private void CreateInputHtmlCollection(SecureNameValueCollection collection, SecureHttpBuffer buffer, Uri redirectUrl, int majorCasVersion)
{
string value = "<input type='hidden' name='";
string value2 = "' value='";
string value3 = "'>";
foreach (string text in collection)
{
buffer.CopyAtCurrentPosition(value);
buffer.CopyAtCurrentPosition(text);
buffer.CopyAtCurrentPosition(value2);
if (text == "password")
{
SecureString secureValue;
collection.TryGetSecureValue(text, out secureValue);
buffer.CopyAtCurrentPosition(secureValue);
}
else if (text == "destination")
{
string text2;
collection.TryGetUnsecureValue(text, out text2);
Uri uri;
if (!Uri.TryCreate(text2, UriKind.Absolute, out uri))
{
throw new OwaInvalidRequestException("destination value is not valid");
}
StringBuilder stringBuilder = new StringBuilder();
if (majorCasVersion < (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
{
stringBuilder.Append(redirectUrl);
}
else
{
stringBuilder.Append(redirectUrl.Scheme);
stringBuilder.Append(Uri.SchemeDelimiter);
stringBuilder.Append(redirectUrl.Authority);
if (Utilities.IsOwaUrl(uri, OwaUrl.AuthPost, true))
{
stringBuilder.Append(OwaUrl.ApplicationRoot.ImplicitUrl);
}
else
{
stringBuilder.Append(uri.PathAndQuery);
}
}
buffer.CopyAtCurrentPosition(stringBuilder.ToString());
}
else
{
string text2;
collection.TryGetUnsecureValue(text, out text2);
buffer.CopyAtCurrentPosition(text2);
}
buffer.CopyAtCurrentPosition(value3);
}
}
private void CreateHtmlForSsoFba(SecureHttpBuffer buffer, SecureNameValueCollection collection, Uri redirectUrl, int majorCasVersion)
{
SanitizedHtmlString noScriptHtml = Utilities.GetNoScriptHtml();
string value = "<html><noscript>";
string value2 = "</noscript><head><title>Continue</title><script type='text/javascript'>function OnBack(){}function DoSubmit(){var subt=false;if(!subt){subt=true;document.logonForm.submit();}}</script></head><body onload='javascript:DoSubmit();'>";
string value3 = "</body></html>";
buffer.CopyAtCurrentPosition(value);
buffer.CopyAtCurrentPosition(noScriptHtml.ToString());
buffer.CopyAtCurrentPosition(value2);
this.CreateFormHtmlForSsoFba(buffer, collection, redirectUrl, majorCasVersion);
buffer.CopyAtCurrentPosition(value3);
}
private void RedirectUsingSSOFBA(SecureNameValueCollection collection, Uri redirectUrl, HttpResponse response, int majorCasVersion)
{
response.StatusCode = 200;
response.Status = "200 - OK";
response.BufferOutput = false;
response.CacheControl = "no-cache";
response.Cache.SetNoStore();
HttpCookie httpCookie = new HttpCookie("PBack");
httpCookie.Value = "1";
response.Cookies.Add(httpCookie);
SecureHttpBuffer secureHttpBuffer = new SecureHttpBuffer(1000, response);
this.CreateHtmlForSsoFba(secureHttpBuffer, collection, redirectUrl, majorCasVersion);
secureHttpBuffer.FlushBuffer();
response.End();
}
private void CreateFormHtmlForSsoFba(SecureHttpBuffer buffer, SecureNameValueCollection collection, Uri redirectUrl, int majorCasVersion)
{
string value = "<form name='logonForm' id='logonForm' action='";
string value2 = "' method='post' target='_top'>";
string value3 = "</form>";
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append(redirectUrl.Scheme);
stringBuilder.Append(Uri.SchemeDelimiter);
stringBuilder.Append(redirectUrl.Authority);
if (majorCasVersion < (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
{
stringBuilder.Append("/exchweb/bin/auth/owaauth.dll");
}
else
{
stringBuilder.Append(OwaUrl.AuthDll.ImplicitUrl);
}
buffer.CopyAtCurrentPosition(value);
buffer.CopyAtCurrentPosition(stringBuilder.ToString());
buffer.CopyAtCurrentPosition(value2);
this.CreateInputHtmlCollection(collection, buffer, redirectUrl, majorCasVersion);
buffer.CopyAtCurrentPosition(value3);
}
// Token: 0x06001375 RID: 4981 RVA: 0x00078088 File Offset: 0x00076288
public bool TryReadSecureFormData(out SecureNameValueCollection formCollection)
{
bool flag = false;
formCollection = new SecureNameValueCollection();
bool result;
try
{
if (string.Compare(this.request.ContentType, 0, "application/x-www-form-urlencoded", 0, "application/x-www-form-urlencoded".Length, StringComparison.OrdinalIgnoreCase) != 0)
{
result = false;
}
else
{
byte[] array = new byte[this.request.ContentLength];
int num = array.Length;
for (int i = 0; i < num; i++)
{
int num2 = i;
int num3 = -1;
while (i < num)
{
int num4 = this.request.InputStream.ReadByte();
if (num4 == -1)
{
i = num;
break;
}
array[i] = (byte)num4;
if (array[i] == 61)
{
if (num3 < 0)
{
num3 = i;
}
}
else if (array[i] == 38)
{
break;
}
i++;
}
string text;
int offset;
int count;
if (num3 >= 0)
{
text = HttpUtility.UrlDecode(array, num2, num3 - num2, this.request.ContentEncoding);
offset = num3 + 1;
count = i - num3 - 1;
}
else
{
text = string.Empty;
offset = num2;
count = i - num2;
}
if (this.sensitiveKeys.ContainsKey(text))
{
SecureString secureString;
using (SecureArray <byte> secureArray = new SecureArray <byte>(HttpUtility.UrlDecodeToBytes(array, offset, count)))
{
using (SecureArray <char> secureArray2 = new SecureArray <char>(this.request.ContentEncoding.GetChars(secureArray.ArrayValue)))
{
try
{
secureString = secureArray2.ArrayValue.ConvertToSecureString();
}
catch (ArgumentOutOfRangeException)
{
return(false);
}
}
}
if (formCollection.ContainsSecureValue(text))
{
secureString.Dispose();
return(false);
}
formCollection.AddSecureNameValue(text, secureString);
}
else
{
string value = HttpUtility.UrlDecode(array, offset, count, this.request.ContentEncoding);
if (formCollection.ContainsUnsecureValue(text))
{
return(false);
}
formCollection.AddUnsecureNameValue(text, value);
}
}
flag = true;
result = true;
}
}
finally
{
if (!flag && formCollection != null)
{
formCollection.Dispose();
formCollection = null;
}
}
return(result);
}
