You are creating a Windows Communication Foundation (WCF) service by using Microsoft .NET Framework 3.5.
The WCF service must authenticate the client applications by validating credit card numbers and expiry dates.
You write the following code segment.
(Line numbers are included for reference only.)
01 class CreditCardTokenAuthenticator: SecurityTokenAuthenticator
02 {
03 // Implementation of other abstract methods comes here.
04 protected override ReadOnlyCollection<IAuthorizationPolicy> ValidateTokenCore(SecurityToken token)
05 {
06 CreditCardToken creditCardToken = token as CreditCardToken;
07 }
08
09 private bool IsCardValid(string cardNumber, 13 DateTime expirationDate)
10 {
11 // Validation code comes here.
12 }
13 }
You need to implement custom authentication for the WCF service. Which code segment should you insert at line 07?
A.
if (IsCardValid(creditCardToken.CardNumber, creditCardToken.ValidTo))
return null;
else
throw new SecurityTokenValidationException();
B.
if (IsCardValid(creditCardToken.CardNumber, creditCardToken.ValidTo))
throw new SecurityTokenValidationException();
else
return null;
C.
if (IsCardValid(creditCardToken.CardNumber, creditCardToken.ValidTo))
return null;
else
return new List<IAuthorizationPolicy>(0).AsReadOnly();
D.
if (IsCardValid(creditCardToken.CardNumber, creditCardToken.ValidTo))
return new List<IAuthorizationPolicy>(0).AsReadOnly();
else
return null;