internal static CommonAccessToken CommonAccessTokenForCmdletProxy(this UserToken userToken, int targetVersion) { CommonAccessToken commonAccessToken = userToken.CommonAccessToken; if (commonAccessToken != null) { if (userToken.AuthenticationType == AuthenticationType.OAuth && targetVersion < Server.E15MinVersion) { OAuthIdentity oauthIdentity = OAuthIdentitySerializer.ConvertFromCommonAccessToken(commonAccessToken); SidOAuthIdentity sidIdentity = SidOAuthIdentity.Create(oauthIdentity); CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Create(sidIdentity); commonAccessToken = certificateSidTokenAccessor.GetToken(); } } else { commonAccessToken = new CommonAccessToken(AccessTokenType.CertificateSid); ExAssert.RetailAssert(userToken.UserSid != null, "UserToken.UserSid is expected to NOT NULL when CommonAccessToken doesn't exist. UserToken = " + userToken); commonAccessToken.ExtensionData["UserSid"] = userToken.UserSid.ToString(); if (userToken.PartitionId != null) { commonAccessToken.ExtensionData["Partition"] = userToken.PartitionId.ToString(); } } commonAccessToken.IsCompressed = true; return(commonAccessToken); }
public static KeyValuePair <string, string>?GetOAuthUserConstraint(IIdentity logonUser) { SidOAuthIdentity sidOAuthIdentity = (logonUser as SidOAuthIdentity) ?? (HttpContext.Current.Items["LogonUserIdentity"] as SidOAuthIdentity); OAuthIdentity oauthIdentity = (sidOAuthIdentity != null) ? sidOAuthIdentity.OAuthIdentity : (logonUser as OAuthIdentity); if (oauthIdentity != null) { string value = null; if (oauthIdentity.OAuthApplication == null || oauthIdentity.OAuthApplication.PartnerApplication == null || !OAuthHelper.parterIdToNameMap.TryGetValue(oauthIdentity.OAuthApplication.PartnerApplication.ApplicationIdentifier, out value)) { value = "OAuthACS.UnknownPartner"; } return(new KeyValuePair <string, string>?(new KeyValuePair <string, string>("AuthMethod", value))); } return(null); }
// Token: 0x060000C2 RID: 194 RVA: 0x00005A6C File Offset: 0x00003C6C private OrganizationId GetOrganization(CommonAccessToken commonAccessToken, IIdentity identity, AccessTokenType accessTokenType) { if (commonAccessToken != null && commonAccessToken.ExtensionData.ContainsKey("OrganizationIdBase64")) { string text = commonAccessToken.ExtensionData["OrganizationIdBase64"]; if (!string.IsNullOrEmpty(text)) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From CAT."); return(CommonAccessTokenAccessor.DeserializeOrganizationId(text)); } } if (identity is LiveIDIdentity) { LiveIDIdentity liveIDIdentity = (LiveIDIdentity)identity; if (liveIDIdentity.UserOrganizationId != null) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From LiveIdIdentity."); return(liveIDIdentity.UserOrganizationId); } } if (identity is SidOAuthIdentity) { SidOAuthIdentity sidOAuthIdentity = (SidOAuthIdentity)identity; if (sidOAuthIdentity.OAuthIdentity != null && !sidOAuthIdentity.OAuthIdentity.IsAppOnly) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From SidOAuthIdentity."); return(sidOAuthIdentity.OAuthIdentity.OrganizationId); } } if (commonAccessToken != null) { if (accessTokenType == AccessTokenType.CertificateSid) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Certificate - First Org."); return(OrganizationId.ForestWideOrgId); } if (accessTokenType == AccessTokenType.Windows && commonAccessToken.WindowsAccessToken != null) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Kerberos - First Org."); return(OrganizationId.ForestWideOrgId); } } ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Org=Null."); return(null); }
// Token: 0x060000C3 RID: 195 RVA: 0x00005BA8 File Offset: 0x00003DA8 private string GetManagedOrganization(IIdentity identity) { SidOAuthIdentity sidOAuthIdentity = identity as SidOAuthIdentity; if (sidOAuthIdentity != null) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetManagedOrganization] From SidOAuthIdentity."); return(sidOAuthIdentity.ManagedTenantName); } DelegatedPrincipal delegatedPrincipal = HttpContext.Current.User as DelegatedPrincipal; if (delegatedPrincipal != null) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetManagedOrganization] From DelegatedPrincipal."); return(delegatedPrincipal.DelegatedOrganization); } ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetManagedOrganization] ManagedOrg=Null."); return(null); }
internal static UserToken CreateDefaultUserTokenInERC(IIdentity identity, DelegatedPrincipal delegatedPrincipal, bool impersonated) { if (!impersonated && delegatedPrincipal != null) { CommonAccessToken commonAccessToken = new CommonAccessToken(AccessTokenType.RemotePowerShellDelegated); commonAccessToken.ExtensionData["DelegatedData"] = delegatedPrincipal.Identity.Name; return(new UserToken(AuthenticationType.RemotePowerShellDelegated, delegatedPrincipal, null, delegatedPrincipal.Identity.Name, null, null, null, delegatedPrincipal.DelegatedOrganization, false, commonAccessToken)); } SidOAuthIdentity sidOAuthIdentity = identity as SidOAuthIdentity; if (sidOAuthIdentity != null) { PartitionId partitionId; PartitionId.TryParse(sidOAuthIdentity.PartitionId, out partitionId); return(new UserToken(AuthenticationType.OAuth, null, null, sidOAuthIdentity.Name, sidOAuthIdentity.Sid, partitionId, sidOAuthIdentity.OAuthIdentity.OrganizationId, sidOAuthIdentity.ManagedTenantName, false, sidOAuthIdentity.OAuthIdentity.ToCommonAccessTokenVersion1())); } WindowsIdentity windowsIdentity = identity as WindowsIdentity; if (windowsIdentity != null) { return(new UserToken(AuthenticationType.Kerberos, null, null, windowsIdentity.Name, windowsIdentity.User, null, null, null, false, new CommonAccessToken(windowsIdentity))); } WindowsTokenIdentity windowsTokenIdentity = identity as WindowsTokenIdentity; if (windowsTokenIdentity != null && windowsTokenIdentity.AccessToken != null && windowsTokenIdentity.AccessToken.CommonAccessToken != null) { PartitionId partitionId2; PartitionId.TryParse(windowsTokenIdentity.PartitionId, out partitionId2); return(new UserToken(AuthenticationType.Kerberos, null, null, windowsTokenIdentity.Name, windowsTokenIdentity.Sid, partitionId2, null, null, false, windowsTokenIdentity.AccessToken.CommonAccessToken)); } CommonAccessToken commonAccessToken2 = new CommonAccessToken(AccessTokenType.CertificateSid); SecurityIdentifier securityIdentifier = identity.GetSecurityIdentifier(); commonAccessToken2.ExtensionData["UserSid"] = securityIdentifier.ToString(); GenericSidIdentity genericSidIdentity = identity as GenericSidIdentity; if (genericSidIdentity != null) { commonAccessToken2.ExtensionData["Partition"] = genericSidIdentity.PartitionId; } return(new UserToken(AuthenticationType.Certificate, null, null, identity.Name, securityIdentifier, null, null, null, false, commonAccessToken2)); }
private string GetTenant(IIdentity identity, HttpRequest httpRequest) { if (identity == null) { return(null); } SidOAuthIdentity sidOAuthIdentity = identity as SidOAuthIdentity; string result; if (sidOAuthIdentity != null) { ExTraceGlobals.ReportingWebServiceTracer.TraceDebug(0, 0L, "[RbacPrincipalManager::GetTenant] Return SidOAuthIdentity.ManagedTenantName."); result = sidOAuthIdentity.ManagedTenantName; } else { ExTraceGlobals.ReportingWebServiceTracer.TraceDebug(0, 0L, "[RbacPrincipalManager::GetTenant] Not SidOAuthIdentity."); result = this.GetTenantDomain(httpRequest); } return(result); }