// Token: 0x06000433 RID: 1075 RVA: 0x000181F8 File Offset: 0x000163F8
private static ADRawEntry GetCallerAdEntry(IRequestContext requestContext)
{
if (!requestContext.HttpContext.Items.Contains(Constants.CallerADRawEntryKeyName))
{
CommonAccessToken commonAccessToken = requestContext.HttpContext.Items["Item-CommonAccessToken"] as CommonAccessToken;
if (commonAccessToken == null)
{
throw new InvalidOperationException("CAT token not present - cannot lookup LiveIdBasic user's AD entry.");
}
ADRawEntry value = null;
LatencyTracker latencyTracker = (LatencyTracker)requestContext.HttpContext.Items[Constants.LatencyTrackerContextKeyName];
LiveIdBasicTokenAccessor accessor = LiveIdBasicTokenAccessor.Attach(commonAccessToken);
if (accessor.TokenType == 2)
{
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug <string, string>(0L, "[Extensions::GetFullCallerIdentity] Calling AD to convert PUID {0} for LiveIdMemberName {1} to SID to construct GenericSidIdentity.", accessor.Puid, accessor.LiveIdMemberName);
}
ITenantRecipientSession session = DirectoryHelper.GetTenantRecipientSessionFromSmtpOrLiveId(accessor.LiveIdMemberName, requestContext.Logger, latencyTracker, false);
value = DirectoryHelper.InvokeAccountForest <ADRawEntry>(latencyTracker, () => session.FindUniqueEntryByNetID(accessor.Puid, null, UserBasedAnchorMailbox.ADRawEntryPropertySet, "d:\\dbs\\sh\\e16df\\0212_214120_0\\cmd\\1g\\sources\\Dev\\Cafe\\src\\HttpProxy\\Misc\\LiveIdBasicHelper.cs", 92, "GetCallerAdEntry"), requestContext.Logger, session);
}
requestContext.HttpContext.Items[Constants.CallerADRawEntryKeyName] = value;
}
return((ADRawEntry)requestContext.HttpContext.Items[Constants.CallerADRawEntryKeyName]);
}
private string GetExecutingUserOrganization(out string organizatonRoutingHint)
{
organizatonRoutingHint = null;
CommonAccessToken commonAccessToken = base.HttpContext.Items["Item-CommonAccessToken"] as CommonAccessToken;
if (commonAccessToken == null)
{
if (base.AuthBehavior.AuthState != AuthState.FrontEndFullAuth)
{
string executingUserOrganization = base.AuthBehavior.GetExecutingUserOrganization();
if (!string.IsNullOrEmpty(executingUserOrganization))
{
organizatonRoutingHint = "LiveIdBasic-UserOrg";
return(executingUserOrganization);
}
}
return(null);
}
switch ((AccessTokenType)Enum.Parse(typeof(AccessTokenType), commonAccessToken.TokenType, true))
{
case AccessTokenType.LiveIdBasic:
{
LiveIdBasicTokenAccessor liveIdBasicTokenAccessor = LiveIdBasicTokenAccessor.Attach(commonAccessToken);
SmtpAddress smtpAddress = new SmtpAddress(liveIdBasicTokenAccessor.LiveIdMemberName);
organizatonRoutingHint = "LiveIdBasic-UserOrg";
return(smtpAddress.Domain);
}
case AccessTokenType.LiveIdNego2:
{
string result;
commonAccessToken.ExtensionData.TryGetValue("OrganizationName", out result);
organizatonRoutingHint = "LiveIdNego2-UserOrg";
return(result);
}
default:
return(null);
}
}
private static ADRawEntry GetCallerAdEntry(HttpContext httpContext)
{
if (!httpContext.Items.Contains(Constants.CallerADRawEntryKeyName))
{
CommonAccessToken commonAccessToken = httpContext.Items["Item-CommonAccessToken"] as CommonAccessToken;
if (commonAccessToken == null)
{
throw new InvalidOperationException("CAT token not present - cannot lookup LiveIdBasic user's AD entry.");
}
ADRawEntry value = null;
LatencyTracker latencyTracker = (LatencyTracker)httpContext.Items[Constants.LatencyTrackerContextKeyName];
LiveIdBasicTokenAccessor accessor = LiveIdBasicTokenAccessor.Attach(commonAccessToken);
if (accessor.TokenType == AccessTokenType.LiveIdBasic)
{
ExTraceGlobals.VerboseTracer.TraceDebug <string, string>(0L, "[Extensions::GetFullCallerIdentity] Calling AD to convert PUID {0} for LiveIdMemberName {1} to SID to construct GenericSidIdentity.", accessor.Puid, accessor.LiveIdMemberName);
ITenantRecipientSession session = DirectoryHelper.GetTenantRecipientSessionFromSmtpOrLiveId(latencyTracker, accessor.LiveIdMemberName, false);
value = DirectoryHelper.InvokeAccountForest(latencyTracker, () => session.FindUniqueEntryByNetID(accessor.Puid, null, UserBasedAnchorMailbox.ADRawEntryPropertySet));
}
httpContext.Items[Constants.CallerADRawEntryKeyName] = value;
}
return((ADRawEntry)httpContext.Items[Constants.CallerADRawEntryKeyName]);
}
// Token: 0x060000EA RID: 234 RVA: 0x00005B50 File Offset: 0x00003D50
private static AnchorMailbox TryCreateFromCommonAccessToken(CommonAccessToken cat, IRequestContext requestContext)
{
AccessTokenType accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true);
if (accessTokenType == 5)
{
requestContext.Logger.SafeSet(3, "CommonAccessToken-CompositeIdentity");
cat = CommonAccessToken.Deserialize(cat.ExtensionData["PrimaryIdentityToken"]);
accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true);
}
switch (accessTokenType)
{
case 0:
requestContext.Logger.SafeSet(3, "CommonAccessToken-Windows");
return(new SidAnchorMailbox(cat.WindowsAccessToken.UserSid, requestContext));
case 1:
{
LiveIdFbaTokenAccessor liveIdFbaTokenAccessor = LiveIdFbaTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveId");
return(new SidAnchorMailbox(liveIdFbaTokenAccessor.UserSid, requestContext)
{
OrganizationId = liveIdFbaTokenAccessor.OrganizationId,
SmtpOrLiveId = liveIdFbaTokenAccessor.LiveIdMemberName
});
}
case 2:
{
LiveIdBasicTokenAccessor liveIdBasicTokenAccessor = LiveIdBasicTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveIdBasic");
if (liveIdBasicTokenAccessor.UserSid != null)
{
return(new SidAnchorMailbox(liveIdBasicTokenAccessor.UserSid, requestContext)
{
OrganizationId = liveIdBasicTokenAccessor.OrganizationId,
SmtpOrLiveId = liveIdBasicTokenAccessor.LiveIdMemberName
});
}
if (SmtpAddress.IsValidSmtpAddress(liveIdBasicTokenAccessor.LiveIdMemberName))
{
string domain = SmtpAddress.Parse(liveIdBasicTokenAccessor.LiveIdMemberName).Domain;
return(new PuidAnchorMailbox(liveIdBasicTokenAccessor.Puid, domain, requestContext));
}
return(null);
}
case 3:
{
string sid = cat.ExtensionData["UserSid"];
string text;
cat.ExtensionData.TryGetValue("OrganizationName", out text);
string smtpOrLiveId;
cat.ExtensionData.TryGetValue("MemberName", out smtpOrLiveId);
if (!string.IsNullOrEmpty(text) && requestContext.Logger != null)
{
requestContext.Logger.ActivityScope.SetProperty(5, text);
}
requestContext.Logger.SafeSet(3, "CommonAccessToken-LiveIdNego2");
return(new SidAnchorMailbox(sid, requestContext)
{
SmtpOrLiveId = smtpOrLiveId
});
}
case 4:
return(null);
case 6:
return(null);
case 7:
{
ADRawEntry httpContextADRawEntry = AuthCommon.GetHttpContextADRawEntry(requestContext.HttpContext);
if (httpContextADRawEntry != null)
{
requestContext.Logger.SafeSet(3, "CommonAccessToken-CertificateSid");
return(new UserADRawEntryAnchorMailbox(httpContextADRawEntry, requestContext));
}
CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(3, "CommonAccessToken-CertificateSid");
return(new SidAnchorMailbox(certificateSidTokenAccessor.UserSid, requestContext)
{
PartitionId = certificateSidTokenAccessor.PartitionId
});
}
case 8:
return(null);
}
return(null);
}
private static AnchorMailbox TryCreateFromCommonAccessToken(CommonAccessToken cat, IRequestContext requestContext)
{
AccessTokenType accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true);
if (accessTokenType == AccessTokenType.CompositeIdentity)
{
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CompositeIdentity");
cat = CommonAccessToken.Deserialize(cat.ExtensionData["PrimaryIdentityToken"]);
accessTokenType = (AccessTokenType)Enum.Parse(typeof(AccessTokenType), cat.TokenType, true);
}
switch (accessTokenType)
{
case AccessTokenType.Windows:
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-Windows");
return(new SidAnchorMailbox(cat.WindowsAccessToken.UserSid, requestContext));
case AccessTokenType.LiveId:
{
LiveIdFbaTokenAccessor liveIdFbaTokenAccessor = LiveIdFbaTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveId");
return(new SidAnchorMailbox(liveIdFbaTokenAccessor.UserSid, requestContext)
{
OrganizationId = liveIdFbaTokenAccessor.OrganizationId,
SmtpOrLiveId = liveIdFbaTokenAccessor.LiveIdMemberName
});
}
case AccessTokenType.LiveIdBasic:
{
LiveIdBasicTokenAccessor liveIdBasicTokenAccessor = LiveIdBasicTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveIdBasic");
if (liveIdBasicTokenAccessor.UserSid != null)
{
return(new SidAnchorMailbox(liveIdBasicTokenAccessor.UserSid, requestContext)
{
OrganizationId = liveIdBasicTokenAccessor.OrganizationId,
SmtpOrLiveId = liveIdBasicTokenAccessor.LiveIdMemberName
});
}
return(new PuidAnchorMailbox(liveIdBasicTokenAccessor.Puid, liveIdBasicTokenAccessor.LiveIdMemberName, requestContext));
}
case AccessTokenType.LiveIdNego2:
{
string sid = cat.ExtensionData["UserSid"];
string value;
cat.ExtensionData.TryGetValue("OrganizationName", out value);
string smtpOrLiveId;
cat.ExtensionData.TryGetValue("MemberName", out smtpOrLiveId);
if (!string.IsNullOrEmpty(value) && requestContext.Logger != null)
{
requestContext.Logger.ActivityScope.SetProperty(ActivityStandardMetadata.TenantId, value);
}
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-LiveIdNego2");
return(new SidAnchorMailbox(sid, requestContext)
{
SmtpOrLiveId = smtpOrLiveId
});
}
case AccessTokenType.OAuth:
return(null);
case AccessTokenType.Adfs:
return(null);
case AccessTokenType.CertificateSid:
{
ADRawEntry httpContextADRawEntry = AuthCommon.GetHttpContextADRawEntry(requestContext.HttpContext);
if (httpContextADRawEntry != null)
{
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CertificateSid");
return(new UserADRawEntryAnchorMailbox(httpContextADRawEntry, requestContext));
}
CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Attach(cat);
requestContext.Logger.SafeSet(HttpProxyMetadata.RoutingHint, "CommonAccessToken-CertificateSid");
return(new SidAnchorMailbox(certificateSidTokenAccessor.UserSid, requestContext)
{
PartitionId = certificateSidTokenAccessor.PartitionId
});
}
case AccessTokenType.RemotePowerShellDelegated:
return(null);
}
return(null);
}
