// Token: 0x0600000C RID: 12 RVA: 0x000022C8 File Offset: 0x000004C8 private void OnAuthenticateRequest(object source, EventArgs args) { Logger.EnterFunction(ExTraceGlobals.RemotePowershellBackendCmdletProxyModuleTracer, "OnAuthenticateOrPostAuthenticateRequest"); HttpContext httpContext = HttpContext.Current; if (httpContext.Request.IsAuthenticated) { Logger.TraceDebug(ExTraceGlobals.RemotePowershellBackendCmdletProxyModuleTracer, "[RemotePowershellBackendCmdletProxyModule::OnAuthenticateOrPostAuthenticateRequest] Current authenticated user is {0} of type {1}.", new object[] { httpContext.User.Identity, httpContext.User.Identity.GetType() }); string value = httpContext.Request.Headers["X-CommonAccessToken"]; if (string.IsNullOrEmpty(value)) { Uri url = httpContext.Request.Url; Exception ex = null; CommonAccessToken commonAccessToken = RemotePowershellBackendCmdletProxyModule.CommonAccessTokenFromUrl(httpContext.User.Identity.ToString(), url, out ex); if (ex != null) { WinRMInfo.SetFailureCategoryInfo(httpContext.Response.Headers, FailureCategory.BackendCmdletProxy, ex.GetType().Name); httpContext.Response.StatusCode = 500; httpContext.ApplicationInstance.CompleteRequest(); } else if (commonAccessToken != null) { httpContext.Request.Headers["X-CommonAccessToken"] = commonAccessToken.Serialize(); Logger.TraceDebug(ExTraceGlobals.RemotePowershellBackendCmdletProxyModuleTracer, "[RemotePowershellBackendCmdletProxyModule::OnAuthenticateOrPostAuthenticateRequest] The CommonAccessToken has been successfully stampped in request HTTP header.", new object[0]); } } } Logger.ExitFunction(ExTraceGlobals.RemotePowershellBackendCmdletProxyModuleTracer, "OnAuthenticateOrPostAuthenticateRequest"); }
// Token: 0x060006F3 RID: 1779 RVA: 0x00028E60 File Offset: 0x00027060 protected override void ExposeExceptionToClientResponse(Exception ex) { if (!WinRMHelper.FriendlyErrorEnabled.Value) { base.ExposeExceptionToClientResponse(ex); return; } if (ex is WebException) { WebException ex2 = (WebException)ex; if (WinRMHelper.IsPingRequest(ex2)) { if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug <int>((long)this.GetHashCode(), "[RemotePowerShellProxyRequestHandler::ExposeExceptionToClientResponse]: Context={0}, Ping found.", base.TraceContext); } RequestDetailsLoggerBase <RequestDetailsLogger> .SafeSetLogger(base.Logger, 21, "Ping"); base.ClientResponse.Headers["X-RemotePS-Ping"] = "Ping"; return; } if (WinRMHelper.CouldBePingRequest(ex2)) { if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug <int>((long)this.GetHashCode(), "[RemotePowerShellProxyRequestHandler::ExposeExceptionToClientResponse]: Context={0}, Could be Ping request.", base.TraceContext); } base.ClientResponse.Headers["X-RemotePS-Ping"] = "Possible-Ping"; return; } if (ex2.Status != WebExceptionStatus.ProtocolError) { WinRMInfo.SetFailureCategoryInfo(base.ClientResponse.Headers, 3, ex2.Status.ToString()); } if (ex2.Response != null) { string text = ex2.Response.Headers["X-BasicAuthToOAuthConversionDiagnostics"]; if (!string.IsNullOrWhiteSpace(text)) { base.ClientResponse.Headers["X-BasicAuthToOAuthConversionDiagnostics"] = text + " "; } } } if (ex is HttpProxyException && !string.IsNullOrWhiteSpace(ex.Message) && !WinRMHelper.DiagnosticsInfoHasBeenWritten(base.ClientResponse.Headers)) { WinRMInfo.SetFailureCategoryInfo(base.ClientResponse.Headers, 3, ex.GetType().Name); string diagnosticsInfo = WinRMHelper.GetDiagnosticsInfo(base.HttpContext); if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug <int, string>((long)this.GetHashCode(), "[RemotePowerShellProxyRequestHandler::ExposeExceptionToClientResponse]: Context={0}, Write Message {1} to client response.", base.TraceContext, ex.Message); } WinRMHelper.SetDiagnosticsInfoWrittenFlag(base.ClientResponse.Headers); RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(base.Logger, "FriendlyError", "ExposeException"); base.ClientResponse.Write(diagnosticsInfo + ex.Message); return; } base.ExposeExceptionToClientResponse(ex); }
// Token: 0x06001439 RID: 5177 RVA: 0x0004A0D8 File Offset: 0x000482D8 private void OnAuthenticateRequest(object source, EventArgs e) { ExTraceGlobals.AccessCheckTracer.TraceDebug(0L, "Start OnAuthenticateRequest"); HttpApplication httpApplication = (HttpApplication)source; HttpContext context = httpApplication.Context; UserToken userToken = context.CurrentUserToken(); if (this.IsDelegatedAuth(context)) { ExTraceGlobals.AccessCheckTracer.TraceDebug(0L, "Delegated auth, let delegated auth module handle the request"); } else { if (context.Request.IsAuthenticated && userToken.HasCommonAccessToken) { try { if (userToken.HasCommonAccessToken && ProxySecurityContextModule.AuthenticationTypes.ContainsKey(userToken.AuthenticationType)) { string text = ProxySecurityContextModule.AuthenticationTypes[userToken.AuthenticationType]; if (context.User != null && context.User.Identity != null) { context.Items["AuthType"] = context.User.Identity.AuthenticationType; if (!context.Items.Contains("AuthenticatedUser")) { context.Items["AuthenticatedUser"] = context.User.Identity.Name; } else { HttpLogger.SafeAppendGenericInfo("User.Identity", context.User.Identity.Name); } } ExTraceGlobals.AccessCheckTracer.TraceDebug <AuthenticationType, string>(0L, "Token Type = {0}, AuthenticationType = {1}.", userToken.AuthenticationType, text); ExAssert.RetailAssert(context.User != null && context.User.Identity != null && context.User.Identity.Name != null, "HttpContext.User.Identity.Name should not be null."); GenericIdentity identity = new GenericIdentity(context.User.Identity.Name.ToLower(), text); context.User = new GenericPrincipal(identity, new string[0]); ProxySecurityContextModule.SendAuthenticationDataToWinRM(context, userToken); } goto IL_201; } catch (Exception ex) { HttpModuleHelper.EndPowerShellRequestWithFriendlyError(context, FailureCategory.ProxySecurityContext, "Exception", ex.ToString(), "ProxySecurityContextModule", KnownException.IsUnhandledException(ex)); goto IL_201; } } ExTraceGlobals.AccessCheckTracer.TraceDebug(0L, "Request is Unauthorized."); WinRMInfo.SetFailureCategoryInfo(context.Response.Headers, FailureCategory.ProxySecurityContext, "Unauthorized"); context.Response.StatusCode = 401; httpApplication.CompleteRequest(); } IL_201: ExTraceGlobals.AccessCheckTracer.TraceDebug(0L, "Exit OnAuthenticateRequest"); }
private void OnPostAuthenticateRequest(object sender, EventArgs e) { HttpContextBase context = new HttpContextWrapper(((HttpApplication)sender).Context); WinRMInfo winRMInfoFromHttpHeaders = WinRMInfo.GetWinRMInfoFromHttpHeaders(context.Request.Headers); if (winRMInfoFromHttpHeaders != null) { string sessionUniqueId = winRMInfoFromHttpHeaders.SessionUniqueId; int num = 0; if (!string.IsNullOrEmpty(sessionUniqueId) && RpsHttpDatabaseValidationModule.ActiveSessionCache.TryGetValue(sessionUniqueId, out num)) { HttpLogger.SafeAppendGenericInfo("CachedSessionId", sessionUniqueId); return; } } using (new MonitoredScope("RpsHttpDatabaseValidationModule", "RpsHttpDatabaseValidationModule", HttpModuleHelper.HttpPerfMonitors)) { HttpDatabaseValidationHelper.ValidateHttpDatabaseHeader(context, delegate { }, delegate(string routingError) { if (context.Request.Headers[WellKnownHeader.XCafeLastRetryHeaderKey] != null) { HttpLogger.SafeAppendGenericInfo("IgnoreRoutingError", "Cafe last retry"); return; } HttpLogger.SafeAppendGenericError("ServerRoutingError", routingError, false); WinRMInfo.SetFailureCategoryInfo(context.Response.Headers, FailureCategory.DatabaseValidation, "ServerRoutingError"); this.SendErrorResponse(context, 555, 0, routingError, delegate(HttpResponseBase response) { response.Headers[WellKnownHeader.BEServerRoutingError] = routingError; }, false); }, delegate { HttpLogger.SafeAppendGenericError("InvalidMailboxDatabaseGuid", "Cannot Parse MailboxDatabaseGuid From Header", false); WinRMInfo.SetFailureCategoryInfo(context.Response.Headers, FailureCategory.DatabaseValidation, "InvalidDatabaseGuid"); this.SendErrorResponse(context, 400, 0, "Invalid database guid", null, false); }); } }
private static void ReportCustomError(HttpResponse response, HttpStatusCode status, int subStatus, string errorMessage) { Logger.LogVerbose("Reporting HTTP error: Status - {0}, SubStatus - {1}, Message - {2}", new object[] { status, subStatus, errorMessage }); string fcSubInfo = "Unknown"; if (subStatus != 102) { switch (subStatus) { case 200: fcSubInfo = "UnknownInternalError"; break; case 201: fcSubInfo = "TransientServerError"; break; } } else { fcSubInfo = "UserNotFound"; } WinRMInfo.SetFailureCategoryInfo(response.Headers, FailureCategory.Certificate, fcSubInfo); response.Clear(); response.StatusCode = (int)status; response.SubStatusCode = subStatus; response.ContentType = "application/soap+xml;charset=UTF-8"; response.TrySkipIisCustomErrors = true; if (!string.IsNullOrEmpty(errorMessage)) { response.Write(errorMessage); } response.End(); }
private static void ApplicationBeginRequest(object sender, EventArgs e) { if (!FailFastUserCache.FailFastEnabled) { return; } Logger.EnterFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest"); HttpApplication httpApplication = (HttpApplication)sender; HttpContext context = httpApplication.Context; string text = null; foreach (IUserTokenParser userTokenParser in FailFastModule.tokenParsers) { if (userTokenParser.TryParseUserToken(context, out text)) { Logger.TraceInformation(ExTraceGlobals.FailFastModuleTracer, "{0} module parses the user token successfully. User token parsed: {1}.", new object[] { userTokenParser.GetType(), text }); break; } } if (string.IsNullOrEmpty(text)) { Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "No usertoken is parsed, exit directly.", new object[0]); Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest"); return; } if (context == null || context.Response == null) { Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "context == null || context.Response == null", new object[0]); Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest"); return; } context.Response.Headers[FailFastModule.headerKeyToStoreUserToken] = text; string userTenant = FailFastModule.GetUserTenant(context, text); Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "Tenant for current user {0} is {1} (If not email domain, it is in Delegated scenario).", new object[] { text, userTenant }); string text2; FailFastUserCacheValue failFastUserCacheValue; BlockedReason blockedReason; if (!FailFastUserCache.Instance.IsUserInCache(text, userTenant, out text2, out failFastUserCacheValue, out blockedReason)) { Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "Http request of User {0} is not handled by FailFastModule because it is not in FailFastUserCache.", new object[] { text }); Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest"); return; } if (!ConnectedUserManager.ShouldFailFastUserInCache(text, text2, failFastUserCacheValue, blockedReason)) { Logger.TraceDebug(ExTraceGlobals.FailFastModuleTracer, "Http request of User {0} is not considered to be FailFast case. CacheKey: {1}. CacheValue: {2}. BlockedReason {3}.", new object[] { text, text2, failFastUserCacheValue, blockedReason }); Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest"); return; } Logger.LogEvent(TaskEventLogConstants.Tuple_LogUserRequestIsFailed, text2, new object[] { text, text2, failFastUserCacheValue.ToString() }); Logger.TraceError(ExTraceGlobals.FailFastModuleTracer, "Http request of User {0} is terminated in fail-fast module.", new object[] { text }); FailFastModule.perfCounter.RequestsBeFailFasted.RawValue = FailFastModule.perfCounter.RequestsBeFailFasted.RawValue + 1L; HttpLogger.SafeSetLogger(RpsHttpMetadata.FailFast, string.Concat(new object[] { text, "+", blockedReason, "+", (failFastUserCacheValue == null) ? "Null" : failFastUserCacheValue.HitCount.ToString() })); ConnectedUserManager.RemoveUser(text); string responseErrorMessage = FailFastModule.GetResponseErrorMessage(blockedReason); context.Response.ContentType = "application/soap+xml;charset=UTF-8"; context.Response.Write(responseErrorMessage); context.Response.StatusCode = 400; context.Response.SubStatusCode = 350; context.Response.TrySkipIisCustomErrors = true; WinRMInfo.SetFailureCategoryInfo(context.Response.Headers, FailureCategory.FailFast, blockedReason.ToString()); Logger.TraceInformation(ExTraceGlobals.FailFastModuleTracer, "Sending 400.350 to the client.", new object[0]); context.Response.End(); Logger.ExitFunction(ExTraceGlobals.FailFastModuleTracer, "FailFastModule.ApplicationBeginRequest"); }