public static OwaClientSecurityContextIdentity CreateFromLiveIDIdentity(LiveIDIdentity liveIDIdentity)
{
if (liveIDIdentity == null)
{
throw new ArgumentNullException("liveIDIdentity");
}
OwaLiveIDIdentity owaLiveIDIdentity = new OwaLiveIDIdentity(liveIDIdentity.Sid, liveIDIdentity.HasAcceptedAccruals);
owaLiveIDIdentity.userOrganizationProperties = liveIDIdentity.UserOrganizationProperties;
owaLiveIDIdentity.DomainName = SmtpAddress.Parse(liveIDIdentity.MemberName).Domain;
try
{
ClientSecurityContext clientSecurityContext = liveIDIdentity.CreateClientSecurityContext();
owaLiveIDIdentity.UpgradePartialIdentity(clientSecurityContext, liveIDIdentity.PrincipalName, string.Empty);
}
catch (AuthzException ex)
{
if (ex.InnerException is Win32Exception)
{
OwaDiagnostics.LogEvent(ClientsEventLogConstants.Tuple_ErrorCreatingClientContext, string.Empty, new object[]
{
owaLiveIDIdentity.UserSid.ToString(),
ex.ToString()
});
throw new OwaCreateClientSecurityContextFailedException("There was a problem creating the Client Security Context.");
}
throw;
}
return(owaLiveIDIdentity);
}
private SecurityIdentifier GetUserSid(IPrincipal user, out PartitionId partitionId, out string wlID)
{
int hashCode = this.GetHashCode();
ExTraceGlobals.HttpModuleTracer.TraceFunction((long)hashCode, "[RemotePowerShellAuthModule::GetUserSid] Enter.");
SecurityIdentifier result = null;
partitionId = null;
wlID = null;
LiveIDIdentity liveIDIdentity = user.Identity as LiveIDIdentity;
if (liveIDIdentity != null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)hashCode, "[RemotePowerShellAuthModule::GetUserSid] Current user has a LiveId Identity.");
result = liveIDIdentity.Sid;
wlID = liveIDIdentity.MemberName;
if (!string.IsNullOrEmpty(liveIDIdentity.PartitionId))
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)hashCode, string.Format("[RemotePowerShellAuthModule::GetUserSid] Current user have a PartitionId {0}.", liveIDIdentity.PartitionId));
PartitionId.TryParse(liveIDIdentity.PartitionId, out partitionId);
}
}
else
{
WindowsIdentity windowsIdentity = user.Identity as WindowsIdentity;
if (windowsIdentity != null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)hashCode, "[RemotePowerShellAuthModule::GetUserSid] Current user has a Windows Identity.");
result = windowsIdentity.User;
}
}
ExTraceGlobals.HttpModuleTracer.TraceFunction((long)hashCode, "[RemotePowerShellAuthModule::GetUserSid] Exit");
return(result);
}
internal static OwaClientSecurityContextIdentity CreateFromLiveIDIdentity(LiveIDIdentity liveIDIdentity)
{
if (liveIDIdentity == null)
{
throw new ArgumentNullException("liveIDIdentity");
}
return(OwaClientSecurityContextIdentity.InternalCreateFromClientSecurityContextIdentity(liveIDIdentity, liveIDIdentity.MemberName, liveIDIdentity.UserOrganizationId));
}
protected static OwaIdentity GetOwaIdentity(IIdentity identity)
{
CompositeIdentity compositeIdentity = identity as CompositeIdentity;
if (compositeIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve CompositeIdentity.");
return(OwaCompositeIdentity.CreateFromCompositeIdentity(compositeIdentity));
}
WindowsIdentity windowsIdentity = identity as WindowsIdentity;
if (windowsIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve WindowsIdentity.");
if (windowsIdentity.IsAnonymous)
{
ExTraceGlobals.CoreCallTracer.TraceError(0L, "[OwaIdentity::ResolveLogonIdentity] - Windows identity cannot be anonymous.");
throw new OwaIdentityException("Cannot create security context for anonymous windows identity.");
}
return(OwaWindowsIdentity.CreateFromWindowsIdentity(windowsIdentity));
}
else
{
LiveIDIdentity liveIDIdentity = identity as LiveIDIdentity;
if (liveIDIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve LiveIDIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromLiveIDIdentity(liveIDIdentity));
}
WindowsTokenIdentity windowsTokenIdentity = identity as WindowsTokenIdentity;
if (windowsTokenIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve WindowsTokenIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromClientSecurityContextIdentity(windowsTokenIdentity));
}
OAuthIdentity oauthIdentity = identity as OAuthIdentity;
if (oauthIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve OAuthIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromOAuthIdentity(oauthIdentity));
}
AdfsIdentity adfsIdentity = identity as AdfsIdentity;
if (adfsIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve AdfsIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromAdfsIdentity(identity as AdfsIdentity));
}
SidBasedIdentity sidBasedIdentity = identity as SidBasedIdentity;
if (sidBasedIdentity != null)
{
ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[OwaIdentity::ResolveLogonIdentity] - Trying to resolve SidBasedIdentity.");
return(OwaClientSecurityContextIdentity.CreateFromsidBasedIdentity(sidBasedIdentity));
}
ExTraceGlobals.CoreCallTracer.TraceError <Type>(0L, "[OwaIdentity::ResolveLogonIdentity] - Cannot resolve unsupported identity type: {0}.", identity.GetType());
throw new NotSupportedException(string.Format("Unexpected identity type. {0}", identity.GetType()));
}
}
// Token: 0x060007D3 RID: 2003 RVA: 0x00019C68 File Offset: 0x00017E68
public static bool IsPublicComputerSession(HttpContext httpContext)
{
LiveIDIdentity liveIDIdentity = httpContext.User.Identity as LiveIDIdentity;
AdfsIdentity adfsIdentity = httpContext.User.Identity as AdfsIdentity;
bool result;
if (liveIDIdentity != null)
{
string text = httpContext.Request.Headers["X-LoginAttributes"];
if (string.IsNullOrWhiteSpace(text))
{
if (liveIDIdentity.LoginAttributes != null)
{
result = !liveIDIdentity.LoginAttributes.IsInsideCorpnetSession;
ExTraceGlobals.CoreTracer.TraceError <uint, bool>(0L, "[UserContextUtilities::IsPublicComputerSession] session is a live identity session. LoginAttributes header is NULL. LoginAttributes in the identity is {0}, IsInsideCorpnetSession = {1}.", liveIDIdentity.LoginAttributes.Value, liveIDIdentity.LoginAttributes.IsInsideCorpnetSession);
}
else
{
result = true;
ExTraceGlobals.CoreTracer.TraceError(0L, "[UserContextUtilities::IsPublicComputerSession] session is a live identity session. LoginAttributes header is NULL and identity.LoginAttributes is also NULL. Defaulting to public.");
}
}
else
{
LiveIdLoginAttributes liveIdLoginAttributes = new LiveIdLoginAttributes(Convert.ToUInt32(text));
result = !liveIdLoginAttributes.IsInsideCorpnetSession;
ExTraceGlobals.CoreTracer.TraceDebug(0L, "[UserContextUtilities::IsPublicComputerSession] session is a live identity session. LoginAttributes header value is {0}, LoginAttributes = {1}, IsInsideCorpnetSession = {2}, LoginAttributes in the identity is {3}, IsInsideCorpnetSession = {4}", new object[]
{
text,
liveIdLoginAttributes.Value,
liveIdLoginAttributes.IsInsideCorpnetSession,
(liveIDIdentity.LoginAttributes != null) ? liveIDIdentity.LoginAttributes.Value.ToString() : string.Empty,
(liveIDIdentity.LoginAttributes != null) ? liveIDIdentity.LoginAttributes.IsInsideCorpnetSession.ToString() : string.Empty
});
httpContext.Response.AppendToLog("&loginAttributesBE=" + text);
}
}
else if (adfsIdentity != null)
{
ExTraceGlobals.CoreTracer.TraceDebug <bool>(0L, "[UserContextUtilities::IsPublicComputerSession] session is a ADFS identity session is public computer: {0}.", adfsIdentity.IsPublicSession);
result = adfsIdentity.IsPublicSession;
}
else
{
result = true;
ExTraceGlobals.CoreTracer.TraceDebug(0L, "[SessionSettingsType::SetPublicComputerSession] session is NOT a live identity nor an ADFS identity session. Hence, defaulting to public computer session.");
}
return(result);
}
// Token: 0x060000C2 RID: 194 RVA: 0x00005A6C File Offset: 0x00003C6C
private OrganizationId GetOrganization(CommonAccessToken commonAccessToken, IIdentity identity, AccessTokenType accessTokenType)
{
if (commonAccessToken != null && commonAccessToken.ExtensionData.ContainsKey("OrganizationIdBase64"))
{
string text = commonAccessToken.ExtensionData["OrganizationIdBase64"];
if (!string.IsNullOrEmpty(text))
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From CAT.");
return(CommonAccessTokenAccessor.DeserializeOrganizationId(text));
}
}
if (identity is LiveIDIdentity)
{
LiveIDIdentity liveIDIdentity = (LiveIDIdentity)identity;
if (liveIDIdentity.UserOrganizationId != null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From LiveIdIdentity.");
return(liveIDIdentity.UserOrganizationId);
}
}
if (identity is SidOAuthIdentity)
{
SidOAuthIdentity sidOAuthIdentity = (SidOAuthIdentity)identity;
if (sidOAuthIdentity.OAuthIdentity != null && !sidOAuthIdentity.OAuthIdentity.IsAppOnly)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From SidOAuthIdentity.");
return(sidOAuthIdentity.OAuthIdentity.OrganizationId);
}
}
if (commonAccessToken != null)
{
if (accessTokenType == AccessTokenType.CertificateSid)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Certificate - First Org.");
return(OrganizationId.ForestWideOrgId);
}
if (accessTokenType == AccessTokenType.Windows && commonAccessToken.WindowsAccessToken != null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Kerberos - First Org.");
return(OrganizationId.ForestWideOrgId);
}
}
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Org=Null.");
return(null);
}
