public static OwaClientSecurityContextIdentity CreateFromLiveIDIdentity(LiveIDIdentity liveIDIdentity) { if (liveIDIdentity == null) { throw new ArgumentNullException("liveIDIdentity"); } OwaLiveIDIdentity owaLiveIDIdentity = new OwaLiveIDIdentity(liveIDIdentity.Sid, liveIDIdentity.HasAcceptedAccruals); owaLiveIDIdentity.userOrganizationProperties = liveIDIdentity.UserOrganizationProperties; owaLiveIDIdentity.DomainName = SmtpAddress.Parse(liveIDIdentity.MemberName).Domain; try { ClientSecurityContext clientSecurityContext = liveIDIdentity.CreateClientSecurityContext(); owaLiveIDIdentity.UpgradePartialIdentity(clientSecurityContext, liveIDIdentity.PrincipalName, string.Empty); } catch (AuthzException ex) { if (ex.InnerException is Win32Exception) { OwaDiagnostics.LogEvent(ClientsEventLogConstants.Tuple_ErrorCreatingClientContext, string.Empty, new object[] { owaLiveIDIdentity.UserSid.ToString(), ex.ToString() }); throw new OwaCreateClientSecurityContextFailedException("There was a problem creating the Client Security Context."); } throw; } return(owaLiveIDIdentity); }
private SecurityIdentifier GetUserSid(IPrincipal user, out PartitionId partitionId, out string wlID) { int hashCode = this.GetHashCode(); ExTraceGlobals.HttpModuleTracer.TraceFunction((long)hashCode, "[RemotePowerShellAuthModule::GetUserSid] Enter."); SecurityIdentifier result = null; partitionId = null; wlID = null; LiveIDIdentity liveIDIdentity = user.Identity as LiveIDIdentity; if (liveIDIdentity != null) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)hashCode, "[RemotePowerShellAuthModule::GetUserSid] Current user has a LiveId Identity."); result = liveIDIdentity.Sid; wlID = liveIDIdentity.MemberName; if (!string.IsNullOrEmpty(liveIDIdentity.PartitionId)) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)hashCode, string.Format("[RemotePowerShellAuthModule::GetUserSid] Current user have a PartitionId {0}.", liveIDIdentity.PartitionId)); PartitionId.TryParse(liveIDIdentity.PartitionId, out partitionId); } } else { WindowsIdentity windowsIdentity = user.Identity as WindowsIdentity; if (windowsIdentity != null) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)hashCode, "[RemotePowerShellAuthModule::GetUserSid] Current user has a Windows Identity."); result = windowsIdentity.User; } } ExTraceGlobals.HttpModuleTracer.TraceFunction((long)hashCode, "[RemotePowerShellAuthModule::GetUserSid] Exit"); return(result); }
internal static OwaClientSecurityContextIdentity CreateFromLiveIDIdentity(LiveIDIdentity liveIDIdentity) { if (liveIDIdentity == null) { throw new ArgumentNullException("liveIDIdentity"); } return(OwaClientSecurityContextIdentity.InternalCreateFromClientSecurityContextIdentity(liveIDIdentity, liveIDIdentity.MemberName, liveIDIdentity.UserOrganizationId)); }
protected static OwaIdentity GetOwaIdentity(IIdentity identity) { CompositeIdentity compositeIdentity = identity as CompositeIdentity; if (compositeIdentity != null) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve CompositeIdentity."); return(OwaCompositeIdentity.CreateFromCompositeIdentity(compositeIdentity)); } WindowsIdentity windowsIdentity = identity as WindowsIdentity; if (windowsIdentity != null) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve WindowsIdentity."); if (windowsIdentity.IsAnonymous) { ExTraceGlobals.CoreCallTracer.TraceError(0L, "[OwaIdentity::ResolveLogonIdentity] - Windows identity cannot be anonymous."); throw new OwaIdentityException("Cannot create security context for anonymous windows identity."); } return(OwaWindowsIdentity.CreateFromWindowsIdentity(windowsIdentity)); } else { LiveIDIdentity liveIDIdentity = identity as LiveIDIdentity; if (liveIDIdentity != null) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve LiveIDIdentity."); return(OwaClientSecurityContextIdentity.CreateFromLiveIDIdentity(liveIDIdentity)); } WindowsTokenIdentity windowsTokenIdentity = identity as WindowsTokenIdentity; if (windowsTokenIdentity != null) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve WindowsTokenIdentity."); return(OwaClientSecurityContextIdentity.CreateFromClientSecurityContextIdentity(windowsTokenIdentity)); } OAuthIdentity oauthIdentity = identity as OAuthIdentity; if (oauthIdentity != null) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve OAuthIdentity."); return(OwaClientSecurityContextIdentity.CreateFromOAuthIdentity(oauthIdentity)); } AdfsIdentity adfsIdentity = identity as AdfsIdentity; if (adfsIdentity != null) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve AdfsIdentity."); return(OwaClientSecurityContextIdentity.CreateFromAdfsIdentity(identity as AdfsIdentity)); } SidBasedIdentity sidBasedIdentity = identity as SidBasedIdentity; if (sidBasedIdentity != null) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve SidBasedIdentity."); return(OwaClientSecurityContextIdentity.CreateFromsidBasedIdentity(sidBasedIdentity)); } ExTraceGlobals.CoreCallTracer.TraceError <Type>(0L, "[OwaIdentity::ResolveLogonIdentity] - Cannot resolve unsupported identity type: {0}.", identity.GetType()); throw new NotSupportedException(string.Format("Unexpected identity type. {0}", identity.GetType())); } }
// Token: 0x060007D3 RID: 2003 RVA: 0x00019C68 File Offset: 0x00017E68 public static bool IsPublicComputerSession(HttpContext httpContext) { LiveIDIdentity liveIDIdentity = httpContext.User.Identity as LiveIDIdentity; AdfsIdentity adfsIdentity = httpContext.User.Identity as AdfsIdentity; bool result; if (liveIDIdentity != null) { string text = httpContext.Request.Headers["X-LoginAttributes"]; if (string.IsNullOrWhiteSpace(text)) { if (liveIDIdentity.LoginAttributes != null) { result = !liveIDIdentity.LoginAttributes.IsInsideCorpnetSession; ExTraceGlobals.CoreTracer.TraceError <uint, bool>(0L, "[UserContextUtilities::IsPublicComputerSession] session is a live identity session. LoginAttributes header is NULL. LoginAttributes in the identity is {0}, IsInsideCorpnetSession = {1}.", liveIDIdentity.LoginAttributes.Value, liveIDIdentity.LoginAttributes.IsInsideCorpnetSession); } else { result = true; ExTraceGlobals.CoreTracer.TraceError(0L, "[UserContextUtilities::IsPublicComputerSession] session is a live identity session. LoginAttributes header is NULL and identity.LoginAttributes is also NULL. Defaulting to public."); } } else { LiveIdLoginAttributes liveIdLoginAttributes = new LiveIdLoginAttributes(Convert.ToUInt32(text)); result = !liveIdLoginAttributes.IsInsideCorpnetSession; ExTraceGlobals.CoreTracer.TraceDebug(0L, "[UserContextUtilities::IsPublicComputerSession] session is a live identity session. LoginAttributes header value is {0}, LoginAttributes = {1}, IsInsideCorpnetSession = {2}, LoginAttributes in the identity is {3}, IsInsideCorpnetSession = {4}", new object[] { text, liveIdLoginAttributes.Value, liveIdLoginAttributes.IsInsideCorpnetSession, (liveIDIdentity.LoginAttributes != null) ? liveIDIdentity.LoginAttributes.Value.ToString() : string.Empty, (liveIDIdentity.LoginAttributes != null) ? liveIDIdentity.LoginAttributes.IsInsideCorpnetSession.ToString() : string.Empty }); httpContext.Response.AppendToLog("&loginAttributesBE=" + text); } } else if (adfsIdentity != null) { ExTraceGlobals.CoreTracer.TraceDebug <bool>(0L, "[UserContextUtilities::IsPublicComputerSession] session is a ADFS identity session is public computer: {0}.", adfsIdentity.IsPublicSession); result = adfsIdentity.IsPublicSession; } else { result = true; ExTraceGlobals.CoreTracer.TraceDebug(0L, "[SessionSettingsType::SetPublicComputerSession] session is NOT a live identity nor an ADFS identity session. Hence, defaulting to public computer session."); } return(result); }
// Token: 0x060000C2 RID: 194 RVA: 0x00005A6C File Offset: 0x00003C6C private OrganizationId GetOrganization(CommonAccessToken commonAccessToken, IIdentity identity, AccessTokenType accessTokenType) { if (commonAccessToken != null && commonAccessToken.ExtensionData.ContainsKey("OrganizationIdBase64")) { string text = commonAccessToken.ExtensionData["OrganizationIdBase64"]; if (!string.IsNullOrEmpty(text)) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From CAT."); return(CommonAccessTokenAccessor.DeserializeOrganizationId(text)); } } if (identity is LiveIDIdentity) { LiveIDIdentity liveIDIdentity = (LiveIDIdentity)identity; if (liveIDIdentity.UserOrganizationId != null) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From LiveIdIdentity."); return(liveIDIdentity.UserOrganizationId); } } if (identity is SidOAuthIdentity) { SidOAuthIdentity sidOAuthIdentity = (SidOAuthIdentity)identity; if (sidOAuthIdentity.OAuthIdentity != null && !sidOAuthIdentity.OAuthIdentity.IsAppOnly) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From SidOAuthIdentity."); return(sidOAuthIdentity.OAuthIdentity.OrganizationId); } } if (commonAccessToken != null) { if (accessTokenType == AccessTokenType.CertificateSid) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Certificate - First Org."); return(OrganizationId.ForestWideOrgId); } if (accessTokenType == AccessTokenType.Windows && commonAccessToken.WindowsAccessToken != null) { ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Kerberos - First Org."); return(OrganizationId.ForestWideOrgId); } } ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Org=Null."); return(null); }