示例#1
0
 // Token: 0x060006FA RID: 1786 RVA: 0x0001A1CC File Offset: 0x000183CC
 public static OrganizationId ResolveCurrentUserOrganization(out ADObjectId userId)
 {
     userId = null;
     try
     {
         using (WindowsIdentity current = WindowsIdentity.GetCurrent())
         {
             if (current == null)
             {
                 return(null);
             }
             IRootOrganizationRecipientSession rootOrganizationRecipientSession = DirectorySessionFactory.Default.CreateRootOrgRecipientSession(true, ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 1263, "ResolveCurrentUserOrganization", "f:\\15.00.1497\\sources\\dev\\Configuration\\src\\ObjectModel\\BaseTasks\\TaskHelper.cs");
             ADRawEntry adrawEntry = rootOrganizationRecipientSession.FindADRawEntryBySid(current.User, new ADPropertyDefinition[]
             {
                 ADObjectSchema.RawName,
                 ADObjectSchema.Name,
                 ADObjectSchema.Id,
                 ADObjectSchema.ExchangeVersion,
                 ADObjectSchema.OrganizationalUnitRoot,
                 ADObjectSchema.ConfigurationUnit
             });
             if (adrawEntry == null)
             {
                 return(null);
             }
             userId = adrawEntry.Id;
             return((OrganizationId)adrawEntry[ADObjectSchema.OrganizationId]);
         }
     }
     catch (InvalidOperationException e)
     {
         TaskLogger.LogError(e);
     }
     catch (DataSourceOperationException e2)
     {
         TaskLogger.LogError(e2);
     }
     catch (TransientException e3)
     {
         TaskLogger.LogError(e3);
     }
     catch (DataValidationException e4)
     {
         TaskLogger.LogError(e4);
     }
     return(null);
 }
示例#2
0
        private IAuthenticationInfo GetPrincipal(OperationContext operationContext)
        {
            MRSProxyAuthorizationManager.AuthenticationData authenticationData = this.GetAuthenticationData(operationContext);
            if (authenticationData.AuthenticationInfo != null)
            {
                return(authenticationData.AuthenticationInfo);
            }
            IAuthenticationInfo authenticationInfo = base.Authenticate(operationContext);

            if (authenticationInfo == null)
            {
                return(null);
            }
            if (operationContext.Channel.LocalAddress.Uri.Scheme == "net.tcp" || this.TestIntegration.UseHttpsForLocalMoves)
            {
                return(authenticationInfo);
            }
            WindowsPrincipal windowsPrincipal = authenticationInfo.WindowsPrincipal;
            WindowsIdentity  windowsIdentity  = windowsPrincipal.Identity as WindowsIdentity;

            using (ClientSecurityContext clientSecurityContext = new ClientSecurityContext(windowsIdentity))
            {
                if (!LocalServer.AllowsTokenSerializationBy(clientSecurityContext))
                {
                    MrsTracer.ProxyService.Debug("MRSProxyAuthorizationManager: User {0} does not have the permission to serialize security token.", new object[]
                    {
                        authenticationInfo.PrincipalName
                    });
                    return(null);
                }
            }
            object obj;

            if (!OperationContext.Current.IncomingMessageProperties.TryGetValue(HttpRequestMessageProperty.Name, out obj))
            {
                return(null);
            }
            HttpRequestMessageProperty httpRequestMessageProperty = obj as HttpRequestMessageProperty;

            if (httpRequestMessageProperty == null)
            {
                return(null);
            }
            string[] values = httpRequestMessageProperty.Headers.GetValues("X-CommonAccessToken");
            if (values == null || values.Length != 1)
            {
                return(null);
            }
            string text = values[0];

            if (string.IsNullOrEmpty(text))
            {
                return(null);
            }
            using (ClientSecurityContext clientSecurityContext2 = new ClientSecurityContext(windowsIdentity))
            {
                if (!LocalServer.AllowsTokenSerializationBy(clientSecurityContext2))
                {
                    MrsTracer.ProxyService.Debug("MRSProxyAuthorizationManager: User {0} does not have the permission to serialize security token.", new object[]
                    {
                        windowsIdentity
                    });
                    return(null);
                }
            }
            CommonAccessToken  commonAccessToken  = CommonAccessToken.Deserialize(text);
            SecurityIdentifier securityIdentifier = new SecurityIdentifier(commonAccessToken.WindowsAccessToken.UserSid);
            IRootOrganizationRecipientSession rootOrganizationRecipientSession = DirectorySessionFactory.Default.CreateRootOrgRecipientSession(true, ConsistencyMode.PartiallyConsistent, ADSessionSettings.FromRootOrgScopeSet(), 300, "GetPrincipal", "f:\\15.00.1497\\sources\\dev\\mrs\\src\\ProxyService\\MRSProxyAuthorizationManager.cs");
            ADRawEntry adrawEntry = rootOrganizationRecipientSession.FindADRawEntryBySid(securityIdentifier, MRSProxyAuthorizationManager.userPrincipalName);

            if (adrawEntry == null)
            {
                authenticationData.AuthenticationInfo = new AuthenticationInfo(securityIdentifier);
            }
            else
            {
                string sUserPrincipalName = (string)adrawEntry[ADUserSchema.UserPrincipalName];
                windowsIdentity = new WindowsIdentity(sUserPrincipalName);
                authenticationData.AuthenticationInfo = new AuthenticationInfo(windowsIdentity, windowsIdentity.Name);
            }
            return(authenticationData.AuthenticationInfo);
        }