{"id":1637,"date":"2016-01-28T10:45:00","date_gmt":"2016-01-28T18:45:00","guid":{"rendered":"http:\/\/balafon.net\/?p=1637"},"modified":"2016-03-18T20:00:11","modified_gmt":"2016-03-19T03:00:11","slug":"system-security-claims-claimsidentity-writeto-has-a-bug","status":"publish","type":"post","link":"https:\/\/balafon.net\/?p=1637","title":{"rendered":"System.Security.Claims .ClaimsIdentity.WriteTo() has a bug"},"content":{"rendered":"

Getting “cannot read past the end of the stream” when trying to use System.Security.ClaimsIdentity.WriteTo()<\/code> to store a claims identity. Disassembled it:<\/p>\n

\r\n\/\/ System.Security.Claims.ClaimsIdentity\r\nprotected virtual void WriteTo(BinaryWriter writer, byte[] userData)\r\n{\r\n\tif (writer == null)\r\n\t{\r\n\t\tthrow new ArgumentNullException(\"writer\");\r\n\t}\r\n\tint num = 0;\r\n\tClaimsIdentity.SerializationMask serializationMask = ClaimsIdentity.SerializationMask.None;\r\n        ... get flags here...\r\n\twriter.Write((int)serializationMask);\r\n\twriter.Write(num);\r\n\tif ((serializationMask & ClaimsIdentity.SerializationMask.AuthenticationType) == ClaimsIdentity.SerializationMask.AuthenticationType)\r\n\t{\r\n\t\twriter.Write(this.m_authenticationType);\r\n\t}\r\n        ...\r\n\tif ((serializationMask & ClaimsIdentity.SerializationMask.HasClaims) == ClaimsIdentity.SerializationMask.HasClaims)\r\n\t{\r\n\t\twriter.Write(this.m_instanceClaims.Count);\r\n\t\tusing (List.Enumerator enumerator = this.m_instanceClaims.GetEnumerator())\r\n\t\t{\r\n\t\t\twhile (enumerator.MoveNext())\r\n\t\t\t{\r\n\t\t\t\tenumerator.Current.WriteTo(writer);\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n        ...\r\n\twriter.Flush();\r\n}\r\n<\/pre>\n
It writes the flags, then the number of fields, then some of the other values, then the number of claims, then the claims, then some more fields.<\/p>\n
On the other hand, the constructor doesn’t read the number of fields, just starts reading the fields (but not Label) and then the claims, and then doesn’t read the rest of the fields.<\/p>\n
\r\n\/\/ System.Security.Claims.ClaimsIdentity\r\nprivate void Initialize(BinaryReader reader)\r\n{\r\n\tif (reader == null)\r\n\t{\r\n\t\tthrow new ArgumentNullException(\"reader\");\r\n\t}\r\n\tint expr_14 = reader.ReadInt32();\r\n\tif ((expr_14 & 1) == 1)\r\n\t{\r\n\t\tthis.m_authenticationType = reader.ReadString();\r\n\t}\r\n\tif ((expr_14 & 2) == 2)\r\n\t{\r\n\t\tthis.m_bootstrapContext = reader.ReadString();\r\n\t}\r\n\tif ((expr_14 & 4) == 4)\r\n\t{\r\n\t\tthis.m_nameType = reader.ReadString();\r\n\t}\r\n\telse\r\n\t{\r\n\t\tthis.m_nameType = \"http:\/\/schemas.xmlsoap.org\/ws\/2005\/05\/identity\/claims\/name\";\r\n\t}\r\n\tif ((expr_14 & 8) == 8)\r\n\t{\r\n\t\tthis.m_roleType = reader.ReadString();\r\n\t}\r\n\telse\r\n\t{\r\n\t\tthis.m_roleType = \"http:\/\/schemas.microsoft.com\/ws\/2008\/06\/identity\/claims\/role\";\r\n\t}\r\n\tif ((expr_14 & 16) == 16)\r\n\t{\r\n\t\tint num = reader.ReadInt32();\r\n\t\tfor (int i = 0; i < num; i++)\r\n\t\t{\r\n\t\t\tClaim item = new Claim(reader, this);\r\n\t\t\tthis.m_instanceClaims.Add(item);\r\n\t\t}\r\n\t}\r\n}\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
Getting “cannot read past the end of the stream” when trying to use System.Security.ClaimsIdentity.WriteTo() to store a claims identity. Disassembled it: \/\/ System.Security.Claims.ClaimsIdentity protected virtual void WriteTo(BinaryWriter writer, byte[] userData) { if (writer == null) { throw new ArgumentNullException(“writer”); } int num = 0; ClaimsIdentity.SerializationMask serializationMask = ClaimsIdentity.SerializationMask.None; … get flags here… writer.Write((int)serializationMask); writer.Write(num); if … Continue reading “System.Security.Claims .ClaimsIdentity.WriteTo() has a bug”<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,3],"tags":[],"class_list":["post-1637","post","type-post","status-publish","format-standard","hentry","category-computing","category-journal"],"_links":{"self":[{"href":"https:\/\/balafon.net\/index.php?rest_route=\/wp\/v2\/posts\/1637","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/balafon.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/balafon.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/balafon.net\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/balafon.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1637"}],"version-history":[{"count":7,"href":"https:\/\/balafon.net\/index.php?rest_route=\/wp\/v2\/posts\/1637\/revisions"}],"predecessor-version":[{"id":1650,"href":"https:\/\/balafon.net\/index.php?rest_route=\/wp\/v2\/posts\/1637\/revisions\/1650"}],"wp:attachment":[{"href":"https:\/\/balafon.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1637"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/balafon.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1637"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/balafon.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1637"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}