protected static OwaIdentity GetOwaIdentity(IIdentity identity)
{
CompositeIdentity compositeIdentity = identity as CompositeIdentity;
if (compositeIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve CompositeIdentity.");
return(OwaCompositeIdentity.CreateFromCompositeIdentity(compositeIdentity));
}
WindowsIdentity windowsIdentity = identity as WindowsIdentity;
if (windowsIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve WindowsIdentity.");
if (windowsIdentity.IsAnonymous)
{
ExTraceGlobals.CoreCallTracer.TraceError(0L, "[OwaIdentity::ResolveLogonIdentity] - Windows identity cannot be anonymous.");
throw new OwaIdentityException("Cannot create security context for anonymous windows identity.");
}
return(OwaWindowsIdentity.CreateFromWindowsIdentity(windowsIdentity));
}
else
{
LiveIDIdentity liveIDIdentity = identity as LiveIDIdentity;
if (liveIDIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve LiveIDIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromLiveIDIdentity(liveIDIdentity));
}
WindowsTokenIdentity windowsTokenIdentity = identity as WindowsTokenIdentity;
if (windowsTokenIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve WindowsTokenIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromClientSecurityContextIdentity(windowsTokenIdentity));
}
OAuthIdentity oauthIdentity = identity as OAuthIdentity;
if (oauthIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve OAuthIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromOAuthIdentity(oauthIdentity));
}
AdfsIdentity adfsIdentity = identity as AdfsIdentity;
if (adfsIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve AdfsIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromAdfsIdentity(identity as AdfsIdentity));
}
SidBasedIdentity sidBasedIdentity = identity as SidBasedIdentity;
if (sidBasedIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve SidBasedIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromsidBasedIdentity(sidBasedIdentity));
}
ExTraceGlobals.CoreCallTracer.TraceError <Type>(0L, "[OwaIdentity::ResolveLogonIdentity] - Cannot resolve unsupported identity type: {0}.", identity.GetType());
throw new NotSupportedException(string.Format("Unexpected identity type. {0}", identity.GetType()));
}
}
internal static UserToken CreateDefaultUserTokenInERC(IIdentity identity, DelegatedPrincipal delegatedPrincipal, bool impersonated)
{
if (!impersonated && delegatedPrincipal != null)
{
CommonAccessToken commonAccessToken = new CommonAccessToken(AccessTokenType.RemotePowerShellDelegated);
commonAccessToken.ExtensionData["DelegatedData"] = delegatedPrincipal.Identity.Name;
return(new UserToken(AuthenticationType.RemotePowerShellDelegated, delegatedPrincipal, null, delegatedPrincipal.Identity.Name, null, null, null, delegatedPrincipal.DelegatedOrganization, false, commonAccessToken));
}
SidOAuthIdentity sidOAuthIdentity = identity as SidOAuthIdentity;
if (sidOAuthIdentity != null)
{
PartitionId partitionId;
PartitionId.TryParse(sidOAuthIdentity.PartitionId, out partitionId);
return(new UserToken(AuthenticationType.OAuth, null, null, sidOAuthIdentity.Name, sidOAuthIdentity.Sid, partitionId, sidOAuthIdentity.OAuthIdentity.OrganizationId, sidOAuthIdentity.ManagedTenantName, false, sidOAuthIdentity.OAuthIdentity.ToCommonAccessTokenVersion1()));
}
WindowsIdentity windowsIdentity = identity as WindowsIdentity;
if (windowsIdentity != null)
{
return(new UserToken(AuthenticationType.Kerberos, null, null, windowsIdentity.Name, windowsIdentity.User, null, null, null, false, new CommonAccessToken(windowsIdentity)));
}
WindowsTokenIdentity windowsTokenIdentity = identity as WindowsTokenIdentity;
if (windowsTokenIdentity != null && windowsTokenIdentity.AccessToken != null && windowsTokenIdentity.AccessToken.CommonAccessToken != null)
{
PartitionId partitionId2;
PartitionId.TryParse(windowsTokenIdentity.PartitionId, out partitionId2);
return(new UserToken(AuthenticationType.Kerberos, null, null, windowsTokenIdentity.Name, windowsTokenIdentity.Sid, partitionId2, null, null, false, windowsTokenIdentity.AccessToken.CommonAccessToken));
}
CommonAccessToken commonAccessToken2 = new CommonAccessToken(AccessTokenType.CertificateSid);
SecurityIdentifier securityIdentifier = identity.GetSecurityIdentifier();
commonAccessToken2.ExtensionData["UserSid"] = securityIdentifier.ToString();
GenericSidIdentity genericSidIdentity = identity as GenericSidIdentity;
if (genericSidIdentity != null)
{
commonAccessToken2.ExtensionData["Partition"] = genericSidIdentity.PartitionId;
}
return(new UserToken(AuthenticationType.Certificate, null, null, identity.Name, securityIdentifier, null, null, null, false, commonAccessToken2));
}
