private void CreateInputHtmlCollection(SecureNameValueCollection collection, SecureHttpBuffer buffer, Uri redirectUrl, int majorCasVersion)
{
foreach (string text in collection)
{
buffer.CopyAtCurrentPosition("<input type='hidden' name='");
buffer.CopyAtCurrentPosition(text);
buffer.CopyAtCurrentPosition("' value='");
if (text == "password")
{
SecureString securePassword;
collection.TryGetSecureValue(text, out securePassword);
using (SecureArray <char> secureArray = securePassword.TransformToSecureCharArray(new CharTransformDelegate(FbaFormPostProxyRequestHandler.EncodeForSingleQuotedAttribute)))
{
buffer.CopyAtCurrentPosition(secureArray);
goto IL_14B;
}
goto IL_72;
}
goto IL_72;
IL_14B:
buffer.CopyAtCurrentPosition("'>");
continue;
IL_72:
string text2;
if (!(text == "destination"))
{
collection.TryGetUnsecureValue(text, out text2);
buffer.CopyAtCurrentPosition(EncodingUtilities.HtmlEncode(text2));
goto IL_14B;
}
collection.TryGetUnsecureValue(text, out text2);
Uri uri;
if (!Uri.TryCreate(text2, UriKind.Absolute, out uri))
{
throw new HttpException(400, "destination value is not valid");
}
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append(redirectUrl.Scheme);
stringBuilder.Append(Uri.SchemeDelimiter);
stringBuilder.Append(redirectUrl.Authority);
if (FbaFormPostProxyRequestHandler.IsOwaUrl(uri, OwaUrl.AuthPost, true))
{
stringBuilder.Append(OwaUrl.ApplicationRoot.ImplicitUrl);
}
else if (string.IsNullOrEmpty(this.explicitLogonUser))
{
stringBuilder.Append(redirectUrl.PathAndQuery);
}
else
{
stringBuilder.Append(uri.PathAndQuery);
}
buffer.CopyAtCurrentPosition(stringBuilder.ToString());
goto IL_14B;
}
}
private void CreateHtmlForSsoFba(SecureHttpBuffer buffer, SecureNameValueCollection collection, Uri redirectUrl, int majorCasVersion)
{
string noScriptHtml = FbaFormPostProxyRequestHandler.GetNoScriptHtml();
buffer.CopyAtCurrentPosition("<html><noscript>");
buffer.CopyAtCurrentPosition(noScriptHtml.ToString());
buffer.CopyAtCurrentPosition("</noscript><head><title>Continue</title><script type='text/javascript'>function OnBack(){}function DoSubmit(){var subt=false;if(!subt){subt=true;document.logonForm.submit();}}</script></head><body onload='javascript:DoSubmit();'>");
this.CreateFormHtmlForSsoFba(buffer, collection, redirectUrl, majorCasVersion);
buffer.CopyAtCurrentPosition("</body></html>");
}
private void CreateFormHtmlForSsoFba(SecureHttpBuffer buffer, SecureNameValueCollection collection, Uri redirectUrl, int majorCasVersion)
{
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append(redirectUrl.Scheme);
stringBuilder.Append(Uri.SchemeDelimiter);
stringBuilder.Append(redirectUrl.Authority);
stringBuilder.Append(OwaUrl.AuthDll.ImplicitUrl);
buffer.CopyAtCurrentPosition("<form name='logonForm' id='logonForm' action='");
buffer.CopyAtCurrentPosition(stringBuilder.ToString());
buffer.CopyAtCurrentPosition("' method='post' target='_top'>");
this.CreateInputHtmlCollection(collection, buffer, redirectUrl, majorCasVersion);
buffer.CopyAtCurrentPosition("</form>");
}
private void RedirectUsingSSOFBA(SecureNameValueCollection collection, Uri redirectUrl, HttpResponse response, int majorCasVersion)
{
response.StatusCode = 200;
response.Status = "200 - OK";
response.BufferOutput = false;
response.CacheControl = "no-cache";
response.Cache.SetNoStore();
HttpCookie httpCookie = new HttpCookie("PBack");
httpCookie.Value = "1";
response.Cookies.Add(httpCookie);
response.Headers.Add("X-OWA-FEError", ErrorFE.FEErrorCodes.CasRedirect.ToString());
using (SecureHttpBuffer secureHttpBuffer = new SecureHttpBuffer(1000, response))
{
this.CreateHtmlForSsoFba(secureHttpBuffer, collection, redirectUrl, majorCasVersion);
secureHttpBuffer.Flush();
response.End();
}
}