src/VMware.vSphere.SsoAdmin.Client/VMware.vSphere.SsoAdminClient/UserPassSecurityContext.cs

/*
Copyright 2021 VMware, Inc.
SPDX-License-Identifier: BSD-2-Clause
*/
using System;
using System.Collections.Generic;
using System.IdentityModel.Selectors;
using System.Linq;
using System.Security;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Threading.Tasks;
using System.Xml;
using VMware.Binding.Sts;
 
namespace VMware.vSphere.SsoAdminClient
{
   public class UserPassSecurityContext
   {
      private string _user;
      private SecureString _password;
      private VmwareSecruityTokenService _stsClient;
      private SamlSecurityToken _validToken;
      public UserPassSecurityContext(
         string user,
         SecureString password,
         Uri stsUri,
         X509CertificateValidator serverCertificateValidator) {
 
         if (user == null) throw new ArgumentNullException(nameof(user));
         if (password == null) throw new ArgumentNullException(nameof(password));
         if (stsUri == null) throw new ArgumentNullException(nameof(stsUri));
 
         _user = user;
         _password = password;
 
         Action<X509Certificate2> certHandler = null;
         if (serverCertificateValidator != null) {
            certHandler = serverCertificateValidator.Validate;
         }
         _stsClient = new VmwareSecruityTokenService(stsUri, false, certHandler);
      }
 
      private void RenewIfNeeded() {
         if (_validToken == null ||
             _validToken.Expires < (DateTime.Now + new TimeSpan(0, 0, 30))) {
            _validToken = _stsClient.IssueBearerTokenByUserCredential(
              _user,
              _password);
         }
      }
 
      public XmlElement GetToken() {
         RenewIfNeeded();
         return _validToken.RawToken;
      }
   }
}