[dotnet-svcutil] Update CustomBinding TransportSecurityBindingElement Configuration Generation Fix in PR 4843

imcarolwang · imcarolwang · commit 3d6cb05a149d · 2025-05-28T15:03:13.000+08:00
diff --git a/src/dotnet-svcutil/lib/src/CodeDomFixup/MethodCreationHelper.cs b/src/dotnet-svcutil/lib/src/CodeDomFixup/MethodCreationHelper.cs
@@ -3,7 +3,6 @@
 // See the LICENSE file in the project root for more information.
 
 using System;
-using Microsoft.CodeDom;
 using System.Collections.Generic;
 using System.Globalization;
 using System.Net;
@@ -12,6 +11,7 @@
 using System.ServiceModel.Channels;
 using System.ServiceModel.Description;
 using System.Text;
+using Microsoft.CodeDom;
 using Microsoft.Xml;
 
 namespace Microsoft.Tools.ServiceModel.Svcutil
@@ -1115,16 +1115,98 @@ private static void AddWinStreamSecurityBindingElement(CodeStatementCollection s
         
         private static void AddTransportSecurityBindingElement(CodeStatementCollection statements, CodeVariableReferenceExpression customBinding, TransportSecurityBindingElement bindingElement)
         {
-            // Security binding validation is done in EndpointSelector.cs - Add UserNameOverTransportBindingElement
-            TransportSecurityBindingElement defaultBindingElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
-            CodeVariableDeclarationStatement userNameOverTransportSecurityBindingElement = new CodeVariableDeclarationStatement(
+            TransportSecurityBindingElement defaultBindingElement;
+            string defaultBindingElementFactoryMethodName;
+            CodeExpression[] defaultBindingElementFactoryMethodExpressionParameters = Array.Empty<CodeExpression>();
+
+            // CertificateOverTransport
+            // [carol] Validated: correctly generates code
+            if (SecurityBindingElement.IsCertificateOverTransportBinding(bindingElement))
+            {
+                defaultBindingElement = SecurityBindingElement.CreateCertificateOverTransportBindingElement();
+                defaultBindingElementFactoryMethodName = nameof(SecurityBindingElement.CreateCertificateOverTransportBindingElement);
+            }
+            // IssuedTokenOverTransport
+            else if (SecurityBindingElement.IsIssuedTokenOverTransportBinding(bindingElement,
+                out System.ServiceModel.Security.Tokens.IssuedSecurityTokenParameters issuedTokenOverTransportParameters))
+            {
+                defaultBindingElement = SecurityBindingElement.CreateIssuedTokenOverTransportBindingElement(issuedTokenOverTransportParameters);
+                defaultBindingElementFactoryMethodName = nameof(SecurityBindingElement.CreateIssuedTokenOverTransportBindingElement);
+
+                statements.Add(new CodeVariableDeclarationStatement(
+                    issuedTokenOverTransportParameters.IssuerBinding.GetType(),
+                    "issuerBinding",
+                    new CodeObjectCreateExpression(issuedTokenOverTransportParameters.IssuerBinding.GetType())));
+
+                statements.Add(new CodeVariableDeclarationStatement(
+                    typeof(EndpointAddress),
+                    "issuerAddress",
+                    new CodeObjectCreateExpression(typeof(EndpointAddress),
+                        new CodeObjectCreateExpression(typeof(Uri),
+                        new CodePrimitiveExpression(issuedTokenOverTransportParameters.IssuerAddress.Uri.ToString())))));
+
+                defaultBindingElementFactoryMethodExpressionParameters = new CodeExpression[]
+                {
+                    // [carol] Updated this TODO item - need review to confirm
+                    // TODO: pass `issuedTokenOverTransportParameters` parameter
+                    new CodeObjectCreateExpression(
+                        typeof(System.ServiceModel.Security.Tokens.IssuedSecurityTokenParameters),
+                        new CodeExpression[]
+                        {
+                            new CodePrimitiveExpression(issuedTokenOverTransportParameters.TokenType),
+                            new CodeVariableReferenceExpression("issuerAddress"),
+                            new CodeVariableReferenceExpression("issuerBinding")
+                        })
+                };
+            }
+
+            // KerberosOverTransport
+            else if (SecurityBindingElement.IsKerberosBinding(bindingElement))
+            {
+                defaultBindingElement = SecurityBindingElement.CreateKerberosOverTransportBindingElement();
+                defaultBindingElementFactoryMethodName = nameof(SecurityBindingElement.CreateKerberosOverTransportBindingElement);
+            }
+            // SspiNegotiatedOverTransport
+            // [carol] Updated implementation: Whether the requireCancellation parameter is needed depends on the outcome of the method call in the following if-statements.
+            // TODO: make `requireCancellation` out parameter ??
+            else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(bindingElement, requireCancellation: true))
+            {
+                defaultBindingElement = SecurityBindingElement.CreateSspiNegotiationOverTransportBindingElement();
+                defaultBindingElementFactoryMethodName = nameof(SecurityBindingElement.CreateSspiNegotiationOverTransportBindingElement);
+            }
+            else if (SecurityBindingElement.IsSspiNegotiationOverTransportBinding(bindingElement, requireCancellation: false))
+            {
+                defaultBindingElement = SecurityBindingElement.CreateSspiNegotiationOverTransportBindingElement(false);
+                defaultBindingElementFactoryMethodName = nameof(SecurityBindingElement.CreateSspiNegotiationOverTransportBindingElement);
+                defaultBindingElementFactoryMethodExpressionParameters = new CodeExpression[]
+                {
+                    // [carol] Updated: The requireCancellation parameter is only necessary when setting it to false. In the parameterless constructor, requireCancellation defaults to true.
+                    // TODO: add requireCancellation parameter
+                    new CodePrimitiveExpression(false)
+                };
+            }
+
+            // UserNameOverTransport
+            else if (SecurityBindingElement.IsUserNameOverTransportBinding(bindingElement))
+            {
+                defaultBindingElement = SecurityBindingElement.CreateUserNameOverTransportBindingElement();
+                defaultBindingElementFactoryMethodName = nameof(SecurityBindingElement.CreateUserNameOverTransportBindingElement);
+            }
+            else
+            {
+                // TODO: throw or fallback to `CreateUserNameOverTransportBindingElement` ??
+                throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, SR.ErrBindingElementNotSupportedFormat, bindingElement.GetType()));
+            }
+
+            CodeVariableDeclarationStatement transportSecurityBindingElement = new CodeVariableDeclarationStatement(
                 typeof(TransportSecurityBindingElement),
-                "userNameOverTransportSecurityBindingElement",
+                "transportSecurityBindingElement",
                 new CodeMethodInvokeExpression(
                     new CodeTypeReferenceExpression(typeof(SecurityBindingElement)),
-                    "CreateUserNameOverTransportBindingElement"));
-            statements.Add(userNameOverTransportSecurityBindingElement);
-            CodeVariableReferenceExpression bindingElementRef = new CodeVariableReferenceExpression(userNameOverTransportSecurityBindingElement.Name);
+                    defaultBindingElementFactoryMethodName,
+                    defaultBindingElementFactoryMethodExpressionParameters));
+            statements.Add(transportSecurityBindingElement);
+            CodeVariableReferenceExpression bindingElementRef = new CodeVariableReferenceExpression(transportSecurityBindingElement.Name);
 
             if (defaultBindingElement.IncludeTimestamp != bindingElement.IncludeTimestamp)
             {
@@ -1386,6 +1468,19 @@ private static void AddHttpBindingElement(CodeStatementCollection statements, Co
                         "MaxReceivedMessageSize"),
                     new CodePropertyReferenceExpression(new CodeTypeReferenceExpression(typeof(int)), "MaxValue")));
 
+            if (isHttps)
+            {
+                var defaultHttpsBindingElement = defaultBindingElement as HttpsTransportBindingElement;
+                var httpsBindingElement = bindingElement as HttpsTransportBindingElement;
+                if (defaultHttpsBindingElement.RequireClientCertificate != httpsBindingElement.RequireClientCertificate)
+                {
+                    statements.Add(
+                        new CodeAssignStatement(
+                            new CodePropertyReferenceExpression(bindingElementRef, "RequireClientCertificate"),
+                            new CodePrimitiveExpression(httpsBindingElement.RequireClientCertificate)));
+                }
+            }
+
             if (defaultBindingElement.TransferMode != bindingElement.TransferMode)
             {
                 statements.Add(
