protected override void OnEndRequestInternal(HttpApplication httpApplication) { HttpRequest request = httpApplication.Context.Request; HttpResponse response = httpApplication.Context.Response; RequestDetailsLogger current = RequestDetailsLoggerBase <RequestDetailsLogger> .GetCurrent(httpApplication.Context); if (httpApplication.Context.Items[Constants.RequestCompletedHttpContextKeyName] == null && !UrlUtilities.IsIntegratedAuthUrl(request.Url) && !UrlUtilities.IsOwaMiniUrl(request.Url) && (response.StatusCode == 401 || (HttpProxyGlobals.ProtocolType == ProtocolType.Ecp && (response.StatusCode == 403 || response.StatusCode == 404)))) { FbaModule.LogonReason reason = FbaModule.LogonReason.None; if (request.Headers["Authorization"] != null) { reason = FbaModule.LogonReason.InvalidCredentials; } bool flag = request.Url.AbsolutePath.Equals("/owa/auth.owa", StringComparison.OrdinalIgnoreCase); if (request.HttpMethod.Equals("GET", StringComparison.OrdinalIgnoreCase) || flag) { RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(current, "NoCookies", "302 - GET/E14AuthPost"); this.RedirectToFbaLogon(httpApplication, reason); } else if (request.HttpMethod.Equals("POST", StringComparison.OrdinalIgnoreCase)) { RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(current, "NoCookies", "440 - POST"); this.Send440Response(httpApplication, true); } else { RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(current, "NoCookies", "440 - " + request.HttpMethod); this.Send440Response(httpApplication, false); } } base.OnEndRequestInternal(httpApplication); }
private bool RedirectToFbaLogon(HttpApplication httpApplication, FbaModule.LogonReason reason) { HttpContext context = httpApplication.Context; HttpRequest request = context.Request; HttpResponse response = context.Response; Utility.DeleteFbaAuthCookies(request, response); UriBuilder uriBuilder = new UriBuilder(); uriBuilder.Host = request.Url.Host; int port = uriBuilder.Port; uriBuilder.Scheme = FbaModule.GetExternalUrlScheme(ref port); uriBuilder.Port = port; uriBuilder.Path = "/owa/auth/logon.aspx"; StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append("url="); if (this.destinationUrl != null) { stringBuilder.Append(HttpUtility.UrlEncode(new UriBuilder(this.destinationUrl) { Scheme = uriBuilder.Scheme, Port = uriBuilder.Port }.Uri.AbsoluteUri.ToString())); } else { string text = new UriBuilder(request.GetFullRawUrl()) { Scheme = uriBuilder.Scheme, Port = uriBuilder.Port }.Uri.AbsoluteUri; string strB = request.Url.Segments[request.Url.Segments.Length - 1]; if (string.Compare("auth.owa", strB, StringComparison.OrdinalIgnoreCase) == 0) { int startIndex = text.LastIndexOf("auth.owa") - 1; text = text.Remove(startIndex); } string text2 = HttpUtility.UrlDecode(request.Headers["X-OWA-ExplicitLogonUser"]); if (!string.IsNullOrEmpty(text2) && !text.Contains(text2)) { string value = HttpUtility.UrlEncode("/"); string applicationPath = request.ApplicationPath; int num = text.IndexOf(applicationPath, StringComparison.OrdinalIgnoreCase); if (num == -1) { stringBuilder.Append(HttpUtility.UrlEncode(text)); if (text[text.Length - 1] != '/') { stringBuilder.Append(value); } stringBuilder.Append(HttpUtility.UrlEncode(text2)); stringBuilder.Append(value); } else { num += applicationPath.Length; if (num < text.Length && text[num] == '/') { num++; } stringBuilder.Append(HttpUtility.UrlEncode(text.Substring(0, num))); if (text[num - 1] != '/') { stringBuilder.Append(value); } stringBuilder.Append(HttpUtility.UrlEncode(text2)); stringBuilder.Append(value); stringBuilder.Append(HttpUtility.UrlEncode(text.Substring(num))); } } else { int num2 = text.IndexOf('?'); string text3 = null; if (text.ToLowerInvariant().Contains("logoff.owa")) { if (!LogOnSettings.IsLegacyLogOff) { uriBuilder.Path = "/owa/" + LogOnSettings.SignOutPageUrl; } if (num2 >= 0) { string[] source = text.Substring(num2 + 1).Split(new char[] { '&' }); string text4 = source.FirstOrDefault((string x) => x.StartsWith("url=", StringComparison.OrdinalIgnoreCase)); if (text4 != null) { text3 = text4.Substring("url=".Length); } } } if (text3 == null) { string str; text3 = ((!UrlUtilities.IsCmdWebPart(request) && UrlUtilities.ShouldRedirectQueryParamsAsHashes(new Uri(text), out str)) ? HttpUtility.UrlEncode(str) : HttpUtility.UrlEncode(text)); } stringBuilder.Append(text3); } } stringBuilder.AppendFormat("&reason={0}", (int)reason); uriBuilder.Query = stringBuilder.ToString(); ExTraceGlobals.VerboseTracer.TraceDebug <FbaModule.LogonReason, string>((long)this.GetHashCode(), "RedirectToFbaLogon - Reason: {0}, URL: {1}", reason, uriBuilder.ToString()); base.PfdTracer.TraceRedirect("FbaAuth", uriBuilder.ToString()); response.Redirect(uriBuilder.ToString(), false); httpApplication.CompleteRequest(); return(true); }