// Token: 0x060005F8 RID: 1528 RVA: 0x00021AE4 File Offset: 0x0001FCE4
private void OnPostAuthorizeRequest(object sender, EventArgs e)
{
HttpApplication httpApplication = (HttpApplication)sender;
HttpContext httpContext = httpApplication.Context;
CheckpointTracker.GetOrCreate(httpContext.Items).Add(FrontEndHttpProxyCheckpoints.ProxyModulePostAuthorizeRequest);
Diagnostics.SendWatsonReportOnUnhandledException(delegate()
{
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[ProxyModule::OnPostAuthorizeRequest]: Method {0}; Url {1}; Username {2}; Context {3};", new object[]
{
httpContext.Request.HttpMethod,
httpContext.Request.Url,
(httpContext.User == null) ? string.Empty : IIdentityExtensions.GetSafeName(httpContext.User.Identity, true),
httpContext.GetTraceContext()
});
}
this.OnPostAuthorizeInternal(httpApplication);
LatencyTracker latencyTracker = LatencyTracker.FromHttpContext(httpContext);
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(RequestDetailsLoggerBase <RequestDetailsLogger> .GetCurrent(httpContext), 6, latencyTracker.GetCurrentLatency(LatencyTrackerKey.ProxyModuleLatency));
long currentLatency = latencyTracker.GetCurrentLatency(LatencyTrackerKey.AuthenticationLatency);
PerfCounters.UpdateMovingAveragePerformanceCounter(PerfCounters.HttpProxyCountersInstance.MovingAverageAuthenticationLatency, currentLatency);
latencyTracker.StartTracking(LatencyTrackerKey.ModuleToHandlerSwitchingLatency, false);
}, new Diagnostics.LastChanceExceptionHandler(RequestDetailsLogger.LastChanceExceptionHandler));
}
// Token: 0x0600071B RID: 1819 RVA: 0x00029BE0 File Offset: 0x00027DE0
private int GetKeyForCasAffinity()
{
IIdentity identity = base.HttpContext.User.Identity;
if (identity is WindowsIdentity || identity is ClientSecurityContextIdentity)
{
return(IIdentityExtensions.GetSecurityIdentifier(identity).GetHashCode());
}
return(identity.Name.GetHashCode());
}
// Token: 0x060004FA RID: 1274 RVA: 0x0001B7D4 File Offset: 0x000199D4
protected override void AddProtocolSpecificHeadersToServerRequest(WebHeaderCollection headers)
{
IIdentity identity = base.HttpContext.User.Identity;
if (identity is WindowsIdentity || identity is ClientSecurityContextIdentity)
{
headers["X-EAS-Proxy"] = IIdentityExtensions.GetSecurityIdentifier(identity).ToString() + "," + IIdentityExtensions.GetSafeName(identity, true);
}
base.AddProtocolSpecificHeadersToServerRequest(headers);
}
// Token: 0x060003D4 RID: 980 RVA: 0x000160E0 File Offset: 0x000142E0
public static CommonAccessToken FixupCommonAccessToken(HttpContext httpContext, int targetVersion)
{
if (!httpContext.Request.IsAuthenticated)
{
return(null);
}
CommonAccessToken commonAccessToken = null;
try
{
if (httpContext.User.Identity is OAuthIdentity)
{
commonAccessToken = (httpContext.User.Identity as OAuthIdentity).ToCommonAccessToken(targetVersion);
}
else if (httpContext.User is DelegatedPrincipal)
{
commonAccessToken = new CommonAccessToken(8);
commonAccessToken.ExtensionData["DelegatedData"] = IIdentityExtensions.GetSafeName(((DelegatedPrincipal)httpContext.User).Identity, true);
}
else
{
CommonAccessToken commonAccessToken2 = httpContext.Items["Item-CommonAccessToken"] as CommonAccessToken;
if (commonAccessToken2 != null)
{
return(commonAccessToken2);
}
if (httpContext.User.Identity is WindowsIdentity)
{
WindowsIdentity windowsIdentity = httpContext.User.Identity as WindowsIdentity;
string value;
if (HttpContextItemParser.TryGetLiveIdMemberName(httpContext.Items, ref value))
{
commonAccessToken = new CommonAccessToken(3);
commonAccessToken.ExtensionData["UserSid"] = windowsIdentity.User.ToString();
commonAccessToken.ExtensionData["MemberName"] = value;
}
else
{
commonAccessToken = new CommonAccessToken(windowsIdentity);
}
}
}
}
catch (CommonAccessTokenException ex)
{
if (ExTraceGlobals.BriefTracer.IsTraceEnabled(3))
{
ExTraceGlobals.BriefTracer.TraceError <string, CommonAccessTokenException>(0L, "[AspNetHelper::FixupCommonAccessToken] Error encountered when creating CommonAccessToken from current logong identity. User: {0} Exception: {1}.", IIdentityExtensions.GetSafeName(httpContext.User.Identity, true), ex);
}
throw new HttpProxyException(HttpStatusCode.Unauthorized, 3002, string.Format("Error encountered when creating common access token. User: {0}", IIdentityExtensions.GetSafeName(httpContext.User.Identity, true)));
}
return(commonAccessToken);
}
// Token: 0x06000505 RID: 1285 RVA: 0x0001B9A4 File Offset: 0x00019BA4
internal static void AddDownLevelProxyHeaders(WebHeaderCollection headers, HttpContext context)
{
if (!context.Request.IsAuthenticated)
{
return;
}
if (context.User != null)
{
IIdentity identity = context.User.Identity;
if ((identity is WindowsIdentity || identity is ClientSecurityContextIdentity) && null != IIdentityExtensions.GetSecurityIdentifier(identity))
{
string value = IIdentityExtensions.GetSecurityIdentifier(identity).ToString();
headers["msExchLogonAccount"] = value;
headers["msExchLogonMailbox"] = value;
headers["msExchTargetMailbox"] = value;
}
}
}
// Token: 0x060005C6 RID: 1478 RVA: 0x0001FDB4 File Offset: 0x0001DFB4
protected override void AddProtocolSpecificHeadersToServerRequest(WebHeaderCollection headers)
{
IIdentity identity = base.HttpContext.User.Identity;
CompositeIdentity compositeIdentity = base.HttpContext.User.Identity as CompositeIdentity;
if (compositeIdentity != null)
{
identity = compositeIdentity.PrimaryIdentity;
}
if (!base.ProxyToDownLevel || identity is OAuthIdentity || identity is OAuthPreAuthIdentity || identity is MSAIdentity)
{
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::AddProtocolSpecificHeadersToServerRequest]: Skip adding downlevel proxy headers.");
}
}
else
{
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "[OwaProxyRequestHandler::AddProtocolSpecificHeadersToServerRequest]: User identity type is {0}.", identity.GetType().FullName);
}
headers["X-OWA-ProxySid"] = IIdentityExtensions.GetSecurityIdentifier(identity).ToString();
OwaProxyRequestHandler.AddProxyUriHeader(base.ClientRequest, headers);
headers["X-OWA-ProxyVersion"] = HttpProxyGlobals.ApplicationVersion;
}
if (UrlUtilities.IsCmdWebPart(base.ClientRequest) && !OwaProxyRequestHandler.IsOwa15Url(base.ClientRequest))
{
headers["X-OWA-ProxyWebPart"] = "1";
}
headers["RPSPUID"] = (string)base.HttpContext.Items["RPSPUID"];
headers["RPSOrgIdPUID"] = (string)base.HttpContext.Items["RPSOrgIdPUID"];
headers["logonLatency"] = (string)base.HttpContext.Items["logonLatency"];
if (base.IsExplicitSignOn)
{
headers[OwaHttpHeader.ExplicitLogonUser] = HttpUtility.UrlDecode(base.ExplicitSignOnAddress);
}
string clientRequestIdValue = DiagnosticIdentifiers.GetClientRequestIdValue();
base.HttpContext.Response.AppendToLog(string.Format("&{0}={1}", "ClientRequestId", clientRequestIdValue));
headers["X-ClientRequestId"] = clientRequestIdValue;
base.AddProtocolSpecificHeadersToServerRequest(headers);
}
// Token: 0x060003FC RID: 1020 RVA: 0x00017330 File Offset: 0x00015530
public static string GetSerializedAccessTokenString(this IRequestContext requestContext)
{
if (requestContext == null)
{
throw new ArgumentNullException("requestContext");
}
string result = null;
try
{
IIdentity callerIdentity = requestContext.GetCallerIdentity();
using (ClientSecurityContext clientSecurityContext = IdentityUtils.ClientSecurityContextFromIdentity(callerIdentity, true))
{
result = new SerializedAccessToken(IIdentityExtensions.GetSafeName(callerIdentity, true), callerIdentity.AuthenticationType, clientSecurityContext).ToString();
}
}
catch (AuthzException ex)
{
throw new HttpException(401, ex.Message);
}
return(result);
}
// Token: 0x060000EB RID: 235 RVA: 0x00005DD4 File Offset: 0x00003FD4
private static AnchorMailbox CreateFromLogonIdentity(IRequestContext requestContext)
{
HttpContext httpContext = requestContext.HttpContext;
IPrincipal user = httpContext.User;
IIdentity identity = httpContext.User.Identity;
string text;
HttpContextItemParser.TryGetLiveIdMemberName(httpContext.Items, ref text);
OAuthIdentity oauthIdentity = identity as OAuthIdentity;
if (oauthIdentity != null)
{
string externalDirectoryObjectId;
if (RequestHeaderParser.TryGetExternalDirectoryObjectId(httpContext.Request.Headers, ref externalDirectoryObjectId))
{
requestContext.Logger.SafeSet(3, "OAuthIdentity-ExternalDirectoryObjectId");
return(new ExternalDirectoryObjectIdAnchorMailbox(externalDirectoryObjectId, oauthIdentity.OrganizationId, requestContext));
}
if (oauthIdentity.ActAsUser != null)
{
requestContext.Logger.SafeSet(3, "OAuthIdentity-ActAsUser");
return(new OAuthActAsUserAnchorMailbox(oauthIdentity.ActAsUser, requestContext));
}
requestContext.Logger.SafeSet(3, "OAuthIdentity-AppOrganization");
return(new OrganizationAnchorMailbox(oauthIdentity.OrganizationId, requestContext));
}
else
{
GenericSidIdentity genericSidIdentity = identity as GenericSidIdentity;
if (genericSidIdentity != null)
{
requestContext.Logger.SafeSet(3, "GenericSidIdentity");
return(new SidAnchorMailbox(genericSidIdentity.Sid, requestContext)
{
PartitionId = genericSidIdentity.PartitionId,
SmtpOrLiveId = text
});
}
DelegatedPrincipal delegatedPrincipal = user as DelegatedPrincipal;
if (delegatedPrincipal != null && delegatedPrincipal.DelegatedOrganization != null && string.IsNullOrEmpty(text))
{
requestContext.Logger.SafeSet(3, "DelegatedPrincipal-DelegatedOrganization");
return(new DomainAnchorMailbox(delegatedPrincipal.DelegatedOrganization, requestContext));
}
WindowsIdentity windowsIdentity = identity as WindowsIdentity;
if (windowsIdentity != null)
{
if (string.IsNullOrEmpty(text))
{
requestContext.Logger.SafeSet(3, "WindowsIdentity");
}
else
{
requestContext.Logger.SafeSet(3, "WindowsIdentity-LiveIdMemberName");
}
return(new SidAnchorMailbox(windowsIdentity.User, requestContext)
{
SmtpOrLiveId = text
});
}
SecurityIdentifier securityIdentifier = null;
if (IIdentityExtensions.TryGetSecurityIdentifier(identity, ref securityIdentifier) && !securityIdentifier.Equals(AuthCommon.MemberNameNullSid))
{
if (string.IsNullOrEmpty(text))
{
requestContext.Logger.SafeSet(3, "SID");
}
else
{
requestContext.Logger.SafeSet(3, "SID-LiveIdMemberName");
}
return(new SidAnchorMailbox(securityIdentifier, requestContext)
{
SmtpOrLiveId = text
});
}
if (!HttpProxySettings.IdentityIndependentAuthBehaviorEnabled.Value && requestContext.AuthBehavior.AuthState != AuthState.FrontEndFullAuth)
{
AnchorMailbox anchorMailbox = requestContext.AuthBehavior.CreateAuthModuleSpecificAnchorMailbox(requestContext);
if (anchorMailbox != null)
{
return(anchorMailbox);
}
}
if (!string.IsNullOrEmpty(text) && SmtpAddress.IsValidSmtpAddress(text))
{
requestContext.Logger.SafeSet(3, "Smtp-LiveIdMemberName");
return(new SmtpAnchorMailbox(text, requestContext));
}
throw new InvalidOperationException(string.Format("Unknown idenity {0} with type {1}.", IIdentityExtensions.GetSafeName(identity, true), identity.ToString()));
}
}
// Token: 0x06000713 RID: 1811 RVA: 0x00029988 File Offset: 0x00027B88
protected override void AddProtocolSpecificHeadersToServerRequest(WebHeaderCollection headers)
{
headers["X-RpcHttpProxyLogonUserName"] = EncodingUtilities.EncodeToBase64(IIdentityExtensions.GetSafeName(base.HttpContext.User.Identity, true));
headers["X-RpcHttpProxyServerTarget"] = this.rpcServerTarget;
if (this.associationGuid != Guid.Empty)
{
headers["X-AssociationGuid"] = this.associationGuid.ToString();
}
DatabaseBasedAnchorMailbox databaseBasedAnchorMailbox = base.AnchoredRoutingTarget.AnchorMailbox as DatabaseBasedAnchorMailbox;
if (databaseBasedAnchorMailbox != null)
{
ADObjectId database = databaseBasedAnchorMailbox.GetDatabase();
if (database != null)
{
headers["X-DatabaseGuid"] = database.ObjectGuid.ToString();
}
}
base.AddProtocolSpecificHeadersToServerRequest(headers);
}
// Token: 0x060006EE RID: 1774 RVA: 0x00028810 File Offset: 0x00026A10
protected override void AddProtocolSpecificHeadersToServerRequest(WebHeaderCollection headers)
{
if (base.ClientRequest.IsAuthenticated && base.ProxyToDownLevel)
{
IIdentity callerIdentity = this.GetCallerIdentity();
WindowsIdentity windowsIdentity = callerIdentity as WindowsIdentity;
GenericSidIdentity genericSidIdentity = callerIdentity as GenericSidIdentity;
IPrincipal user = base.HttpContext.User;
if (windowsIdentity != null)
{
string text;
if (HttpContextItemParser.TryGetLiveIdMemberName(base.HttpContext.Items, ref text))
{
headers["X-RemotePS-GenericIdentity"] = windowsIdentity.User.ToString();
}
else
{
headers["X-RemotePS-WindowsIdentity"] = this.GetSerializedAccessTokenString();
}
}
else if (genericSidIdentity != null)
{
headers["X-RemotePS-GenericIdentity"] = genericSidIdentity.Sid.ToString();
}
else
{
headers["X-RemotePS-GenericIdentity"] = IIdentityExtensions.GetSafeName(base.HttpContext.User.Identity, true);
}
}
if (this.isSyndicatedAdminManageDownLevelTarget)
{
headers["msExchCafeForceRouteToLogonAccount"] = "1";
}
if (LoggerHelper.IsProbePingRequest(base.ClientRequest))
{
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(base.Logger, 21, "ProbePingBackend");
}
else if (WinRMHelper.WinRMParserEnabled.Value)
{
try
{
this.winRMInfo = base.ParseClientRequest <WinRMInfo>(new Func <Stream, WinRMInfo>(this.ParseWinRMInfo), 10000);
}
catch (InvalidOperationException ex)
{
if (ExTraceGlobals.ExceptionTracer.IsTraceEnabled(3))
{
ExTraceGlobals.ExceptionTracer.TraceError <InvalidOperationException>((long)this.GetHashCode(), "[RemotePowerShellProxyRequestHandler::AddProtocolSpecificHeadersToServerRequest] ParseClientRequest throws exception {0}", ex);
}
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericError(base.Logger, "ParseClientRequestException", ex.ToString());
}
if (this.winRMInfo != null)
{
WinRMInfo.StampToHttpHeaders(this.winRMInfo, headers);
}
}
DatabaseBasedAnchorMailbox databaseBasedAnchorMailbox = base.AnchoredRoutingTarget.AnchorMailbox as DatabaseBasedAnchorMailbox;
if (databaseBasedAnchorMailbox != null)
{
ADObjectId database = databaseBasedAnchorMailbox.GetDatabase();
if (database != null)
{
headers["X-DatabaseGuid"] = database.ObjectGuid.ToString();
}
}
if (!base.ShouldRetryOnError)
{
headers["X-Cafe-Last-Retry"] = "Y";
}
base.AddProtocolSpecificHeadersToServerRequest(headers);
}
// Token: 0x060005FB RID: 1531 RVA: 0x00021BD8 File Offset: 0x0001FDD8
private void OnEndRequest(object sender, EventArgs e)
{
HttpApplication httpApplication = (HttpApplication)sender;
HttpContext httpContext = httpApplication.Context;
CheckpointTracker.GetOrCreate(httpContext.Items).Add(FrontEndHttpProxyCheckpoints.ProxyModuleEndRequest);
Diagnostics.SendWatsonReportOnUnhandledException(delegate()
{
if (!HostHeaderValidator.HasValidHostHeaderStatusDescription(new HttpContextWrapper(httpContext).Response) || httpContext.Items["AutodiscoverRedirectModule"] != null)
{
return;
}
LatencyTracker latencyTracker = LatencyTracker.FromHttpContext(httpContext);
RequestDetailsLogger current = RequestDetailsLoggerBase <RequestDetailsLogger> .GetCurrent(httpContext);
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(RequestDetailsLoggerBase <RequestDetailsLogger> .GetCurrent(httpContext), GuardedSharedCacheExecution.Default.Key, GuardedSharedCacheExecution.Default.Guard.GetCurrentValue());
int traceContext = httpContext.GetTraceContext();
if (httpContext.Response != null && current != null)
{
httpContext.Response.AppendToLog(Constants.RequestIdKeyForIISLogs + current.ActivityId.ToString() + ";");
}
if (HealthCheckResponder.Instance.IsHealthCheckRequest(httpContext))
{
return;
}
if (httpContext.Response.StatusCode == 404 && httpContext.Response.SubStatusCode == 13)
{
httpContext.Response.StatusCode = 507;
}
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[ProxyModule::OnEndRequest]: Method {0}; Url {1}; Username {2}; Context {3};", new object[]
{
httpContext.Request.HttpMethod,
httpContext.Request.Url,
(httpContext.User == null) ? string.Empty : IIdentityExtensions.GetSafeName(httpContext.User.Identity, true),
traceContext
});
}
if (latencyTracker != null)
{
long currentLatency = latencyTracker.GetCurrentLatency(LatencyTrackerKey.HandlerToModuleSwitchingLatency);
if (currentLatency >= 0L)
{
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(current, 5, currentLatency);
}
}
ProxyRequestHandler proxyRequestHandler = httpContext.CurrentHandler as ProxyRequestHandler;
if (proxyRequestHandler != null && !proxyRequestHandler.IsDisposed)
{
current.AppendGenericInfo("DisposeProxyRequestHandler", "ProxyModule::OnEndRequest");
proxyRequestHandler.Dispose();
}
ProxyModule.InspectNativeProxyFatalError(httpContext.Response, current);
string text = httpContext.Items["AnonymousRequestFilterModule"] as string;
if (!string.IsNullOrEmpty(text))
{
current.AppendGenericInfo("AnonymousRequestFilterModule", text);
}
try
{
this.OnEndRequestInternal(httpApplication);
}
finally
{
if (current != null && !current.IsDisposed)
{
IActivityScope activityScope = current.ActivityScope;
if (activityScope != null)
{
if (!string.IsNullOrEmpty(activityScope.TenantId))
{
httpContext.Items["AuthenticatedUserOrganization"] = activityScope.TenantId;
}
ProxyModule.FinalizeRequestLatencies(httpContext, current, activityScope, latencyTracker, traceContext);
}
current.LogCurrentTime("EndRequest");
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(current, 0, DateTime.UtcNow);
current.AsyncCommit(false, NativeProxyHelper.WasProxiedByNativeProxyHandler(SharedHttpContextWrapper.GetWrapper(httpContext)));
}
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug(0L, "[ProxyModule::OnEndRequest]: Method {0}; Url {1}; OnEndRequestLatency {2}; Context {3};", new object[]
{
httpContext.Request.HttpMethod,
httpContext.Request.Url,
(latencyTracker != null) ? latencyTracker.GetCurrentLatency(LatencyTrackerKey.ProxyModuleLatency).ToString() : "Unknown",
traceContext
});
}
}
}, new Diagnostics.LastChanceExceptionHandler(RequestDetailsLogger.LastChanceExceptionHandler));
}
// Token: 0x060002B4 RID: 692 RVA: 0x0000D774 File Offset: 0x0000B974
public static void CheckLiveIdBasicPartialAuthResult(HttpContext httpContext)
{
if (httpContext == null)
{
throw new ArgumentNullException("httpContext");
}
IPrincipal user = httpContext.User;
if (user != null && user.Identity != null && user.GetType().Equals(typeof(GenericPrincipal)) && user.Identity.GetType().Equals(typeof(GenericIdentity)) && string.Equals(user.Identity.AuthenticationType, "LiveIdBasic", StringComparison.OrdinalIgnoreCase))
{
throw new HttpException(403, string.Format("Unable to resolve identity: {0}", IIdentityExtensions.GetSafeName(user.Identity, true)));
}
}
