private static void SetPolicyEnforcementMWA(ConfigurationElement extendedProtectionPolicyElement, ExtendedProtectionTokenCheckingMode tokenCheckingMode)
{
object[] array = (tokenCheckingMode == ExtendedProtectionTokenCheckingMode.Allow) ? ExtendedProtection.WebConfigReflectionHelper.whenSupported : ((tokenCheckingMode == ExtendedProtectionTokenCheckingMode.Require) ? ExtendedProtection.WebConfigReflectionHelper.always : ExtendedProtection.WebConfigReflectionHelper.never);
extendedProtectionPolicyElement["policyEnforcement"] = array[0];
}
public static void LoadFromMetabase(string metabasePath, ObjectId identity, Task task, out ExtendedProtectionTokenCheckingMode extendedProtectionTokenChecking, out MultiValuedProperty <ExtendedProtectionFlag> extendedProtectionFlags, out MultiValuedProperty <string> extendedProtectionSPNList)
{
extendedProtectionTokenChecking = ExtendedProtectionTokenCheckingMode.None;
extendedProtectionFlags = new MultiValuedProperty <ExtendedProtectionFlag>();
extendedProtectionSPNList = new MultiValuedProperty <string>();
using (DirectoryEntry directoryEntry = IisUtility.CreateIISDirectoryEntry(metabasePath, (task != null) ? new Task.TaskErrorLoggingReThrowDelegate(task.WriteError) : null, identity, false))
{
if (directoryEntry != null)
{
string text;
string str;
string str2;
if (ExtendedProtection.GetServerWebSiteAndPath(metabasePath, out text, out str, out str2))
{
using (ServerManager serverManager = ServerManager.OpenRemote(text))
{
Configuration applicationHostConfiguration = serverManager.GetApplicationHostConfiguration();
if (applicationHostConfiguration != null)
{
ConfigurationSection section = applicationHostConfiguration.GetSection("system.webServer/security/authentication/windowsAuthentication", "/" + str + str2);
if (section != null)
{
ConfigurationElement configurationElement = section.ChildElements["extendedProtection"];
if (configurationElement != null)
{
object attributeValue = configurationElement.GetAttributeValue("tokenChecking");
if (attributeValue != null && attributeValue is int)
{
extendedProtectionTokenChecking = (ExtendedProtectionTokenCheckingMode)attributeValue;
}
object attributeValue2 = configurationElement.GetAttributeValue("flags");
if (attributeValue2 != null && attributeValue2 is int)
{
extendedProtectionFlags.Add((ExtendedProtectionFlag)attributeValue2);
}
ConfigurationElementCollection collection = configurationElement.GetCollection();
if (collection != null)
{
foreach (ConfigurationElement configurationElement2 in collection)
{
if (configurationElement2.Schema.Name == "spn")
{
string item = configurationElement2.GetAttributeValue("name").ToString();
extendedProtectionSPNList.Add(item);
}
}
}
}
}
}
}
}
}
}
}
private static void SetPolicyEnforcement(object extendedProtectionPolicyProperty, ExtendedProtectionTokenCheckingMode tokenCheckingMode)
{
object[] parameters = (tokenCheckingMode == ExtendedProtectionTokenCheckingMode.Allow) ? ExtendedProtection.WebConfigReflectionHelper.whenSupported : ((tokenCheckingMode == ExtendedProtectionTokenCheckingMode.Require) ? ExtendedProtection.WebConfigReflectionHelper.always : ExtendedProtection.WebConfigReflectionHelper.never);
ExtendedProtection.WebConfigReflectionHelper.policyEnforcementSetMethodInfo.Invoke(extendedProtectionPolicyProperty, parameters);
}
