示例#1
0
        // Token: 0x06000287 RID: 647 RVA: 0x000119AC File Offset: 0x0000FBAC
        private bool InternalCheckAccessCore(OperationContext operationContext)
        {
            string text = operationContext.RequestContext.RequestMessage.Headers.Action;

            if (!string.IsNullOrEmpty(text))
            {
                text = text.Substring(text.LastIndexOf('/') + 1);
                RequestDetailsLoggerBase <RequestDetailsLogger> .Current.ActivityScope.Action = text;
            }
            if (AutodiscoverAuthorizationManager.IsAnonymousMethod(operationContext))
            {
                ExTraceGlobals.AuthenticationTracer.TraceDebug <string>(0L, "Allowing request to go anonymous: {0}", operationContext.IncomingMessageHeaders.Action);
                return(true);
            }
            HttpContext     httpContext         = HttpContext.Current;
            HttpApplication applicationInstance = httpContext.ApplicationInstance;

            if (!httpContext.Request.IsAuthenticated)
            {
                if (ServiceSecurityContext.Current == null)
                {
                    return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "ServiceSecurityContext.Current was null"));
                }
                AuthorizationContext authorizationContext = ServiceSecurityContext.Current.AuthorizationContext;
                if (authorizationContext == null)
                {
                    return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "authContext was null"));
                }
                if (authorizationContext.ClaimSets == null)
                {
                    return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "authContext.ClaimSets was null"));
                }
                if (authorizationContext.ClaimSets.Count == 0)
                {
                    return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "authContext.ClaimSets.Count was 0"));
                }
                if (AutodiscoverAuthorizationManager.IsDelegationToken(authorizationContext.ClaimSets))
                {
                    if (!AutodiscoverAuthorizationManager.CheckClaimSetsForExternalUser(authorizationContext, operationContext))
                    {
                        return(false);
                    }
                }
                else
                {
                    if (!VariantConfiguration.InvariantNoFlightingSnapshot.Autodiscover.LogonViaStandardTokens.Enabled)
                    {
                        return(AutodiscoverAuthorizationManager.Return401UnauthorizedResponse(operationContext, "No login via standard token on-premises"));
                    }
                    Uri uri = operationContext.Channel.LocalAddress.Uri;
                    if (Common.IsWsSecuritySymmetricKeyAddress(uri))
                    {
                        if (!AutodiscoverAuthorizationManager.CheckClaimSetsForPartnerUser(authorizationContext, operationContext))
                        {
                            return(false);
                        }
                    }
                    else if (Common.IsWsSecurityX509CertAddress(uri))
                    {
                        if (!AutodiscoverAuthorizationManager.CheckClaimSetsForX509CertUser(authorizationContext, operationContext))
                        {
                            return(false);
                        }
                    }
                    else
                    {
                        if (!Common.IsWsSecurityAddress(uri))
                        {
                            return(false);
                        }
                        if (!AutodiscoverAuthorizationManager.CheckClaimSets(operationContext, authorizationContext.ClaimSets))
                        {
                            return(false);
                        }
                    }
                }
            }
            Common.ResolveCaller();
            return(base.CheckAccessCore(operationContext));
        }