public static void SendCanary(this HttpContext context, ref CanaryStatus canaryStatus, ref bool shouldAddLog)
{
if (context.Request.IsAuthenticated && !context.IsLogoffRequest())
{
bool flag = false;
string cachedUserUniqueKey = context.GetCachedUserUniqueKey();
string canaryName = context.GetCanaryName();
HttpCookie httpCookie = context.Request.Cookies[canaryName];
if (httpCookie != null && Canary.RestoreCanary(httpCookie.Value, cachedUserUniqueKey) != null)
{
flag = true;
}
if (!flag)
{
if (httpCookie != null)
{
EcpEventLogConstants.Tuple_ResetCanaryInCookie.LogEvent(new object[]
{
EcpEventLogExtensions.GetUserNameToLog(),
cachedUserUniqueKey,
canaryName,
context.GetRequestUrlForLog(),
(httpCookie != null) ? httpCookie.Value : string.Empty
});
}
Canary canary = new Canary(Guid.NewGuid(), cachedUserUniqueKey);
HttpCookie httpCookie2 = new HttpCookie(canaryName, canary.ToString());
httpCookie2.HttpOnly = false;
httpCookie2.Path = EcpUrl.GetEcpVDirForCanary();
context.Response.Cookies.Add(httpCookie2);
canaryStatus |= CanaryStatus.IsCanaryRenewed;
}
}
shouldAddLog = true;
}
private static bool HasValidCanary(this HttpContext context, string canaryInHeader, string canaryInForm, string canaryInUrl, out string canaryVersion, ref CanaryStatus canaryStatus)
{
bool flag = context.User is InboundProxySession;
bool flag2 = !flag || !string.IsNullOrEmpty(context.Request.Headers["msExchEcpOutboundProxyVersion"]);
canaryVersion = (flag2 ? "14.2" : "14.1");
string canaryName = context.GetCanaryName();
HttpCookie httpCookie = context.Request.Cookies[canaryName];
string text = (httpCookie == null) ? string.Empty : httpCookie.Value;
string cachedUserUniqueKey = context.GetCachedUserUniqueKey();
Canary canary = Canary.RestoreCanary(text, cachedUserUniqueKey);
bool flag3 = !flag2 || canary != null;
bool flag4 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInForm);
bool flag5 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInHeader);
bool flag6 = StringComparer.Ordinal.Equals(httpCookie.Value, canaryInUrl);
bool flag7 = false;
if (httpCookie != null && !string.IsNullOrEmpty(httpCookie.Value) && flag3)
{
flag7 = (flag5 || flag4 || flag6);
}
if (flag7)
{
if (flag4)
{
canaryStatus |= (CanaryStatus)3;
}
if (flag5)
{
canaryStatus |= (CanaryStatus)1;
}
if (flag6)
{
canaryStatus |= (CanaryStatus)2;
}
}
else if (!flag3)
{
EcpEventLogConstants.Tuple_InvalidCanaryInCookieDetected.LogPeriodicEvent(EcpEventLogExtensions.GetPeriodicKeyPerUser(), new object[]
{
EcpEventLogExtensions.GetUserNameToLog(),
cachedUserUniqueKey,
canaryName,
context.GetRequestUrlForLog(),
text
});
}
else
{
EcpEventLogConstants.Tuple_InvalidCanaryDetected.LogPeriodicEvent(EcpEventLogExtensions.GetPeriodicKeyPerUser(), new object[]
{
EcpEventLogExtensions.GetUserNameToLog(),
context.GetRequestUrlForLog(),
text,
string.Format("{0} in header, {1} in form, in URL {2}", canaryInHeader, canaryInForm, canaryInUrl)
});
}
return(flag7);
}