private static bool IsRequestWithCanary(HttpRequest request, OwaRequestType requestType, bool isAuthenticated)
{
if (!isAuthenticated)
{
return(false);
}
if (requestType != OwaRequestType.EsoRequest)
{
switch (requestType)
{
case OwaRequestType.ProxyPing:
case OwaRequestType.KeepAlive:
case OwaRequestType.Resource:
case OwaRequestType.PublishedCalendarView:
case OwaRequestType.ICalHttpHandler:
case OwaRequestType.HealthPing:
case OwaRequestType.SpeechReco:
return(false);
}
if (string.Compare(request.Path, OwaUrl.Default14Page.ImplicitUrl, true, CultureInfo.InvariantCulture) == 0)
{
return(false);
}
if (string.CompareOrdinal(request.HttpMethod, "POST") == 0)
{
return(string.Compare(request.Path, OwaUrl.SessionDataPage.ImplicitUrl, true, CultureInfo.InvariantCulture) != 0 && string.Compare(request.Path, OwaUrl.PreloadSessionDataPage.ImplicitUrl, true, CultureInfo.InvariantCulture) != 0 && string.Compare(request.Path, OwaUrl.PLT1Page.ImplicitUrl, true, CultureInfo.InvariantCulture) != 0 && !UrlUtilities.IsRemoteNotificationRequest(request));
}
return(string.CompareOrdinal(request.HttpMethod, "GET") != 0 || requestType == OwaRequestType.Oeh || (requestType == OwaRequestType.ServiceRequest && OwaRequestHandler.IsGetRequestWithCanary(request)));
}
return(false);
}
private static void SetTimeoutForRequest(HttpContext httpContext, OwaRequestType requestType)
{
if (requestType == OwaRequestType.ServiceRequest && (httpContext.Request.QueryString["action"] == "CreateAttachment" || httpContext.Request.QueryString["action"] == "CreateAttachmentFromLocalFile" || httpContext.Request.Path.EndsWith("CreateAttachmentFromForm")))
{
httpContext.Server.ScriptTimeout = RequestDispatcher.AttachmentTimeout;
ExTraceGlobals.CoreCallTracer.TraceDebug <int>(0L, "[RequestDispatcher::SetTimeoutForRequest] Request timeout is going to be {0}.", httpContext.Server.ScriptTimeout);
}
}
// Token: 0x06000FDF RID: 4063 RVA: 0x00063078 File Offset: 0x00061278
private bool ShouldInterceptRequest(HttpContext httpContext, bool avoidUserContextAccess = false)
{
if (Globals.OwaVDirType == OWAVDirType.Calendar)
{
return(true);
}
if (RequestDispatcherUtilities.IsPremiumRequest(httpContext.Request))
{
return(false);
}
OwaRequestType requestType = Utilities.GetRequestType(httpContext.Request);
return(requestType == OwaRequestType.LanguagePage || requestType == OwaRequestType.Attachment || requestType == OwaRequestType.WebReadyRequest || RequestDispatcherUtilities.IsDownLevelClient(httpContext, avoidUserContextAccess));
}
private static void InternalOnPostAuthorizeRequest(object sender)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] entry.");
RequestDetailsLogger getRequestDetailsLogger = OwaApplication.GetRequestDetailsLogger;
SubActivityScopeLogger subActivityScopeLogger = SubActivityScopeLogger.Create(getRequestDetailsLogger, OwaServerLogger.LoggerData.OnPostAuthorizeRequestLatencyDetails);
HttpApplication httpApplication = (HttpApplication)sender;
HttpContext context = httpApplication.Context;
if (!context.Request.IsAuthenticated && (context.Request.Url.LocalPath.EndsWith("service.svc", StringComparison.OrdinalIgnoreCase) || context.Request.Url.LocalPath.EndsWith("Speech.reco", StringComparison.OrdinalIgnoreCase)))
{
ExTraceGlobals.CoreCallTracer.TraceDebug <string>(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] unauthorized request. Request URL={0}.", context.Request.Url.OriginalString);
context.Response.StatusCode = 401;
httpApplication.CompleteRequest();
return;
}
RequestContext requestContext = RequestContext.Get(httpApplication.Context);
subActivityScopeLogger.LogNext("a");
RequestDispatcher.DispatchRequest(requestContext);
subActivityScopeLogger.LogNext("b");
OwaRequestType requestType = requestContext.RequestType;
RequestDispatcherUtilities.SetXFrameOptionsHeader(RequestContext.Current, requestType);
subActivityScopeLogger.LogNext("c");
if (context.User != null && context.User.Identity != null)
{
if (context.User.Identity is ClientSecurityContextIdentity)
{
IMailboxContext mailboxContext = UserContextManager.GetMailboxContext(context, null, false);
subActivityScopeLogger.LogNext("d");
if (OwaRequestHandler.IsProxyLogonRequest(requestType))
{
ExTraceGlobals.CoreCallTracer.TraceDebug <OwaRequestType>(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] proxy logon request. RequestType={0}", requestType);
return;
}
RequestDetailsLogger.LogEvent(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryValidationBegin);
bool flag = OwaRequestHandler.IsRequestWithCanary(context.Request, requestType, context.Request.IsAuthenticated);
bool flag2 = OwaRequestHandler.IsAfterLogonRequest(context.Request);
string originalIdentitySid = OwaRequestHandler.GetOriginalIdentitySid(context);
CanaryLogEvent.CanaryStatus canaryStatus = CanaryLogEvent.CanaryStatus.None;
bool flag3 = !flag || flag2;
if (!flag3)
{
Canary15Cookie.CanaryValidationResult canaryValidationResult;
flag3 = Canary15Cookie.ValidateCanaryInHeaders(context, originalIdentitySid, Canary15Profile.Owa, out canaryValidationResult);
canaryStatus |= (CanaryLogEvent.CanaryStatus)canaryValidationResult;
}
OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag, CanaryLogEvent.CanaryStatus.IsCanaryNeeded);
OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag3, CanaryLogEvent.CanaryStatus.IsCanaryValid);
OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag2, CanaryLogEvent.CanaryStatus.IsCanaryAfterLogonRequest);
Canary15Cookie canary15Cookie = Canary15Cookie.TryCreateFromHttpContext(context, originalIdentitySid, Canary15Profile.Owa);
OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, canary15Cookie.IsAboutToExpire, CanaryLogEvent.CanaryStatus.IsCanaryAboutToExpire);
OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, canary15Cookie.IsRenewed, CanaryLogEvent.CanaryStatus.IsCanaryRenewed);
subActivityScopeLogger.LogNext("e");
bool flag4 = flag || canary15Cookie.IsAboutToExpire;
if (flag4)
{
canary15Cookie = new Canary15Cookie(originalIdentitySid, Canary15Profile.Owa);
}
if (canary15Cookie.IsRenewed || flag4)
{
context.Response.SetCookie(canary15Cookie.HttpCookie);
CanaryLogEvent logEvent = new CanaryLogEvent(context, mailboxContext, canaryStatus, canary15Cookie.CreationTime, canary15Cookie.LogData);
OwaServerLogger.AppendToLog(logEvent);
subActivityScopeLogger.LogNext("f");
}
if (flag3)
{
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryCreationTime, canary15Cookie.CreationTime);
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryLogData, canary15Cookie.LogData);
subActivityScopeLogger.LogNext("g");
}
else
{
if (RequestDispatcherUtilities.IsDownLevelClient(context, false))
{
throw new OwaCanaryException(Canary15Profile.Owa.Name, canary15Cookie.Value);
}
context.Response.StatusCode = 449;
context.Response.End();
}
RequestDetailsLoggerBase <RequestDetailsLogger> requestDetailsLogger = getRequestDetailsLogger;
Enum key = OwaServerLogger.LoggerData.CanaryStatus;
int num = (int)canaryStatus;
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(requestDetailsLogger, key, num.ToString("X"));
RequestDetailsLogger.LogEvent(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryValidationEnd);
subActivityScopeLogger.LogEnd();
return;
}
}
else
{
ExTraceGlobals.CoreCallTracer.TraceError(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] httpContext.User or httpContext.User.Identity is <NULL>.");
}
}
private static bool IsProxyLogonRequest(OwaRequestType requestType)
{
return(requestType == OwaRequestType.ProxyLogon || requestType == OwaRequestType.ProxyPing);
}
private static DispatchStepResult InternalDispatchRequest(RequestContext requestContext)
{
HttpRequest request = requestContext.HttpContext.Request;
requestContext.RequestType = RequestDispatcherUtilities.GetRequestType(request);
ExTraceGlobals.CoreCallTracer.TraceDebug <OwaRequestType>(0L, "[RequestDispatcher::InternalDispatchRequest] Processing requestType={0}.", requestContext.RequestType);
OwaRequestType requestType = requestContext.RequestType;
if (requestType <= OwaRequestType.LanguagePage)
{
switch (requestType)
{
case OwaRequestType.Invalid:
requestContext.HttpStatusCode = HttpStatusCode.BadRequest;
return(DispatchStepResult.EndResponse);
case OwaRequestType.Authorize:
break;
case OwaRequestType.Logoff:
case OwaRequestType.Aspx:
goto IL_C2;
case OwaRequestType.EsoRequest:
return(DispatchStepResult.Stop);
default:
switch (requestType)
{
case OwaRequestType.ProxyPing:
RequestDispatcherUtilities.RespondProxyPing(requestContext);
return(DispatchStepResult.EndResponse);
case OwaRequestType.LanguagePage:
break;
default:
goto IL_C2;
}
break;
}
requestContext.HttpContext.Response.AppendHeader("X-OWA-Version", Globals.ApplicationVersion);
return(DispatchStepResult.Stop);
}
if (requestType == OwaRequestType.Resource)
{
return(DispatchStepResult.Stop);
}
switch (requestType)
{
case OwaRequestType.WopiRequest:
return(DispatchStepResult.Stop);
case OwaRequestType.RemoteNotificationRequest:
return(DispatchStepResult.Stop);
case OwaRequestType.GroupSubscriptionRequest:
return(DispatchStepResult.Stop);
}
IL_C2:
if (!requestContext.HttpContext.Request.IsAuthenticated)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::InternalDispatchRequest] Request not authenticated. returning.");
requestContext.HttpStatusCode = HttpStatusCode.Unauthorized;
return(DispatchStepResult.EndResponse);
}
DispatchStepResult dispatchStepResult = RequestDispatcher.DispatchIfLogoffRequest(requestContext);
if (dispatchStepResult != DispatchStepResult.Continue)
{
ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] DispatchIfLogoffRequest returned {0}. returning.", dispatchStepResult);
return(dispatchStepResult);
}
dispatchStepResult = RequestDispatcher.DispatchIfLastPendingGet(requestContext);
if (dispatchStepResult != DispatchStepResult.Continue)
{
ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] DispatchIfLastPendingGet returned {0}. returning.", dispatchStepResult);
return(dispatchStepResult);
}
dispatchStepResult = RequestDispatcher.DispatchIfGetUserPhotoRequest(requestContext);
if (dispatchStepResult != DispatchStepResult.Continue)
{
ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] DispatchIfGetUserPhotoRequest returned {0}. returning.", dispatchStepResult);
return(dispatchStepResult);
}
requestContext.UserContext = UserContextManager.GetMailboxContext(requestContext.HttpContext, null, true);
if (!requestContext.UserContext.ExchangePrincipal.MailboxInfo.Configuration.IsOwaEnabled && !OfflineClientRequestUtilities.IsRequestFromMOWAClient(requestContext.HttpContext.Request, requestContext.HttpContext.Request.UserAgent))
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::InternalDispatchRequest] OWA Disabled: redirecting to error page.");
throw new AccountDisabledException(new LocalizedString(Strings.GetLocalizedString(531497785)));
}
if (RequestDispatcher.ShouldBlockConnection(requestContext.HttpContext, requestContext.UserContext.LogonIdentity))
{
ExTraceGlobals.CoreCallTracer.TraceWarning <string>(0L, "[RequestDispatcher::InternalOnPostAuthorizeRequest] blocked by Client Access Rules. Request URL={0}.", requestContext.HttpContext.Request.Url.OriginalString);
if (requestContext.UserContext.LogonIdentity.UserOrganizationId != null && !OrganizationId.ForestWideOrgId.Equals(requestContext.UserContext.LogonIdentity.UserOrganizationId))
{
requestContext.DestinationUrl = OwaUrl.LogoffPageBlockedByClientAccessRules.GetExplicitUrl(requestContext.HttpContext.Request);
}
else
{
requestContext.DestinationUrl = OwaUrl.LogoffBlockedByClientAccessRules.GetExplicitUrl(requestContext.HttpContext.Request);
}
return(DispatchStepResult.RedirectToUrl);
}
dispatchStepResult = RequestDispatcher.ValidateExplicitLogonPermissions(requestContext);
if (dispatchStepResult != DispatchStepResult.Continue)
{
ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] ValidateExplicitLogonPermissions returned {0}. returning.", dispatchStepResult);
return(dispatchStepResult);
}
dispatchStepResult = RequestDispatcher.DispatchIfLanguagePost(requestContext);
if (dispatchStepResult != DispatchStepResult.Continue)
{
ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] DispatchIfLanguagePost returned {0}. returning.", dispatchStepResult);
return(dispatchStepResult);
}
if (requestContext.UserContext is UserContext)
{
dispatchStepResult = RequestDispatcher.ValidateAndSetThreadCulture(requestContext);
if (dispatchStepResult != DispatchStepResult.Continue)
{
ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] ValidateAndSetThreadCulture returned {0}. returning.", dispatchStepResult);
return(dispatchStepResult);
}
}
Uri originalRequestUrlFromContext = UrlUtilities.GetOriginalRequestUrlFromContext(requestContext.HttpContext);
dispatchStepResult = RequestDispatcher.SendAppCacheRedirect(requestContext, originalRequestUrlFromContext);
if (dispatchStepResult != DispatchStepResult.Continue)
{
ExTraceGlobals.CoreCallTracer.TraceDebug <DispatchStepResult>(0L, "[RequestDispatcher::InternalDispatchRequest] SendAppCacheRedirect returned {0}. returning.", dispatchStepResult);
return(dispatchStepResult);
}
requestContext.HttpContext.Response.AppendHeader("X-OWA-Version", Globals.ApplicationVersion);
requestContext.HttpContext.Response.AppendHeader("X-OWA-OWSVersion", ExchangeVersion.Latest.Version.ToString());
requestContext.HttpContext.Response.AppendHeader("X-OWA-MinimumSupportedOWSVersion", ExchangeVersionType.V2_6.ToString());
RequestDispatcher.SetTimeoutForRequest(requestContext.HttpContext, requestContext.RequestType);
RequestDispatcher.CheckAndAddHostNameChangedCookie(requestContext, request);
return(RequestDispatcher.DoFinalDispatch(requestContext));
}
internal static void SetXFrameOptionsHeader(RequestContext requestContext, OwaRequestType requestType)
{
if (requestContext == null)
{
return;
}
HttpContext httpContext = requestContext.HttpContext;
if (httpContext == null || !httpContext.Request.HttpMethod.Equals("GET") || (httpContext.Request.UserAgent != null && httpContext.Request.UserAgent.Contains("MSAppHost")))
{
return;
}
switch (requestType)
{
case OwaRequestType.EsoRequest:
case OwaRequestType.Oeh:
case OwaRequestType.ProxyPing:
case OwaRequestType.KeepAlive:
case OwaRequestType.Resource:
case OwaRequestType.PublishedCalendarView:
case OwaRequestType.ICalHttpHandler:
case OwaRequestType.HealthPing:
case OwaRequestType.SpeechReco:
break;
case OwaRequestType.Form15:
case OwaRequestType.ProxyLogon:
case OwaRequestType.LanguagePage:
case OwaRequestType.LanguagePost:
case OwaRequestType.Attachment:
case OwaRequestType.WebPart:
case OwaRequestType.ServiceRequest:
goto IL_9D;
default:
if (requestType != OwaRequestType.SuiteServiceProxyPage)
{
goto IL_9D;
}
break;
}
return;
IL_9D:
string value = "SAMEORIGIN";
if (RequestDispatcherUtilities.IsCmdWebPart(httpContext.Request))
{
UserContext userContext = (requestContext.UserContext ?? UserContextManager.GetMailboxContext(httpContext, null, true)) as UserContext;
if (userContext != null)
{
ConfigurationContext configurationContext = new ConfigurationContext(userContext);
if (configurationContext != null)
{
switch ((int)configurationContext.GetFeaturesEnabled(Feature.WebPartsDefaultOrigin | Feature.WebPartsEnableOrigins))
{
case 0:
case 1:
value = "DENY";
break;
case 2:
value = null;
break;
}
}
}
}
if (!string.IsNullOrEmpty(value))
{
httpContext.Response.Headers.Set("X-Frame-Options", value);
}
}
