コード例 #1
0
        private void CreateInputHtmlCollection(SecureNameValueCollection collection, SecureHttpBuffer buffer, Uri redirectUrl, int majorCasVersion)
        {
            foreach (string text in collection)
            {
                buffer.CopyAtCurrentPosition("<input type='hidden' name='");
                buffer.CopyAtCurrentPosition(text);
                buffer.CopyAtCurrentPosition("' value='");
                if (text == "password")
                {
                    SecureString securePassword;
                    collection.TryGetSecureValue(text, out securePassword);
                    using (SecureArray <char> secureArray = securePassword.TransformToSecureCharArray(new CharTransformDelegate(FbaFormPostProxyRequestHandler.EncodeForSingleQuotedAttribute)))
                    {
                        buffer.CopyAtCurrentPosition(secureArray);
                        goto IL_14B;
                    }
                    goto IL_72;
                }
                goto IL_72;
IL_14B:
                buffer.CopyAtCurrentPosition("'>");
                continue;
IL_72:
                string text2;
                if (!(text == "destination"))
                {
                    collection.TryGetUnsecureValue(text, out text2);
                    buffer.CopyAtCurrentPosition(EncodingUtilities.HtmlEncode(text2));
                    goto IL_14B;
                }
                collection.TryGetUnsecureValue(text, out text2);
                Uri uri;
                if (!Uri.TryCreate(text2, UriKind.Absolute, out uri))
                {
                    throw new HttpException(400, "destination value is not valid");
                }
                StringBuilder stringBuilder = new StringBuilder();
                stringBuilder.Append(redirectUrl.Scheme);
                stringBuilder.Append(Uri.SchemeDelimiter);
                stringBuilder.Append(redirectUrl.Authority);
                if (FbaFormPostProxyRequestHandler.IsOwaUrl(uri, OwaUrl.AuthPost, true))
                {
                    stringBuilder.Append(OwaUrl.ApplicationRoot.ImplicitUrl);
                }
                else if (string.IsNullOrEmpty(this.explicitLogonUser))
                {
                    stringBuilder.Append(redirectUrl.PathAndQuery);
                }
                else
                {
                    stringBuilder.Append(uri.PathAndQuery);
                }
                buffer.CopyAtCurrentPosition(stringBuilder.ToString());
                goto IL_14B;
            }
        }
コード例 #2
0
        private void CreateHtmlForSsoFba(SecureHttpBuffer buffer, SecureNameValueCollection collection, Uri redirectUrl, int majorCasVersion)
        {
            string noScriptHtml = FbaFormPostProxyRequestHandler.GetNoScriptHtml();

            buffer.CopyAtCurrentPosition("<html><noscript>");
            buffer.CopyAtCurrentPosition(noScriptHtml.ToString());
            buffer.CopyAtCurrentPosition("</noscript><head><title>Continue</title><script type='text/javascript'>function OnBack(){}function DoSubmit(){var subt=false;if(!subt){subt=true;document.logonForm.submit();}}</script></head><body onload='javascript:DoSubmit();'>");
            this.CreateFormHtmlForSsoFba(buffer, collection, redirectUrl, majorCasVersion);
            buffer.CopyAtCurrentPosition("</body></html>");
        }
コード例 #3
0
        // Token: 0x06000555 RID: 1365 RVA: 0x0001D6FC File Offset: 0x0001B8FC
        private static FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause NeedOnSiteLegacyRedirect(BackEndServer backEndServer, Site mailboxSite, Site currentServerSite, OwaServerVersion mailboxVersion, out Uri legacyRedirectUrl, out bool isSameAuthMethod)
        {
            isSameAuthMethod  = false;
            legacyRedirectUrl = null;
            OwaServerVersion owaServerVersion = OwaServerVersion.CreateFromVersionString(HttpProxyGlobals.ApplicationVersion);

            if (mailboxSite == null)
            {
                mailboxSite = currentServerSite;
            }
            FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause result = FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None;
            if (mailboxSite.Equals(currentServerSite) && owaServerVersion.Major > mailboxVersion.Major && mailboxVersion.Major == (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
            {
                legacyRedirectUrl = FbaFormPostProxyRequestHandler.FindRedirectOwaUrlOnSiteForMismatchVersion(mailboxSite, mailboxVersion.Major, OwaVdirConfiguration.Instance.InternalAuthenticationMethod, OwaVdirConfiguration.Instance.ExternalAuthenticationMethod, backEndServer, out isSameAuthMethod, out result);
            }
            return(result);
        }
コード例 #4
0
        protected override AnchorMailbox ResolveAnchorMailbox()
        {
            string text = base.HttpContext.Items["destination"] as string;
            Uri    uri;

            if (!Uri.TryCreate(text, UriKind.Absolute, out uri))
            {
                throw new HttpException(400, "destination value is not valid");
            }
            string text2 = null;
            bool   flag2;
            string text3;
            bool   flag = FbaFormPostProxyRequestHandler.IsExplicitLogon(HttpRuntime.AppDomainAppVirtualPath, uri.PathAndQuery, uri.OriginalString, out flag2, out text2, out text3);

            if (flag)
            {
                this.explicitLogonUser = text2;
            }
            AnchorMailbox anchorMailbox;

            if (!string.IsNullOrEmpty(this.explicitLogonUser))
            {
                anchorMailbox = new SmtpAnchorMailbox(this.explicitLogonUser, this);
            }
            else
            {
                anchorMailbox = AnchorMailboxFactory.CreateFromCaller(this);
            }
            UserBasedAnchorMailbox userBasedAnchorMailbox = anchorMailbox as UserBasedAnchorMailbox;

            if (userBasedAnchorMailbox != null)
            {
                if (UrlUtilities.IsEacUrl(text))
                {
                    userBasedAnchorMailbox.CacheKeyPostfix = "_EAC";
                }
                else
                {
                    userBasedAnchorMailbox.MissingDatabaseHandler = new Func <ADRawEntry, ADObjectId>(base.ResolveMailboxDatabase);
                }
            }
            return(anchorMailbox);
        }
コード例 #5
0
 private static FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause NeedCrossSiteRedirect(BackEndServer backEndServer, Site mailboxSite, Site currentServerSite, OwaServerVersion mailboxVersion, bool isEcpUrl, out Uri crossSiteRedirectUrl, out bool isSameAuthMethod)
 {
     isSameAuthMethod     = false;
     crossSiteRedirectUrl = null;
     OwaServerVersion.CreateFromVersionString(HttpProxyGlobals.ApplicationVersion);
     FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause result = FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None;
     if (mailboxSite == null)
     {
         return(result);
     }
     if (!mailboxSite.Equals(currentServerSite))
     {
         crossSiteRedirectUrl = FbaFormPostProxyRequestHandler.FindRedirectOwaUrlCrossSite(mailboxSite, mailboxVersion.Major, OwaVdirConfiguration.Instance.InternalAuthenticationMethod, OwaVdirConfiguration.Instance.ExternalAuthenticationMethod, backEndServer, out isSameAuthMethod, out result);
         if (isEcpUrl && crossSiteRedirectUrl != null)
         {
             crossSiteRedirectUrl = FbaFormPostProxyRequestHandler.FindRedirectEcpUrlCrossSite(mailboxSite, mailboxVersion.Major, out result);
         }
     }
     return(result);
 }
コード例 #6
0
 protected override void OnPostAuthorizeInternal(HttpApplication httpApplication)
 {
     if (this.basicAuthString != null)
     {
         HttpContext context = httpApplication.Context;
         HttpRequest request = context.Request;
         context.Items.Add("destination", this.destinationUrl);
         context.Items.Add("flags", this.flags);
         context.Items.Add("Authorization", this.basicAuthString);
         context.Items.Add("username", this.userName);
         context.Items.Add("password", this.password);
         ProxyRequestHandler proxyRequestHandler = new FbaFormPostProxyRequestHandler();
         PerfCounters.HttpProxyCountersInstance.TotalRequests.Increment();
         proxyRequestHandler.Run(context);
         return;
     }
     if (this.cadataKeyString != null && this.cadataIVString != null && this.symKey != null && this.symIV != null)
     {
         FbaModule.KeyCache.TryInsertSliding(this.cadataKeyString, this.symKey, TimeSpan.FromMinutes((double)FbaModule.DefaultPrivateKeyTimeToLiveInMinutes));
         FbaModule.KeyCache.TryInsertSliding(this.cadataIVString, this.symIV, TimeSpan.FromMinutes((double)FbaModule.DefaultPrivateKeyTimeToLiveInMinutes));
         FbaModule.UpdateCacheSizeCounter();
     }
     base.OnPostAuthorizeInternal(httpApplication);
 }
コード例 #7
0
        private void HandleFbaFormPost(BackEndServer backEndServer)
        {
            HttpContext      httpContext            = base.HttpContext;
            HttpResponse     response               = httpContext.Response;
            Uri              uri                    = null;
            string           text                   = httpContext.Items["destination"] as string;
            bool             flag                   = false;
            bool             flag2                  = false;
            bool             flag3                  = true;
            string           fqdn                   = backEndServer.Fqdn;
            int              version                = backEndServer.Version;
            OwaServerVersion owaServerVersion       = null;
            bool             flag4                  = false;
            ServiceTopology  currentServiceTopology = ServiceTopology.GetCurrentServiceTopology("f:\\15.00.1497\\sources\\dev\\cafe\\src\\HttpProxy\\RequestHandlers\\FbaFormPostProxyRequestHandler.cs", "HandleFbaFormPost", 780);
            Site             site                   = currentServiceTopology.GetSite(fqdn, "f:\\15.00.1497\\sources\\dev\\cafe\\src\\HttpProxy\\RequestHandlers\\FbaFormPostProxyRequestHandler.cs", "HandleFbaFormPost", 781);

            if (site != null && !site.Equals(HttpProxyGlobals.LocalSite.Member))
            {
                flag3 = false;
            }
            if (!FbaFormPostProxyRequestHandler.DisableSSORedirects)
            {
                owaServerVersion = OwaServerVersion.CreateFromVersionNumber(version);
                if (UrlUtilities.IsEcpUrl(text) && owaServerVersion.Major < (int)ExchangeObjectVersion.Exchange2010.ExchangeBuild.Major)
                {
                    flag  = false;
                    flag2 = false;
                }
                else if (!flag3 && !UserAgentParser.IsMonitoringRequest(base.ClientRequest.UserAgent))
                {
                    if (owaServerVersion.Major >= (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
                    {
                        FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause legacyRedirectFailureCause = FbaFormPostProxyRequestHandler.NeedCrossSiteRedirect(backEndServer, site, HttpProxyGlobals.LocalSite.Member, owaServerVersion, UrlUtilities.IsEcpUrl(text), out uri, out flag4);
                        string authority = base.ClientRequest.Url.Authority;
                        string b         = (uri == null) ? string.Empty : uri.Authority;
                        flag2 = (legacyRedirectFailureCause != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.NoCasFound && !string.Equals(authority, b, StringComparison.OrdinalIgnoreCase) && (legacyRedirectFailureCause != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null));
                        if (uri == null && owaServerVersion.Major == (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
                        {
                            flag = (FbaFormPostProxyRequestHandler.NeedOnSiteLegacyRedirect(backEndServer, null, HttpProxyGlobals.LocalSite.Member, owaServerVersion, out uri, out flag4) != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null);
                        }
                    }
                }
                else
                {
                    flag = (FbaFormPostProxyRequestHandler.NeedOnSiteLegacyRedirect(backEndServer, site, HttpProxyGlobals.LocalSite.Member, owaServerVersion, out uri, out flag4) != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null);
                }
            }
            if (flag2 || flag)
            {
                if (uri != null)
                {
                    string authority2 = base.ClientRequest.Url.Authority;
                    string authority3 = uri.Authority;
                    if (string.Compare(authority2, authority3, StringComparison.OrdinalIgnoreCase) == 0)
                    {
                        throw new HttpException(403, "Redirect loop detected");
                    }
                }
                using (SecureNameValueCollection secureNameValueCollection = new SecureNameValueCollection())
                {
                    int num = (int)base.HttpContext.Items["flags"];
                    secureNameValueCollection.AddUnsecureNameValue("destination", base.HttpContext.Items["destination"] as string);
                    secureNameValueCollection.AddUnsecureNameValue("username", base.HttpContext.Items["username"] as string);
                    secureNameValueCollection.AddUnsecureNameValue("flags", num.ToString(CultureInfo.InvariantCulture));
                    using (SecureString secureString = base.HttpContext.Items["password"] as SecureString)
                    {
                        secureNameValueCollection.AddSecureNameValue("password", secureString);
                        if (flag)
                        {
                            if (uri == null)
                            {
                                AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoLegacyCAS);
                            }
                            else if (flag4)
                            {
                                if (uri.Scheme == Uri.UriSchemeHttps)
                                {
                                    ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - SSO redirecting to {0}", uri.ToString());
                                    this.RedirectUsingSSOFBA(secureNameValueCollection, uri, response, owaServerVersion.Major);
                                    response.End();
                                }
                                else
                                {
                                    AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
                                }
                            }
                            else
                            {
                                ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", uri.ToString());
                                base.PfdTracer.TraceRedirect("FbaAuth", uri.ToString());
                                response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(uri.ToString()));
                            }
                        }
                        else if (flag2)
                        {
                            if (uri == null)
                            {
                                AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoLegacyCAS);
                            }
                            else
                            {
                                Uri uri2 = uri;
                                if (this.explicitLogonUser != null)
                                {
                                    uri2 = FbaFormPostProxyRequestHandler.AppendSmtpAddressToUrl(uri, this.explicitLogonUser);
                                }
                                if (flag4)
                                {
                                    if (uri.Scheme == Uri.UriSchemeHttps)
                                    {
                                        ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - SSO redirecting to {0}", uri.ToString());
                                        this.RedirectUsingSSOFBA(secureNameValueCollection, uri, response, owaServerVersion.Major);
                                        response.End();
                                    }
                                    else
                                    {
                                        AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
                                    }
                                }
                                else
                                {
                                    ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", uri2.ToString());
                                    base.PfdTracer.TraceRedirect("FbaAuth", uri2.ToString());
                                    response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(uri2.ToString()));
                                }
                            }
                        }
                    }
                    return;
                }
            }
            try
            {
                FbaModule.SetCadataCookies(base.HttpApplication);
            }
            catch (MissingSslCertificateException)
            {
                AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
            }
            ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", text);
            base.PfdTracer.TraceRedirect("FbaAuth", text);
            response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(text), false);
        }
コード例 #8
0
 private static bool IsOwaUrl(Uri requestUrl, OwaUrl owaUrl, bool exactMatch)
 {
     return(FbaFormPostProxyRequestHandler.IsOwaUrl(requestUrl, owaUrl, exactMatch, true));
 }