public static extern bool AuthzInitializeContextFromSid(
AuthzInitFlags flags,
byte[] rawUserSid,
SafeAuthzRMHandle authzRM,
PLARGE_INTEGER expirationTime,
LUID Identifier,
LPVOID DynamicGroupArgs,
out SafeAuthzContextHandle authzClientContext);
public static extern bool AuthzInitializeContextFromSid(
AuthzInitFlags flags,
byte[] rawUserSid,
SafeAuthzRMHandle authzRM,
IntPtr expirationTime,
Luid Identifier,
IntPtr DynamicGroupArgs,
out IntPtr authzClientContext);
internal static extern bool AuthzInitializeContextFromSid(
AuthzInitFlags flags,
byte[] rawUserSid,
SafeAuthzRMHandle authzRM,
PLARGE_INTEGER expirationTime,
Win32.LUID Identifier,
LPVOID DynamicGroupArgs,
out AUTHZ_CLIENT_CONTEXT_HANDLE authzClientContext);
internal static extern bool AuthzInitializeContextFromSid(
AuthzInitFlags flags,
byte[] rawUserSid,
SafeAuthzRMHandle authzRm,
IntPtr expirationTime,
Win32.Luid identifier,
IntPtr dynamicGroupArgs,
out IntPtr authzClientContext);
public static extern bool AuthzInitializeContextFromSid(
AuthzInitFlags flags,
byte[] rawUserSid,
SafeAuthzRMHandle authzRM,
PLARGE_INTEGER expirationTime,
LUID Identifier,
LPVOID DynamicGroupArgs,
out SafeAuthzContextHandle authzClientContext);
/// <summary>
/// Initializes a new instance of the AuthorizationContext class
/// </summary>
/// <param name="principal">The security identifier of the principal to build the authorization context for</param>
/// <param name="server">The remote server to use to build the authorization context</param>
/// <param name="allowLocalFallback">A value that indicates if automatically falling back to the local server is allowed if the remote context fails to be established. If fallback occurs, the context will be initialized with the <see cref="Server"/> field set to null</param>
/// <param name="flags">The initialization flags used to build the context</param>
public AuthorizationContext(SecurityIdentifier principal, string server, bool allowLocalFallback, AuthzInitFlags flags)
{
this.SecurityIdentifer = principal;
this.authzRm = InitializeResourceManager(server, allowLocalFallback, out bool localFallbackOccurred);
if (localFallbackOccurred)
{
this.Server = null;
}
else
{
this.Server = server;
}
this.authzContext = InitializeAuthorizationContextFromSid(this.authzRm, this.SecurityIdentifer, flags);
}
/// <summary>
/// Initializes a new instance of the AuthorizationContext class
/// </summary>
/// <param name="principal">The security identifier of the principal to build the authorization context for</param>
/// <param name="server">The remote server to use to build the authorization context</param>
/// <param name="flags">The initialization flags used to build the context</param>
public AuthorizationContext(SecurityIdentifier principal, string server, AuthzInitFlags flags) : this(principal, server, false, flags)
{
}
private static SafeAuthzContextHandle InitializeAuthorizationContextFromSid(SafeAuthzResourceManagerHandle authzRm, SecurityIdentifier sid, AuthzInitFlags flags)
{
byte[] sidBytes = new byte[sid.BinaryLength];
sid.GetBinaryForm(sidBytes, 0);
if (!NativeMethods.AuthzInitializeContextFromSid(flags, sidBytes, authzRm, IntPtr.Zero, Luid.NullLuid, IntPtr.Zero, out SafeAuthzContextHandle userClientCtxt))
{
int errorCode = Marshal.GetLastWin32Error();
throw new AuthorizationContextException("AuthzInitializeContextFromSid failed", new Win32Exception(errorCode));
}
return(userClientCtxt);
}
private static SafeAuthzContextHandle InitializeAuthorizationContextFromToken(SafeAuthzResourceManagerHandle authzRm, SafeAccessTokenHandle accessToken, AuthzInitFlags flags)
{
if (!NativeMethods.AuthzInitializeContextFromToken(flags, accessToken, authzRm, IntPtr.Zero, Luid.NullLuid, IntPtr.Zero, out SafeAuthzContextHandle userClientCtxt))
{
int errorCode = Marshal.GetLastWin32Error();
throw new AuthorizationContextException("AuthzInitializeContextFromSid failed", new Win32Exception(errorCode));
}
return(userClientCtxt);
}
/// <summary>
/// Initializes a new instance of the AuthorizationContext class
/// </summary>
/// <param name="accessToken">The access token of the principal to build the authorization context for</param>
/// <param name="server">The remote server to use to build the authorization context</param>
/// <param name="allowLocalFallback">A value that indicates if automatically falling back to the local server is allowed if the remote context fails to be established. If fallback occurs, the context will be initialized with the <see cref="Server"/> field set to null</param>
/// <param name="flags">The initialization flags used to build the context</param>
public AuthorizationContext(SafeAccessTokenHandle accessToken, string server, bool allowLocalFallback, AuthzInitFlags flags)
{
this.authzRm = InitializeResourceManager(server, allowLocalFallback, out bool localFallbackOccurred);
this.SecurityIdentifer = GetSecurityIdentifierFromAccessToken(accessToken.DangerousGetHandle());
if (localFallbackOccurred)
{
this.Server = null;
}
else
{
this.Server = server;
}
this.authzContext = InitializeAuthorizationContextFromToken(this.authzRm, accessToken, flags);
}
/// <summary>
/// Initializes a new instance of the AuthorizationContext class
/// </summary>
/// <param name="accessToken">The access token of the principal to build the authorization context for</param>
/// <param name="server">The remote server to use to build the authorization context</param>
/// <param name="flags">The initialization flags used to build the context</param>
public AuthorizationContext(SafeAccessTokenHandle accessToken, string server, AuthzInitFlags flags) : this(accessToken, server, false, flags)
{
}
internal static extern bool AuthzInitializeContextFromSid(
AuthzInitFlags flags,
byte[] rawUserSid,
SafeAuthzRMHandle authzRM,
PLARGE_INTEGER expirationTime,
Win32.LUID Identifier,
LPVOID DynamicGroupArgs,
out AUTHZ_CLIENT_CONTEXT_HANDLE authzClientContext);
internal static extern bool AuthzInitializeContextFromToken(AuthzInitFlags flags, SafeAccessTokenHandle hToken, SafeAuthzResourceManagerHandle authRm, IntPtr expirationTime, Luid identifier, IntPtr dynamicGroupArgs, out SafeAuthzContextHandle authzClientContext);
internal static extern bool AuthzInitializeContextFromSid(AuthzInitFlags flags, byte[] rawUserSid, SafeAuthzResourceManagerHandle authRm, IntPtr expirationTime, Luid identifier, IntPtr dynamicGroupArgs, out SafeAuthzContextHandle authzClientContext);
