public PowerShellResults EnableOrganizationCustomization()
{
LocalSession localSession = LocalSession.Current;
RbacSettings.AddSessionToCache(localSession.CacheKeys[0], localSession, false, false);
return(base.InvokeAsync(new PSCommand().AddCommand("Enable-OrganizationCustomization"), delegate(PowerShellResults results)
{
if (results != null && results.ErrorRecords.IsNullOrEmpty())
{
LocalSession.Current.FlushCache();
}
}));
}
public AuthenticationSettings(HttpContext context)
{
if (!context.Request.IsAuthenticated || Utility.IsResourceRequest(context.Request.Path))
{
this.Session = (context.IsLogoffRequest() ? LogoffSession.AnonymousSession : AnonymousSession.Instance);
return;
}
RbacSettings rbacSettings = new RbacSettings(context);
if (context.IsLogoffRequest())
{
this.Session = new LogoffSession(rbacSettings, context.User.Identity);
return;
}
this.Session = rbacSettings.Session;
}
private RbacSession CreateSession()
{
RbacSession result;
using (new AverageTimePerfCounter(EcpPerfCounters.AverageRbacSessionCreation, EcpPerfCounters.AverageRbacSessionCreationBase, true))
{
using (EcpPerformanceData.CreateRbacSession.StartRequestTimer())
{
RbacContext rbacContext = new RbacContext(this);
RbacSession rbacSession = rbacContext.CreateSession();
RbacSettings.AddSessionToCache(this.CacheKey, rbacSession, true, true);
rbacSession.SessionStart();
result = rbacSession;
}
}
return(result);
}
public RbacContext(RbacSettings settings)
{
RbacContext < > 4__this = this;
ExTraceGlobals.RBACTracer.TraceInformation <string>(0, 0L, "Creating RBAC context for {0}", settings.UserName);
this.Settings = settings;
this.roles = new LazilyInitialized <ExchangeRunspaceConfiguration>(delegate()
{
ExchangeRunspaceConfiguration exchangeRunspaceConfiguration;
if (DatacenterRegistry.IsForefrontForOffice())
{
Assembly assembly = Assembly.Load("Microsoft.Exchange.Hygiene.Security.Authorization");
string siteName = HostingEnvironment.ApplicationHost.GetSiteName();
try
{
string name = (RbacContext.PullHostedTenantRbac && (bool)HttpContext.Current.Items["IsHostedTenant"]) ? "Microsoft.Exchange.Hygiene.Security.Authorization.ForefrontRunspaceConfigurationForHostedTenant" : "Microsoft.Exchange.Hygiene.Security.Authorization.ForefrontRunspaceConfiguration";
Type type = assembly.GetType(name);
exchangeRunspaceConfiguration = (ExchangeRunspaceConfiguration)Activator.CreateInstance(type, new object[]
{
< > 4__this.Settings.OriginalLogonUserIdentity,
siteName
});
goto IL_222;
}
public LogoffSession(RbacSettings rbacSettings, IIdentity identity)
{
this.rbacSettings = rbacSettings;
this.identity = identity;
}
public RbacSettings(HttpContext context)
{
ExTraceGlobals.RBACTracer.TraceInformation <string>(0, 0L, "Extracting RBAC settings from {0}.", context.GetRequestUrlForLog());
Guid vdirId = Guid.Empty;
Guid.TryParse(HttpContext.Current.Request.Headers["X-vDirObjectId"], out vdirId);
this.ecpService = new Lazy <EcpService>(delegate()
{
if (vdirId == Guid.Empty)
{
return(null);
}
ServiceTopology currentServiceTopology = ServiceTopology.GetCurrentServiceTopology("f:\\15.00.1497\\sources\\dev\\admin\\src\\ecp\\RBAC\\RbacSettings.cs", ".ctor", 707);
return(currentServiceTopology.FindAnyCafeService <EcpService>((EcpService service) => service.ADObjectId.ObjectGuid == vdirId, "f:\\15.00.1497\\sources\\dev\\admin\\src\\ecp\\RBAC\\RbacSettings.cs", ".ctor", 708));
});
this.LogonUserIdentity = context.User.Identity;
this.OriginalUser = context.User;
this.IsProxyLogon = context.Request.FilePath.EndsWith("/proxyLogon.ecp", StringComparison.OrdinalIgnoreCase);
bool flag = context.IsAcsOAuthRequest();
if (this.IsProxyLogon)
{
this.ProxySecurityAccessToken = new SerializedAccessToken(context.Request.InputStream);
}
else
{
this.ProxySecurityAccessToken = null;
}
string logonAccountSddlSid = context.Request.Headers["msExchLogonAccount"];
string text = context.Request.Headers["msExchLogonMailbox"];
string targetMailboxSddlSid = context.Request.Headers["msExchTargetMailbox"];
Server inboundProxyCaller = RbacSettings.GetInboundProxyCaller(text, this.LogonUserIdentity as WindowsIdentity);
if (inboundProxyCaller != null)
{
this.IsInboundProxyRequest = true;
this.InboundProxyCallerName = inboundProxyCaller.Name;
EcpLogonInformation identity = EcpLogonInformation.Create(logonAccountSddlSid, text, targetMailboxSddlSid, this.ProxySecurityAccessToken);
this.EcpIdentity = new EcpIdentity(identity, "-ProxySession");
}
else
{
this.IsInboundProxyRequest = false;
this.InboundProxyCallerName = string.Empty;
string explicitUser = context.GetExplicitUser();
string targetTenant = context.GetTargetTenant();
string text2 = string.IsNullOrEmpty(targetTenant) ? "-RbacSession" : ("-RbacSession-@" + targetTenant);
if (flag)
{
text2 += "-OAuthACS";
}
if (!string.IsNullOrEmpty(explicitUser))
{
this.EcpIdentity = new EcpIdentity(context.User, explicitUser, text2);
}
else
{
this.EcpIdentity = new EcpIdentity(this.LogonUserIdentity, text2);
}
}
this.UserUniqueKeyForCanary = this.GetUserUniqueKey();
this.IsExplicitSignOn = this.EcpIdentity.IsExplicitSignon;
bool flag2 = null == context.Request.Cookies[RbacModule.SessionStateCookieName];
if (flag2 && !flag)
{
context.Response.Cookies.Add(new HttpCookie(RbacModule.SessionStateCookieName, Guid.NewGuid().ToString())
{
HttpOnly = true
});
this.CacheKey = this.GetCacheKey();
this.ExpireSession();
}
else
{
this.CacheKey = this.GetCacheKey();
}
ExTraceGlobals.RBACTracer.TraceInformation(0, 0L, "RBAC Settings for {0}: UserName: {1}, IsNewBrowserWindow={2}, IsInboundProxyRequest={3}, InboundProxyCallerName={4}, HasCachedSession={5}", new object[]
{
context.GetRequestUrlForLog(),
this.UserName,
flag2,
this.IsInboundProxyRequest,
this.InboundProxyCallerName,
this.CachedSession != null
});
}
public RoleTypeSegment(RbacSettings rbacSettings)
{
this.rbacSettings = rbacSettings;
}
