public void UpdateSession(IUserIdentity identity, StringCollection preferredLocales)
{
byte[] serverNonce = null;
lock (SyncRoot)
{
// check connection state.
if (!Connected)
{
throw new ServiceResultException(StatusCodes.BadInvalidState, "Not connected to server.");
}
// get current nonce.
serverNonce = m_serverNonce;
if (preferredLocales == null)
{
preferredLocales = m_preferredLocales;
}
}
// get the identity token.
UserIdentityToken identityToken = null;
SignatureData userTokenSignature = null;
string securityPolicyUri = m_endpoint.Description.SecurityPolicyUri;
// create the client signature.
byte[] serverCertificateData = null;
if (m_serverCertificate != null)
{
serverCertificateData = m_serverCertificate.GetRawCertData();
}
// create the client signature.
byte[] dataToSign = Utils.Append(serverCertificateData, serverNonce);
SignatureData clientSignature = SecurityPolicies.Sign(m_instanceCertificate, securityPolicyUri, dataToSign);
// choose a default token.
if (identity == null)
{
identity = new UserIdentity();
}
// check that the user identity is supported by the endpoint.
UserTokenPolicy identityPolicy = m_endpoint.Description.FindUserTokenPolicy(identity.TokenType, identity.IssuedTokenType);
if (identityPolicy == null)
{
throw ServiceResultException.Create(
StatusCodes.BadUserAccessDenied,
"Endpoint does not supported the user identity type provided.");
}
// select the security policy for the user token.
securityPolicyUri = identityPolicy.SecurityPolicyUri;
if (String.IsNullOrEmpty(securityPolicyUri))
{
securityPolicyUri = m_endpoint.Description.SecurityPolicyUri;
}
// sign data with user token.
identityToken = identity.GetIdentityToken();
identityToken.PolicyId = identityPolicy.PolicyId;
userTokenSignature = identityToken.Sign(dataToSign, securityPolicyUri);
// encrypt token.
identityToken.Encrypt(m_serverCertificate, serverNonce, securityPolicyUri);
// send the software certificates assigned to the client.
SignedSoftwareCertificateCollection clientSoftwareCertificates = GetSoftwareCertificates();
StatusCodeCollection certificateResults = null;
DiagnosticInfoCollection certificateDiagnosticInfos = null;
// activate session.
ActivateSession(
null,
clientSignature,
clientSoftwareCertificates,
preferredLocales,
new ExtensionObject(identityToken),
userTokenSignature,
out serverNonce,
out certificateResults,
out certificateDiagnosticInfos);
// save nonce and new values.
lock (SyncRoot)
{
if (identity != null)
{
m_identity = identity;
}
m_serverNonce = serverNonce;
m_preferredLocales = preferredLocales;
// update system context.
m_systemContext.PreferredLocales = m_preferredLocales;
m_systemContext.SessionId = this.SessionId;
m_systemContext.UserIdentity = identity;
}
}
