Exemplo n.º 1
0
        private static UserContextKey GetUserContextKey(HttpContext httpContext, ClientSecurityContext overrideClientSecurityContext, out UserContextCookie userContextCookie)
        {
            UserContextKey userContextKey    = null;
            string         explicitLogonUser = UserContextUtilities.GetExplicitLogonUser(httpContext);

            if (string.IsNullOrEmpty(explicitLogonUser))
            {
                userContextCookie = UserContextCookie.GetUserContextCookie(httpContext);
                if (userContextCookie != null)
                {
                    ExTraceGlobals.UserContextCallTracer.TraceDebug <UserContextCookie>(0L, "Found cookie in the request: {0}", userContextCookie);
                    if (overrideClientSecurityContext == null)
                    {
                        userContextKey = UserContextKey.CreateFromCookie(userContextCookie, httpContext);
                    }
                    else
                    {
                        userContextKey = UserContextKey.CreateFromCookie(userContextCookie, overrideClientSecurityContext.UserSid);
                    }
                }
            }
            else
            {
                userContextCookie = null;
                if (UserContextManager.RequestRequiresSharedContext(httpContext))
                {
                    userContextKey = UserContextKey.Create("D894745CADD64DB9B00309200288E1E7", "SharedAdmin", explicitLogonUser);
                }
                else
                {
                    SecurityIdentifier securityIdentifier = httpContext.User.Identity.GetSecurityIdentifier();
                    if (securityIdentifier == null)
                    {
                        ExTraceGlobals.UserContextCallTracer.TraceDebug <IIdentity>(0L, "UserContextManager.GetUserContextKey: current user has no security identifier - '{0}'", httpContext.User.Identity);
                        ExWatson.SendReport(new InvalidOperationException(string.Format("UserContextManager.GetUserContextKey: current user has no security identifier - '{0}'", httpContext.User.Identity)), ReportOptions.None, null);
                        return(null);
                    }
                    string logonUniqueKey = securityIdentifier.ToString();
                    string text           = httpContext.Request.Headers["X-OWA-Test-ExplicitLogonUserId"];
                    if (string.IsNullOrEmpty(text) || !AppConfigLoader.GetConfigBoolValue("Test_OwaAllowHeaderOverride", false))
                    {
                        text = "B387FD19C8C4416694EB79909BED70B5";
                    }
                    userContextKey = UserContextKey.Create(text, logonUniqueKey, explicitLogonUser);
                    ExTraceGlobals.UserContextCallTracer.TraceDebug <UserContextKey>(0L, "Cookie not found but this is explicit logon. Generated Key: {0}", userContextKey);
                }
            }
            return(userContextKey);
        }
Exemplo n.º 2
0
        private static void DoLogoffCleanup(RequestContext requestContext)
        {
            ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::DoLogoff] entry.");
            HttpContext    httpContext = requestContext.HttpContext;
            UserContext    userContext = requestContext.UserContext as UserContext;
            UserContextKey key         = userContext.Key;

            try
            {
                ExTraceGlobals.UserContextTracer.TraceDebug <UserContext>(0L, "[RequestDispatcher::DoLogoffCleanup] Found user context in the cache, User context instance={0}.", userContext);
                userContext.State = UserContextState.MarkedForLogoff;
                userContext.LogBreadcrumb("MarkedForLogoff");
                userContext.DoLogoffCleanup();
                userContext.LogBreadcrumb("DoLogoffCleanup completed");
            }
            finally
            {
                UserContextCookie userContextCookie = UserContextCookie.GetUserContextCookie(requestContext.HttpContext);
                if (userContextCookie != null)
                {
                    HttpUtilities.DeleteCookie(httpContext.Response, userContextCookie.CookieName);
                }
                HttpUtilities.DeleteCookie(httpContext.Response, Canary15Profile.Owa.Name);
                if (key.UserContextId == null)
                {
                    string message = "User context id couldn't be retrieved. Logoff can't be performed";
                    ExTraceGlobals.UserContextTracer.TraceDebug(0L, message);
                    userContext.LogBreadcrumb(message);
                    userContext.Dispose();
                    userContext = null;
                }
                else
                {
                    userContext.LogBreadcrumb("Logoff invoking Cache.Remove");
                    object obj = HttpRuntime.Cache.Remove(key.ToString());
                    userContext.LogBreadcrumb("Logoff invoked Cache.Remove");
                    string message2 = (obj == null) ? "The userContext was already deleted from the cache" : "Context successfully deleted from the cache";
                    ExTraceGlobals.UserContextTracer.TraceDebug(0L, message2);
                    userContext.LogBreadcrumb(message2);
                }
            }
        }
        // Token: 0x06000790 RID: 1936 RVA: 0x00018200 File Offset: 0x00016400
        internal static UserContextCookie TryCreateFromHttpCookie(HttpCookie cookie)
        {
            string text  = null;
            string text2 = null;

            if (string.IsNullOrEmpty(cookie.Value))
            {
                return(null);
            }
            if (!UserContextCookie.TryParseCookieValue(cookie.Value, out text, out text2))
            {
                return(null);
            }
            string text3 = null;

            if (!UserContextCookie.TryParseCookieName(cookie.Name, out text3))
            {
                return(null);
            }
            return(UserContextCookie.Create(text3, text, text2, cookie.Secure));
        }
        // Token: 0x06000793 RID: 1939 RVA: 0x0001834C File Offset: 0x0001654C
        internal static UserContextCookie GetUserContextCookie(HttpContext httpContext)
        {
            HttpRequest request = httpContext.Request;

            for (int i = 0; i < request.Cookies.Count; i++)
            {
                HttpCookie httpCookie = request.Cookies[i];
                if (httpCookie.Name != null && httpCookie.Name.StartsWith(UserContextCookie.UserContextCookiePrefix, StringComparison.OrdinalIgnoreCase))
                {
                    UserContextCookie userContextCookie = UserContextCookie.TryCreateFromHttpCookie(httpCookie);
                    if (userContextCookie == null)
                    {
                        ExTraceGlobals.UserContextTracer.TraceDebug <string, string, string>(0L, "Invalid user context cookie received. Name={0}, Value={1}, httpContext.Request.RawUrl={2}", httpCookie.Name, httpCookie.Value, request.RawUrl);
                        return(null);
                    }
                    if (userContextCookie.MailboxUniqueKey == null)
                    {
                        if (!UserContextUtilities.IsDifferentMailbox(httpContext))
                        {
                            return(userContextCookie);
                        }
                    }
                    else
                    {
                        string explicitLogonUser = UserContextUtilities.GetExplicitLogonUser(httpContext);
                        if (!string.IsNullOrEmpty(explicitLogonUser))
                        {
                            using (OwaIdentity owaIdentity = OwaIdentity.CreateOwaIdentityFromExplicitLogonAddress(explicitLogonUser))
                            {
                                if (string.Equals(userContextCookie.MailboxUniqueKey, owaIdentity.UniqueId, StringComparison.Ordinal))
                                {
                                    return(userContextCookie);
                                }
                            }
                        }
                    }
                }
            }
            return(null);
        }
Exemplo n.º 5
0
        private static IMailboxContext AcquireUserContext(HttpContext httpContext, AuthZClientInfo effectiveCaller, UserContextKey userContextKey, UserContextCookie userContextCookie)
        {
            IMailboxContext       mailboxContext        = null;
            UserContextStatistics userContextStatistics = null;

            try
            {
                if (userContextKey != null)
                {
                    mailboxContext = UserContextManager.GetMailboxContextFromCache(userContextKey);
                    if (mailboxContext == null || mailboxContext.State == UserContextState.Abandoned)
                    {
                        UserContextManager.CreateUserContext(httpContext, userContextKey, effectiveCaller, out mailboxContext, out userContextStatistics);
                    }
                }
                else
                {
                    UserContextManager.CreateUserContext(httpContext, null, effectiveCaller, out mailboxContext, out userContextStatistics);
                    string cookieId = null;
                    if (mailboxContext != null)
                    {
                        userContextCookie = UserContextCookie.CreateFromKey(cookieId, mailboxContext.Key, httpContext.Request.IsSecureConnection);
                        httpContext.Response.Cookies.Set(userContextCookie.HttpCookie);
                        userContextStatistics.CookieCreated = true;
                    }
                }
            }
            finally
            {
                if (userContextStatistics != null)
                {
                    SignInLogEvent logEvent = new SignInLogEvent(mailboxContext, (userContextCookie != null) ? userContextCookie.CookieValue : string.Empty, userContextStatistics, httpContext.Request.Url);
                    OwaServerLogger.AppendToLog(logEvent);
                }
            }
            return(mailboxContext);
        }
 // Token: 0x06000791 RID: 1937 RVA: 0x00018254 File Offset: 0x00016454
 internal static bool TryParseCookieValue(string cookieValue, out string userContextId, out string mailboxUniqueKey)
 {
     userContextId    = null;
     mailboxUniqueKey = null;
     if (cookieValue.Length == 32)
     {
         userContextId = cookieValue;
     }
     else
     {
         if (cookieValue.Length < 34)
         {
             return(false);
         }
         int num = cookieValue.IndexOf('&');
         if (num != 32)
         {
             return(false);
         }
         num++;
         userContextId = cookieValue.Substring(0, num - 1);
         string tokenValidBase64String = cookieValue.Substring(num, cookieValue.Length - num);
         byte[] bytes = null;
         try
         {
             bytes = UserContextUtilities.ValidTokenBase64Decode(tokenValidBase64String);
         }
         catch (FormatException)
         {
             return(false);
         }
         UTF8Encoding utf8Encoding = new UTF8Encoding();
         mailboxUniqueKey = utf8Encoding.GetString(bytes);
     }
     return(UserContextCookie.IsValidUserContextId(userContextId));
 }
 // Token: 0x0600078F RID: 1935 RVA: 0x000181E9 File Offset: 0x000163E9
 internal static UserContextCookie CreateFromKey(string cookieId, UserContextKey userContextKey, bool isSecure)
 {
     return(UserContextCookie.Create(cookieId, userContextKey.UserContextId, userContextKey.MailboxUniqueKey, isSecure));
 }
        // Token: 0x0600097E RID: 2430 RVA: 0x00020CF4 File Offset: 0x0001EEF4
        internal static void HandleException(RequestContext requestContext, Exception exception)
        {
            if (exception is HttpException && (exception.InnerException is SlabManifestException || exception.InnerException is FlightConfigurationException))
            {
                exception = exception.InnerException;
            }
            ErrorHandlerUtilities.RecordException(requestContext, exception);
            ExTraceGlobals.CoreTracer.TraceDebug <Type, Exception>(0L, "Exception: Type: {0} Error: {1}.", exception.GetType(), exception);
            HttpContext httpContext = requestContext.HttpContext;

            HttpUtilities.MakePageNoCacheNoStore(httpContext.Response);
            if (exception is HttpException)
            {
                HttpUtilities.EndResponse(httpContext, HttpStatusCode.BadRequest);
                return;
            }
            if (exception is OwaInvalidRequestException || exception is OwaInvalidIdFormatException)
            {
                HttpUtilities.EndResponse(httpContext, HttpStatusCode.BadRequest);
                return;
            }
            if (exception is MailboxInSiteFailoverException && requestContext.UserContext != null)
            {
                ExTraceGlobals.CoreTracer.TraceDebug <string>(0L, "User {0}'s mailbox in-site failover occurs.", requestContext.UserContext.ExchangePrincipal.LegacyDn);
                if (requestContext.UserContext != null)
                {
                    requestContext.UserContext.DisconnectMailboxSession();
                }
            }
            if (exception is MailboxCrossSiteFailoverException || exception is WrongServerException)
            {
                if (requestContext.UserContext != null)
                {
                    ExTraceGlobals.CoreTracer.TraceDebug <string>(0L, "User {0}'s mailbox cross-site failover occurs.", requestContext.UserContext.ExchangePrincipal.LegacyDn);
                }
                UserContextCookie userContextCookie = UserContextCookie.GetUserContextCookie(httpContext);
                if (userContextCookie != null)
                {
                    HttpUtilities.DeleteCookie(httpContext.Response, userContextCookie.CookieName);
                }
            }
            if (exception is OverBudgetException)
            {
                OverBudgetException ex = (OverBudgetException)exception;
                httpContext.Response.AppendToLog(string.Format("&OverBudget({0}/{1}),Owner:{2}[{3}]", new object[]
                {
                    ex.IsServiceAccountBudget ? "ServiceAccount" : "Normal",
                    ex.PolicyPart,
                    ex.Owner,
                    ex.Snapshot
                }));
            }
            ErrorInformation exceptionHandlingInformation = ErrorHandlerUtilities.GetExceptionHandlingInformation(exception, requestContext);

            try
            {
                if (!requestContext.ErrorSent)
                {
                    requestContext.ErrorSent = true;
                    httpContext.Response.Clear();
                    try
                    {
                        if (RequestDispatcherUtilities.GetRequestType(httpContext.Request) != OwaRequestType.ServiceRequest && RequestDispatcherUtilities.GetRequestType(httpContext.Request) != OwaRequestType.Oeh && !httpContext.Request.Path.Contains(OwaUrl.SessionDataPage.ImplicitUrl))
                        {
                            StringBuilder stringBuilder = new StringBuilder("/owa/auth/errorfe.aspx");
                            stringBuilder.Append("?");
                            stringBuilder.Append("httpCode");
                            stringBuilder.Append("=");
                            stringBuilder.Append(500);
                            if (exceptionHandlingInformation.SharePointApp)
                            {
                                stringBuilder.Append("&sharepointapp=true");
                            }
                            if (exceptionHandlingInformation.SiteMailbox)
                            {
                                stringBuilder.Append("&sm=true");
                            }
                            if (exceptionHandlingInformation.GroupMailboxDestination != null)
                            {
                                stringBuilder.Append("&gm=");
                                stringBuilder.Append(HttpUtility.UrlEncode(exceptionHandlingInformation.GroupMailboxDestination));
                            }
                            if (exceptionHandlingInformation.MessageId != null)
                            {
                                stringBuilder.Append("&");
                                stringBuilder.Append("msg");
                                stringBuilder.Append("=");
                                stringBuilder.Append((long)exceptionHandlingInformation.MessageId.Value);
                                if (!string.IsNullOrWhiteSpace(exceptionHandlingInformation.MessageParameter))
                                {
                                    stringBuilder.Append("&");
                                    stringBuilder.Append("msgParam");
                                    stringBuilder.Append("=");
                                    stringBuilder.Append(HttpUtility.UrlEncode(exceptionHandlingInformation.MessageParameter));
                                }
                            }
                            if (!string.IsNullOrWhiteSpace(httpContext.Response.Headers["X-OWA-Error"]))
                            {
                                stringBuilder.Append("&owaError=");
                                stringBuilder.Append(httpContext.Response.Headers["X-OWA-Error"]);
                            }
                            stringBuilder.Append("&owaVer=");
                            stringBuilder.Append(Globals.ApplicationVersion);
                            stringBuilder.Append("&be=");
                            stringBuilder.Append(Environment.MachineName);
                            stringBuilder.Append("&ts=");
                            stringBuilder.Append(DateTime.UtcNow.ToFileTimeUtc());
                            if (!string.IsNullOrWhiteSpace(exceptionHandlingInformation.Lids))
                            {
                                httpContext.Response.AppendToLog(string.Format("&lids={0}", exceptionHandlingInformation.Lids));
                            }
                            if (exceptionHandlingInformation.SupportLevel != null && exceptionHandlingInformation.SupportLevel != SupportLevel.Unknown)
                            {
                                httpContext.Response.AppendHeader("X-OWASuppLevel", exceptionHandlingInformation.SupportLevel.ToString());
                                httpContext.Response.AppendToLog(string.Format("&{0}={1}", "suplvl", exceptionHandlingInformation.SupportLevel.ToString()));
                            }
                            httpContext.Response.Redirect(stringBuilder.ToString(), false);
                        }
                        else
                        {
                            httpContext.Response.Write(exceptionHandlingInformation.Message);
                            httpContext.Response.StatusCode = 500;
                            if (exceptionHandlingInformation.MessageId != null)
                            {
                                httpContext.Response.AddHeader(WellKnownHeader.XOWAErrorMessageID, exceptionHandlingInformation.MessageId.ToString());
                            }
                            httpContext.Response.TrySkipIisCustomErrors = true;
                            httpContext.Response.Flush();
                        }
                        httpContext.ApplicationInstance.CompleteRequest();
                    }
                    catch (HttpException arg)
                    {
                        ExTraceGlobals.CoreTracer.TraceDebug <HttpException>(0L, "Failed to flush and send response to client after submitting watson and rendering error page. {0}", arg);
                    }
                }
            }
            finally
            {
                if (exceptionHandlingInformation.SendWatsonReport && Globals.SendWatsonReports)
                {
                    ExTraceGlobals.CoreTracer.TraceDebug(0L, "Sending watson report");
                    ReportOptions options = (exception is AccessViolationException || exception is InvalidProgramException || exception is TypeInitializationException) ? ReportOptions.ReportTerminateAfterSend : ReportOptions.None;
                    ExWatson.SendReport(exception, options, null);
                }
                if (exception is AccessViolationException)
                {
                    ExTraceGlobals.CoreTracer.TraceDebug(0L, "Shutting down OWA due to unrecoverable exception");
                    ErrorHandlerUtilities.TerminateProcess();
                }
                else if ((exception is InvalidProgramException || exception is TypeInitializationException) && Interlocked.Exchange(ref ErrorHandlerUtilities.queuedDelayedRestart, 1) == 0)
                {
                    new Thread(new ThreadStart(ErrorHandlerUtilities.DelayedRestartUponUnexecutableCode)).Start();
                }
                httpContext.Response.End();
            }
        }
Exemplo n.º 9
0
        internal static UserContextKey CreateFromCookie(UserContextCookie userContextCookie, SecurityIdentifier sid)
        {
            string text = sid.ToString();

            return(new UserContextKey(userContextCookie.UserContextId, text, userContextCookie.MailboxUniqueKey));
        }