internal static CommonAccessToken CommonAccessTokenForCmdletProxy(this UserToken userToken, int targetVersion)
{
CommonAccessToken commonAccessToken = userToken.CommonAccessToken;
if (commonAccessToken != null)
{
if (userToken.AuthenticationType == AuthenticationType.OAuth && targetVersion < Server.E15MinVersion)
{
OAuthIdentity oauthIdentity = OAuthIdentitySerializer.ConvertFromCommonAccessToken(commonAccessToken);
SidOAuthIdentity sidIdentity = SidOAuthIdentity.Create(oauthIdentity);
CertificateSidTokenAccessor certificateSidTokenAccessor = CertificateSidTokenAccessor.Create(sidIdentity);
commonAccessToken = certificateSidTokenAccessor.GetToken();
}
}
else
{
commonAccessToken = new CommonAccessToken(AccessTokenType.CertificateSid);
ExAssert.RetailAssert(userToken.UserSid != null, "UserToken.UserSid is expected to NOT NULL when CommonAccessToken doesn't exist. UserToken = " + userToken);
commonAccessToken.ExtensionData["UserSid"] = userToken.UserSid.ToString();
if (userToken.PartitionId != null)
{
commonAccessToken.ExtensionData["Partition"] = userToken.PartitionId.ToString();
}
}
commonAccessToken.IsCompressed = true;
return(commonAccessToken);
}
public static KeyValuePair <string, string>?GetOAuthUserConstraint(IIdentity logonUser)
{
SidOAuthIdentity sidOAuthIdentity = (logonUser as SidOAuthIdentity) ?? (HttpContext.Current.Items["LogonUserIdentity"] as SidOAuthIdentity);
OAuthIdentity oauthIdentity = (sidOAuthIdentity != null) ? sidOAuthIdentity.OAuthIdentity : (logonUser as OAuthIdentity);
if (oauthIdentity != null)
{
string value = null;
if (oauthIdentity.OAuthApplication == null || oauthIdentity.OAuthApplication.PartnerApplication == null || !OAuthHelper.parterIdToNameMap.TryGetValue(oauthIdentity.OAuthApplication.PartnerApplication.ApplicationIdentifier, out value))
{
value = "OAuthACS.UnknownPartner";
}
return(new KeyValuePair <string, string>?(new KeyValuePair <string, string>("AuthMethod", value)));
}
return(null);
}
// Token: 0x060000C2 RID: 194 RVA: 0x00005A6C File Offset: 0x00003C6C
private OrganizationId GetOrganization(CommonAccessToken commonAccessToken, IIdentity identity, AccessTokenType accessTokenType)
{
if (commonAccessToken != null && commonAccessToken.ExtensionData.ContainsKey("OrganizationIdBase64"))
{
string text = commonAccessToken.ExtensionData["OrganizationIdBase64"];
if (!string.IsNullOrEmpty(text))
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From CAT.");
return(CommonAccessTokenAccessor.DeserializeOrganizationId(text));
}
}
if (identity is LiveIDIdentity)
{
LiveIDIdentity liveIDIdentity = (LiveIDIdentity)identity;
if (liveIDIdentity.UserOrganizationId != null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From LiveIdIdentity.");
return(liveIDIdentity.UserOrganizationId);
}
}
if (identity is SidOAuthIdentity)
{
SidOAuthIdentity sidOAuthIdentity = (SidOAuthIdentity)identity;
if (sidOAuthIdentity.OAuthIdentity != null && !sidOAuthIdentity.OAuthIdentity.IsAppOnly)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] From SidOAuthIdentity.");
return(sidOAuthIdentity.OAuthIdentity.OrganizationId);
}
}
if (commonAccessToken != null)
{
if (accessTokenType == AccessTokenType.CertificateSid)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Certificate - First Org.");
return(OrganizationId.ForestWideOrgId);
}
if (accessTokenType == AccessTokenType.Windows && commonAccessToken.WindowsAccessToken != null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Kerberos - First Org.");
return(OrganizationId.ForestWideOrgId);
}
}
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetOrganization] Org=Null.");
return(null);
}
// Token: 0x060000C3 RID: 195 RVA: 0x00005BA8 File Offset: 0x00003DA8
private string GetManagedOrganization(IIdentity identity)
{
SidOAuthIdentity sidOAuthIdentity = identity as SidOAuthIdentity;
if (sidOAuthIdentity != null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetManagedOrganization] From SidOAuthIdentity.");
return(sidOAuthIdentity.ManagedTenantName);
}
DelegatedPrincipal delegatedPrincipal = HttpContext.Current.User as DelegatedPrincipal;
if (delegatedPrincipal != null)
{
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetManagedOrganization] From DelegatedPrincipal.");
return(delegatedPrincipal.DelegatedOrganization);
}
ExTraceGlobals.HttpModuleTracer.TraceDebug((long)this.GetHashCode(), "[BuildUserTokenModule::GetManagedOrganization] ManagedOrg=Null.");
return(null);
}
internal static UserToken CreateDefaultUserTokenInERC(IIdentity identity, DelegatedPrincipal delegatedPrincipal, bool impersonated)
{
if (!impersonated && delegatedPrincipal != null)
{
CommonAccessToken commonAccessToken = new CommonAccessToken(AccessTokenType.RemotePowerShellDelegated);
commonAccessToken.ExtensionData["DelegatedData"] = delegatedPrincipal.Identity.Name;
return(new UserToken(AuthenticationType.RemotePowerShellDelegated, delegatedPrincipal, null, delegatedPrincipal.Identity.Name, null, null, null, delegatedPrincipal.DelegatedOrganization, false, commonAccessToken));
}
SidOAuthIdentity sidOAuthIdentity = identity as SidOAuthIdentity;
if (sidOAuthIdentity != null)
{
PartitionId partitionId;
PartitionId.TryParse(sidOAuthIdentity.PartitionId, out partitionId);
return(new UserToken(AuthenticationType.OAuth, null, null, sidOAuthIdentity.Name, sidOAuthIdentity.Sid, partitionId, sidOAuthIdentity.OAuthIdentity.OrganizationId, sidOAuthIdentity.ManagedTenantName, false, sidOAuthIdentity.OAuthIdentity.ToCommonAccessTokenVersion1()));
}
WindowsIdentity windowsIdentity = identity as WindowsIdentity;
if (windowsIdentity != null)
{
return(new UserToken(AuthenticationType.Kerberos, null, null, windowsIdentity.Name, windowsIdentity.User, null, null, null, false, new CommonAccessToken(windowsIdentity)));
}
WindowsTokenIdentity windowsTokenIdentity = identity as WindowsTokenIdentity;
if (windowsTokenIdentity != null && windowsTokenIdentity.AccessToken != null && windowsTokenIdentity.AccessToken.CommonAccessToken != null)
{
PartitionId partitionId2;
PartitionId.TryParse(windowsTokenIdentity.PartitionId, out partitionId2);
return(new UserToken(AuthenticationType.Kerberos, null, null, windowsTokenIdentity.Name, windowsTokenIdentity.Sid, partitionId2, null, null, false, windowsTokenIdentity.AccessToken.CommonAccessToken));
}
CommonAccessToken commonAccessToken2 = new CommonAccessToken(AccessTokenType.CertificateSid);
SecurityIdentifier securityIdentifier = identity.GetSecurityIdentifier();
commonAccessToken2.ExtensionData["UserSid"] = securityIdentifier.ToString();
GenericSidIdentity genericSidIdentity = identity as GenericSidIdentity;
if (genericSidIdentity != null)
{
commonAccessToken2.ExtensionData["Partition"] = genericSidIdentity.PartitionId;
}
return(new UserToken(AuthenticationType.Certificate, null, null, identity.Name, securityIdentifier, null, null, null, false, commonAccessToken2));
}
private string GetTenant(IIdentity identity, HttpRequest httpRequest)
{
if (identity == null)
{
return(null);
}
SidOAuthIdentity sidOAuthIdentity = identity as SidOAuthIdentity;
string result;
if (sidOAuthIdentity != null)
{
ExTraceGlobals.ReportingWebServiceTracer.TraceDebug(0, 0L, "[RbacPrincipalManager::GetTenant] Return SidOAuthIdentity.ManagedTenantName.");
result = sidOAuthIdentity.ManagedTenantName;
}
else
{
ExTraceGlobals.ReportingWebServiceTracer.TraceDebug(0, 0L, "[RbacPrincipalManager::GetTenant] Not SidOAuthIdentity.");
result = this.GetTenantDomain(httpRequest);
}
return(result);
}
