// Token: 0x0600000C RID: 12 RVA: 0x000022C8 File Offset: 0x000004C8
private void OnAuthenticateRequest(object source, EventArgs args)
{
Logger.EnterFunction(ExTraceGlobals.RemotePowershellBackendCmdletProxyModuleTracer, "OnAuthenticateOrPostAuthenticateRequest");
HttpContext httpContext = HttpContext.Current;
if (httpContext.Request.IsAuthenticated)
{
Logger.TraceDebug(ExTraceGlobals.RemotePowershellBackendCmdletProxyModuleTracer, "[RemotePowershellBackendCmdletProxyModule::OnAuthenticateOrPostAuthenticateRequest] Current authenticated user is {0} of type {1}.", new object[]
{
httpContext.User.Identity,
httpContext.User.Identity.GetType()
});
string value = httpContext.Request.Headers["X-CommonAccessToken"];
if (string.IsNullOrEmpty(value))
{
Uri url = httpContext.Request.Url;
Exception ex = null;
CommonAccessToken commonAccessToken = RemotePowershellBackendCmdletProxyModule.CommonAccessTokenFromUrl(httpContext.User.Identity.ToString(), url, out ex);
if (ex != null)
{
WinRMInfo.SetFailureCategoryInfo(httpContext.Response.Headers, FailureCategory.BackendCmdletProxy, ex.GetType().Name);
httpContext.Response.StatusCode = 500;
httpContext.ApplicationInstance.CompleteRequest();
}
else if (commonAccessToken != null)
{
httpContext.Request.Headers["X-CommonAccessToken"] = commonAccessToken.Serialize();
Logger.TraceDebug(ExTraceGlobals.RemotePowershellBackendCmdletProxyModuleTracer, "[RemotePowershellBackendCmdletProxyModule::OnAuthenticateOrPostAuthenticateRequest] The CommonAccessToken has been successfully stampped in request HTTP header.", new object[0]);
}
}
}
Logger.ExitFunction(ExTraceGlobals.RemotePowershellBackendCmdletProxyModuleTracer, "OnAuthenticateOrPostAuthenticateRequest");
}
// Token: 0x060006F3 RID: 1779 RVA: 0x00028E60 File Offset: 0x00027060
protected override void ExposeExceptionToClientResponse(Exception ex)
{
if (!WinRMHelper.FriendlyErrorEnabled.Value)
{
base.ExposeExceptionToClientResponse(ex);
return;
}
if (ex is WebException)
{
WebException ex2 = (WebException)ex;
if (WinRMHelper.IsPingRequest(ex2))
{
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug <int>((long)this.GetHashCode(), "[RemotePowerShellProxyRequestHandler::ExposeExceptionToClientResponse]: Context={0}, Ping found.", base.TraceContext);
}
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(base.Logger, 21, "Ping");
base.ClientResponse.Headers["X-RemotePS-Ping"] = "Ping";
return;
}
if (WinRMHelper.CouldBePingRequest(ex2))
{
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug <int>((long)this.GetHashCode(), "[RemotePowerShellProxyRequestHandler::ExposeExceptionToClientResponse]: Context={0}, Could be Ping request.", base.TraceContext);
}
base.ClientResponse.Headers["X-RemotePS-Ping"] = "Possible-Ping";
return;
}
if (ex2.Status != WebExceptionStatus.ProtocolError)
{
WinRMInfo.SetFailureCategoryInfo(base.ClientResponse.Headers, 3, ex2.Status.ToString());
}
if (ex2.Response != null)
{
string text = ex2.Response.Headers["X-BasicAuthToOAuthConversionDiagnostics"];
if (!string.IsNullOrWhiteSpace(text))
{
base.ClientResponse.Headers["X-BasicAuthToOAuthConversionDiagnostics"] = text + " ";
}
}
}
if (ex is HttpProxyException && !string.IsNullOrWhiteSpace(ex.Message) && !WinRMHelper.DiagnosticsInfoHasBeenWritten(base.ClientResponse.Headers))
{
WinRMInfo.SetFailureCategoryInfo(base.ClientResponse.Headers, 3, ex.GetType().Name);
string diagnosticsInfo = WinRMHelper.GetDiagnosticsInfo(base.HttpContext);
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug <int, string>((long)this.GetHashCode(), "[RemotePowerShellProxyRequestHandler::ExposeExceptionToClientResponse]: Context={0}, Write Message {1} to client response.", base.TraceContext, ex.Message);
}
WinRMHelper.SetDiagnosticsInfoWrittenFlag(base.ClientResponse.Headers);
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(base.Logger, "FriendlyError", "ExposeException");
base.ClientResponse.Write(diagnosticsInfo + ex.Message);
return;
}
base.ExposeExceptionToClientResponse(ex);
}
// Token: 0x06001439 RID: 5177 RVA: 0x0004A0D8 File Offset: 0x000482D8
private void OnAuthenticateRequest(object source, EventArgs e)
{
ExTraceGlobals.AccessCheckTracer.TraceDebug(0L, "Start OnAuthenticateRequest");
HttpApplication httpApplication = (HttpApplication)source;
HttpContext context = httpApplication.Context;
UserToken userToken = context.CurrentUserToken();
if (this.IsDelegatedAuth(context))
{
ExTraceGlobals.AccessCheckTracer.TraceDebug(0L, "Delegated auth, let delegated auth module handle the request");
}
else
{
if (context.Request.IsAuthenticated && userToken.HasCommonAccessToken)
{
try
{
if (userToken.HasCommonAccessToken && ProxySecurityContextModule.AuthenticationTypes.ContainsKey(userToken.AuthenticationType))
{
string text = ProxySecurityContextModule.AuthenticationTypes[userToken.AuthenticationType];
if (context.User != null && context.User.Identity != null)
{
context.Items["AuthType"] = context.User.Identity.AuthenticationType;
if (!context.Items.Contains("AuthenticatedUser"))
{
context.Items["AuthenticatedUser"] = context.User.Identity.Name;
}
else
{
HttpLogger.SafeAppendGenericInfo("User.Identity", context.User.Identity.Name);
}
}
ExTraceGlobals.AccessCheckTracer.TraceDebug <AuthenticationType, string>(0L, "Token Type = {0}, AuthenticationType = {1}.", userToken.AuthenticationType, text);
ExAssert.RetailAssert(context.User != null && context.User.Identity != null && context.User.Identity.Name != null, "HttpContext.User.Identity.Name should not be null.");
GenericIdentity identity = new GenericIdentity(context.User.Identity.Name.ToLower(), text);
context.User = new GenericPrincipal(identity, new string[0]);
ProxySecurityContextModule.SendAuthenticationDataToWinRM(context, userToken);
}
goto IL_201;
}
catch (Exception ex)
{
HttpModuleHelper.EndPowerShellRequestWithFriendlyError(context, FailureCategory.ProxySecurityContext, "Exception", ex.ToString(), "ProxySecurityContextModule", KnownException.IsUnhandledException(ex));
goto IL_201;
}
}
ExTraceGlobals.AccessCheckTracer.TraceDebug(0L, "Request is Unauthorized.");
WinRMInfo.SetFailureCategoryInfo(context.Response.Headers, FailureCategory.ProxySecurityContext, "Unauthorized");
context.Response.StatusCode = 401;
httpApplication.CompleteRequest();
}
IL_201:
ExTraceGlobals.AccessCheckTracer.TraceDebug(0L, "Exit OnAuthenticateRequest");
}
private void OnPostAuthenticateRequest(object sender, EventArgs e)
{
HttpContextBase context = new HttpContextWrapper(((HttpApplication)sender).Context);
WinRMInfo winRMInfoFromHttpHeaders = WinRMInfo.GetWinRMInfoFromHttpHeaders(context.Request.Headers);
if (winRMInfoFromHttpHeaders != null)
{
string sessionUniqueId = winRMInfoFromHttpHeaders.SessionUniqueId;
int num = 0;
if (!string.IsNullOrEmpty(sessionUniqueId) && RpsHttpDatabaseValidationModule.ActiveSessionCache.TryGetValue(sessionUniqueId, out num))
{
HttpLogger.SafeAppendGenericInfo("CachedSessionId", sessionUniqueId);
return;
}
}
using (new MonitoredScope("RpsHttpDatabaseValidationModule", "RpsHttpDatabaseValidationModule", HttpModuleHelper.HttpPerfMonitors))
{
HttpDatabaseValidationHelper.ValidateHttpDatabaseHeader(context, delegate
{
}, delegate(string routingError)
{
if (context.Request.Headers[WellKnownHeader.XCafeLastRetryHeaderKey] != null)
{
HttpLogger.SafeAppendGenericInfo("IgnoreRoutingError", "Cafe last retry");
return;
}
HttpLogger.SafeAppendGenericError("ServerRoutingError", routingError, false);
WinRMInfo.SetFailureCategoryInfo(context.Response.Headers, FailureCategory.DatabaseValidation, "ServerRoutingError");
this.SendErrorResponse(context, 555, 0, routingError, delegate(HttpResponseBase response)
{
response.Headers[WellKnownHeader.BEServerRoutingError] = routingError;
}, false);
}, delegate
{
HttpLogger.SafeAppendGenericError("InvalidMailboxDatabaseGuid", "Cannot Parse MailboxDatabaseGuid From Header", false);
WinRMInfo.SetFailureCategoryInfo(context.Response.Headers, FailureCategory.DatabaseValidation, "InvalidDatabaseGuid");
this.SendErrorResponse(context, 400, 0, "Invalid database guid", null, false);
});
}
}
private static void ReportCustomError(HttpResponse response, HttpStatusCode status, int subStatus, string errorMessage)
{
Logger.LogVerbose("Reporting HTTP error: Status - {0}, SubStatus - {1}, Message - {2}", new object[]
{
status,
subStatus,
errorMessage
});
string fcSubInfo = "Unknown";
if (subStatus != 102)
{
switch (subStatus)
{
case 200:
fcSubInfo = "UnknownInternalError";
break;
case 201:
fcSubInfo = "TransientServerError";
break;
}
}
else
{
fcSubInfo = "UserNotFound";
}
WinRMInfo.SetFailureCategoryInfo(response.Headers, FailureCategory.Certificate, fcSubInfo);
response.Clear();
response.StatusCode = (int)status;
response.SubStatusCode = subStatus;
response.ContentType = "application/soap+xml;charset=UTF-8";
response.TrySkipIisCustomErrors = true;
if (!string.IsNullOrEmpty(errorMessage))
{
response.Write(errorMessage);
}
response.End();
}
private static void ApplicationBeginRequest(object sender, EventArgs e)
{
if (!FailFastUserCache.FailFastEnabled)
{
return;
}
Logger.EnterFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest");
HttpApplication httpApplication = (HttpApplication)sender;
HttpContext context = httpApplication.Context;
string text = null;
foreach (IUserTokenParser userTokenParser in FailFastModule.tokenParsers)
{
if (userTokenParser.TryParseUserToken(context, out text))
{
Logger.TraceInformation(ExTraceGlobals.FailFastModuleTracer, "{0} module parses the user token successfully. User token parsed: {1}.", new object[]
{
userTokenParser.GetType(),
text
});
break;
}
}
if (string.IsNullOrEmpty(text))
{
Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "No usertoken is parsed, exit directly.", new object[0]);
Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest");
return;
}
if (context == null || context.Response == null)
{
Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "context == null || context.Response == null", new object[0]);
Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest");
return;
}
context.Response.Headers[FailFastModule.headerKeyToStoreUserToken] = text;
string userTenant = FailFastModule.GetUserTenant(context, text);
Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "Tenant for current user {0} is {1} (If not email domain, it is in Delegated scenario).", new object[]
{
text,
userTenant
});
string text2;
FailFastUserCacheValue failFastUserCacheValue;
BlockedReason blockedReason;
if (!FailFastUserCache.Instance.IsUserInCache(text, userTenant, out text2, out failFastUserCacheValue, out blockedReason))
{
Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "Http request of User {0} is not handled by FailFastModule because it is not in FailFastUserCache.", new object[]
{
text
});
Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest");
return;
}
if (!ConnectedUserManager.ShouldFailFastUserInCache(text, text2, failFastUserCacheValue, blockedReason))
{
Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "Http request of User {0} is not considered to be FailFast case. CacheKey: {1}. CacheValue: {2}. BlockedReason {3}.", new object[]
{
text,
text2,
failFastUserCacheValue,
blockedReason
});
Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest");
return;
}
Logger.LogEvent(TaskEventLogConstants.Tuple_LogUserRequestIsFailed, text2, new object[]
{
text,
text2,
failFastUserCacheValue.ToString()
});
Logger.TraceError(ExTraceGlobals.FailFastModuleTracer, "Http request of User {0} is terminated in fail-fast module.", new object[]
{
text
});
FailFastModule.perfCounter.RequestsBeFailFasted.RawValue = FailFastModule.perfCounter.RequestsBeFailFasted.RawValue + 1L;
HttpLogger.SafeSetLogger(RpsHttpMetadata.FailFast, string.Concat(new object[]
{
text,
"+",
blockedReason,
"+",
(failFastUserCacheValue == null) ? "Null" : failFastUserCacheValue.HitCount.ToString()
}));
ConnectedUserManager.RemoveUser(text);
string responseErrorMessage = FailFastModule.GetResponseErrorMessage(blockedReason);
context.Response.ContentType = "application/soap+xml;charset=UTF-8";
context.Response.Write(responseErrorMessage);
context.Response.StatusCode = 400;
context.Response.SubStatusCode = 350;
context.Response.TrySkipIisCustomErrors = true;
WinRMInfo.SetFailureCategoryInfo(context.Response.Headers, FailureCategory.FailFast, blockedReason.ToString());
Logger.TraceInformation(ExTraceGlobals.FailFastModuleTracer, "Sending 400.350 to the client.", new object[0]);
context.Response.End();
Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest");
}
