Ejemplo n.º 1
0
        public static bool IsEacUrl(string urlString)
        {
            if (!UrlUtilities.IsEcpUrl(urlString))
            {
                return(false);
            }
            int num = urlString.IndexOf('?');

            if (num > 0)
            {
                string[] source = urlString.Substring(num + 1).Split(new char[]
                {
                    '&'
                });
                return(!source.Contains("rfr=owa") && !source.Contains("rfr=olk"));
            }
            return(true);
        }
        private void HandleFbaFormPost(BackEndServer backEndServer)
        {
            HttpContext      httpContext            = base.HttpContext;
            HttpResponse     response               = httpContext.Response;
            Uri              uri                    = null;
            string           text                   = httpContext.Items["destination"] as string;
            bool             flag                   = false;
            bool             flag2                  = false;
            bool             flag3                  = true;
            string           fqdn                   = backEndServer.Fqdn;
            int              version                = backEndServer.Version;
            OwaServerVersion owaServerVersion       = null;
            bool             flag4                  = false;
            ServiceTopology  currentServiceTopology = ServiceTopology.GetCurrentServiceTopology("f:\\15.00.1497\\sources\\dev\\cafe\\src\\HttpProxy\\RequestHandlers\\FbaFormPostProxyRequestHandler.cs", "HandleFbaFormPost", 780);
            Site             site                   = currentServiceTopology.GetSite(fqdn, "f:\\15.00.1497\\sources\\dev\\cafe\\src\\HttpProxy\\RequestHandlers\\FbaFormPostProxyRequestHandler.cs", "HandleFbaFormPost", 781);

            if (site != null && !site.Equals(HttpProxyGlobals.LocalSite.Member))
            {
                flag3 = false;
            }
            if (!FbaFormPostProxyRequestHandler.DisableSSORedirects)
            {
                owaServerVersion = OwaServerVersion.CreateFromVersionNumber(version);
                if (UrlUtilities.IsEcpUrl(text) && owaServerVersion.Major < (int)ExchangeObjectVersion.Exchange2010.ExchangeBuild.Major)
                {
                    flag  = false;
                    flag2 = false;
                }
                else if (!flag3 && !UserAgentParser.IsMonitoringRequest(base.ClientRequest.UserAgent))
                {
                    if (owaServerVersion.Major >= (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
                    {
                        FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause legacyRedirectFailureCause = FbaFormPostProxyRequestHandler.NeedCrossSiteRedirect(backEndServer, site, HttpProxyGlobals.LocalSite.Member, owaServerVersion, UrlUtilities.IsEcpUrl(text), out uri, out flag4);
                        string authority = base.ClientRequest.Url.Authority;
                        string b         = (uri == null) ? string.Empty : uri.Authority;
                        flag2 = (legacyRedirectFailureCause != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.NoCasFound && !string.Equals(authority, b, StringComparison.OrdinalIgnoreCase) && (legacyRedirectFailureCause != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null));
                        if (uri == null && owaServerVersion.Major == (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
                        {
                            flag = (FbaFormPostProxyRequestHandler.NeedOnSiteLegacyRedirect(backEndServer, null, HttpProxyGlobals.LocalSite.Member, owaServerVersion, out uri, out flag4) != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null);
                        }
                    }
                }
                else
                {
                    flag = (FbaFormPostProxyRequestHandler.NeedOnSiteLegacyRedirect(backEndServer, site, HttpProxyGlobals.LocalSite.Member, owaServerVersion, out uri, out flag4) != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null);
                }
            }
            if (flag2 || flag)
            {
                if (uri != null)
                {
                    string authority2 = base.ClientRequest.Url.Authority;
                    string authority3 = uri.Authority;
                    if (string.Compare(authority2, authority3, StringComparison.OrdinalIgnoreCase) == 0)
                    {
                        throw new HttpException(403, "Redirect loop detected");
                    }
                }
                using (SecureNameValueCollection secureNameValueCollection = new SecureNameValueCollection())
                {
                    int num = (int)base.HttpContext.Items["flags"];
                    secureNameValueCollection.AddUnsecureNameValue("destination", base.HttpContext.Items["destination"] as string);
                    secureNameValueCollection.AddUnsecureNameValue("username", base.HttpContext.Items["username"] as string);
                    secureNameValueCollection.AddUnsecureNameValue("flags", num.ToString(CultureInfo.InvariantCulture));
                    using (SecureString secureString = base.HttpContext.Items["password"] as SecureString)
                    {
                        secureNameValueCollection.AddSecureNameValue("password", secureString);
                        if (flag)
                        {
                            if (uri == null)
                            {
                                AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoLegacyCAS);
                            }
                            else if (flag4)
                            {
                                if (uri.Scheme == Uri.UriSchemeHttps)
                                {
                                    ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - SSO redirecting to {0}", uri.ToString());
                                    this.RedirectUsingSSOFBA(secureNameValueCollection, uri, response, owaServerVersion.Major);
                                    response.End();
                                }
                                else
                                {
                                    AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
                                }
                            }
                            else
                            {
                                ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", uri.ToString());
                                base.PfdTracer.TraceRedirect("FbaAuth", uri.ToString());
                                response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(uri.ToString()));
                            }
                        }
                        else if (flag2)
                        {
                            if (uri == null)
                            {
                                AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoLegacyCAS);
                            }
                            else
                            {
                                Uri uri2 = uri;
                                if (this.explicitLogonUser != null)
                                {
                                    uri2 = FbaFormPostProxyRequestHandler.AppendSmtpAddressToUrl(uri, this.explicitLogonUser);
                                }
                                if (flag4)
                                {
                                    if (uri.Scheme == Uri.UriSchemeHttps)
                                    {
                                        ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - SSO redirecting to {0}", uri.ToString());
                                        this.RedirectUsingSSOFBA(secureNameValueCollection, uri, response, owaServerVersion.Major);
                                        response.End();
                                    }
                                    else
                                    {
                                        AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
                                    }
                                }
                                else
                                {
                                    ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", uri2.ToString());
                                    base.PfdTracer.TraceRedirect("FbaAuth", uri2.ToString());
                                    response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(uri2.ToString()));
                                }
                            }
                        }
                    }
                    return;
                }
            }
            try
            {
                FbaModule.SetCadataCookies(base.HttpApplication);
            }
            catch (MissingSslCertificateException)
            {
                AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
            }
            ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", text);
            base.PfdTracer.TraceRedirect("FbaAuth", text);
            response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(text), false);
        }