// Token: 0x06001277 RID: 4727 RVA: 0x0003B964 File Offset: 0x00039B64
internal static bool TryParseCultureInfo(NameValueCollection headers, out CultureInfo cultureInfo)
{
cultureInfo = null;
string text = headers.Get("X-CultureInfo");
if (!string.IsNullOrWhiteSpace(text))
{
try
{
cultureInfo = new CultureInfo(text);
return(true);
}
catch (CultureNotFoundException ex)
{
ExTraceGlobals.RunspaceConfigTracer.TraceError <string, CultureNotFoundException>(0L, "[PswsAuthZHelper.TryParseCultureInfo] Invalid culture info \"{0}\". Exception: {1}", text, ex);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_InvalidCultureInfo, text, new object[]
{
text,
ex.ToString()
});
AuthZLogger.SafeAppendGenericError("InvalidCultureInfo", text, false);
}
return(false);
}
return(false);
}
// Token: 0x06001245 RID: 4677 RVA: 0x00039AC8 File Offset: 0x00037CC8
public override string GetMembershipId(SenderInfo senderInfo)
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[PswsAuthorization.GetMembershipId] Enter.");
string result;
try
{
string name = senderInfo.Principal.Identity.Name;
ExTraceGlobals.PublicPluginAPITracer.TraceDebug <string>((long)this.GetHashCode(), "[PswsAuthorization.GetMembershipId] membershipId = \"{0}\".", name);
result = name;
}
catch (Exception ex)
{
ExTraceGlobals.PublicPluginAPITracer.TraceError <Exception>((long)this.GetHashCode(), "[PswsAuthorization.GetMembershipId] Exception: {0}", ex);
AuthZLogger.SafeAppendGenericError("PswsAuthorization.GetMembershipId", ex, new Func <Exception, bool>(KnownException.IsUnhandledException));
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_PswsPublicAPIFailed, null, new object[]
{
"PswsAuthorization.GetMembershipId",
ex.ToString()
});
PswsErrorHandling.SendErrorToClient(PswsErrorCode.MemberShipIdError, ex, null);
throw;
}
finally
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[PswsAuthorization.GetMembershipId] Exit.");
}
return(result);
}
protected override void ProcessRecord()
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[ConvertToExchangeXml.ProcessRecord] Enter.");
try
{
if (this.InputObject != null)
{
base.WriteObject(this.serializer.Serialize(this.InputObject));
}
}
catch (Exception ex)
{
ExTraceGlobals.PublicPluginAPITracer.TraceError <Exception>((long)this.GetHashCode(), "[ConvertToExchangeXml.ProcessRecord] Exception: {0}", ex);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_PswsPublicAPIFailed, null, new object[]
{
"ConvertToExchangeXml.ProcessRecord",
ex.ToString()
});
throw;
}
finally
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[ConvertToExchangeXml.ProcessRecord] Exit.");
}
}
private void CheckSessionOverBudget()
{
OverBudgetException exception;
if (WSManBudgetManager.Instance.CheckOverBudget(this.currentAuthZUserToken, CostType.ActiveRunspace, out exception))
{
LocalizedString message = AuthZPluginHelper.HandleUserOverBudgetException(exception, this.currentAuthZUserToken);
throw new AuthorizationException(message);
}
if (this.currentAuthZUserToken.OrgId != null && WSManTenantBudgetManager.Instance.CheckOverBudget(this.currentAuthZUserToken, CostType.ActiveRunspace, out exception))
{
LocalizedString message2 = AuthZPluginHelper.HandleTenantOverBudgetException(exception, this.currentAuthZUserToken);
throw new AuthorizationException(message2);
}
if (AppSettings.Current.MaxPowershellAppPoolConnections > 0 && WSManBudgetManager.Instance.TotalActiveRunspaces >= AppSettings.Current.MaxPowershellAppPoolConnections)
{
string windowsLiveId = this.currentAuthZUserToken.WindowsLiveId;
if (!string.IsNullOrEmpty(windowsLiveId))
{
FailFastUserCache.Instance.AddUserToCache(windowsLiveId, BlockedType.NewSession, TimeSpan.Zero);
}
AuthZLogger.SafeAppendColumn(RpsCommonMetadata.ContributeToFailFast, "AuthZ-Machine", LoggerHelper.GetContributeToFailFastValue("AllUsers", "-1", "NewSesion", -1.0));
FailFastUserCache.Instance.AddAllUsersToCache(BlockedType.NewSession, TimeSpan.Zero);
LocalizedString localizedString = Strings.ErrorMaxConnectionLimit(AppSettings.Current.VDirName);
ExTraceGlobals.RunspaceConfigTracer.TraceError(0L, localizedString);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_ReachedMaxPSConnectionLimit, null, new object[]
{
AppSettings.Current.VDirName,
AppSettings.Current.MaxPowershellAppPoolConnections
});
throw new AuthorizationException(localizedString);
}
}
protected override void BeginProcessing()
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[ConvertToExchangeXml.BeginProcessing] Enter.");
try
{
ExchangeRunspaceConfiguration exchangeRunspaceConfiguration = ExchangePropertyContainer.GetExchangeRunspaceConfiguration(this.SessionState);
this.serializer = new PSObjectSerializer((exchangeRunspaceConfiguration != null) ? exchangeRunspaceConfiguration.TypeTable : null);
base.WriteObject("<?xml version=\"1.0\"?>");
base.WriteObject("<Objs>");
}
catch (Exception ex)
{
ExTraceGlobals.PublicPluginAPITracer.TraceError <Exception>((long)this.GetHashCode(), "[ConvertToExchangeXml.BeginProcessing] Exception: {0}", ex);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_PswsPublicAPIFailed, null, new object[]
{
"ConvertToExchangeXml.BeginProcessing",
ex.ToString()
});
throw;
}
finally
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[ConvertToExchangeXml.BeginProcessing] Exit.");
}
}
private void RunspacesLeakDetected(string key, string relatedBudgetKey)
{
int num = 0;
IPowerShellBudget powerShellBudget = null;
if (this.budgets.TryGetValue(key, out powerShellBudget))
{
num = powerShellBudget.TotalActiveRunspacesCount;
}
if (powerShellBudget != null)
{
ExTraceGlobals.PublicPluginAPITracer.TraceError <string, string, int>(0L, "Connection leak detected for Key {0} in class {1}. Leaked value {2}.", key, base.GetType().ToString(), num);
if (num > 0)
{
AuthZLogger.SafeAppendGenericError("WSManBudgetManagerBase.RunspacesLeakDetected", string.Format("Connection leak detected for Key {0} in class {1}. Leaked value {2}.", key, base.GetType(), num), false);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_PSConnectionLeakDetected, null, new object[]
{
key,
base.GetType().ToString(),
num
});
this.UpdateConnectionLeakPerfCounter(num);
}
powerShellBudget.Dispose();
}
if (num > 0 && relatedBudgetKey != null)
{
this.CorrectRelatedBudgetWhenLeak(relatedBudgetKey, num);
}
}
// Token: 0x060012F3 RID: 4851 RVA: 0x0003DE30 File Offset: 0x0003C030
internal static LocalizedString HandleTenantOverBudgetException(OverBudgetException exception, AuthZPluginUserToken userToken)
{
string policyPart = exception.PolicyPart;
string orgIdInString = userToken.OrgIdInString;
string userName = userToken.UserName;
string windowsLiveId = userToken.WindowsLiveId;
ExTraceGlobals.PublicPluginAPITracer.TraceError <string, string, string>(0L, "Get Tenant OverBudgetException for user {0}, Organization {1}. Message: {2}", userName, orgIdInString, exception.ToString());
AuthZLogger.SafeAppendGenericError("Tenant_OverBudgetException", exception.ToString(), false);
TimeSpan blockedTime = TimeSpan.FromMilliseconds((double)exception.BackoffTime);
if (windowsLiveId != null)
{
FailFastUserCache.Instance.AddUserToCache(windowsLiveId, BlockedType.NewSession, blockedTime);
AuthZLogger.SafeAppendColumn(RpsCommonMetadata.ContributeToFailFast, "AuthZ-UserOrg", LoggerHelper.GetContributeToFailFastValue("User", windowsLiveId, "NewSession", blockedTime.TotalMilliseconds));
}
if (!string.IsNullOrEmpty(orgIdInString))
{
FailFastUserCache.Instance.AddTenantToCache(orgIdInString, BlockedType.NewSession, blockedTime);
AuthZLogger.SafeAppendColumn(RpsCommonMetadata.ContributeToFailFast, "AuthZ-Org", LoggerHelper.GetContributeToFailFastValue("Tenant", orgIdInString, "NewSession", blockedTime.TotalMilliseconds));
foreach (string text in userToken.DomainsToBlockTogether)
{
FailFastUserCache.Instance.AddTenantToCache(text, BlockedType.NewSession, blockedTime);
AuthZLogger.SafeAppendColumn(RpsCommonMetadata.ContributeToFailFast, "AuthZ-AcceptedDomain-" + text, LoggerHelper.GetContributeToFailFastValue("Tenant", text, "NewSession", blockedTime.TotalMilliseconds));
}
}
IThrottlingPolicy throttlingPolicy = userToken.GetThrottlingPolicy();
LocalizedString value;
if (policyPart == "MaxTenantConcurrency")
{
value = Strings.ErrorMaxTenantPSConnectionLimit(orgIdInString);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_ReachedMaxTenantPSConnectionLimit, null, new object[]
{
userName,
orgIdInString,
throttlingPolicy.PowerShellMaxTenantConcurrency
});
}
else
{
if (!(policyPart == "MaxTenantRunspaces"))
{
throw new NotSupportedException(string.Format("DEV bug. The exception policy part {0} is not expected.", policyPart));
}
value = Strings.ErrorTenantMaxRunspacesTarpitting(orgIdInString, exception.BackoffTime / 1000);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_ReachedMaxTenantPSRunspaceInTimePeriodLimit, null, new object[]
{
userName,
orgIdInString,
throttlingPolicy.PowerShellMaxTenantRunspaces,
throttlingPolicy.PowerShellMaxRunspacesTimePeriod,
exception.BackoffTime
});
}
return(new LocalizedString(value + string.Format("{2}Policy: {0}; {2}Snapshot: {1}", exception.ThrottlingPolicyDN, exception.Snapshot, Environment.NewLine)));
}
// Token: 0x060012EA RID: 4842 RVA: 0x0003D9DC File Offset: 0x0003BBDC
private static T HandleExceptionAndRetry <T>(string methodName, Func <T> func, bool throwException, T defaultReturnValue)
{
for (int i = 0; i < 2; i++)
{
try
{
Microsoft.Exchange.Diagnostics.Components.Authorization.ExTraceGlobals.PublicPluginAPITracer.TraceDebug <string, int>(0L, "Retry function {0} the {1} times.", methodName, i);
return(func());
}
catch (Exception ex)
{
bool flag = ex is TransientException;
bool flag2 = AuthZPluginHelper.IsFatalException(ex);
bool flag3 = flag2 || AuthZLogHelper.ExceptionNoNeedToRetry(ex);
Microsoft.Exchange.Diagnostics.Components.Authorization.ExTraceGlobals.PublicPluginAPITracer.TraceDebug(0L, "{0} caught Exception {1}. IsTransientException = {2}. IsFatalException = {3}. NoNeedToRetry = {4}.", new object[]
{
methodName,
ex,
flag,
flag2,
flag3
});
ExEventLog.EventTuple eventInfo = Microsoft.Exchange.Configuration.ObjectModel.EventLog.TaskEventLogConstants.Tuple_RBACUnavailable_UnknownError;
if (flag)
{
eventInfo = Microsoft.Exchange.Configuration.ObjectModel.EventLog.TaskEventLogConstants.Tuple_RBACUnavailable_TransientError;
}
else if (flag2)
{
eventInfo = Microsoft.Exchange.Configuration.ObjectModel.EventLog.TaskEventLogConstants.Tuple_RBACUnavailable_FatalError;
}
TaskLogger.LogRbacEvent(eventInfo, null, new object[]
{
methodName,
ex
});
if (flag3 || i == 1)
{
if (!(ex is ADTransientException) && (flag2 || throwException))
{
throw;
}
AuthZLogHelper.LogException(ex, methodName, false);
break;
}
else
{
AuthZLogger.SafeAppendGenericInfo(methodName + "-" + ex.GetType().Name + "-Retried", ex.Message);
}
}
}
Microsoft.Exchange.Diagnostics.Components.Authorization.ExTraceGlobals.PublicPluginAPITracer.TraceError <string, T>(0L, "{0} returns default value {1}.", methodName, defaultReturnValue);
return(defaultReturnValue);
}
// Token: 0x060012F2 RID: 4850 RVA: 0x0003DC08 File Offset: 0x0003BE08
internal static LocalizedString HandleUserOverBudgetException(OverBudgetException exception, AuthZPluginUserToken userToken)
{
string policyPart = exception.PolicyPart;
string userName = userToken.UserName;
string windowsLiveId = userToken.WindowsLiveId;
ExTraceGlobals.PublicPluginAPITracer.TraceError <string, string>(0L, "Get User OverBudgetException for user {0}. Message: {1}", userName, exception.ToString());
AuthZLogger.SafeAppendGenericError("User_OverBudgetException", exception.ToString(), false);
if (!string.IsNullOrEmpty(windowsLiveId))
{
BlockedType blockedType = (policyPart == "PowerShellMaxCmdlets") ? BlockedType.NewRequest : BlockedType.NewSession;
FailFastUserCache.Instance.AddUserToCache(userToken.WindowsLiveId, blockedType, TimeSpan.Zero);
AuthZLogger.SafeAppendColumn(RpsCommonMetadata.ContributeToFailFast, "AuthZ-UserSelf", LoggerHelper.GetContributeToFailFastValue("User", userToken.WindowsLiveId, blockedType.ToString(), -1.0));
}
IThrottlingPolicy throttlingPolicy = userToken.GetThrottlingPolicy();
LocalizedString value;
if (policyPart == "MaxConcurrency")
{
value = Strings.ErrorMaxRunspacesLimit(throttlingPolicy.PowerShellMaxConcurrency.ToString(), policyPart);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_ReachedMaxUserPSConnectionLimit, null, new object[]
{
userName,
throttlingPolicy.PowerShellMaxConcurrency
});
}
else if (policyPart == "MaxRunspacesTimePeriod")
{
value = Strings.ErrorMaxRunspacesTarpitting(exception.BackoffTime / 1000);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_ReachedMaxPSRunspaceInTimePeriodLimit, null, new object[]
{
userName,
throttlingPolicy.PowerShellMaxRunspaces,
throttlingPolicy.PowerShellMaxRunspacesTimePeriod,
exception.BackoffTime
});
}
else
{
if (!(policyPart == "PowerShellMaxCmdlets"))
{
throw new NotSupportedException(string.Format("DEV bug. The exception policy part {0} is not expected.", policyPart));
}
value = Strings.ErrorOperationTarpitting(exception.BackoffTime / 1000);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_ReachedMaxPowershellCmdletLimit, null, new object[]
{
userName,
throttlingPolicy.PowerShellMaxCmdlets,
throttlingPolicy.PowerShellMaxCmdletsTimePeriod,
exception.BackoffTime
});
}
return(new LocalizedString(value + string.Format("{2}Policy: {0}; {2}Snapshot: {1}", exception.ThrottlingPolicyDN, exception.Snapshot, Environment.NewLine)));
}
// Token: 0x0600126E RID: 4718 RVA: 0x0003B46C File Offset: 0x0003966C
protected override void PreGetInitialSessionState(PSSenderInfo senderInfo)
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[PswsAuthorizationPlugin.PreGetInitialSessionState] Enter.");
UserToken userToken = HttpContext.Current.CurrentUserToken();
PswsAuthZUserToken authZPluginUserToken = PswsAuthZHelper.GetAuthZPluginUserToken(userToken);
OverBudgetException ex;
if (PswsBudgetManager.Instance.CheckOverBudget(authZPluginUserToken, CostType.ActiveRunspace, out ex))
{
ExTraceGlobals.PublicPluginAPITracer.TraceError <OverBudgetException>((long)this.GetHashCode(), "[PswsAuthorizationPlugin.PreGetInitialSessionState] OverBudgetException: {0}.", ex);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_PswsOverBudgetException, null, new object[]
{
HttpContext.Current.User.Identity.Name,
ex.ToString(),
PswsBudgetManager.Instance.GetConnectedUsers()
});
PswsErrorHandling.SendErrorToClient(PswsErrorCode.OverBudgetException, ex, ex.Snapshot);
AuthZLogger.SafeAppendGenericError("OverBudgetException", ex.ToString(), false);
throw ex;
}
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[PswsAuthorizationPlugin.PreGetInitialSessionState] Exit.");
}
internal static bool TryFindOrganizationIdForDelegatedPrincipal(DelegatedPrincipal principal, out OrganizationId orgId)
{
orgId = null;
ExchangeConfigurationUnit exchangeConfigurationUnit = null;
Exception ex = null;
try
{
exchangeConfigurationUnit = ExchangeAuthorizationPlugin.GetExchangeConfigurationUnitByNameOrAcceptedDomain(principal.DelegatedOrganization);
}
catch (CannotResolveTenantNameException ex2)
{
ex = ex2;
}
catch (DataSourceOperationException ex3)
{
ex = ex3;
}
catch (TransientException ex4)
{
ex = ex4;
}
catch (DataValidationException ex5)
{
ex = ex5;
}
if (ex != null)
{
AuthZLogger.SafeAppendGenericError("TryFindOrganizationIdForDelegatedPrincipal", ex, new Func <Exception, bool>(KnownException.IsUnhandledException));
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_FailedToResolveOrganizationIdForDelegatedPrincipal, null, new object[]
{
principal.DelegatedOrganization,
ex
});
return(false);
}
orgId = exchangeConfigurationUnit.OrganizationId;
return(true);
}
private RBACValidationRulesList()
{
string text = Path.Combine(ConfigurationContext.Setup.BinPath, "Microsoft.Exchange.Management.RbacDefinition.dll");
try
{
Assembly assembly = Assembly.LoadFrom(text);
MethodInfo method = assembly.GetType("Microsoft.Exchange.Management.Tasks.ValidationRuleDefinitions").GetMethod("GetRBACValidationRulesList", BindingFlags.Static | BindingFlags.Public);
List <ValidationRuleDefinition> rules = (List <ValidationRuleDefinition>)method.Invoke(null, null);
this.Initialize(rules);
}
catch (Exception ex)
{
ExTraceGlobals.RunspaceConfigTracer.TraceError <string, string>(0L, "RBACValidationRulesList.RBACValidationRulesList. Cannot initialize validation rules from assembly {0}: {1}", text, ex.ToString());
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_FailedToLoadValidationRules, text, new object[]
{
text,
ex.ToString()
});
throw;
}
}
internal void CorrectRunspacesLeakPassively(string key, int leakedValue)
{
lock (this.instanceLock)
{
IPowerShellBudget powerShellBudget;
if (this.budgets.TryGetValue(key, out powerShellBudget))
{
int totalActiveRunspacesCount = powerShellBudget.TotalActiveRunspacesCount;
if (totalActiveRunspacesCount > 0)
{
ExTraceGlobals.PublicPluginAPITracer.TraceError(0L, "Correct runspaces leak passively for Key {0} in class {1}. Current Value {2}, Leaked value {3}.", new object[]
{
key,
base.GetType().ToString(),
totalActiveRunspacesCount,
leakedValue
});
AuthZLogger.SafeAppendGenericError("WSManBudgetManagerBase.CorrectRunspacesLeakPassively", string.Format("Correct runspaces leak passively for Key {0} in class {1}. Current Value {2}, Leaked value {3}.", new object[]
{
key,
base.GetType(),
totalActiveRunspacesCount,
leakedValue
}), false);
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_PSConnectionLeakPassivelyCorrected, null, new object[]
{
key,
base.GetType().ToString(),
totalActiveRunspacesCount,
leakedValue
});
powerShellBudget.CorrectRunspacesLeak(leakedValue);
}
}
}
}
// Token: 0x06001244 RID: 4676 RVA: 0x00039740 File Offset: 0x00037940
public override WindowsIdentity AuthorizeUser(SenderInfo senderInfo, out UserQuota userQuota)
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[PswsAuthorization.AuthorizeUser] Enter.");
WindowsIdentity current;
try
{
if (this.IsBlockedPswsDirectInvocation())
{
AuthZLogger.SafeAppendGenericError("PswsAuthorization.AuthorizeUser", "UnAuthorized. Blocked Psws direct invocation", false);
throw new InvalidOperationException(Strings.InvalidPswsDirectInvocationBlocked);
}
CultureInfo cultureInfo = null;
if (PswsAuthZHelper.TryParseCultureInfo(HttpContext.Current.Request.Headers, out cultureInfo))
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug <string>((long)this.GetHashCode(), "[PswsAuthorization.AuthorizeUser] Set thread culture to be {0}", cultureInfo.Name);
Thread.CurrentThread.CurrentCulture = cultureInfo;
Thread.CurrentThread.CurrentUICulture = cultureInfo;
}
IThrottlingPolicy throttlingPolicy = null;
PswsAuthZUserToken authZUserToken = null;
AuthZLogHelper.ExecuteWSManPluginAPI("PswsAuthorization.AuthorizeUser", false, true, delegate()
{
UserToken userToken = HttpContext.Current.CurrentUserToken();
authZUserToken = PswsAuthZHelper.GetAuthZPluginUserToken(userToken);
if (authZUserToken != null)
{
throttlingPolicy = authZUserToken.GetThrottlingPolicy();
}
});
ExAssert.RetailAssert(authZUserToken != null, "UnAuthorized. The user token is invalid (null).");
ExAssert.RetailAssert(throttlingPolicy != null, "UnAuthorized. Unable to get the user quota.");
PswsBudgetManager.Instance.HeartBeat(authZUserToken);
AuthZLogger.SafeSetLogger(RpsAuthZMetadata.ServerActiveRunspaces, PswsBudgetManager.Instance.TotalActiveRunspaces);
AuthZLogger.SafeSetLogger(RpsAuthZMetadata.ServerActiveUsers, PswsBudgetManager.Instance.TotalActiveUsers);
AuthZLogger.SafeSetLogger(RpsAuthZMetadata.UserBudgetOnStart, PswsBudgetManager.Instance.GetWSManBudgetUsage(authZUserToken));
userQuota = new UserQuota((int)(throttlingPolicy.PswsMaxConcurrency.IsUnlimited ? 2147483647U : throttlingPolicy.PswsMaxConcurrency.Value), (int)(throttlingPolicy.PswsMaxRequest.IsUnlimited ? 2147483647U : throttlingPolicy.PswsMaxRequest.Value), (int)(throttlingPolicy.PswsMaxRequestTimePeriod.IsUnlimited ? 2147483647U : throttlingPolicy.PswsMaxRequestTimePeriod.Value));
ExTraceGlobals.PublicPluginAPITracer.TraceDebug <Unlimited <uint>, Unlimited <uint>, Unlimited <uint> >((long)this.GetHashCode(), "[PswsAuthorization.AuthorizeUser] User quota: PswsMaxConcurrenty={0}, PswsMaxRequest={1}, PswsMaxRequestTimePeriod={2}.", throttlingPolicy.PswsMaxConcurrency, throttlingPolicy.PswsMaxRequest, throttlingPolicy.PswsMaxRequestTimePeriod);
AuthZLogger.SafeSetLogger(RpsAuthZMetadata.IsAuthorized, true);
AuthZLogger.SafeSetLogger(RpsAuthZMetadata.AuthorizeUser, authZUserToken.UserNameForLogging);
AuthZLogger.SafeSetLogger(RpsAuthZMetadata.GetQuota, string.Format("PswsMaxConcurrenty={0};PswsMaxRequest={1};PswsMaxRequestTimePeriod={2}", throttlingPolicy.PswsMaxConcurrency, throttlingPolicy.PswsMaxRequest, throttlingPolicy.PswsMaxRequestTimePeriod));
string ruleName = null;
if (this.ConnectionBlockedByClientAccessRules(authZUserToken, out ruleName))
{
throw new ClientAccessRulesBlockedConnectionException(ruleName);
}
current = WindowsIdentity.GetCurrent();
}
catch (Exception ex)
{
ExTraceGlobals.PublicPluginAPITracer.TraceError <Exception>((long)this.GetHashCode(), "[PswsAuthorization.AuthorizeUser] Exception: {0}", ex);
AuthZLogger.SafeAppendGenericError("PswsAuthorization.AuthorizeUser", ex, new Func <Exception, bool>(KnownException.IsUnhandledException));
TaskLogger.LogRbacEvent(TaskEventLogConstants.Tuple_PswsPublicAPIFailed, null, new object[]
{
"PswsAuthorization.AuthorizeUser",
ex.ToString()
});
AuthZLogger.SafeSetLogger(RpsAuthZMetadata.IsAuthorized, false);
PswsErrorHandling.SendErrorToClient((ex is ClientAccessRulesBlockedConnectionException) ? PswsErrorCode.ClientAccessRuleBlock : PswsErrorCode.AuthZUserError, ex, null);
throw;
}
finally
{
ExTraceGlobals.PublicPluginAPITracer.TraceDebug((long)this.GetHashCode(), "[PswsAuthorization.AuthorizeUser] Exit.");
}
return(current);
}
