private static X509Certificate2 GetSslCertificate(HttpRequest httpRequest)
{
if (!FbaModule.loadedSslCert)
{
lock (FbaModule.LockObject)
{
if (!FbaModule.loadedSslCert)
{
X509Certificate2 x509Certificate = FbaModule.LoadSslCertificate(httpRequest);
if (x509Certificate == null)
{
ExTraceGlobals.VerboseTracer.TraceError(0L, "[FbaModule::GetSslCertificate] LoadSslCertificate returns null.");
Diagnostics.Logger.LogEvent(FrontEndHttpProxyEventLogConstants.Tuple_ErrorLoadingSslCert, null, new object[]
{
HttpProxyGlobals.ProtocolType.ToString()
});
}
FbaModule.sslCert = x509Certificate;
FbaModule.loadedSslCert = true;
}
}
}
if (FbaModule.sslCert == null)
{
throw new MissingSslCertificateException();
}
return(FbaModule.sslCert);
}
protected override bool ShouldCopyCookieToClientResponse(Cookie cookie)
{
if (FbaModule.IsCadataCookie(cookie.Name))
{
ExTraceGlobals.VerboseTracer.TraceDebug <int, string>((long)this.GetHashCode(), "[OwaEcpProxyRequestHandler::ShouldCopyCookieToClientResponse]: Context {0}; Unexpected cadata cookie {1} from BE", base.TraceContext, cookie.Name);
return(false);
}
return(true);
}
protected override void HandleLogoffRequest()
{
if (base.ClientRequest != null && base.ClientResponse != null && base.ClientRequest.Url.AbsolutePath.EndsWith("logoff.aspx", StringComparison.OrdinalIgnoreCase))
{
if (!Utilities.IsPartnerHostedOnly && !VariantConfiguration.InvariantNoFlightingSnapshot.Cafe.NoFormBasedAuthentication.Enabled)
{
FbaModule.InvalidateKeyCache(base.ClientRequest);
}
Utility.DeleteFbaAuthCookies(base.ClientRequest, base.ClientResponse);
}
}
// Token: 0x060005CE RID: 1486 RVA: 0x000204DC File Offset: 0x0001E6DC
protected override void HandleLogoffRequest()
{
if (base.ClientRequest != null && base.ClientResponse != null && base.ClientRequest.Url.AbsolutePath.EndsWith("/logoff.owa", StringComparison.OrdinalIgnoreCase))
{
if (!Utilities.IsPartnerHostedOnly && !CafeConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).NoFormBasedAuthentication.Enabled)
{
FbaModule.InvalidateKeyCache(base.ClientRequest);
}
Utility.DeleteFbaAuthCookies(base.ClientRequest, base.ClientResponse, false);
}
}
private static void SetCadataTtlCookie(AesCryptoServiceProvider aes, int flags, HttpRequest httpRequest, HttpResponse httpResponse)
{
using (ICryptoTransform cryptoTransform = aes.CreateEncryptor())
{
FbaModule.DetermineKeyIntervalsIfNecessary();
bool flag = (flags & 4) == 4;
bool flag2 = FbaModule.IsMowa(httpRequest, flag);
ExDateTime exDateTime = ExDateTime.UtcNow.AddTicks(flag2 ? FbaModule.fbaMowaKeyTTL.Ticks : (flag ? FbaModule.fbaPrivateKeyTTL.Ticks : FbaModule.fbaPublicKeyTTL.Ticks));
byte[] array = new byte[9];
ExBitConverter.Write(exDateTime.UtcTicks, array, 0);
array[8] = (byte)flags;
byte[] inArray = cryptoTransform.TransformFinalBlock(array, 0, array.Length);
FbaModule.CreateAndAddCookieToResponse(httpRequest, httpResponse, "cadataTTL", Convert.ToBase64String(inArray));
}
}
// Token: 0x0600050B RID: 1291 RVA: 0x0001BCEC File Offset: 0x00019EEC
protected override void HandleLogoffRequest()
{
if (base.ClientRequest != null && base.ClientResponse != null && base.ClientRequest.Url.AbsolutePath.EndsWith("logoff.aspx", StringComparison.OrdinalIgnoreCase))
{
if (!Utilities.IsPartnerHostedOnly && !CafeConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).NoFormBasedAuthentication.Enabled)
{
FbaModule.InvalidateKeyCache(base.ClientRequest);
}
bool flag = false;
if (!string.IsNullOrEmpty(base.ClientRequest.UserAgent) && new UserAgent(base.ClientRequest.UserAgent, base.ClientRequest.Cookies).DoesSupportSameSiteNone())
{
flag = true;
}
Utility.DeleteFbaAuthCookies(base.ClientRequest, base.ClientResponse, flag);
}
}
internal static void InvalidateKeyCache(HttpRequest httpRequest)
{
if (httpRequest == null)
{
throw new ArgumentNullException("httpRequest");
}
foreach (string text in FbaModule.KeyCacheCookieKeys)
{
string text2 = (httpRequest.Cookies[text] != null) ? httpRequest.Cookies[text].Value : null;
if (!string.IsNullOrEmpty(text2))
{
ExTraceGlobals.VerboseTracer.TraceDebug <string, string>(0L, "[FbaModule::InvalidateKeyCache] Removing key cache entry {0}: {1}", text, text2);
FbaModule.KeyCache.Remove(text2);
}
}
FbaModule.UpdateCacheSizeCounter();
}
protected override void CopySupplementalCookiesToClientResponse()
{
if (this.proxyLogonResponseCookies != null)
{
foreach (object obj in this.proxyLogonResponseCookies)
{
Cookie cookie = (Cookie)obj;
if (FbaModule.IsCadataCookie(cookie.Name))
{
ExTraceGlobals.VerboseTracer.TraceDebug <int, string>((long)this.GetHashCode(), "[OwaEcpProxyRequestHandler::CopySupplementalCookiesToClientResponse]: Context {0}; Unexpected cadata cookie {1} in proxy logon response from BE", base.TraceContext, cookie.Name);
}
else
{
base.CopyServerCookieToClientResponse(cookie);
}
}
}
base.CopySupplementalCookiesToClientResponse();
}
internal static void SetCadataCookies(HttpApplication httpApplication)
{
HttpContext context = httpApplication.Context;
HttpRequest request = context.Request;
HttpResponse response = context.Response;
byte[] rgb = null;
byte[] rgb2 = null;
string s = context.Items["Authorization"] as string;
int num = (int)context.Items["flags"];
HttpCookieCollection cookies = request.Cookies;
using (AesCryptoServiceProvider aesCryptoServiceProvider = new AesCryptoServiceProvider())
{
aesCryptoServiceProvider.GenerateKey();
aesCryptoServiceProvider.GenerateIV();
rgb = aesCryptoServiceProvider.Key;
rgb2 = aesCryptoServiceProvider.IV;
using (ICryptoTransform cryptoTransform = aesCryptoServiceProvider.CreateEncryptor())
{
byte[] bytes = Encoding.Unicode.GetBytes(s);
byte[] inArray = cryptoTransform.TransformFinalBlock(bytes, 0, bytes.Length);
FbaModule.CreateAndAddCookieToResponse(request, response, "cadata", Convert.ToBase64String(inArray));
}
FbaModule.SetCadataTtlCookie(aesCryptoServiceProvider, num, request, response);
}
X509Certificate2 sslCertificate = FbaModule.GetSslCertificate(request);
RSACryptoServiceProvider rsacryptoServiceProvider = sslCertificate.PublicKey.Key as RSACryptoServiceProvider;
byte[] inArray2 = rsacryptoServiceProvider.Encrypt(rgb, true);
byte[] inArray3 = rsacryptoServiceProvider.Encrypt(rgb2, true);
FbaModule.CreateAndAddCookieToResponse(request, response, "cadataKey", Convert.ToBase64String(inArray2));
FbaModule.CreateAndAddCookieToResponse(request, response, "cadataIV", Convert.ToBase64String(inArray3));
byte[] bytes2 = Encoding.Unicode.GetBytes("Fba Rocks!");
byte[] inArray4 = rsacryptoServiceProvider.Encrypt(bytes2, true);
FbaModule.CreateAndAddCookieToResponse(request, response, "cadataSig", Convert.ToBase64String(inArray4));
}
protected override void OnPostAuthorizeInternal(HttpApplication httpApplication)
{
if (this.basicAuthString != null)
{
HttpContext context = httpApplication.Context;
HttpRequest request = context.Request;
context.Items.Add("destination", this.destinationUrl);
context.Items.Add("flags", this.flags);
context.Items.Add("Authorization", this.basicAuthString);
context.Items.Add("username", this.userName);
context.Items.Add("password", this.password);
ProxyRequestHandler proxyRequestHandler = new FbaFormPostProxyRequestHandler();
PerfCounters.HttpProxyCountersInstance.TotalRequests.Increment();
proxyRequestHandler.Run(context);
return;
}
if (this.cadataKeyString != null && this.cadataIVString != null && this.symKey != null && this.symIV != null)
{
FbaModule.KeyCache.TryInsertSliding(this.cadataKeyString, this.symKey, TimeSpan.FromMinutes((double)FbaModule.DefaultPrivateKeyTimeToLiveInMinutes));
FbaModule.KeyCache.TryInsertSliding(this.cadataIVString, this.symIV, TimeSpan.FromMinutes((double)FbaModule.DefaultPrivateKeyTimeToLiveInMinutes));
FbaModule.UpdateCacheSizeCounter();
}
base.OnPostAuthorizeInternal(httpApplication);
}
private void HandleFbaFormPost(BackEndServer backEndServer)
{
HttpContext httpContext = base.HttpContext;
HttpResponse response = httpContext.Response;
Uri uri = null;
string text = httpContext.Items["destination"] as string;
bool flag = false;
bool flag2 = false;
bool flag3 = true;
string fqdn = backEndServer.Fqdn;
int version = backEndServer.Version;
OwaServerVersion owaServerVersion = null;
bool flag4 = false;
ServiceTopology currentServiceTopology = ServiceTopology.GetCurrentServiceTopology("f:\\15.00.1497\\sources\\dev\\cafe\\src\\HttpProxy\\RequestHandlers\\FbaFormPostProxyRequestHandler.cs", "HandleFbaFormPost", 780);
Site site = currentServiceTopology.GetSite(fqdn, "f:\\15.00.1497\\sources\\dev\\cafe\\src\\HttpProxy\\RequestHandlers\\FbaFormPostProxyRequestHandler.cs", "HandleFbaFormPost", 781);
if (site != null && !site.Equals(HttpProxyGlobals.LocalSite.Member))
{
flag3 = false;
}
if (!FbaFormPostProxyRequestHandler.DisableSSORedirects)
{
owaServerVersion = OwaServerVersion.CreateFromVersionNumber(version);
if (UrlUtilities.IsEcpUrl(text) && owaServerVersion.Major < (int)ExchangeObjectVersion.Exchange2010.ExchangeBuild.Major)
{
flag = false;
flag2 = false;
}
else if (!flag3 && !UserAgentParser.IsMonitoringRequest(base.ClientRequest.UserAgent))
{
if (owaServerVersion.Major >= (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
{
FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause legacyRedirectFailureCause = FbaFormPostProxyRequestHandler.NeedCrossSiteRedirect(backEndServer, site, HttpProxyGlobals.LocalSite.Member, owaServerVersion, UrlUtilities.IsEcpUrl(text), out uri, out flag4);
string authority = base.ClientRequest.Url.Authority;
string b = (uri == null) ? string.Empty : uri.Authority;
flag2 = (legacyRedirectFailureCause != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.NoCasFound && !string.Equals(authority, b, StringComparison.OrdinalIgnoreCase) && (legacyRedirectFailureCause != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null));
if (uri == null && owaServerVersion.Major == (int)ExchangeObjectVersion.Exchange2007.ExchangeBuild.Major)
{
flag = (FbaFormPostProxyRequestHandler.NeedOnSiteLegacyRedirect(backEndServer, null, HttpProxyGlobals.LocalSite.Member, owaServerVersion, out uri, out flag4) != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null);
}
}
}
else
{
flag = (FbaFormPostProxyRequestHandler.NeedOnSiteLegacyRedirect(backEndServer, site, HttpProxyGlobals.LocalSite.Member, owaServerVersion, out uri, out flag4) != FbaFormPostProxyRequestHandler.LegacyRedirectFailureCause.None || uri != null);
}
}
if (flag2 || flag)
{
if (uri != null)
{
string authority2 = base.ClientRequest.Url.Authority;
string authority3 = uri.Authority;
if (string.Compare(authority2, authority3, StringComparison.OrdinalIgnoreCase) == 0)
{
throw new HttpException(403, "Redirect loop detected");
}
}
using (SecureNameValueCollection secureNameValueCollection = new SecureNameValueCollection())
{
int num = (int)base.HttpContext.Items["flags"];
secureNameValueCollection.AddUnsecureNameValue("destination", base.HttpContext.Items["destination"] as string);
secureNameValueCollection.AddUnsecureNameValue("username", base.HttpContext.Items["username"] as string);
secureNameValueCollection.AddUnsecureNameValue("flags", num.ToString(CultureInfo.InvariantCulture));
using (SecureString secureString = base.HttpContext.Items["password"] as SecureString)
{
secureNameValueCollection.AddSecureNameValue("password", secureString);
if (flag)
{
if (uri == null)
{
AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoLegacyCAS);
}
else if (flag4)
{
if (uri.Scheme == Uri.UriSchemeHttps)
{
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - SSO redirecting to {0}", uri.ToString());
this.RedirectUsingSSOFBA(secureNameValueCollection, uri, response, owaServerVersion.Major);
response.End();
}
else
{
AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
}
}
else
{
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", uri.ToString());
base.PfdTracer.TraceRedirect("FbaAuth", uri.ToString());
response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(uri.ToString()));
}
}
else if (flag2)
{
if (uri == null)
{
AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoLegacyCAS);
}
else
{
Uri uri2 = uri;
if (this.explicitLogonUser != null)
{
uri2 = FbaFormPostProxyRequestHandler.AppendSmtpAddressToUrl(uri, this.explicitLogonUser);
}
if (flag4)
{
if (uri.Scheme == Uri.UriSchemeHttps)
{
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - SSO redirecting to {0}", uri.ToString());
this.RedirectUsingSSOFBA(secureNameValueCollection, uri, response, owaServerVersion.Major);
response.End();
}
else
{
AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
}
}
else
{
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", uri2.ToString());
base.PfdTracer.TraceRedirect("FbaAuth", uri2.ToString());
response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(uri2.ToString()));
}
}
}
}
return;
}
}
try
{
FbaModule.SetCadataCookies(base.HttpApplication);
}
catch (MissingSslCertificateException)
{
AspNetHelper.TransferToErrorPage(httpContext, ErrorFE.FEErrorCodes.NoFbaSSL);
}
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "FbaFormPostProxyRequestHandler - redirecting to {0}", text);
base.PfdTracer.TraceRedirect("FbaAuth", text);
response.Redirect(FbaFormPostProxyRequestHandler.CheckRedirectUrlForNewline(text), false);
}
private void ParseCadataCookies(HttpApplication httpApplication)
{
HttpContext context = httpApplication.Context;
HttpRequest request = context.Request;
HttpResponse response = context.Response;
RequestDetailsLogger current = RequestDetailsLoggerBase <RequestDetailsLogger> .GetCurrent(context);
string text = null;
if (request.Cookies["cadata"] != null && request.Cookies["cadata"].Value != null)
{
text = request.Cookies["cadata"].Value;
}
string text2 = null;
if (request.Cookies["cadataKey"] != null && request.Cookies["cadataKey"].Value != null)
{
text2 = request.Cookies["cadataKey"].Value;
}
string text3 = null;
if (request.Cookies["cadataIV"] != null && request.Cookies["cadataIV"].Value != null)
{
text3 = request.Cookies["cadataIV"].Value;
}
string text4 = null;
if (request.Cookies["cadataSig"] != null && request.Cookies["cadataSig"].Value != null)
{
text4 = request.Cookies["cadataSig"].Value;
}
string text5 = null;
if (request.Cookies["cadataTTL"] != null && request.Cookies["cadataTTL"].Value != null)
{
text5 = request.Cookies["cadataTTL"].Value;
}
if (text == null || text2 == null || text3 == null || text4 == null || text5 == null)
{
return;
}
byte[] array = null;
byte[] array2 = null;
PerfCounters.HttpProxyCacheCountersInstance.FbaModuleKeyCacheHitsRateBase.Increment();
FbaModule.KeyCache.TryGetValue(text2, out array);
FbaModule.KeyCache.TryGetValue(text3, out array2);
if (array != null && array2 != null)
{
PerfCounters.HttpProxyCacheCountersInstance.FbaModuleKeyCacheHitsRate.Increment();
goto IL_362;
}
string text6 = null;
RSACryptoServiceProvider rsacryptoServiceProvider;
try
{
X509Certificate2 sslCertificate = FbaModule.GetSslCertificate(request);
rsacryptoServiceProvider = (sslCertificate.PrivateKey as RSACryptoServiceProvider);
if (rsacryptoServiceProvider != null)
{
byte[] rgb = Convert.FromBase64String(text4);
byte[] bytes = rsacryptoServiceProvider.Decrypt(rgb, true);
string @string = Encoding.Unicode.GetString(bytes);
if (string.Compare(@string, "Fba Rocks!", StringComparison.Ordinal) != 0)
{
text6 = "does not match the SSL certificate on the Cafe web-site on another server in this Cafe array";
}
}
else
{
text6 = "does not contain RSACryptoServiceProvider";
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(TraceType.DebugTrace))
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[FbaModule::ParseCadataCookies] Certificate:{0},Name:{1},Thumbprint:{2},PrivateKeyKey.(Exchange/Signature)Algorighm:{3} has no RSACryptoServiceProvider", new object[]
{
sslCertificate.Subject,
sslCertificate.FriendlyName,
sslCertificate.Thumbprint,
(sslCertificate.PrivateKey == null) ? "NULL" : (sslCertificate.PrivateKey.KeyExchangeAlgorithm + "/" + sslCertificate.PrivateKey.SignatureAlgorithm)
});
}
}
}
catch (CryptographicException arg)
{
ExTraceGlobals.VerboseTracer.TraceDebug <CryptographicException>((long)this.GetHashCode(), "[FbaModule::ParseCadataCookies] Received CryptographicException {0} decrypting cadataSig", arg);
return;
}
if (text6 == null)
{
byte[] rgb2 = Convert.FromBase64String(text2);
byte[] rgb3 = Convert.FromBase64String(text3);
try
{
array = rsacryptoServiceProvider.Decrypt(rgb2, true);
array2 = rsacryptoServiceProvider.Decrypt(rgb3, true);
}
catch (CryptographicException arg2)
{
ExTraceGlobals.VerboseTracer.TraceDebug <CryptographicException>((long)this.GetHashCode(), "[FbaModule::ParseCadataCookies] Received CryptographicException {0} decrypting symKey/symIV", arg2);
return;
}
this.cadataKeyString = text2;
this.cadataIVString = text3;
this.symKey = array;
this.symIV = array2;
goto IL_362;
}
ExTraceGlobals.VerboseTracer.TraceError <string, string>((long)this.GetHashCode(), "[FbaModule::ParseCadataCookies] {0} {1}", "Error in validating Cadata signature. This most likely indicates that the SSL certifcate on the Cafe web-site on this server ", text6);
return;
IL_362:
using (AesCryptoServiceProvider aesCryptoServiceProvider = new AesCryptoServiceProvider())
{
aesCryptoServiceProvider.Key = array;
aesCryptoServiceProvider.IV = array2;
using (ICryptoTransform cryptoTransform = aesCryptoServiceProvider.CreateDecryptor())
{
byte[] array3 = Convert.FromBase64String(text5);
byte[] array4 = null;
try
{
array4 = cryptoTransform.TransformFinalBlock(array3, 0, array3.Length);
}
catch (CryptographicException arg3)
{
ExTraceGlobals.VerboseTracer.TraceDebug <CryptographicException>((long)this.GetHashCode(), "[FbaModule::ParseCadataCookies] Received CryptographicException {0} transforming TTL", arg3);
return;
}
if (array4.Length < 1)
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[FbaModule::ParseCadataCookies] TTL length was less than 1.");
return;
}
long ticks = BitConverter.ToInt64(array4, 0);
int num = (int)array4[8];
bool flag = (num & 4) == 4;
context.Items["Flags"] = num;
ExDateTime t = new ExDateTime(ExTimeZone.UtcTimeZone, ticks);
ExDateTime utcNow = ExDateTime.UtcNow;
if (t < utcNow)
{
if (request.HttpMethod.Equals("GET", StringComparison.OrdinalIgnoreCase))
{
if (request.QueryString.ToString().StartsWith("oeh=1&", StringComparison.OrdinalIgnoreCase))
{
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(current, "LoginTimeout", "440 - GET/OEH");
this.Send440Response(httpApplication, false);
}
else
{
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(current, "LoginTimeout", "302 - GET/Timeout");
this.RedirectToFbaLogon(httpApplication, FbaModule.LogonReason.Timeout);
}
}
else if (request.HttpMethod.Equals("POST", StringComparison.OrdinalIgnoreCase))
{
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(current, "LoginTimeout", "440 - POST");
this.Send440Response(httpApplication, true);
}
else
{
RequestDetailsLoggerBase <RequestDetailsLogger> .SafeAppendGenericInfo(current, "LoginTimeout", "440 - " + request.HttpMethod);
this.Send440Response(httpApplication, false);
}
return;
}
FbaModule.DetermineKeyIntervalsIfNecessary();
ExDateTime t2 = t.AddTicks(-2L * (flag ? FbaModule.fbaPrivateKeyReissueInterval.Ticks : FbaModule.fbaPublicKeyReissueInterval.Ticks));
if (t2 < utcNow && OwaAuthenticationHelper.IsOwaUserActivityRequest(request))
{
FbaModule.SetCadataTtlCookie(aesCryptoServiceProvider, num, request, response);
}
}
using (ICryptoTransform cryptoTransform2 = aesCryptoServiceProvider.CreateDecryptor())
{
byte[] array5 = Convert.FromBase64String(text);
byte[] bytes2 = null;
try
{
bytes2 = cryptoTransform2.TransformFinalBlock(array5, 0, array5.Length);
}
catch (CryptographicException arg4)
{
ExTraceGlobals.VerboseTracer.TraceDebug <CryptographicException>((long)this.GetHashCode(), "[FbaModule::ParseCadataCookies] Received CryptographicException {0} transforming auth", arg4);
return;
}
string string2 = Encoding.Unicode.GetString(bytes2);
request.Headers["Authorization"] = string2;
}
}
}
private bool RedirectToFbaLogon(HttpApplication httpApplication, FbaModule.LogonReason reason)
{
HttpContext context = httpApplication.Context;
HttpRequest request = context.Request;
HttpResponse response = context.Response;
Utility.DeleteFbaAuthCookies(request, response);
UriBuilder uriBuilder = new UriBuilder();
uriBuilder.Host = request.Url.Host;
int port = uriBuilder.Port;
uriBuilder.Scheme = FbaModule.GetExternalUrlScheme(ref port);
uriBuilder.Port = port;
uriBuilder.Path = "/owa/auth/logon.aspx";
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append("url=");
if (this.destinationUrl != null)
{
stringBuilder.Append(HttpUtility.UrlEncode(new UriBuilder(this.destinationUrl)
{
Scheme = uriBuilder.Scheme,
Port = uriBuilder.Port
}.Uri.AbsoluteUri.ToString()));
}
else
{
string text = new UriBuilder(request.GetFullRawUrl())
{
Scheme = uriBuilder.Scheme,
Port = uriBuilder.Port
}.Uri.AbsoluteUri;
string strB = request.Url.Segments[request.Url.Segments.Length - 1];
if (string.Compare("auth.owa", strB, StringComparison.OrdinalIgnoreCase) == 0)
{
int startIndex = text.LastIndexOf("auth.owa") - 1;
text = text.Remove(startIndex);
}
string text2 = HttpUtility.UrlDecode(request.Headers["X-OWA-ExplicitLogonUser"]);
if (!string.IsNullOrEmpty(text2) && !text.Contains(text2))
{
string value = HttpUtility.UrlEncode("/");
string applicationPath = request.ApplicationPath;
int num = text.IndexOf(applicationPath, StringComparison.OrdinalIgnoreCase);
if (num == -1)
{
stringBuilder.Append(HttpUtility.UrlEncode(text));
if (text[text.Length - 1] != '/')
{
stringBuilder.Append(value);
}
stringBuilder.Append(HttpUtility.UrlEncode(text2));
stringBuilder.Append(value);
}
else
{
num += applicationPath.Length;
if (num < text.Length && text[num] == '/')
{
num++;
}
stringBuilder.Append(HttpUtility.UrlEncode(text.Substring(0, num)));
if (text[num - 1] != '/')
{
stringBuilder.Append(value);
}
stringBuilder.Append(HttpUtility.UrlEncode(text2));
stringBuilder.Append(value);
stringBuilder.Append(HttpUtility.UrlEncode(text.Substring(num)));
}
}
else
{
int num2 = text.IndexOf('?');
string text3 = null;
if (text.ToLowerInvariant().Contains("logoff.owa"))
{
if (!LogOnSettings.IsLegacyLogOff)
{
uriBuilder.Path = "/owa/" + LogOnSettings.SignOutPageUrl;
}
if (num2 >= 0)
{
string[] source = text.Substring(num2 + 1).Split(new char[]
{
'&'
});
string text4 = source.FirstOrDefault((string x) => x.StartsWith("url=", StringComparison.OrdinalIgnoreCase));
if (text4 != null)
{
text3 = text4.Substring("url=".Length);
}
}
}
if (text3 == null)
{
string str;
text3 = ((!UrlUtilities.IsCmdWebPart(request) && UrlUtilities.ShouldRedirectQueryParamsAsHashes(new Uri(text), out str)) ? HttpUtility.UrlEncode(str) : HttpUtility.UrlEncode(text));
}
stringBuilder.Append(text3);
}
}
stringBuilder.AppendFormat("&reason={0}", (int)reason);
uriBuilder.Query = stringBuilder.ToString();
ExTraceGlobals.VerboseTracer.TraceDebug <FbaModule.LogonReason, string>((long)this.GetHashCode(), "RedirectToFbaLogon - Reason: {0}, URL: {1}", reason, uriBuilder.ToString());
base.PfdTracer.TraceRedirect("FbaAuth", uriBuilder.ToString());
response.Redirect(uriBuilder.ToString(), false);
httpApplication.CompleteRequest();
return(true);
}
// Token: 0x060004BB RID: 1211 RVA: 0x0001A054 File Offset: 0x00018254
protected override bool ShouldCopyCookieToServerRequest(HttpCookie cookie)
{
return(!FbaModule.IsCadataCookie(cookie.Name) && (base.AuthBehavior.AuthState == AuthState.BackEndFullAuth || (!string.Equals(cookie.Name, Constants.LiveIdRPSAuth, StringComparison.OrdinalIgnoreCase) && !string.Equals(cookie.Name, Constants.LiveIdRPSSecAuth, StringComparison.OrdinalIgnoreCase) && !string.Equals(cookie.Name, Constants.LiveIdRPSTAuth, StringComparison.OrdinalIgnoreCase))) && !this.BackEndCookieNames.Any((string cookieName) => string.Equals(cookie.Name, cookieName, StringComparison.OrdinalIgnoreCase)) && !string.Equals(cookie.Name, Constants.RPSBackEndServerCookieName, StringComparison.OrdinalIgnoreCase) && base.ShouldCopyCookieToServerRequest(cookie));
}