokenProvider = null;
875 proxyTokenProvider = null;
876 }
877 else
878 {
879 CreateAndOpenTokenProvidersCore(to, via, channelParameters, timeout, out tokenProvider, out proxyTokenProvider);
880 }
881 }
882
883 internal HttpWebRequest GetWebRequest(EndpointAddress to, Uri via, SecurityTokenProviderContainer tokenProvider,
884 SecurityTokenProviderContainer proxyTokenProvider, SecurityTokenContainer clientCertificateToken, TimeSpan timeout, bool isWebSocketRequest)
885 {
886 TokenImpersonationLevel impersonationLevel;
887 AuthenticationLevel authenticationLevel;
888 TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
889 NetworkCredential credential = HttpChannelUtilities.GetCredential(this.authenticationScheme,
890 tokenProvider, timeoutHelper.RemainingTime(), out impersonationLevel, out authenticationLevel);
891
892 return GetWebRequest(to, via, credential, impersonationLevel, authenticationLevel, proxyTokenProvider, clientCertificateToken, timeoutHelper.RemainingTime(), isWebSocketRequest);
893 }
894
895 internal static bool MapIdentity(EndpointAddress target, AuthenticationSchemes authenticationScheme)
896 {
897 if ((target.Identity == null) || (target.Identity is X509CertificateEndpointIdentity))
898 {
899 return false;
900 }
901
902 return IsWindowsAuth(authenticationScheme);
903 }
904
905 bool MapIdentity(EndpointAddress target)
906 {
907 return MapIdentity(target, this.AuthenticationScheme);
908 }
909
910 protected class HttpRequestChannel : RequestChannel
911 {
912 // Double-checked locking pattern requires volatile for read/write synchronization
913 volatile bool cleanupIdentity;
914 HttpChannelFactory<IRequestChannel> factory;
915 SecurityTokenProviderContainer tokenProvider;
916 SecurityTokenProviderContainer proxyTokenProvider;
917 ServiceModelActivity activity = null;
918 ChannelParameterCollection channelParameters;
919
920 public HttpRequestChannel(HttpChannelFactory<IRequestChannel> factory, EndpointAddress to, Uri via, bool manualAddressing)
921 : base(factory, to, via, manualAddressing)
922 {
923 this.factory = factory;
924 }
925
926 public HttpChannelFactory<IRequestChannel> Factory
927 {
928 get { return this.factory; }
929 }
930
931 internal ServiceModelActivity Activity
932 {
933 get { return this.activity; }
934 }
935
936 protected ChannelParameterCollection ChannelParameters
937 {
938 get
939 {
940 return this.channelParameters;
941 }
942 }
943
944 public override T GetProperty<T>()
945 {
946 if (typeof(T) == typeof(ChannelParameterCollection))
947 {
948 if (this.State == CommunicationState.Created)
949 {
950 lock (ThisLock)
951 {
952 if (this.channelParameters == null)
953 {
954 this.channelParameters = new ChannelParameterCollection();
955 }
956 }
957 }
958 return (T)(object)this.channelParameters;
959 }
960 else
961 {
962 return base.GetProperty<T>();
963 }
964 }
965
966 void PrepareOpen()
967 {
968 if (Factory.MapIdentity(RemoteAddress))
969 {
970 lock (ThisLock)
971 {
972 cleanupIdentity = HttpTransportSecurityHelpers.AddIdentityMapping(Via, RemoteAddress);
973 }
974 }
975 }
976
977 void CreateAndOpenTokenProviders(TimeSpan timeout)
978 {
979 TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
980 if (!ManualAddressing)
981 {
982 Factory.CreateAndOpenTokenProviders(this.RemoteAddress, this.Via, this.channelParameters, timeoutHelper.RemainingTime(), out this.tokenProvider, out this.proxyTokenProvider);
983 }
984 }
985
986 void CloseTokenProviders(TimeSpan timeout)
987 {
988 TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
989 if (this.tokenProvider != null)
990 {
991 tokenProvider.Close(timeoutHelper.RemainingTime());
992 }
993 if (this.proxyTokenProvider != null)
994 {
995 proxyTokenProvider.Close(timeoutHelper.RemainingTime());
996 }
997 }
998
999 void AbortTokenProviders()
1000 {
1001 if (this.tokenProvider != null)
1002 {
1003 tokenProvider.Abort();
1004 }
1005 if (this.proxyTokenProvider != null)
1006 {
1007 proxyTokenProvider.Abort();
1008 }
1009 }
1010
1011 protected override IAsyncResult OnBeginOpen(TimeSpan timeout, AsyncCallback callback, object state)
1012 {
1013 PrepareOpen();
1014 TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
1015 CreateAndOpenTokenProviders(timeoutHelper.RemainingTime());
1016 return new CompletedAsyncResult(callback, state);
1017 }
1018
1019 protected override void OnOpen(TimeSpan timeout)
1020 {
1021 PrepareOpen();
1022 CreateAndOpenTokenProviders(timeout);
1023 }
1024
1025 protected override void OnEndOpen(IAsyncResult result)
1026 {
1027 CompletedAsyncResult.End(result);
1028 }
1029
1030 void PrepareClose(bool aborting)
1031 {
1032 if (cleanupIdentity)
1033 {
1034 lock (ThisLock)
1035 {
1036 if (cleanupIdentity)
1037 {
1038 cleanupIdentity = false;
1039 HttpTransportSecurityHelpers.RemoveIdentityMapping(Via, RemoteAddress, !aborting);
1040 }
1041 }
1042 }
1043 }
1044
1045 protected override void OnAbort()
1046 {
1047 PrepareClose(true);
1048 AbortTokenProviders();
1049 base.OnAbort();
1050 }
1051
1052 protected override IAsyncResult OnBeginClose(TimeSpan timeout, AsyncCallback callback, object state)
1053 {
1054 IAsyncResult retval = null;
1055 using (ServiceModelActivity.BoundOperation(this.activity))
1056 {
1057 PrepareClose(false);
1058 TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
1059 CloseTokenProviders(timeoutHelper.RemainingTime());
1060 retval = base.BeginWaitForPendingRequests(timeoutHelper.RemainingTime(), callback, state);
1061 }
1062 ServiceModelActivity.Stop(this.activity);
1063 return retval;
1064 }
1065
1066 protected override void OnEndClose(IAsyncResult result)
1067 {
1068 using (ServiceModelActivity.BoundOperation(this.activity))
1069 {
1070 base.EndWaitForPendingRequests(result);
1071 }
1072 ServiceModelActivity.Stop(this.activity);
1073 }
1074
1075 protected override void OnClose(TimeSpan timeout)
1076 {
1077 using (ServiceModelActivity.BoundOperation(this.activity))
1078 {
1079 PrepareClose(false);
1080 TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
1081 CloseTokenProviders(timeoutHelper.RemainingTime());
1082 base.WaitForPendingRequests(timeoutHelper.RemainingTime());
1083 }
1084 ServiceModelActivity.Stop(this.activity);
1085 }
1086
1087 protected override IAsyncRequest CreateAsyncRequest(Message message, AsyncCallback callback, object state)
1088 {
1089 if (DiagnosticUtility.ShouldUseActivity && this.activity == null)
1090 {
1091 this.activity = ServiceModelActivity.CreateActivity();
1092 if (null != FxTrace.Trace)
1093 {
1094 FxTrace.Trace.TraceTransfer(this.activity.Id);
1095 }
1096 ServiceModelActivity.Start(this.activity, SR.GetString(SR.ActivityReceiveBytes, this.RemoteAddress.Uri.ToString()), ActivityType.ReceiveBytes);
1097 }
1098
1099 return new HttpChannelAsyncRequest(this, callback, state);
1100 }
1101
1102 protected override IRequest CreateRequest(Message message)
1103 {
1104 return new HttpChannelRequest(this, Factory);
1105 }
1106
1107 public virtual HttpWebRequest GetWebRequest(EndpointAddress to, Uri via, ref TimeoutHelper timeoutHelper)
1108 {
1109 return GetWebRequest(to, via, null, ref timeoutHelper);
1110 }
1111
1112 protected HttpWebRequest GetWebRequest(EndpointAddress to, Uri via, SecurityTokenContainer clientCertificateToken, ref TimeoutHelper timeoutHelper)
1113 {
1114 SecurityTokenProviderContainer webRequestTokenProvider;
1115 SecurityTokenProviderContainer webRequestProxyTokenProvider;
1116 if (this.ManualAddressing)
1117 {
1118 this.Factory.CreateAndOpenTokenProviders(to, via, this.channelParameters, timeoutHelper.RemainingTime(),
1119 out webRequestTokenProvider, out webRequestProxyTokenProvider);
1120 }
1121 else
1122 {
1123 webRequestTokenProvider = this.tokenProvider;
1124 webRequestProxyTokenProvider = this.proxyTokenProvider;
1125 }
1126 try
1127 {
1128 return this.Factory.GetWebRequest(to, via, webRequestTokenProvider, webRequestProxyTokenProvider, clientCertificateToken, timeoutHelper.RemainingTime(), false);
1129 }
1130 finally
1131 {
1132 if (this.ManualAddressing)
1133 {
1134 if (webRequestTokenProvider != null)
1135 {
1136 webRequestTokenProvider.Abort();
1137 }
1138 if (webRequestProxyTokenProvider != null)
1139 {
1140 webRequestProxyTokenProvider.Abort();
1141 }
1142 }
1143 }
1144 }
1145
1146 protected IAsyncResult BeginGetWebRequest(
1147 EndpointAddress to, Uri via, SecurityTokenContainer clientCertificateToken, ref TimeoutHelper timeoutHelper, AsyncCallback callback, object state)
1148 {
1149 return new GetWebRequestAsyncResult(this, to, via, clientCertificateToken, ref timeoutHelper, callback, state);
1150 }
1151
1152 public virtual IAsyncResult BeginGetWebRequest(
1153 EndpointAddress to, Uri via, ref TimeoutHelper timeoutHelper, AsyncCallback callback, object state)
1154 {
1155 return BeginGetWebRequest(to, via, null, ref timeoutHelper, callback, state);
1156 }
1157
1158 public virtual HttpWebRequest EndGetWebRequest(IAsyncResult result)
1159 {
1160 return GetWebRequestAsyncResult.End(result);
1161 }
1162
1163 public virtual bool WillGetWebRequestCompleteSynchronously()
1164 {
1165 return ((this.tokenProvider == null) && !Factory.ManualAddressing);
1166 }
1167
1168 internal virtual void OnWebRequestCompleted(HttpWebRequest request)
1169 {
1170 // empty
1171 }
1172
1173 class HttpChannelRequest : IRequest
1174 {
1175 HttpRequestChannel channel;
1176 HttpChannelFactory<IRequestChannel> factory;
1177 EndpointAddress to;
1178 Uri via;
1179 HttpWebRequest webRequest;
1180 HttpAbortReason abortReason;
1181 ChannelBinding channelBinding;
1182 int webRequestCompleted;
1183 EventTraceActivity eventTraceActivity;
1184 const string ConnectionGroupPrefixMessagePropertyName = "HttpTransportConnectionGroupNamePrefix";
1185
1186 public HttpChannelRequest(HttpRequestChannel channel, HttpChannelFactory<IRequestChannel> factory)
1187 {
1188 this.channel = channel;
1189 this.to = channel.RemoteAddress;
1190 this.via = channel.Via;
1191 this.factory = factory;
1192 }
1193
1194 private string GetConnectionGroupPrefix(Message message)
1195 {
1196 object property;
1197 if (message.Properties.TryGetValue(ConnectionGroupPrefixMessagePropertyName, out property))
1198 {
1199 string prefix = property as string;
1200 if (prefix != null)
1201 {
1202 return prefix;
1203 }
1204 }
1205
1206 return string.Empty;
1207 }
1208
1209 public void SendRequest(Message message, TimeSpan timeout)
1210 {
1211 TimeoutHelper timeoutHelper = new TimeoutHelper(timeout);
1212 factory.ApplyManualAddressing(ref this.to, ref this.via, message);
1213 this.webRequest = channel.GetWebRequest(this.to, this.via, ref timeoutHelper);
1214 this.webRequest.ConnectionGroupName = GetConnectionGroupPrefix(message) + this.webRequest.ConnectionGroupName;
1215
1216 Message request = message;
1217
1218 try
1219 {
1220 if (channel.State != CommunicationState.Opened)
1221 {
1222 // if we were aborted while getting our request or doing correlation,
1223 // we need to abort the web request and bail
1224 Cleanup();
1225 channel.ThrowIfDisposedOrNotOpen();
1226 }
1227
1228 HttpChannelUtilities.SetRequestTimeout(this.webRequest, timeoutHelper.RemainingTime());
1229 HttpOutput httpOutput = HttpOutput.CreateHttpOutput(this.webRequest, this.factory, request, this.factory.IsChannelBindingSupportEnabled);
1230
1231 bool success = false;
1232 try
1233 {
1234
1235 httpOutput.Send(timeoutHelper.RemainingTime());
1236
1237 this.channelBinding = httpOutput.TakeChannelBinding();
1238 httpOutput.Close();
1239 success = true;
1240
1241 if (FxTrace.Trace.IsEnd2EndActivityTracingEnabled)
1242 {
1243 this.eventTraceActivity = EventTraceActivityHelper.TryExtractActivity(message);
1244 if (TD.MessageSentByTransportIsEnabled())
1245 {
1246 TD.MessageSentByTransport(eventTraceActivity, this.to.Uri.AbsoluteUri);
1247 }
1248 }
1249 }
1250 finally
1251 {
1252 if (!success)
1253 {
1254 httpOutput.Abort(HttpAbortReason.Aborted);
1255 }
1256 }
1257 }
1258 finally
1259 {
1260 if (!object.ReferenceEquals(request, message))
1261 {
1262 request.Close();
1263 }
1264 }
1265 }
1266
1267 void Cleanup()
1268 {
1269 if (this.webRequest != null)
1270 {
1271 HttpChannelUtilities.AbortRequest(this.webRequest);
1272 this.TryCompleteWebRequest(this.webRequest);
1273 }
1274
1275 ChannelBindingUtility.Dispose(ref this.channelBinding);
1276 }
1277
1278 public void Abort(RequestChannel channel)
1279 {
1280 Cleanup();
1281 abortReason = HttpAbortReason.Aborted;
1282 }
1283
1284 public void Fault(RequestChannel channel)
1285 {
1286 Cleanup();
1287 }
1288
1289 [System.Diagnostics.CodeAnalysis.SuppressMessage(FxCop.Category.ReliabilityBasic, "Reliability104",
1290 Justification = "This is an old method from previous release.")]
1291 public Message WaitForReply(TimeSpan timeout)
1292 {
1293 if (TD.HttpResponseReceiveStartIsEnabled())
1294 {
1295 TD.HttpResponseReceiveStart(this.eventTraceActivity);
1296 }
1297
1298 HttpWebResponse response = null;
1299 WebException responseException = null;
1300 try
1301 {
1302 try
1303 {
1304 response = (HttpWebResponse)webRequest.GetResponse();
1305 }
1306 catch (NullReferenceException nullReferenceException)
1307 {
1308 // workaround for Whidbey bug #558605 - only happens in streamed case.
1309 if (TransferModeHelper.IsRequestStreamed(this.factory.transferMode))
1310 {
1311 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
1312 HttpChannelUtilities.CreateNullReferenceResponseException(nullReferenceException));
1313 }
1314 throw;
1315 }
1316
1317 if (TD.MessageReceivedByTransportIsEnabled())
1318 {
1319 TD.MessageReceivedByTransport(this.eventTraceActivity ?? EventTraceActivity.Empty,
1320 response.ResponseUri != null ? response.ResponseUri.AbsoluteUri : string.Empty,
1321 EventTraceActivity.GetActivityIdFromThread());
1322 }
1323
1324 if (DiagnosticUtility.ShouldTraceVerbose)
1325 {
1326 HttpChannelFactory<TChannel>.TraceResponseReceived(response, null, this);
1327 }
1328 }
1329 catch (WebException webException)
1330 {
1331 responseException = webException;
1332 response = HttpChannelUtilities.ProcessGetResponseWebException(webException, this.webRequest,
1333 abortReason);
1334 }
1335
1336 HttpInput httpInput = HttpChannelUtilities.ValidateRequestReplyResponse(this.webRequest, response,
1337 this.factory, responseException, this.channelBinding);
1338 this.channelBinding = null;
1339
1340 Message replyMessage = null;
1341 if (httpInput != null)
1342 {
1343 Exception exception = null;
1344 replyMessage = httpInput.ParseIncomingMessage(out exception);
1345 Fx.Assert(exception == null, "ParseIncomingMessage should not set an exception after parsing a response message.");
1346
1347 if (replyMessage != null)
1348 {
1349 HttpChannelUtilities.AddReplySecurityProperty(this.factory, this.webRequest, response,
1350 replyMessage);
1351
1352 if (FxTrace.Trace.IsEnd2EndActivityTracingEnabled && (eventTraceActivity != null))
1353 {
1354 EventTraceActivityHelper.TryAttachActivity(replyMessage, eventTraceActivity);
1355 }
1356 }
1357 }
1358
1359 this.TryCompleteWebRequest(this.webRequest);
1360 return replyMessage;
1361 }
1362
1363 public void OnReleaseRequest()
1364 {
1365 this.TryCompleteWebRequest(this.webRequest);
1366 }
1367
1368 void TryCompleteWebRequest(HttpWebRequest request)
1369 {
1370 if (request == null)
1371 {
1372 return;
1373 }
1374
1375 if (Interlocked.CompareExchange(ref this.webRequestCompleted, 1, 0) == 0)
1376 {
1377 this.channel.OnWebRequestCompleted(request);
1378 }
1379 }
1380 }
1381
1382 class HttpChannelAsyncRequest : TraceAsyncResult, IAsyncRequest
1383 {
1384 static AsyncCallback onProcessIncomingMessage = Fx.ThunkCallback(new AsyncCallback(OnParseIncomingMessage));
1385 static AsyncCallback onGetResponse = Fx.ThunkCallback(new AsyncCallback(OnGetResponse));
1386 static AsyncCallback onGetWebRequestCompleted;
1387 static AsyncCallback onSend = Fx.ThunkCallback(new AsyncCallback(OnSend));
1388 static Action<object> onSendTimeout;
1389 ChannelBinding channelBinding;
1390
1391 HttpChannelFactory<IRequestChannel> factory;
1392 HttpRequestChannel channel;
1393 HttpOutput httpOutput;
1394 HttpInput httpInput;
1395 Message message;
1396 Message requestMessage;
1397 Message replyMessage;
1398 HttpWebResponse response;
1399 HttpWebRequest request;
1400 object sendLock = new object();
1401 IOThreadTimer sendTimer;
1402 TimeoutHelper timeoutHelper;
1403 EndpointAddress to;
1404 Uri via;
1405 HttpAbortReason abortReason;
1406 int webRequestCompleted;
1407 EventTraceActivity eventTraceActivity;
1408
1409 public HttpChannelAsyncRequest(HttpRequestChannel channel, AsyncCallback callback, object state)
1410 : base(callback, state)
1411 {
1412 this.channel = channel;
1413 this.to = channel.RemoteAddress;
1414 this.via = channel.Via;
1415 this.factory = channel.Factory;
1416 }
1417
1418 IOThreadTimer SendTimer
1419 {
1420 get
1421 {
1422 if (this.sendTimer == null)
1423 {
1424 if (onSendTimeout == null)
1425 {
1426 onSendTimeout = new Action<object>(OnSendTimeout);
1427 }
1428
1429 this.sendTimer = new IOThreadTimer(onSendTimeout, this, false);
1430 }
1431
1432 return this.sendTimer;
1433 }
1434 }
1435
1436 public static void End(IAsyncResult result)
1437 {
1438 AsyncResult.End<HttpChannelAsyncRequest>(result);
1439 }
1440
1441 public void BeginSendRequest(Message message, TimeSpan timeout)
1442 {
1443 this.message = this.requestMessage = message;
1444 this.timeoutHelper = new TimeoutHelper(timeout);
1445
1446 if (FxTrace.Trace.IsEnd2EndActivityTracingEnabled)
1447 {
1448 this.eventTraceActivity = EventTraceActivityHelper.TryExtractActivity(message);
1449 }
1450
1451 factory.ApplyManualAddressing(ref this.to, ref this.via, this.requestMessage);
1452 if (this.channel.WillGetWebRequestCompleteSynchronously())
1453 {
1454 SetWebRequest(channel.GetWebRequest(this.to, this.via, ref this.timeoutHelper));
1455 if (this.SendWebRequest())
1456 {
1457 base.Complete(true);
1458 }
1459 }
1460 else
1461 {
1462 if (onGetWebRequestCompleted == null)
1463 {
1464 onGetWebRequestCompleted = Fx.ThunkCallback(
1465 new AsyncCallback(OnGetWebRequestCompletedCallback));
1466 }
1467
1468 IAsyncResult result = channel.BeginGetWebRequest(
1469 to, via, ref this.timeoutHelper, onGetWebRequestCompleted, this);
1470
1471 if (result.CompletedSynchronously)
1472 {
1473 if (TD.MessageSentByTransportIsEnabled())
1474 {
1475 TD.MessageSentByTransport(this.eventTraceActivity, this.to.Uri.AbsoluteUri);
1476 }
1477 if (this.OnGetWebRequestCompleted(result))
1478 {
1479 base.Complete(true);
1480 }
1481 }
1482 }
1483 }
1484
1485 static void OnGetWebRequestCompletedCallback(IAsyncResult result)
1486 {
1487 if (result.CompletedSynchronously)
1488 {
1489 return;
1490 }
1491
1492 HttpChannelAsyncRequest thisPtr = (HttpChannelAsyncRequest)result.AsyncState;
1493 Exception completionException = null;
1494 bool completeSelf;
1495 try
1496 {
1497 completeSelf = thisPtr.OnGetWebRequestCompleted(result);
1498 }
1499 #pragma warning suppress 56500 // Microsoft, transferring exception to another thread
1500 catch (Exception e)
1501 {
1502 if (Fx.IsFatal(e))
1503 {
1504 throw;
1505 }
1506 completeSelf = true;
1507 completionException = e;
1508 }
1509 if (completeSelf)
1510 {
1511 thisPtr.Complete(false, completionException);
1512 }
1513 }
1514
1515 void AbortSend()
1516 {
1517 CancelSendTimer();
1518 if (this.request != null)
1519 {
1520 this.TryCompleteWebRequest(this.request);
1521 this.abortReason = HttpAbortReason.TimedOut;
1522 httpOutput.Abort(this.abortReason);
1523 }
1524 }
1525
1526 void CancelSendTimer()
1527 {
1528 lock (sendLock)
1529 {
1530 if (this.sendTimer != null)
1531 {
1532 this.sendTimer.Cancel();
1533 this.sendTimer = null;
1534 }
1535 }
1536 }
1537
1538 bool OnGetWebRequestCompleted(IAsyncResult result)
1539 {
1540 SetWebRequest(this.channel.EndGetWebRequest(result));
1541 return this.SendWebRequest();
1542 }
1543
1544 bool SendWebRequest()
1545 {
1546 this.httpOutput = HttpOutput.CreateHttpOutput(this.request, this.factory, this.requestMessage, this.factory.IsChannelBindingSupportEnabled);
1547
1548 bool success = false;
1549 try
1550 {
1551 bool result = false;
1552 SetSendTimeout(timeoutHelper.RemainingTime());
1553 IAsyncResult asyncResult = httpOutput.BeginSend(timeoutHelper.RemainingTime(), onSend, this);
1554 success = true;
1555
1556 if (asyncResult.CompletedSynchronously)
1557 {
1558 result = CompleteSend(asyncResult);
1559 }
1560
1561 return result;
1562 }
1563 finally
1564 {
1565 if (!success)
1566 {
1567 this.httpOutput.Abort(HttpAbortReason.Aborted);
1568
1569 if (!object.ReferenceEquals(this.message, this.requestMessage))
1570 {
1571 this.requestMessage.Close();
1572 }
1573 }
1574 }
1575 }
1576
1577 bool CompleteSend(IAsyncResult result)
1578 {
1579 bool success = false;
1580 try
1581 {
1582 httpOutput.EndSend(result);
1583 this.channelBinding = httpOutput.TakeChannelBinding();
1584 httpOutput.Close();
1585 success = true;
1586 if (TD.MessageSentByTransportIsEnabled())
1587 {
1588 TD.MessageSentByTransport(this.eventTraceActivity, this.to.Uri.AbsoluteUri);
1589 }
1590 }
1591 finally
1592 {
1593 if (!success)
1594 {
1595 httpOutput.Abort(HttpAbortReason.Aborted);
1596 }
1597
1598 if (!object.ReferenceEquals(this.message, this.requestMessage))
1599 {
1600 this.requestMessage.Close();
1601 }
1602 }
1603
1604 try
1605 {
1606 IAsyncResult getResponseResult;
1607 try
1608 {
1609 getResponseResult = request.BeginGetResponse(onGetResponse, this);
1610 }
1611 catch (NullReferenceException nullReferenceException)
1612 {
1613 // workaround for Whidbey bug #558605 - only happens in streamed case.
1614 if (TransferModeHelper.IsRequestStreamed(this.factory.transferMode))
1615 {
1616 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
1617 HttpChannelUtilities.CreateNullReferenceResponseException(nullReferenceException));
1618 }
1619 throw;
1620 }
1621
1622
1623 if (getResponseResult.CompletedSynchronously)
1624 {
1625 return CompleteGetResponse(getResponseResult);
1626 }
1627
1628 return false;
1629 }
1630 catch (IOException ioException)
1631 {
1632 throw TraceUtility.ThrowHelperError(new CommunicationException(ioException.Message,
1633 ioException), this.requestMessage);
1634 }
1635 catch (WebException webException)
1636 {
1637 throw TraceUtility.ThrowHelperError(new CommunicationException(webException.Message,
1638 webException), this.requestMessage);
1639 }
1640 catch (ObjectDisposedException objectDisposedException)
1641 {
1642 if (abortReason == HttpAbortReason.Aborted)
1643 {
1644 throw TraceUtility.ThrowHelperError(new CommunicationObjectAbortedException(SR.GetString(SR.HttpRequestAborted, to.Uri),
1645 objectDisposedException), this.requestMessage);
1646 }
1647
1648 throw TraceUtility.ThrowHelperError(new TimeoutException(SR.GetString(SR.HttpRequestTimedOut,
1649 to.Uri, this.timeoutHelper.OriginalTimeout), objectDisposedException), this.requestMessage);
1650 }
1651 }
1652
1653 [System.Diagnostics.CodeAnalysis.SuppressMessage(FxCop.Category.ReliabilityBasic, "Reliability104",
1654 Justification = "This is an old method from previous release.")]
1655 bool CompleteGetResponse(IAsyncResult result)
1656 {
1657 using (ServiceModelActivity.BoundOperation(this.channel.Activity))
1658 {
1659 HttpWebResponse response = null;
1660 WebException responseException = null;
1661 try
1662 {
1663 try
1664 {
1665 CancelSendTimer();
1666 response = (HttpWebResponse)request.EndGetResponse(result);
1667 }
1668 catch (NullReferenceException nullReferenceException)
1669 {
1670 // workaround for Whidbey bug #558605 - only happens in streamed case.
1671 if (TransferModeHelper.IsRequestStreamed(this.factory.transferMode))
1672 {
1673 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
1674 HttpChannelUtilities.CreateNullReferenceResponseException(nullReferenceException));
1675 }
1676 throw;
1677 }
1678
1679 if (TD.MessageReceivedByTransportIsEnabled())
1680 {
1681 TD.MessageReceivedByTransport(
1682 this.eventTraceActivity ?? EventTraceActivity.Empty,
1683 this.to.Uri.AbsoluteUri,
1684 EventTraceActivity.GetActivityIdFromThread());
1685 }
1686
1687 if (DiagnosticUtility.ShouldTraceVerbose)
1688 {
1689 HttpChannelFactory<TChannel>.TraceResponseReceived(response, this.message, this);
1690 }
1691 }
1692 catch (WebException webException)
1693 {
1694 responseException = webException;
1695 response = HttpChannelUtilities.ProcessGetResponseWebException(webException, request,
1696 abortReason);
1697 }
1698
1699 return ProcessResponse(response, responseException);
1700 }
1701 }
1702
1703 void Cleanup()
1704 {
1705 if (this.request != null)
1706 {
1707 HttpChannelUtilities.AbortRequest(this.request);
1708 this.TryCompleteWebRequest(this.request);
1709 }
1710
1711 ChannelBindingUtility.Dispose(ref this.channelBinding);
1712 }
1713
1714 void SetSendTimeout(TimeSpan timeout)
1715 {
1716 // We also set the timeout on the HttpWebRequest so that we can subsequently use it in the
1717 // exception message in the event of a timeout.
1718 HttpChannelUtilities.SetRequestTimeout(this.request, timeout);
1719
1720 if (timeout == TimeSpan.MaxValue)
1721 {
1722 CancelSendTimer();
1723 }
1724 else
1725 {
1726 SendTimer.Set(timeout);
1727 }
1728 }
1729
1730 public void Abort(RequestChannel channel)
1731 {
1732 Cleanup();
1733 abortReason = HttpAbortReason.Aborted;
1734 }
1735
1736 public void Fault(RequestChannel channel)
1737 {
1738 Cleanup();
1739 }
1740
1741 void SetWebRequest(HttpWebRequest webRequest)
1742 {
1743 this.request = webRequest;
1744
1745 if (channel.State != CommunicationState.Opened)
1746 {
1747 // if we were aborted while getting our request, we need to abort the web request and bail
1748 Cleanup();
1749 channel.ThrowIfDisposedOrNotOpen();
1750 }
1751 }
1752
1753 public Message End()
1754 {
1755 HttpChannelAsyncRequest.End(this);
1756 return replyMessage;
1757 }
1758
1759 bool ProcessResponse(HttpWebResponse response, WebException responseException)
1760 {
1761 this.httpInput = HttpChannelUtilities.ValidateRequestReplyResponse(this.request, response,
1762 this.factory, responseException, this.channelBinding);
1763 this.channelBinding = null;
1764
1765 if (httpInput != null)
1766 {
1767 this.response = response;
1768 IAsyncResult result =
1769 httpInput.BeginParseIncomingMessage(onProcessIncomingMessage, this);
1770 if (!result.CompletedSynchronously)
1771 {
1772 return false;
1773 }
1774
1775 CompleteParseIncomingMessage(result);
1776 }
1777 else
1778 {
1779 this.replyMessage = null;
1780 }
1781
1782 this.TryCompleteWebRequest(this.request);
1783 return true;
1784 }
1785
1786 void CompleteParseIncomingMessage(IAsyncResult result)
1787 {
1788 Exception exception = null;
1789 this.replyMessage = this.httpInput.EndParseIncomingMessage(result, out exception);
1790 Fx.Assert(exception == null, "ParseIncomingMessage should not set an exception after parsing a response message.");
1791
1792 if (this.replyMessage != null)
1793 {
1794 HttpChannelUtilities.AddReplySecurityProperty(this.factory, this.request, this.response,
1795 this.replyMessage);
1796 }
1797 }
1798
1799 static void OnParseIncomingMessage(IAsyncResult result)
1800 {
1801 if (result.CompletedSynchronously)
1802 {
1803 return;
1804 }
1805
1806 HttpChannelAsyncRequest thisPtr = (HttpChannelAsyncRequest)result.AsyncState;
1807
1808 Exception completionException = null;
1809 try
1810 {
1811 thisPtr.CompleteParseIncomingMessage(result);
1812 }
1813 #pragma warning suppress 56500 // Microsoft, transferring exception to another thread
1814 catch (Exception e)
1815 {
1816 if (Fx.IsFatal(e))
1817 {
1818 throw;
1819 }
1820 completionException = e;
1821 }
1822 thisPtr.Complete(false, completionException);
1823 }
1824
1825 static void OnSend(IAsyncResult result)
1826 {
1827 if (result.CompletedSynchronously)
1828 {
1829 return;
1830 }
1831
1832 HttpChannelAsyncRequest thisPtr = (HttpChannelAsyncRequest)result.AsyncState;
1833
1834 Exception completionException = null;
1835 bool completeSelf;
1836 try
1837 {
1838 completeSelf = thisPtr.CompleteSend(result);
1839 }
1840 #pragma warning suppress 56500 // Microsoft, transferring exception to another thread
1841 catch (Exception e)
1842 {
1843 if (Fx.IsFatal(e))
1844 {
1845 throw;
1846 }
1847
1848 completeSelf = true;
1849 completionException = e;
1850 }
1851 if (completeSelf)
1852 {
1853 thisPtr.Complete(false, completionException);
1854 }
1855 }
1856
1857 static void OnSendTimeout(object state)
1858 {
1859 HttpChannelAsyncRequest thisPtr = (HttpChannelAsyncRequest)state;
1860 thisPtr.AbortSend();
1861 }
1862
1863 [System.Diagnostics.CodeAnalysis.SuppressMessage(FxCop.Category.ReliabilityBasic, "Reliability104",
1864 Justification = "This is an old method from previous release.")]
1865 static void OnGetResponse(IAsyncResult result)
1866 {
1867 if (result.CompletedSynchronously)
1868 {
1869 return;
1870 }
1871
1872 HttpChannelAsyncRequest thisPtr = (HttpChannelAsyncRequest)result.AsyncState;
1873
1874 Exception completionException = null;
1875 bool completeSelf;
1876 try
1877 {
1878 completeSelf = thisPtr.CompleteGetResponse(result);
1879 }
1880 catch (WebException webException)
1881 {
1882 completeSelf = true;
1883 completionException = new CommunicationException(webException.Message, webException);
1884 }
1885 #pragma warning suppress 56500 // Microsoft, transferring exception to another thread
1886 catch (Exception e)
1887 {
1888 if (Fx.IsFatal(e))
1889 {
1890 throw;
1891 }
1892 completeSelf = true;
1893 completionException = e;
1894 }
1895 if (completeSelf)
1896 {
1897 thisPtr.Complete(false, completionException);
1898 }
1899 }
1900
1901 public void OnReleaseRequest()
1902 {
1903 this.TryCompleteWebRequest(this.request);
1904 }
1905
1906 void TryCompleteWebRequest(HttpWebRequest request)
1907 {
1908 if (request == null)
1909 {
1910 return;
1911 }
1912
1913 if (Interlocked.CompareExchange(ref this.webRequestCompleted, 1, 0) == 0)
1914 {
1915 this.channel.OnWebRequestCompleted(request);
1916 }
1917 }
1918 }
1919
1920 class GetWebRequestAsyncResult : AsyncResult
1921 {
1922 static AsyncCallback onGetSspiCredential;
1923 static AsyncCallback onGetUserNameCredential;
1924
1925 SecurityTokenContainer clientCertificateToken;
1926 HttpChannelFactory<IRequestChannel> factory;
1927 SecurityTokenProviderContainer proxyTokenProvider;
1928 HttpWebRequest request;
1929 EndpointAddress to;
1930 TimeoutHelper timeoutHelper;
1931 SecurityTokenProviderContainer tokenProvider;
1932 Uri via;
1933
1934 public GetWebRequestAsyncResult(HttpRequestChannel channel,
1935 EndpointAddress to, Uri via, SecurityTokenContainer clientCertificateToken, ref TimeoutHelper timeoutHelper,
1936 AsyncCallback callback, object state)
1937 : base(callback, state)
1938 {
1939 this.to = to;
1940 this.via = via;
1941 this.clientCertificateToken = clientCertificateToken;
1942 this.timeoutHelper = timeoutHelper;
1943 this.factory = channel.Factory;
1944 this.tokenProvider = channel.tokenProvider;
1945 this.proxyTokenProvider = channel.proxyTokenProvider;
1946 if (factory.ManualAddressing)
1947 {
1948 this.factory.CreateAndOpenTokenProviders(to, via, channel.channelParameters, timeoutHelper.RemainingTime(),
1949 out this.tokenProvider, out this.proxyTokenProvider);
1950 }
1951
1952 bool completeSelf = false;
1953 IAsyncResult result = null;
1954 if (factory.AuthenticationScheme == AuthenticationSchemes.Anonymous)
1955 {
1956 SetupWebRequest(AuthenticationLevel.None, TokenImpersonationLevel.None, null);
1957 completeSelf = true;
1958 }
1959 else if (factory.AuthenticationScheme == AuthenticationSchemes.Basic)
1960 {
1961 if (onGetUserNameCredential == null)
1962 {
1963 onGetUserNameCredential = Fx.ThunkCallback(new AsyncCallback(OnGetUserNameCredential));
1964 }
1965
1966 result = TransportSecurityHelpers.BeginGetUserNameCredential(
1967 tokenProvider, timeoutHelper.RemainingTime(), onGetUserNameCredential, this);
1968
1969 if (result.CompletedSynchronously)
1970 {
1971 CompleteGetUserNameCredential(result);
1972 completeSelf = true;
1973 }
1974 }
1975 else
1976 {
1977 if (onGetSspiCredential == null)
1978 {
1979 onGetSspiCredential = Fx.ThunkCallback(new AsyncCallback(OnGetSspiCredential));
1980 }
1981
1982 result = TransportSecurityHelpers.BeginGetSspiCredential(
1983 tokenProvider, timeoutHelper.RemainingTime(), onGetSspiCredential, this);
1984
1985 if (result.CompletedSynchronously)
1986 {
1987 CompleteGetSspiCredential(result);
1988 completeSelf = true;
1989 }
1990 }
1991
1992 if (completeSelf)
1993 {
1994 CloseTokenProvidersIfRequired();
1995 base.Complete(true);
1996 }
1997 }
1998
1999 public static HttpWebRequest End(IAsyncResult result)
2000 {
2001 GetWebRequestAsyncResult thisPtr = AsyncResult.End<GetWebRequestAsyncResult>(result);
2002 return thisPtr.request;
2003 }
2004
2005 void CompleteGetUserNameCredential(IAsyncResult result)
2006 {
2007 NetworkCredential credential =
2008 TransportSecurityHelpers.EndGetUserNameCredential(result);
2009 SetupWebRequest(AuthenticationLevel.None, TokenImpersonationLevel.None, credential);
2010 }
2011
2012 void CompleteGetSspiCredential(IAsyncResult result)
2013 {
2014 AuthenticationLevel authenticationLevel;
2015 TokenImpersonationLevel impersonationLevel;
2016 NetworkCredential credential =
2017 TransportSecurityHelpers.EndGetSspiCredential(result, out impersonationLevel, out authenticationLevel);
2018
2019 if (factory.AuthenticationScheme == AuthenticationSchemes.Digest)
2020 {
2021 HttpChannelUtilities.ValidateDigestCredential(ref credential, impersonationLevel);
2022 }
2023 else if (factory.AuthenticationScheme == AuthenticationSchemes.Ntlm)
2024 {
2025 if (authenticationLevel == AuthenticationLevel.MutualAuthRequired)
2026 {
2027 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(
2028 SR.GetString(SR.CredentialDisallowsNtlm)));
2029 }
2030 }
2031
2032 SetupWebRequest(authenticationLevel, impersonationLevel, credential);
2033 }
2034
2035 void SetupWebRequest(AuthenticationLevel authenticationLevel, TokenImpersonationLevel impersonationLevel, NetworkCredential credential)
2036 {
2037 this.request = factory.GetWebRequest(to, via, credential, impersonationLevel,
2038 authenticationLevel, this.proxyTokenProvider, this.clientCertificateToken, timeoutHelper.RemainingTime(), false);
2039 }
2040
2041 void CloseTokenProvidersIfRequired()
2042 {
2043 if (this.factory.ManualAddressing)
2044 {
2045 if (this.tokenProvider != null)
2046 {
2047 tokenProvider.Abort();
2048 }
2049 if (this.proxyTokenProvider != null)
2050 {
2051 proxyTokenProvider.Abort();
2052 }
2053 }
2054 }
2055
2056 static void OnGetSspiCredential(IAsyncResult result)
2057 {
2058 if (result.CompletedSynchronously)
2059 {
2060 return;
2061 }
2062
2063 GetWebRequestAsyncResult thisPtr = (GetWebRequestAsyncResult)result.AsyncState;
2064
2065 Exception completionException = null;
2066 try
2067 {
2068 thisPtr.CompleteGetSspiCredential(result);
2069 thisPtr.CloseTokenProvidersIfRequired();
2070 }
2071 #pragma warning suppress 56500 // Microsoft, transferring exception to another thread
2072 catch (Exception e)
2073 {
2074 if (Fx.IsFatal(e))
2075 {
2076 throw;
2077 }
2078
2079 completionException = e;
2080 }
2081 thisPtr.Complete(false, completionException);
2082 }
2083
2084 static void OnGetUserNameCredential(IAsyncResult result)
2085 {
2086 if (result.CompletedSynchronously)
2087 {
2088 return;
2089 }
2090
2091 GetWebRequestAsyncResult thisPtr = (GetWebRequestAsyncResult)result.AsyncState;
2092
2093 Exception completionException = null;
2094 try
2095 {
2096 thisPtr.CompleteGetUserNameCredential(result);
2097 thisPtr.CloseTokenProvidersIfRequired();
2098 }
2099 #pragma warning suppress 56500 // Microsoft, transferring exception to another thread
2100 catch (Exception e)
2101 {
2102 if (Fx.IsFatal(e))
2103 {
2104 throw;
2105 }
2106
2107 completionException = e;
2108 }
2109 thisPtr.Complete(false, completionException);
2110 }
2111 }
2112 }
2113
2114 class WebProxyFactory
2115 {
2116 Uri address;
2117 bool bypassOnLocal;
2118 AuthenticationSchemes authenticationScheme;
2119
2120 public WebProxyFactory(Uri address, bool bypassOnLocal, AuthenticationSchemes authenticationScheme)
2121 {
2122 this.address = address;
2123 this.bypassOnLocal = bypassOnLocal;
2124
2125 if (!authenticationScheme.IsSingleton())
2126 {
2127 throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("value", SR.GetString(SR.HttpRequiresSingleAuthScheme,
2128 authenticationScheme));
2129 }
2130
2131 this.authenticationScheme = authenticationScheme;
2132 }
2133
2134 internal AuthenticationSchemes AuthenticationScheme
2135 {
2136 get
2137 {
2138 return authenticationScheme;
2139 }
2140 }
2141
2142 public IWebProxy CreateWebProxy(HttpWebRequest request, SecurityTokenProviderContainer tokenProvider, TimeSpan timeout)
2143 {
2144 WebProxy result = new WebProxy(this.address, this.bypassOnLocal);
2145
2146 if (this.authenticationScheme != AuthenticationSchemes.Anonymous)
2147 {
2148 TokenImpersonationLevel impersonationLevel;
2149 AuthenticationLevel authenticationLevel;
2150 NetworkCredential credential = HttpChannelUtilities.GetCredential(this.authenticationScheme,
2151 tokenProvider, timeout, out impersonationLevel, out authenticationLevel);
2152
2153 // The impersonation level for target auth is also used for proxy auth (by System.Net). Therefore,
2154 // fail if the level stipulated for proxy auth is more restrictive than that for target auth.
2155 if (!TokenImpersonationLevelHelper.IsGreaterOrEqual(impersonationLevel, request.ImpersonationLevel))
2156 {
2157 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(
2158 SR.ProxyImpersonationLevelMismatch, impersonationLevel, request.ImpersonationLevel)));
2159 }
2160
2161 // The authentication level for target auth is also used for proxy auth (by System.Net).
2162 // Therefore, fail if proxy auth requires mutual authentication but target auth does not.
2163 if ((authenticationLevel == AuthenticationLevel.MutualAuthRequired) &&
2164 (request.AuthenticationLevel != AuthenticationLevel.MutualAuthRequired))
2165 {
2166 throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(
2167 SR.ProxyAuthenticationLevelMismatch, authenticationLevel, request.AuthenticationLevel)));
2168 }
2169
2170 CredentialCache credentials = new CredentialCache();
2171 credentials.Add(this.address, AuthenticationSchemesHelper.ToString(this.authenticationScheme),
2172 credential);
2173 result.Credentials = credentials;
2174 }
2175
2176 return result;
2177 }
2178 }
2179 }
2180 }
Mirror of the official Mono project git repository