Example #1
0
        public RbacSettings(HttpContext context)
        {
            ExTraceGlobals.RBACTracer.TraceInformation <string>(0, 0L, "Extracting RBAC settings from {0}.", context.GetRequestUrlForLog());
            Guid vdirId = Guid.Empty;

            Guid.TryParse(HttpContext.Current.Request.Headers["X-vDirObjectId"], out vdirId);
            this.ecpService = new Lazy <EcpService>(delegate()
            {
                if (vdirId == Guid.Empty)
                {
                    return(null);
                }
                ServiceTopology currentServiceTopology = ServiceTopology.GetCurrentServiceTopology("f:\\15.00.1497\\sources\\dev\\admin\\src\\ecp\\RBAC\\RbacSettings.cs", ".ctor", 707);
                return(currentServiceTopology.FindAnyCafeService <EcpService>((EcpService service) => service.ADObjectId.ObjectGuid == vdirId, "f:\\15.00.1497\\sources\\dev\\admin\\src\\ecp\\RBAC\\RbacSettings.cs", ".ctor", 708));
            });
            this.LogonUserIdentity = context.User.Identity;
            this.OriginalUser      = context.User;
            this.IsProxyLogon      = context.Request.FilePath.EndsWith("/proxyLogon.ecp", StringComparison.OrdinalIgnoreCase);
            bool flag = context.IsAcsOAuthRequest();

            if (this.IsProxyLogon)
            {
                this.ProxySecurityAccessToken = new SerializedAccessToken(context.Request.InputStream);
            }
            else
            {
                this.ProxySecurityAccessToken = null;
            }
            string logonAccountSddlSid = context.Request.Headers["msExchLogonAccount"];
            string text = context.Request.Headers["msExchLogonMailbox"];
            string targetMailboxSddlSid = context.Request.Headers["msExchTargetMailbox"];
            Server inboundProxyCaller   = RbacSettings.GetInboundProxyCaller(text, this.LogonUserIdentity as WindowsIdentity);

            if (inboundProxyCaller != null)
            {
                this.IsInboundProxyRequest  = true;
                this.InboundProxyCallerName = inboundProxyCaller.Name;
                EcpLogonInformation identity = EcpLogonInformation.Create(logonAccountSddlSid, text, targetMailboxSddlSid, this.ProxySecurityAccessToken);
                this.EcpIdentity = new EcpIdentity(identity, "-ProxySession");
            }
            else
            {
                this.IsInboundProxyRequest  = false;
                this.InboundProxyCallerName = string.Empty;
                string explicitUser = context.GetExplicitUser();
                string targetTenant = context.GetTargetTenant();
                string text2        = string.IsNullOrEmpty(targetTenant) ? "-RbacSession" : ("-RbacSession-@" + targetTenant);
                if (flag)
                {
                    text2 += "-OAuthACS";
                }
                if (!string.IsNullOrEmpty(explicitUser))
                {
                    this.EcpIdentity = new EcpIdentity(context.User, explicitUser, text2);
                }
                else
                {
                    this.EcpIdentity = new EcpIdentity(this.LogonUserIdentity, text2);
                }
            }
            this.UserUniqueKeyForCanary = this.GetUserUniqueKey();
            this.IsExplicitSignOn       = this.EcpIdentity.IsExplicitSignon;
            bool flag2 = null == context.Request.Cookies[RbacModule.SessionStateCookieName];

            if (flag2 && !flag)
            {
                context.Response.Cookies.Add(new HttpCookie(RbacModule.SessionStateCookieName, Guid.NewGuid().ToString())
                {
                    HttpOnly = true
                });
                this.CacheKey = this.GetCacheKey();
                this.ExpireSession();
            }
            else
            {
                this.CacheKey = this.GetCacheKey();
            }
            ExTraceGlobals.RBACTracer.TraceInformation(0, 0L, "RBAC Settings for {0}: UserName: {1}, IsNewBrowserWindow={2}, IsInboundProxyRequest={3}, InboundProxyCallerName={4}, HasCachedSession={5}", new object[]
            {
                context.GetRequestUrlForLog(),
                this.UserName,
                flag2,
                this.IsInboundProxyRequest,
                this.InboundProxyCallerName,
                this.CachedSession != null
            });
        }