// Token: 0x060001D6 RID: 470 RVA: 0x00008B48 File Offset: 0x00006D48
public static bool IsLiveIdCookieAuth(HttpContext httpContext)
{
IIdentity identity;
if (HttpProxySettings.IdentityIndependentAuthBehaviorEnabled.Value)
{
identity = AuthCommon.GetAuthenticationBehaviorType(httpContext);
}
else
{
IPrincipal user = httpContext.User;
identity = ((user != null) ? user.Identity : null);
}
return(identity != null && identity is GenericIdentity && string.Equals(identity.AuthenticationType, "OrgId", StringComparison.OrdinalIgnoreCase));
}
private static void SetAuthenticatedInfo(HttpContext context, ADUser authenticatedUser, X509Identifier certId)
{
Logger.EnterFunction(ExTraceGlobals.CertAuthTracer, "SetAuthenticatedInfo");
IIdentity identity;
if (CertificateAuthenticationModule.cafeProxy)
{
CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Create(authenticatedUser, certId);
context.Items["Item-CommonAccessToken"] = certificateSidTokenAccessor.GetToken();
identity = new GenericSidIdentity(authenticatedUser.Sid.ToString(), "Certificate", authenticatedUser.Sid, certificateSidTokenAccessor.PartitionId);
}
else
{
context.Items["AuthType"] = AccessTokenType.CertificateSid;
if (authenticatedUser.RecipientTypeDetails == RecipientTypeDetails.LinkedUser)
{
identity = new GenericIdentity(authenticatedUser.Sid.ToString());
}
else
{
string sUserPrincipalName = string.Format("{0}@{1}", authenticatedUser.SamAccountName, authenticatedUser.Id.GetPartitionId().ForestFQDN);
identity = new WindowsIdentity(sUserPrincipalName);
}
}
string name = authenticatedUser.Name;
if (!string.IsNullOrEmpty(name))
{
context.Items["AuthenticatedUser"] = name;
}
AuthCommon.SetHttpContextADRawEntry(context, authenticatedUser);
if (!OrganizationId.ForestWideOrgId.Equals(authenticatedUser.OrganizationId))
{
context.Items[CertificateAuthenticationModule.TenantCertificateOrganizaitonItemName] = authenticatedUser.OrganizationId.OrganizationalUnit.Name;
}
context.User = new GenericPrincipal(identity, new string[0]);
Logger.ExitFunction(ExTraceGlobals.CertAuthTracer, "SetAuthenticatedInfo");
}
// Token: 0x060000EA RID: 234 RVA: 0x00005B50 File Offset: 0x00003D50
private static AnchorMailbox TryCreateFromCommonAccessToken(CommonAccessToken cat, IRequestContext requestContext)
{
AccessTokenType accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true);
if (accessTokenType == 5)
{
requestContext.Logger.SafeSet(3, "CommonAccessToken-CompositeIdentity");
cat = CommonAccessToken.Deserialize(cat.ExtensionData["PrimaryIdentityToken"]);
accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true);
}
switch (accessTokenType)
{
case 0:
requestContext.Logger.SafeSet(3, "CommonAccessToken-Windows");
return(new SidAnchorMailbox(cat.WindowsAccessToken.UserSid, requestContext));
case 1:
{
LiveIdFbaTokenAccessor liveIdFbaTokenAccessor = LiveIdFbaTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveId");
return(new SidAnchorMailbox(liveIdFbaTokenAccessor.UserSid, requestContext)
{
OrganizationId = liveIdFbaTokenAccessor.OrganizationId,
SmtpOrLiveId = liveIdFbaTokenAccessor.LiveIdMemberName
});
}
case 2:
{
LiveIdBasicTokenAccessor liveIdBasicTokenAccessor = LiveIdBasicTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveIdBasic");
if (liveIdBasicTokenAccessor.UserSid != null)
{
return(new SidAnchorMailbox(liveIdBasicTokenAccessor.UserSid, requestContext)
{
OrganizationId = liveIdBasicTokenAccessor.OrganizationId,
SmtpOrLiveId = liveIdBasicTokenAccessor.LiveIdMemberName
});
}
if (SmtpAddress.IsValidSmtpAddress(liveIdBasicTokenAccessor.LiveIdMemberName))
{
string domain = SmtpAddress.Parse(liveIdBasicTokenAccessor.LiveIdMemberName).Domain;
return(new PuidAnchorMailbox(liveIdBasicTokenAccessor.Puid, domain, requestContext));
}
return(null);
}
case 3:
{
string sid = cat.ExtensionData["UserSid"];
string text;
cat.ExtensionData.TryGetValue("OrganizationName", out text);
string smtpOrLiveId;
cat.ExtensionData.TryGetValue("MemberName", out smtpOrLiveId);
if (!string.IsNullOrEmpty(text) && requestContext.Logger != null)
{
requestContext.Logger.ActivityScope.SetProperty(5, text);
}
requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveIdNego2");
return(new SidAnchorMailbox(sid, requestContext)
{
SmtpOrLiveId = smtpOrLiveId
});
}
case 4:
return(null);
case 6:
return(null);
case 7:
{
ADRawEntry httpContextADRawEntry = AuthCommon.GetHttpContextADRawEntry(requestContext.HttpContext);
if (httpContextADRawEntry != null)
{
requestContext.Logger.SafeSet(3, "CommonAccessToken-CertificateSid");
return(new UserADRawEntryAnchorMailbox(httpContextADRawEntry, requestContext));
}
CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(3, "CommonAccessToken-CertificateSid");
return(new SidAnchorMailbox(certificateSidTokenAccessor.UserSid, requestContext)
{
PartitionId = certificateSidTokenAccessor.PartitionId
});
}
case 8:
return(null);
}
return(null);
}
private static AnchorMailbox TryCreateFromCommonAccessToken(CommonAccessToken cat, IRequestContext requestContext)
{
AccessTokenType accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true);
if (accessTokenType == AccessTokenType.CompositeIdentity)
{
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CompositeIdentity");
cat = CommonAccessToken.Deserialize(cat.ExtensionData["PrimaryIdentityToken"]);
accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true);
}
switch (accessTokenType)
{
case AccessTokenType.Windows:
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-Windows");
return(new SidAnchorMailbox(cat.WindowsAccessToken.UserSid, requestContext));
case AccessTokenType.LiveId:
{
LiveIdFbaTokenAccessor liveIdFbaTokenAccessor = LiveIdFbaTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveId");
return(new SidAnchorMailbox(liveIdFbaTokenAccessor.UserSid, requestContext)
{
OrganizationId = liveIdFbaTokenAccessor.OrganizationId,
SmtpOrLiveId = liveIdFbaTokenAccessor.LiveIdMemberName
});
}
case AccessTokenType.LiveIdBasic:
{
LiveIdBasicTokenAccessor liveIdBasicTokenAccessor = LiveIdBasicTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveIdBasic");
if (liveIdBasicTokenAccessor.UserSid != null)
{
return(new SidAnchorMailbox(liveIdBasicTokenAccessor.UserSid, requestContext)
{
OrganizationId = liveIdBasicTokenAccessor.OrganizationId,
SmtpOrLiveId = liveIdBasicTokenAccessor.LiveIdMemberName
});
}
return(new PuidAnchorMailbox(liveIdBasicTokenAccessor.Puid, liveIdBasicTokenAccessor.LiveIdMemberName, requestContext));
}
case AccessTokenType.LiveIdNego2:
{
string sid = cat.ExtensionData["UserSid"];
string value;
cat.ExtensionData.TryGetValue("OrganizationName", out value);
string smtpOrLiveId;
cat.ExtensionData.TryGetValue("MemberName", out smtpOrLiveId);
if (!string.IsNullOrEmpty(value) && requestContext.Logger != null)
{
requestContext.Logger.ActivityScope.SetProperty(ActivityStandardMetadata.TenantId, value);
}
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveIdNego2");
return(new SidAnchorMailbox(sid, requestContext)
{
SmtpOrLiveId = smtpOrLiveId
});
}
case AccessTokenType.OAuth:
return(null);
case AccessTokenType.Adfs:
return(null);
case AccessTokenType.CertificateSid:
{
ADRawEntry httpContextADRawEntry = AuthCommon.GetHttpContextADRawEntry(requestContext.HttpContext);
if (httpContextADRawEntry != null)
{
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CertificateSid");
return(new UserADRawEntryAnchorMailbox(httpContextADRawEntry, requestContext));
}
CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CertificateSid");
return(new SidAnchorMailbox(certificateSidTokenAccessor.UserSid, requestContext)
{
PartitionId = certificateSidTokenAccessor.PartitionId
});
}
case AccessTokenType.RemotePowerShellDelegated:
return(null);
}
return(null);
}
