// Token: 0x060005F8 RID: 1528 RVA: 0x00021AE4 File Offset: 0x0001FCE4 private void OnPostAuthorizeRequest(object sender, EventArgs e) { HttpApplication httpApplication = (HttpApplication)sender; HttpContext httpContext = httpApplication.Context; CheckpointTracker.GetOrCreate(httpContext.Items).Add(FrontEndHttpProxyCheckpoints.ProxyModulePostAuthorizeRequest); Diagnostics.SendWatsonReportOnUnhandledException(delegate() { if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[ProxyModule::OnPostAuthorizeRequest]: Method {0}; Url {1}; Username {2}; Context {3};", new object[] { httpContext.Request.HttpMethod, httpContext.Request.Url, (httpContext.User == null) ? string.Empty : IIdentityExtensions.GetSafeName(httpContext.User.Identity, true), httpContext.GetTraceContext() }); } this.OnPostAuthorizeInternal(httpApplication); LatencyTracker latencyTracker = LatencyTracker.FromHttpContext(httpContext); RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(RequestDetailsLoggerBase <RequestDetailsLogger> .GetCurrent(httpContext), 6, latencyTracker.GetCurrentLatency(LatencyTrackerKey.ProxyModuleLatency)); long currentLatency = latencyTracker.GetCurrentLatency(LatencyTrackerKey.AuthenticationLatency); PerfCounters.UpdateMovingAveragePerformanceCounter(PerfCounters.HttpProxyCountersInstance.MovingAverageAuthenticationLatency, currentLatency); latencyTracker.StartTracking(LatencyTrackerKey.ModuleToHandlerSwitchingLatency, false); }, new Diagnostics.LastChanceExceptionHandler(RequestDetailsLogger.LastChanceExceptionHandler)); }
// Token: 0x0600071B RID: 1819 RVA: 0x00029BE0 File Offset: 0x00027DE0 private int GetKeyForCasAffinity() { IIdentity identity = base.HttpContext.User.Identity; if (identity is WindowsIdentity || identity is ClientSecurityContextIdentity) { return(IIdentityExtensions.GetSecurityIdentifier(identity).GetHashCode()); } return(identity.Name.GetHashCode()); }
// Token: 0x060004FA RID: 1274 RVA: 0x0001B7D4 File Offset: 0x000199D4 protected override void AddProtocolSpecificHeadersToServerRequest(WebHeaderCollection headers) { IIdentity identity = base.HttpContext.User.Identity; if (identity is WindowsIdentity || identity is ClientSecurityContextIdentity) { headers["X-EAS-Proxy"] = IIdentityExtensions.GetSecurityIdentifier(identity).ToString() + "," + IIdentityExtensions.GetSafeName(identity, true); } base.AddProtocolSpecificHeadersToServerRequest(headers); }
// Token: 0x060003D4 RID: 980 RVA: 0x000160E0 File Offset: 0x000142E0 public static CommonAccessToken FixupCommonAccessToken(HttpContext httpContext, int targetVersion) { if (!httpContext.Request.IsAuthenticated) { return(null); } CommonAccessToken commonAccessToken = null; try { if (httpContext.User.Identity is OAuthIdentity) { commonAccessToken = (httpContext.User.Identity as OAuthIdentity).ToCommonAccessToken(targetVersion); } else if (httpContext.User is DelegatedPrincipal) { commonAccessToken = new CommonAccessToken(8); commonAccessToken.ExtensionData["DelegatedData"] = IIdentityExtensions.GetSafeName(((DelegatedPrincipal)httpContext.User).Identity, true); } else { CommonAccessToken commonAccessToken2 = httpContext.Items["Item-CommonAccessToken"] as CommonAccessToken; if (commonAccessToken2 != null) { return(commonAccessToken2); } if (httpContext.User.Identity is WindowsIdentity) { WindowsIdentity windowsIdentity = httpContext.User.Identity as WindowsIdentity; string value; if (HttpContextItemParser.TryGetLiveIdMemberName(httpContext.Items, ref value)) { commonAccessToken = new CommonAccessToken(3); commonAccessToken.ExtensionData["UserSid"] = windowsIdentity.User.ToString(); commonAccessToken.ExtensionData["MemberName"] = value; } else { commonAccessToken = new CommonAccessToken(windowsIdentity); } } } } catch (CommonAccessTokenException ex) { if (ExTraceGlobals.BriefTracer.IsTraceEnabled(3)) { ExTraceGlobals.BriefTracer.TraceError <string, CommonAccessTokenException>(0L, "[AspNetHelper::FixupCommonAccessToken] Error encountered when creating CommonAccessToken from current logong identity. User: {0} Exception: {1}.", IIdentityExtensions.GetSafeName(httpContext.User.Identity, true), ex); } throw new HttpProxyException(HttpStatusCode.Unauthorized, 3002, string.Format("Error encountered when creating common access token. User: {0}", IIdentityExtensions.GetSafeName(httpContext.User.Identity, true))); } return(commonAccessToken); }
// Token: 0x06000505 RID: 1285 RVA: 0x0001B9A4 File Offset: 0x00019BA4 internal static void AddDownLevelProxyHeaders(WebHeaderCollection headers, HttpContext context) { if (!context.Request.IsAuthenticated) { return; } if (context.User != null) { IIdentity identity = context.User.Identity; if ((identity is WindowsIdentity || identity is ClientSecurityContextIdentity) && null != IIdentityExtensions.GetSecurityIdentifier(identity)) { string value = IIdentityExtensions.GetSecurityIdentifier(identity).ToString(); headers["msExchLogonAccount"] = value; headers["msExchLogonMailbox"] = value; headers["msExchTargetMailbox"] = value; } } }
// Token: 0x060005C6 RID: 1478 RVA: 0x0001FDB4 File Offset: 0x0001DFB4 protected override void AddProtocolSpecificHeadersToServerRequest(WebHeaderCollection headers) { IIdentity identity = base.HttpContext.User.Identity; CompositeIdentity compositeIdentity = base.HttpContext.User.Identity as CompositeIdentity; if (compositeIdentity != null) { identity = compositeIdentity.PrimaryIdentity; } if (!base.ProxyToDownLevel || identity is OAuthIdentity || identity is OAuthPreAuthIdentity || identity is MSAIdentity) { if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::AddProtocolSpecificHeadersToServerRequest]: Skip adding downlevel proxy headers."); } } else { if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "[OwaProxyRequestHandler::AddProtocolSpecificHeadersToServerRequest]: User identity type is {0}.", identity.GetType().FullName); } headers["X-OWA-ProxySid"] = IIdentityExtensions.GetSecurityIdentifier(identity).ToString(); OwaProxyRequestHandler.AddProxyUriHeader(base.ClientRequest, headers); headers["X-OWA-ProxyVersion"] = HttpProxyGlobals.ApplicationVersion; } if (UrlUtilities.IsCmdWebPart(base.ClientRequest) && !OwaProxyRequestHandler.IsOwa15Url(base.ClientRequest)) { headers["X-OWA-ProxyWebPart"] = "1"; } headers["RPSPUID"] = (string)base.HttpContext.Items["RPSPUID"]; headers["RPSOrgIdPUID"] = (string)base.HttpContext.Items["RPSOrgIdPUID"]; headers["logonLatency"] = (string)base.HttpContext.Items["logonLatency"]; if (base.IsExplicitSignOn) { headers[OwaHttpHeader.ExplicitLogonUser] = HttpUtility.UrlDecode(base.ExplicitSignOnAddress); } string clientRequestIdValue = DiagnosticIdentifiers.GetClientRequestIdValue(); base.HttpContext.Response.AppendToLog(string.Format("&{0}={1}", "ClientRequestId", clientRequestIdValue)); headers["X-ClientRequestId"] = clientRequestIdValue; base.AddProtocolSpecificHeadersToServerRequest(headers); }
// Token: 0x060003FC RID: 1020 RVA: 0x00017330 File Offset: 0x00015530 public static string GetSerializedAccessTokenString(this IRequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } string result = null; try { IIdentity callerIdentity = requestContext.GetCallerIdentity(); using (ClientSecurityContext clientSecurityContext = IdentityUtils.ClientSecurityContextFromIdentity(callerIdentity, true)) { result = new SerializedAccessToken(IIdentityExtensions.GetSafeName(callerIdentity, true), callerIdentity.AuthenticationType, clientSecurityContext).ToString(); } } catch (AuthzException ex) { throw new HttpException(401, ex.Message); } return(result); }
// Token: 0x060000EB RID: 235 RVA: 0x00005DD4 File Offset: 0x00003FD4 private static AnchorMailbox CreateFromLogonIdentity(IRequestContext requestContext) { HttpContext httpContext = requestContext.HttpContext; IPrincipal user = httpContext.User; IIdentity identity = httpContext.User.Identity; string text; HttpContextItemParser.TryGetLiveIdMemberName(httpContext.Items, ref text); OAuthIdentity oauthIdentity = identity as OAuthIdentity; if (oauthIdentity != null) { string externalDirectoryObjectId; if (RequestHeaderParser.TryGetExternalDirectoryObjectId(httpContext.Request.Headers, ref externalDirectoryObjectId)) { requestContext.Logger.SafeSet(3, "OAuthIdentity-ExternalDirectoryObjectId"); return(new ExternalDirectoryObjectIdAnchorMailbox(externalDirectoryObjectId, oauthIdentity.OrganizationId, requestContext)); } if (oauthIdentity.ActAsUser != null) { requestContext.Logger.SafeSet(3, "OAuthIdentity-ActAsUser"); return(new OAuthActAsUserAnchorMailbox(oauthIdentity.ActAsUser, requestContext)); } requestContext.Logger.SafeSet(3, "OAuthIdentity-AppOrganization"); return(new OrganizationAnchorMailbox(oauthIdentity.OrganizationId, requestContext)); } else { GenericSidIdentity genericSidIdentity = identity as GenericSidIdentity; if (genericSidIdentity != null) { requestContext.Logger.SafeSet(3, "GenericSidIdentity"); return(new SidAnchorMailbox(genericSidIdentity.Sid, requestContext) { PartitionId = genericSidIdentity.PartitionId, SmtpOrLiveId = text }); } DelegatedPrincipal delegatedPrincipal = user as DelegatedPrincipal; if (delegatedPrincipal != null && delegatedPrincipal.DelegatedOrganization != null && string.IsNullOrEmpty(text)) { requestContext.Logger.SafeSet(3, "DelegatedPrincipal-DelegatedOrganization"); return(new DomainAnchorMailbox(delegatedPrincipal.DelegatedOrganization, requestContext)); } WindowsIdentity windowsIdentity = identity as WindowsIdentity; if (windowsIdentity != null) { if (string.IsNullOrEmpty(text)) { requestContext.Logger.SafeSet(3, "WindowsIdentity"); } else { requestContext.Logger.SafeSet(3, "WindowsIdentity-LiveIdMemberName"); } return(new SidAnchorMailbox(windowsIdentity.User, requestContext) { SmtpOrLiveId = text }); } SecurityIdentifier securityIdentifier = null; if (IIdentityExtensions.TryGetSecurityIdentifier(identity, ref securityIdentifier) && !securityIdentifier.Equals(AuthCommon.MemberNameNullSid)) { if (string.IsNullOrEmpty(text)) { requestContext.Logger.SafeSet(3, "SID"); } else { requestContext.Logger.SafeSet(3, "SID-LiveIdMemberName"); } return(new SidAnchorMailbox(securityIdentifier, requestContext) { SmtpOrLiveId = text }); } if (!HttpProxySettings.IdentityIndependentAuthBehaviorEnabled.Value && requestContext.AuthBehavior.AuthState != AuthState.FrontEndFullAuth) { AnchorMailbox anchorMailbox = requestContext.AuthBehavior.CreateAuthModuleSpecificAnchorMailbox(requestContext); if (anchorMailbox != null) { return(anchorMailbox); } } if (!string.IsNullOrEmpty(text) && SmtpAddress.IsValidSmtpAddress(text)) { requestContext.Logger.SafeSet(3, "Smtp-LiveIdMemberName"); return(new SmtpAnchorMailbox(text, requestContext)); } throw new InvalidOperationException(string.Format("Unknown idenity {0} with type {1}.", IIdentityExtensions.GetSafeName(identity, true), identity.ToString())); } }
// Token: 0x06000713 RID: 1811 RVA: 0x00029988 File Offset: 0x00027B88 protected override void AddProtocolSpecificHeadersToServerRequest(WebHeaderCollection headers) { headers["X-RpcHttpProxyLogonUserName"] = EncodingUtilities.EncodeToBase64(IIdentityExtensions.GetSafeName(base.HttpContext.User.Identity, true)); headers["X-RpcHttpProxyServerTarget"] = this.rpcServerTarget; if (this.associationGuid != Guid.Empty) { headers["X-AssociationGuid"] = this.associationGuid.ToString(); } DatabaseBasedAnchorMailbox databaseBasedAnchorMailbox = base.AnchoredRoutingTarget.AnchorMailbox as DatabaseBasedAnchorMailbox; if (databaseBasedAnchorMailbox != null) { ADObjectId database = databaseBasedAnchorMailbox.GetDatabase(); if (database != null) { headers["X-DatabaseGuid"] = database.ObjectGuid.ToString(); } } base.AddProtocolSpecificHeadersToServerRequest(headers); }
// Token: 0x060006EE RID: 1774 RVA: 0x00028810 File Offset: 0x00026A10 protected override void AddProtocolSpecificHeadersToServerRequest(WebHeaderCollection headers) { if (base.ClientRequest.IsAuthenticated && base.ProxyToDownLevel) { IIdentity callerIdentity = this.GetCallerIdentity(); WindowsIdentity windowsIdentity = callerIdentity as WindowsIdentity; GenericSidIdentity genericSidIdentity = callerIdentity as GenericSidIdentity; IPrincipal user = base.HttpContext.User; if (windowsIdentity != null) { string text; if (HttpContextItemParser.TryGetLiveIdMemberName(base.HttpContext.Items, ref text)) { headers["X-RemotePS-GenericIdentity"] = windowsIdentity.User.ToString(); } else { headers["X-RemotePS-WindowsIdentity"] = this.GetSerializedAccessTokenString(); } } else if (genericSidIdentity != null) { headers["X-RemotePS-GenericIdentity"] = genericSidIdentity.Sid.ToString(); } else { headers["X-RemotePS-GenericIdentity"] = IIdentityExtensions.GetSafeName(base.HttpContext.User.Identity, true); } } if (this.isSyndicatedAdminManageDownLevelTarget) { headers["msExchCafeForceRouteToLogonAccount"] = "1"; } if (LoggerHelper.IsProbePingRequest(base.ClientRequest)) { RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(base.Logger, 21, "ProbePingBackend"); } else if (WinRMHelper.WinRMParserEnabled.Value) { try { this.winRMInfo = base.ParseClientRequest <WinRMInfo>(new Func <Stream, WinRMInfo>(this.ParseWinRMInfo), 10000); } catch (InvalidOperationException ex) { if (ExTraceGlobals.ExceptionTracer.IsTraceEnabled(3)) { ExTraceGlobals.ExceptionTracer.TraceError <InvalidOperationException>((long)this.GetHashCode(), "[RemotePowerShellProxyRequestHandler::AddProtocolSpecificHeadersToServerRequest] ParseClientRequest throws exception {0}", ex); } RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericError(base.Logger, "ParseClientRequestException", ex.ToString()); } if (this.winRMInfo != null) { WinRMInfo.StampToHttpHeaders(this.winRMInfo, headers); } } DatabaseBasedAnchorMailbox databaseBasedAnchorMailbox = base.AnchoredRoutingTarget.AnchorMailbox as DatabaseBasedAnchorMailbox; if (databaseBasedAnchorMailbox != null) { ADObjectId database = databaseBasedAnchorMailbox.GetDatabase(); if (database != null) { headers["X-DatabaseGuid"] = database.ObjectGuid.ToString(); } } if (!base.ShouldRetryOnError) { headers["X-Cafe-Last-Retry"] = "Y"; } base.AddProtocolSpecificHeadersToServerRequest(headers); }
// Token: 0x060005FB RID: 1531 RVA: 0x00021BD8 File Offset: 0x0001FDD8 private void OnEndRequest(object sender, EventArgs e) { HttpApplication httpApplication = (HttpApplication)sender; HttpContext httpContext = httpApplication.Context; CheckpointTracker.GetOrCreate(httpContext.Items).Add(FrontEndHttpProxyCheckpoints.ProxyModuleEndRequest); Diagnostics.SendWatsonReportOnUnhandledException(delegate() { if (!HostHeaderValidator.HasValidHostHeaderStatusDescription(new HttpContextWrapper(httpContext).Response) || httpContext.Items["AutodiscoverRedirectModule"] != null) { return; } LatencyTracker latencyTracker = LatencyTracker.FromHttpContext(httpContext); RequestDetailsLogger current = RequestDetailsLoggerBase <RequestDetailsLogger> .GetCurrent(httpContext); RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(RequestDetailsLoggerBase <RequestDetailsLogger> .GetCurrent(httpContext), GuardedSharedCacheExecution.Default.Key, GuardedSharedCacheExecution.Default.Guard.GetCurrentValue()); int traceContext = httpContext.GetTraceContext(); if (httpContext.Response != null && current != null) { httpContext.Response.AppendToLog(Constants.RequestIdKeyForIISLogs + current.ActivityId.ToString() + ";"); } if (HealthCheckResponder.Instance.IsHealthCheckRequest(httpContext)) { return; } if (httpContext.Response.StatusCode == 404 && httpContext.Response.SubStatusCode == 13) { httpContext.Response.StatusCode = 507; } if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[ProxyModule::OnEndRequest]: Method {0}; Url {1}; Username {2}; Context {3};", new object[] { httpContext.Request.HttpMethod, httpContext.Request.Url, (httpContext.User == null) ? string.Empty : IIdentityExtensions.GetSafeName(httpContext.User.Identity, true), traceContext }); } if (latencyTracker != null) { long currentLatency = latencyTracker.GetCurrentLatency(LatencyTrackerKey.HandlerToModuleSwitchingLatency); if (currentLatency >= 0L) { RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(current, 5, currentLatency); } } ProxyRequestHandler proxyRequestHandler = httpContext.CurrentHandler as ProxyRequestHandler; if (proxyRequestHandler != null && !proxyRequestHandler.IsDisposed) { current.AppendGenericInfo("DisposeProxyRequestHandler", "ProxyModule::OnEndRequest"); proxyRequestHandler.Dispose(); } ProxyModule.InspectNativeProxyFatalError(httpContext.Response, current); string text = httpContext.Items["AnonymousRequestFilterModule"] as string; if (!string.IsNullOrEmpty(text)) { current.AppendGenericInfo("AnonymousRequestFilterModule", text); } try { this.OnEndRequestInternal(httpApplication); } finally { if (current != null && !current.IsDisposed) { IActivityScope activityScope = current.ActivityScope; if (activityScope != null) { if (!string.IsNullOrEmpty(activityScope.TenantId)) { httpContext.Items["AuthenticatedUserOrganization"] = activityScope.TenantId; } ProxyModule.FinalizeRequestLatencies(httpContext, current, activityScope, latencyTracker, traceContext); } current.LogCurrentTime("EndRequest"); RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(current, 0, DateTime.UtcNow); current.AsyncCommit(false, NativeProxyHelper.WasProxiedByNativeProxyHandler(SharedHttpContextWrapper.GetWrapper(httpContext))); } if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug(0L, "[ProxyModule::OnEndRequest]: Method {0}; Url {1}; OnEndRequestLatency {2}; Context {3};", new object[] { httpContext.Request.HttpMethod, httpContext.Request.Url, (latencyTracker != null) ? latencyTracker.GetCurrentLatency(LatencyTrackerKey.ProxyModuleLatency).ToString() : "Unknown", traceContext }); } } }, new Diagnostics.LastChanceExceptionHandler(RequestDetailsLogger.LastChanceExceptionHandler)); }
// Token: 0x060002B4 RID: 692 RVA: 0x0000D774 File Offset: 0x0000B974 public static void CheckLiveIdBasicPartialAuthResult(HttpContext httpContext) { if (httpContext == null) { throw new ArgumentNullException("httpContext"); } IPrincipal user = httpContext.User; if (user != null && user.Identity != null && user.GetType().Equals(typeof(GenericPrincipal)) && user.Identity.GetType().Equals(typeof(GenericIdentity)) && string.Equals(user.Identity.AuthenticationType, "LiveIdBasic", StringComparison.OrdinalIgnoreCase)) { throw new HttpException(403, string.Format("Unable to resolve identity: {0}", IIdentityExtensions.GetSafeName(user.Identity, true))); } }