WCF .NET Core - 以编程方式创建与 MTOM 和 ClientCertificate 的绑定

Question

I migrate project from .NET Framework 4.8 to .NET Core 3.1, regenerate Connected Service WCF with "dotnet-svcutil.

Old .NET Framework config

<wsHttpBinding>
        <binding name="wsHttpBindingTransportSecurity" sendTimeout="00:03:00" maxBufferPoolSize="50000000" maxReceivedMessageSize="100000000" messageEncoding="Mtom">
          <readerQuotas maxStringContentLength="50000000" maxArrayLength="50000000" maxBytesPerRead="50000000" maxNameTableCharCount="50000000" />
          <security mode="Transport">
            <transport clientCredentialType="Certificate" />
          </security>
        </binding>
      </wsHttpBinding>
...

<endpoint address="" behaviorConfiguration="BusinessToBusinessTransportSecurity" binding="wsHttpBinding" bindingConfiguration="wsHttpBindingTransportSecurity" contract="***.Au10tix.FilesWorker.IAu10tixFromFilesWorker" name="Au10tixWorker" />

How I can migrate this to programmaticaly config with .NET Core 3.1? I tried use WcfCoreMtomEncoder NuGet package. Then I created CustomBinding with MTOM encoding and HttpsTransportBindingElement(), then create client and tried SetCertificate like this:

var encoding = new MtomMessageEncoderBindingElement(new TextMessageEncodingBindingElement());
var transport = new HttpsTransportBindingElement();
transport.TransferMode = TransferMode.Streamed;
var binding = new CustomBinding(encoding, transport);
var remoteAddress = new EndpointAddress("https://***.au10tixservicesstaging.com/Au10tixBos2/Au10tixFromFilesWorker.svc");
client = new Au10tixFromFilesWorkerClient(binding, remoteAddress);
client.ChannelFactory.Credentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindByThumbprint, "***************************");

I would be use WsHttpBinding, with this binding auth with Certificate is good, but I got exception with deserialization. I think because with this case not configurate MTOM MessageEncoding, but for WSHttpBinding I can't set this property:

The content type multipart/related; type="application/xop+xml"; start="<http://tempuri.org/0>"; boundary="uuid:b7265fdd-d353-42e6-a2d2-bd4c2869bcf8+id=1715"; start-info="application/soap+xml" of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 1024 bytes of the response were: '
--uuid:b7265fdd-d353-42e6-a2d2-bd4c2869bcf8+id=1715
Content-ID: <http://tempuri.org/0>
Content-Transfer-Encoding: 8bit
Content-Type: application/xop+xml;charset=utf-8;type="application/soap+xml"

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">Au10tixServices/IAu10tixFromFilesWorker/UploadAndBeginProcessingDocumentResponse</a:Action><a:RelatesTo>urn:uuid:8aa60e70-7524-4cbd-a22f-4a9cb6af25db</a:RelatesTo></s:Header><s:Body><UploadAndBeginProcessingDocumentResponse xmlns="Au10tixServices"><UploadAndBeginProcessingDocumentResult xmlns:b="http://schemas.datacontract.org/2004/07/Au10tix.Bos.ServiceContracts.DataContracts" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><b:DocumentId>C46352D18BB746A28BE7AB6C14AB9613</b:DocumentId><b:RequestState>QueuedForProcessing</b:RequestState></UploadAndBeginProcessingDocumentResult></UploadAndBeginProcessingDocumentResponse></s:Body></s:Envelope>
--uuid:b7265fdd-d'.

I used googling two days but not found nothing for solution of this problem.

Answer 1

Omg, I found solution for this! My code for using MTOM and ClientCertificate:

var tempBinding = new WSHttpBinding();

tempBinding.Name = "wsHttpBindingTransportSecurity";
tempBinding.SendTimeout = TimeSpan.FromMinutes(3);
tempBinding.MaxBufferPoolSize = 50000000;
tempBinding.MaxReceivedMessageSize = 100000000;
tempBinding.SendTimeout = TimeSpan.FromMinutes(3);
tempBinding.ReaderQuotas = new System.Xml.XmlDictionaryReaderQuotas
{
    MaxArrayLength = 50000000,
    MaxBytesPerRead = 50000000,
    MaxNameTableCharCount = 50000000,
    MaxStringContentLength = 50000000
};

tempBinding.Security.Mode = SecurityMode.Transport;
tempBinding.Security.Transport = new HttpTransportSecurity
{
    ClientCredentialType = HttpClientCredentialType.Certificate
};
var messageEncodingBindingElementType = typeof(MessageEncodingBindingElement);
var elements = tempBinding.CreateBindingElements();

IEnumerable<BindingElement> elementsWithoutEncodingElement = elements.Where(item => !messageEncodingBindingElementType.IsAssignableFrom(item.GetType()));
var existingEncodingElement = (MessageEncodingBindingElement)elements.Where(item => messageEncodingBindingElementType.IsAssignableFrom(item.GetType())).First();

var newEncodingElement = new MtomMessageEncoderBindingElement(existingEncodingElement);

// Encoding is before transport, so we prepend the MTOM message encoding binding element
// https://docs.microsoft.com/en-us/dotnet/framework/wcf/extending/custom-bindings
var binding = new CustomBinding(elementsWithoutEncodingElement.Prepend(newEncodingElement));

var remoteAddress = new EndpointAddress(_settingsProvider.GetStringSetting(WorkerEndpointAddressConfigurationKey));
            
var client = new Worker.Au10tixFromFilesWorkerClient(binding, remoteAddress);
client.ClientCredentials?.ClientCertificate.SetCertificate
(StoreLocation.CurrentUser,StoreName.My, X509FindType.FindByThumbprint,"**********");

Source post for my solution: https://stackoverflow.com/a/63669041/7429947