// Token: 0x06000433 RID: 1075 RVA: 0x000181F8 File Offset: 0x000163F8 private static ADRawEntry GetCallerAdEntry(IRequestContext requestContext) { if (!requestContext.HttpContext.Items.Contains(Constants.CallerADRawEntryKeyName)) { CommonAccessToken commonAccessToken = requestContext.HttpContext.Items["Item-CommonAccessToken"] as CommonAccessToken; if (commonAccessToken == null) { throw new InvalidOperationException("CAT token not present - cannot lookup LiveIdBasic user's AD entry."); } ADRawEntry value = null; LatencyTracker latencyTracker = (LatencyTracker)requestContext.HttpContext.Items[Constants.LatencyTrackerContextKeyName]; LiveIdBasicTokenAccessor accessor = LiveIdBasicTokenAccessor.Attach(commonAccessToken); if (accessor.TokenType == 2) { if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1)) { ExTraceGlobals.VerboseTracer.TraceDebug <string, string>(0L, "[Extensions::GetFullCallerIdentity] Calling AD to convert PUID {0} for LiveIdMemberName {1} to SID to construct GenericSidIdentity.", accessor.Puid, accessor.LiveIdMemberName); } ITenantRecipientSession session = DirectoryHelper.GetTenantRecipientSessionFromSmtpOrLiveId(accessor.LiveIdMemberName, requestContext.Logger, latencyTracker, false); value = DirectoryHelper.InvokeAccountForest <ADRawEntry>(latencyTracker, () => session.FindUniqueEntryByNetID(accessor.Puid, null, UserBasedAnchorMailbox.ADRawEntryPropertySet, "d:\\dbs\\sh\\e16df\\0212_214120_0\\cmd\\1g\\sources\\Dev\\Cafe\\src\\HttpProxy\\Misc\\LiveIdBasicHelper.cs", 92, "GetCallerAdEntry"), requestContext.Logger, session); } requestContext.HttpContext.Items[Constants.CallerADRawEntryKeyName] = value; } return((ADRawEntry)requestContext.HttpContext.Items[Constants.CallerADRawEntryKeyName]); }
private string GetExecutingUserOrganization(out string organizatonRoutingHint) { organizatonRoutingHint = null; CommonAccessToken commonAccessToken = base.HttpContext.Items["Item-CommonAccessToken"] as CommonAccessToken; if (commonAccessToken == null) { if (base.AuthBehavior.AuthState != AuthState.FrontEndFullAuth) { string executingUserOrganization = base.AuthBehavior.GetExecutingUserOrganization(); if (!string.IsNullOrEmpty(executingUserOrganization)) { organizatonRoutingHint = "LiveIdBasic-UserOrg"; return(executingUserOrganization); } } return(null); } switch ((AccessTokenType)Enum.Parse(typeof(AccessTokenType), commonAccessToken.TokenType, true)) { case AccessTokenType.LiveIdBasic: { LiveIdBasicTokenAccessor liveIdBasicTokenAccessor = LiveIdBasicTokenAccessor.Attach(commonAccessToken); SmtpAddress smtpAddress = new SmtpAddress(liveIdBasicTokenAccessor.LiveIdMemberName); organizatonRoutingHint = "LiveIdBasic-UserOrg"; return(smtpAddress.Domain); } case AccessTokenType.LiveIdNego2: { string result; commonAccessToken.ExtensionData.TryGetValue("OrganizationName", out result); organizatonRoutingHint = "LiveIdNego2-UserOrg"; return(result); } default: return(null); } }
private static ADRawEntry GetCallerAdEntry(HttpContext httpContext) { if (!httpContext.Items.Contains(Constants.CallerADRawEntryKeyName)) { CommonAccessToken commonAccessToken = httpContext.Items["Item-CommonAccessToken"] as CommonAccessToken; if (commonAccessToken == null) { throw new InvalidOperationException("CAT token not present - cannot lookup LiveIdBasic user's AD entry."); } ADRawEntry value = null; LatencyTracker latencyTracker = (LatencyTracker)httpContext.Items[Constants.LatencyTrackerContextKeyName]; LiveIdBasicTokenAccessor accessor = LiveIdBasicTokenAccessor.Attach(commonAccessToken); if (accessor.TokenType == AccessTokenType.LiveIdBasic) { ExTraceGlobals.VerboseTracer.TraceDebug <string, string>(0L, "[Extensions::GetFullCallerIdentity] Calling AD to convert PUID {0} for LiveIdMemberName {1} to SID to construct GenericSidIdentity.", accessor.Puid, accessor.LiveIdMemberName); ITenantRecipientSession session = DirectoryHelper.GetTenantRecipientSessionFromSmtpOrLiveId(latencyTracker, accessor.LiveIdMemberName, false); value = DirectoryHelper.InvokeAccountForest(latencyTracker, () => session.FindUniqueEntryByNetID(accessor.Puid, null, UserBasedAnchorMailbox.ADRawEntryPropertySet)); } httpContext.Items[Constants.CallerADRawEntryKeyName] = value; } return((ADRawEntry)httpContext.Items[Constants.CallerADRawEntryKeyName]); }
// Token: 0x060000EA RID: 234 RVA: 0x00005B50 File Offset: 0x00003D50 private static AnchorMailbox TryCreateFromCommonAccessToken(CommonAccessToken cat, IRequestContext requestContext) { AccessTokenType accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true); if (accessTokenType == 5) { requestContext.Logger.SafeSet(3, "CommonAccessToken-CompositeIdentity"); cat = CommonAccessToken.Deserialize(cat.ExtensionData["PrimaryIdentityToken"]); accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true); } switch (accessTokenType) { case 0: requestContext.Logger.SafeSet(3, "CommonAccessToken-Windows"); return(new SidAnchorMailbox(cat.WindowsAccessToken.UserSid, requestContext)); case 1: { LiveIdFbaTokenAccessor liveIdFbaTokenAccessor = LiveIdFbaTokenAccessor.Attach(cat); requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveId"); return(new SidAnchorMailbox(liveIdFbaTokenAccessor.UserSid, requestContext) { OrganizationId = liveIdFbaTokenAccessor.OrganizationId, SmtpOrLiveId = liveIdFbaTokenAccessor.LiveIdMemberName }); } case 2: { LiveIdBasicTokenAccessor liveIdBasicTokenAccessor = LiveIdBasicTokenAccessor.Attach(cat); requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveIdBasic"); if (liveIdBasicTokenAccessor.UserSid != null) { return(new SidAnchorMailbox(liveIdBasicTokenAccessor.UserSid, requestContext) { OrganizationId = liveIdBasicTokenAccessor.OrganizationId, SmtpOrLiveId = liveIdBasicTokenAccessor.LiveIdMemberName }); } if (SmtpAddress.IsValidSmtpAddress(liveIdBasicTokenAccessor.LiveIdMemberName)) { string domain = SmtpAddress.Parse(liveIdBasicTokenAccessor.LiveIdMemberName).Domain; return(new PuidAnchorMailbox(liveIdBasicTokenAccessor.Puid, domain, requestContext)); } return(null); } case 3: { string sid = cat.ExtensionData["UserSid"]; string text; cat.ExtensionData.TryGetValue("OrganizationName", out text); string smtpOrLiveId; cat.ExtensionData.TryGetValue("MemberName", out smtpOrLiveId); if (!string.IsNullOrEmpty(text) && requestContext.Logger != null) { requestContext.Logger.ActivityScope.SetProperty(5, text); } requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveIdNego2"); return(new SidAnchorMailbox(sid, requestContext) { SmtpOrLiveId = smtpOrLiveId }); } case 4: return(null); case 6: return(null); case 7: { ADRawEntry httpContextADRawEntry = AuthCommon.GetHttpContextADRawEntry(requestContext.HttpContext); if (httpContextADRawEntry != null) { requestContext.Logger.SafeSet(3, "CommonAccessToken-CertificateSid"); return(new UserADRawEntryAnchorMailbox(httpContextADRawEntry, requestContext)); } CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Attach(cat); requestContext.Logger.SafeSet(3, "CommonAccessToken-CertificateSid"); return(new SidAnchorMailbox(certificateSidTokenAccessor.UserSid, requestContext) { PartitionId = certificateSidTokenAccessor.PartitionId }); } case 8: return(null); } return(null); }
private static AnchorMailbox TryCreateFromCommonAccessToken(CommonAccessToken cat, IRequestContext requestContext) { AccessTokenType accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true); if (accessTokenType == AccessTokenType.CompositeIdentity) { requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CompositeIdentity"); cat = CommonAccessToken.Deserialize(cat.ExtensionData["PrimaryIdentityToken"]); accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true); } switch (accessTokenType) { case AccessTokenType.Windows: requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-Windows"); return(new SidAnchorMailbox(cat.WindowsAccessToken.UserSid, requestContext)); case AccessTokenType.LiveId: { LiveIdFbaTokenAccessor liveIdFbaTokenAccessor = LiveIdFbaTokenAccessor.Attach(cat); requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveId"); return(new SidAnchorMailbox(liveIdFbaTokenAccessor.UserSid, requestContext) { OrganizationId = liveIdFbaTokenAccessor.OrganizationId, SmtpOrLiveId = liveIdFbaTokenAccessor.LiveIdMemberName }); } case AccessTokenType.LiveIdBasic: { LiveIdBasicTokenAccessor liveIdBasicTokenAccessor = LiveIdBasicTokenAccessor.Attach(cat); requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveIdBasic"); if (liveIdBasicTokenAccessor.UserSid != null) { return(new SidAnchorMailbox(liveIdBasicTokenAccessor.UserSid, requestContext) { OrganizationId = liveIdBasicTokenAccessor.OrganizationId, SmtpOrLiveId = liveIdBasicTokenAccessor.LiveIdMemberName }); } return(new PuidAnchorMailbox(liveIdBasicTokenAccessor.Puid, liveIdBasicTokenAccessor.LiveIdMemberName, requestContext)); } case AccessTokenType.LiveIdNego2: { string sid = cat.ExtensionData["UserSid"]; string value; cat.ExtensionData.TryGetValue("OrganizationName", out value); string smtpOrLiveId; cat.ExtensionData.TryGetValue("MemberName", out smtpOrLiveId); if (!string.IsNullOrEmpty(value) && requestContext.Logger != null) { requestContext.Logger.ActivityScope.SetProperty(ActivityStandardMetadata.TenantId, value); } requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveIdNego2"); return(new SidAnchorMailbox(sid, requestContext) { SmtpOrLiveId = smtpOrLiveId }); } case AccessTokenType.OAuth: return(null); case AccessTokenType.Adfs: return(null); case AccessTokenType.CertificateSid: { ADRawEntry httpContextADRawEntry = AuthCommon.GetHttpContextADRawEntry(requestContext.HttpContext); if (httpContextADRawEntry != null) { requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CertificateSid"); return(new UserADRawEntryAnchorMailbox(httpContextADRawEntry, requestContext)); } CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Attach(cat); requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CertificateSid"); return(new SidAnchorMailbox(certificateSidTokenAccessor.UserSid, requestContext) { PartitionId = certificateSidTokenAccessor.PartitionId }); } case AccessTokenType.RemotePowerShellDelegated: return(null); } return(null); }