public static void CheckCanary15(this HttpContext context, bool shouldRenew, string canaryName = null) { if (context.Request.IsAuthenticated && !context.IsLogoffRequest()) { canaryName = (canaryName ?? context.GetCanaryName()); string ecpVDirForCanary = EcpUrl.GetEcpVDirForCanary(); string cachedUserUniqueKey = context.GetCachedUserUniqueKey(); CanaryStatus canaryStatus = CanaryStatus.None; Canary15Profile profile = new Canary15Profile(canaryName, ecpVDirForCanary); bool flag = true; if (context.IsWebServiceRequest() || context.IsUploadRequest()) { Canary15Cookie.CanaryValidationResult canaryValidationResult; flag = Canary15Cookie.ValidateCanaryInHeaders(context, cachedUserUniqueKey, profile, out canaryValidationResult); canaryStatus |= (CanaryStatus)canaryValidationResult; canaryStatus |= CanaryStatus.IsCanaryNeeded; canaryStatus |= (flag ? CanaryStatus.IsCanaryValid : CanaryStatus.None); } Canary15Cookie canary15Cookie = null; if (shouldRenew) { canary15Cookie = Canary15Cookie.TryCreateFromHttpContext(context, cachedUserUniqueKey, profile); bool isAboutToExpire = canary15Cookie.IsAboutToExpire; canaryStatus |= (canary15Cookie.IsAboutToExpire ? CanaryStatus.IsCanaryAboutToExpire : CanaryStatus.None); if (isAboutToExpire) { canary15Cookie = new Canary15Cookie(cachedUserUniqueKey, profile); } canaryStatus |= (canary15Cookie.IsRenewed ? CanaryStatus.IsCanaryRenewed : CanaryStatus.None); if (canary15Cookie.IsRenewed) { context.Response.SetCookie(canary15Cookie.HttpCookie); } } ActivityContextLogger.Instance.LogEvent(new CanaryLogEvent("15.1", ActivityContext.ActivityId.FormatForLog(), canaryName, ecpVDirForCanary, cachedUserUniqueKey, canaryStatus, (canary15Cookie == null) ? DateTime.MinValue : canary15Cookie.CreationTime, (canary15Cookie == null) ? null : canary15Cookie.ToLoggerString())); if (!flag) { throw new FaultException(Strings.InvalidCanary); } } }
private static void InternalOnPostAuthorizeRequest(object sender) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] entry."); RequestDetailsLogger getRequestDetailsLogger = OwaApplication.GetRequestDetailsLogger; SubActivityScopeLogger subActivityScopeLogger = SubActivityScopeLogger.Create(getRequestDetailsLogger, OwaServerLogger.LoggerData.OnPostAuthorizeRequestLatencyDetails); HttpApplication httpApplication = (HttpApplication)sender; HttpContext context = httpApplication.Context; if (!context.Request.IsAuthenticated && (context.Request.Url.LocalPath.EndsWith("service.svc", StringComparison.OrdinalIgnoreCase) || context.Request.Url.LocalPath.EndsWith("Speech.reco", StringComparison.OrdinalIgnoreCase))) { ExTraceGlobals.CoreCallTracer.TraceDebug <string>(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] unauthorized request. Request URL={0}.", context.Request.Url.OriginalString); context.Response.StatusCode = 401; httpApplication.CompleteRequest(); return; } RequestContext requestContext = RequestContext.Get(httpApplication.Context); subActivityScopeLogger.LogNext("a"); RequestDispatcher.DispatchRequest(requestContext); subActivityScopeLogger.LogNext("b"); OwaRequestType requestType = requestContext.RequestType; RequestDispatcherUtilities.SetXFrameOptionsHeader(RequestContext.Current, requestType); subActivityScopeLogger.LogNext("c"); if (context.User != null && context.User.Identity != null) { if (context.User.Identity is ClientSecurityContextIdentity) { IMailboxContext mailboxContext = UserContextManager.GetMailboxContext(context, null, false); subActivityScopeLogger.LogNext("d"); if (OwaRequestHandler.IsProxyLogonRequest(requestType)) { ExTraceGlobals.CoreCallTracer.TraceDebug <OwaRequestType>(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] proxy logon request. RequestType={0}", requestType); return; } RequestDetailsLogger.LogEvent(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryValidationBegin); bool flag = OwaRequestHandler.IsRequestWithCanary(context.Request, requestType, context.Request.IsAuthenticated); bool flag2 = OwaRequestHandler.IsAfterLogonRequest(context.Request); string originalIdentitySid = OwaRequestHandler.GetOriginalIdentitySid(context); CanaryLogEvent.CanaryStatus canaryStatus = CanaryLogEvent.CanaryStatus.None; bool flag3 = !flag || flag2; if (!flag3) { Canary15Cookie.CanaryValidationResult canaryValidationResult; flag3 = Canary15Cookie.ValidateCanaryInHeaders(context, originalIdentitySid, Canary15Profile.Owa, out canaryValidationResult); canaryStatus |= (CanaryLogEvent.CanaryStatus)canaryValidationResult; } OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag, CanaryLogEvent.CanaryStatus.IsCanaryNeeded); OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag3, CanaryLogEvent.CanaryStatus.IsCanaryValid); OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, flag2, CanaryLogEvent.CanaryStatus.IsCanaryAfterLogonRequest); Canary15Cookie canary15Cookie = Canary15Cookie.TryCreateFromHttpContext(context, originalIdentitySid, Canary15Profile.Owa); OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, canary15Cookie.IsAboutToExpire, CanaryLogEvent.CanaryStatus.IsCanaryAboutToExpire); OwaRequestHandler.UpdateCanaryStatus(ref canaryStatus, canary15Cookie.IsRenewed, CanaryLogEvent.CanaryStatus.IsCanaryRenewed); subActivityScopeLogger.LogNext("e"); bool flag4 = flag || canary15Cookie.IsAboutToExpire; if (flag4) { canary15Cookie = new Canary15Cookie(originalIdentitySid, Canary15Profile.Owa); } if (canary15Cookie.IsRenewed || flag4) { context.Response.SetCookie(canary15Cookie.HttpCookie); CanaryLogEvent logEvent = new CanaryLogEvent(context, mailboxContext, canaryStatus, canary15Cookie.CreationTime, canary15Cookie.LogData); OwaServerLogger.AppendToLog(logEvent); subActivityScopeLogger.LogNext("f"); } if (flag3) { RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryCreationTime, canary15Cookie.CreationTime); RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryLogData, canary15Cookie.LogData); subActivityScopeLogger.LogNext("g"); } else { if (RequestDispatcherUtilities.IsDownLevelClient(context, false)) { throw new OwaCanaryException(Canary15Profile.Owa.Name, canary15Cookie.Value); } context.Response.StatusCode = 449; context.Response.End(); } RequestDetailsLoggerBase <RequestDetailsLogger> requestDetailsLogger = getRequestDetailsLogger; Enum key = OwaServerLogger.LoggerData.CanaryStatus; int num = (int)canaryStatus; RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(requestDetailsLogger, key, num.ToString("X")); RequestDetailsLogger.LogEvent(getRequestDetailsLogger, OwaServerLogger.LoggerData.CanaryValidationEnd); subActivityScopeLogger.LogEnd(); return; } } else { ExTraceGlobals.CoreCallTracer.TraceError(0L, "[OwaRequestHandler::InternalOnPostAuthorizeRequest] httpContext.User or httpContext.User.Identity is <NULL>."); } }
private static DispatchStepResult DispatchIfLanguagePost(RequestContext requestContext) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::DispatchIfLanguagePost] entry."); Canary15Cookie.CanaryValidationResult canaryValidationResult; if (requestContext.RequestType == OwaRequestType.LanguagePost && HttpUtilities.IsPostRequest(requestContext.HttpContext.Request) && Canary15Cookie.ValidateCanaryInHeaders(requestContext.HttpContext, OwaRequestHandler.GetOriginalIdentitySid(requestContext.HttpContext), Canary15Profile.Owa, out canaryValidationResult)) { OwaDiagnostics.TracePfd(25865, "The request is a post from the language selection page, processing this request...", new object[0]); ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::DispatchIfLanguagePost] Dispatching."); HttpRequest request = requestContext.HttpContext.Request; CultureInfo culture; string timeZoneKeyName; bool isOptimized; string destination; RequestDispatcherUtilities.GetLanguagePostFormParameters(requestContext, request, out culture, out timeZoneKeyName, out isOptimized, out destination); ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::DispatchIfLanguagePost] Dispatching language post request locally..."); return(RequestDispatcher.HandleLanguagePost(requestContext, culture, timeZoneKeyName, isOptimized, destination)); } return(DispatchStepResult.Continue); }