如何在日内瓦CardSpace中解密令牌? [英] How to Decrypt token in Geneva CardSpace?
问题描述
大家好,我在日内瓦CardSpace创建了一个带有证书支持凭据的应用程序。感谢Rakesh Bilaney先生和他Dominick Baier先生从这个论坛获得时间支持。
在这个应用程序的这个阶段,我可以创建托管卡。现在我想用这张托管卡登录。
在登录页面上我使用了CardTile控件,所以当我运行应用程序时,会在解决方案资源管理器中自动创建一个页面login.aspx [在解决方案资源管理器中 - >项目名称 - >脚本文档 - > Windows Internet Explorer - > Login.aspx]。
有一个javascript函数自动创建如下
function InformationCard1OnClick(doNotSubmit)
{
try
{
var token = icardInformationCard1.value;
if (!token)
{
throw 'ID5006:没有令牌从InformationCard返回。';
}
document.getElementById('InformationCard1_TokenId')。value = encodeURIComponent(token);
}
catch (ex)
{
document.getElementById('InformationCard1_ErrorId')。innerText = encodeURIComponent (例如编号+ '::' + ex.description);
}
Hi All,
I have created one application in Geneva CardSpace with certificate backed credentials. Thanks to Mr. Rakesh Bilaney & Mr. Dominick Baier for their time to time support from this forum.
At this stage with this application I can create the managed cards. Now I want to sign in with this managed card.
On login page I have used CardTile control so when I run the application one page login.aspx is automatically created in Solution Explorer [In solution Explorer -> Project Name -> Script Document -> Windows Internet Explorer -> Login.aspx].
There is one javascript function automatically created as follows
function InformationCard1OnClick(doNotSubmit)
{
try
{
var token = icardInformationCard1.value;
if (!token)
{
throw 'ID5006: No token is returned from InformationCard.';
}
document.getElementById('InformationCard1_TokenId').value = encodeURIComponent(token);
}
catch (ex)
{
document.getElementById('InformationCard1_ErrorId').innerText = encodeURIComponent(ex.number + '::' + ex.description);
}
if (!doNotSubmit)
{
formInformationCard1.submit();
}
如果我选择
字符串xmlToken = Request.Form [" InformationCard1_TokenId'" ] as string;
然后它返回 null 。在同一页面中,我有一个隐藏值控件自动呈现给我,如
Then it return me null. And in same page I have one hidden value control automatically rendered for me like
如果我< br> string < font face = Verdana size = 2> xmlToken = Request.Form [" InformationCard1 $ TokenId" ] as 字符串 ; If I do 私人 private
< input type =" hidden" name =" InformationCard1 $ TokenId" id =" InformationCard1_TokenId" />
<input type="hidden" name="InformationCard1$TokenId" id="InformationCard1_TokenId" />
这里我得到一些加密值格式。它是我期待的令牌值.....?
因为当我在
var token = icardInformationCard1.value; 中设置断点时,在上面的javascript函数中debug 我得到了典型xml格式的令牌值,但之后在同一个函数中你可以看到还有一个函数
encodeURIComponent(token) );
这里将上述令牌的值转换为UTF-8,因此我在login.cs页面上获得的值就像
%3Cxenc%3AEncryptedData%20 .... ..
它不是典型的XML格式....所以现在,如果我想解密这个令牌,我该如何前进........?因为如果我想使用tokenProcessor.cs那么它将需要典型的令牌的xml格式.....所以得到错误在
string xmlToken = Request.Form["InformationCard1$TokenId"] as string;
here I am getting some value in encrypted format. Is it the token value I am expecting.....?
Because when I set breakpoint at
var token = icardInformationCard1.value;
in above javascript function during debug I get the value of token in typical xml format but after that in the same function as you can see above there is one more function
encodeURIComponent(token);
Here the value of above token is converted into UTF-8 so the value I am getting on login.cs page is like
%3Cxenc%3AEncryptedData%20......
And it is not in a typical XML format....So now if I want to decrypt this token how should I go forward........? because if I want to use tokenProcessor.cs then it will need typical xml format of token.....so getting error at
{
XmlReader reader = new XmlTextReader ( new StringReader (xmlToken));
//找到EncryptionMethod元素,抓住算法
{
XmlReader reader = new XmlTextReader(new StringReader(xmlToken));
// Find the EncryptionMethod element, grab the Algorithm
if (!reader.ReadToDescendant(XmlEncryptionStrings.EncryptionMethod,XmlEncryptionString) s.Namespace))
if (!reader.ReadToDescendant(XmlEncryptionStrings.EncryptionMethod, XmlEncryptionStrings.Namespace))
此函数为
根级别的数据无效。第1行,第1位。
我可以使用
获取姓名,姓氏,电子邮件ID的声明值
this function as
Data at the root level is invalid. Line 1, position 1.
I can get the claim values of Name ,Surname,EmailID by using
foreach ( ClaimsIdentity identity in e.ClaimsPrincipal.Identities)
{
foreach ( Claim 声明 identity.Claims)
{
字符串 newItem = claim.ClaimType + " :" + claim.Value;
foreach (ClaimsIdentity identity in e.ClaimsPrincipal.Identities)
{
foreach (Claim claim in identity.Claims)
{
String newItem = claim.ClaimType + " : " + claim.Value;
}
我只想 do是获取声明值 ppid &此卡的唯一ID 声明,以便我可以将其与数据库商店进行比较。
请建议我如何从令牌中获取这些值....
}
}
All I want to do is fetch claim values ppid & unique id claim of this card so that I can compare it with DB store.
Please suggest me how to fetch these values from token....
推荐答案
嗨Sanjay,
一旦InformationCard控件处理了令牌,您就可以使用ClaimsPrincipal访问声明。查看示例"Getting Started \Simple Web Application with Information Card SignIn"。在CustomUserNameCardStsHostFactory的Default.aspx.cs中,有一个在InformationCard1_SecurityTokenValidated()方法中使用ClaimsPrincipal的示例。
另一个使用IClaimsPrincipal访问声明的快速示例位于"Getting Started \Simple Claims Aware Web"中应用" ;. WebControlBasedClaimsAwareWebApp\Default.aspx具有Page_Load()方法,该方法显示如何获取IClaimsPrincipal。
Jason
Hi Sanjay,
Once the InformationCard control has processed the token, you can access the claims using the ClaimsPrincipal. Look at the sample "Getting Started\Simple Web Application with Information Card SignIn". In the Default.aspx.cs of CustomUserNameCardStsHostFactory there's an example of using the ClaimsPrincipal in the method InformationCard1_SecurityTokenValidated().
Another quick example for accessing the claims using IClaimsPrincipal is in "Getting Started\Simple Claims Aware Web Application". WebControlBasedClaimsAwareWebApp\Default.aspx has the Page_Load() method that shows how to obtain the IClaimsPrincipal.
Jason
这篇关于如何在日内瓦CardSpace中解密令牌?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
