private static UserContextKey GetUserContextKey(HttpContext httpContext, ClientSecurityContext overrideClientSecurityContext, out UserContextCookie userContextCookie) { UserContextKey userContextKey = null; string explicitLogonUser = UserContextUtilities.GetExplicitLogonUser(httpContext); if (string.IsNullOrEmpty(explicitLogonUser)) { userContextCookie = UserContextCookie.GetUserContextCookie(httpContext); if (userContextCookie != null) { ExTraceGlobals.UserContextCallTracer.TraceDebug <UserContextCookie>(0L, "Found cookie in the request: {0}", userContextCookie); if (overrideClientSecurityContext == null) { userContextKey = UserContextKey.CreateFromCookie(userContextCookie, httpContext); } else { userContextKey = UserContextKey.CreateFromCookie(userContextCookie, overrideClientSecurityContext.UserSid); } } } else { userContextCookie = null; if (UserContextManager.RequestRequiresSharedContext(httpContext)) { userContextKey = UserContextKey.Create("D894745CADD64DB9B00309200288E1E7", "SharedAdmin", explicitLogonUser); } else { SecurityIdentifier securityIdentifier = httpContext.User.Identity.GetSecurityIdentifier(); if (securityIdentifier == null) { ExTraceGlobals.UserContextCallTracer.TraceDebug <IIdentity>(0L, "UserContextManager.GetUserContextKey: current user has no security identifier - '{0}'", httpContext.User.Identity); ExWatson.SendReport(new InvalidOperationException(string.Format("UserContextManager.GetUserContextKey: current user has no security identifier - '{0}'", httpContext.User.Identity)), ReportOptions.None, null); return(null); } string logonUniqueKey = securityIdentifier.ToString(); string text = httpContext.Request.Headers["X-OWA-Test-ExplicitLogonUserId"]; if (string.IsNullOrEmpty(text) || !AppConfigLoader.GetConfigBoolValue("Test_OwaAllowHeaderOverride", false)) { text = "B387FD19C8C4416694EB79909BED70B5"; } userContextKey = UserContextKey.Create(text, logonUniqueKey, explicitLogonUser); ExTraceGlobals.UserContextCallTracer.TraceDebug <UserContextKey>(0L, "Cookie not found but this is explicit logon. Generated Key: {0}", userContextKey); } } return(userContextKey); }
private static void DoLogoffCleanup(RequestContext requestContext) { ExTraceGlobals.CoreCallTracer.TraceDebug(0L, "[RequestDispatcher::DoLogoff] entry."); HttpContext httpContext = requestContext.HttpContext; UserContext userContext = requestContext.UserContext as UserContext; UserContextKey key = userContext.Key; try { ExTraceGlobals.UserContextTracer.TraceDebug <UserContext>(0L, "[RequestDispatcher::DoLogoffCleanup] Found user context in the cache, User context instance={0}.", userContext); userContext.State = UserContextState.MarkedForLogoff; userContext.LogBreadcrumb("MarkedForLogoff"); userContext.DoLogoffCleanup(); userContext.LogBreadcrumb("DoLogoffCleanup completed"); } finally { UserContextCookie userContextCookie = UserContextCookie.GetUserContextCookie(requestContext.HttpContext); if (userContextCookie != null) { HttpUtilities.DeleteCookie(httpContext.Response, userContextCookie.CookieName); } HttpUtilities.DeleteCookie(httpContext.Response, Canary15Profile.Owa.Name); if (key.UserContextId == null) { string message = "User context id couldn't be retrieved. Logoff can't be performed"; ExTraceGlobals.UserContextTracer.TraceDebug(0L, message); userContext.LogBreadcrumb(message); userContext.Dispose(); userContext = null; } else { userContext.LogBreadcrumb("Logoff invoking Cache.Remove"); object obj = HttpRuntime.Cache.Remove(key.ToString()); userContext.LogBreadcrumb("Logoff invoked Cache.Remove"); string message2 = (obj == null) ? "The userContext was already deleted from the cache" : "Context successfully deleted from the cache"; ExTraceGlobals.UserContextTracer.TraceDebug(0L, message2); userContext.LogBreadcrumb(message2); } } }
// Token: 0x06000790 RID: 1936 RVA: 0x00018200 File Offset: 0x00016400 internal static UserContextCookie TryCreateFromHttpCookie(HttpCookie cookie) { string text = null; string text2 = null; if (string.IsNullOrEmpty(cookie.Value)) { return(null); } if (!UserContextCookie.TryParseCookieValue(cookie.Value, out text, out text2)) { return(null); } string text3 = null; if (!UserContextCookie.TryParseCookieName(cookie.Name, out text3)) { return(null); } return(UserContextCookie.Create(text3, text, text2, cookie.Secure)); }
// Token: 0x06000793 RID: 1939 RVA: 0x0001834C File Offset: 0x0001654C internal static UserContextCookie GetUserContextCookie(HttpContext httpContext) { HttpRequest request = httpContext.Request; for (int i = 0; i < request.Cookies.Count; i++) { HttpCookie httpCookie = request.Cookies[i]; if (httpCookie.Name != null && httpCookie.Name.StartsWith(UserContextCookie.UserContextCookiePrefix, StringComparison.OrdinalIgnoreCase)) { UserContextCookie userContextCookie = UserContextCookie.TryCreateFromHttpCookie(httpCookie); if (userContextCookie == null) { ExTraceGlobals.UserContextTracer.TraceDebug <string, string, string>(0L, "Invalid user context cookie received. Name={0}, Value={1}, httpContext.Request.RawUrl={2}", httpCookie.Name, httpCookie.Value, request.RawUrl); return(null); } if (userContextCookie.MailboxUniqueKey == null) { if (!UserContextUtilities.IsDifferentMailbox(httpContext)) { return(userContextCookie); } } else { string explicitLogonUser = UserContextUtilities.GetExplicitLogonUser(httpContext); if (!string.IsNullOrEmpty(explicitLogonUser)) { using (OwaIdentity owaIdentity = OwaIdentity.CreateOwaIdentityFromExplicitLogonAddress(explicitLogonUser)) { if (string.Equals(userContextCookie.MailboxUniqueKey, owaIdentity.UniqueId, StringComparison.Ordinal)) { return(userContextCookie); } } } } } } return(null); }
private static IMailboxContext AcquireUserContext(HttpContext httpContext, AuthZClientInfo effectiveCaller, UserContextKey userContextKey, UserContextCookie userContextCookie) { IMailboxContext mailboxContext = null; UserContextStatistics userContextStatistics = null; try { if (userContextKey != null) { mailboxContext = UserContextManager.GetMailboxContextFromCache(userContextKey); if (mailboxContext == null || mailboxContext.State == UserContextState.Abandoned) { UserContextManager.CreateUserContext(httpContext, userContextKey, effectiveCaller, out mailboxContext, out userContextStatistics); } } else { UserContextManager.CreateUserContext(httpContext, null, effectiveCaller, out mailboxContext, out userContextStatistics); string cookieId = null; if (mailboxContext != null) { userContextCookie = UserContextCookie.CreateFromKey(cookieId, mailboxContext.Key, httpContext.Request.IsSecureConnection); httpContext.Response.Cookies.Set(userContextCookie.HttpCookie); userContextStatistics.CookieCreated = true; } } } finally { if (userContextStatistics != null) { SignInLogEvent logEvent = new SignInLogEvent(mailboxContext, (userContextCookie != null) ? userContextCookie.CookieValue : string.Empty, userContextStatistics, httpContext.Request.Url); OwaServerLogger.AppendToLog(logEvent); } } return(mailboxContext); }
// Token: 0x06000791 RID: 1937 RVA: 0x00018254 File Offset: 0x00016454 internal static bool TryParseCookieValue(string cookieValue, out string userContextId, out string mailboxUniqueKey) { userContextId = null; mailboxUniqueKey = null; if (cookieValue.Length == 32) { userContextId = cookieValue; } else { if (cookieValue.Length < 34) { return(false); } int num = cookieValue.IndexOf('&'); if (num != 32) { return(false); } num++; userContextId = cookieValue.Substring(0, num - 1); string tokenValidBase64String = cookieValue.Substring(num, cookieValue.Length - num); byte[] bytes = null; try { bytes = UserContextUtilities.ValidTokenBase64Decode(tokenValidBase64String); } catch (FormatException) { return(false); } UTF8Encoding utf8Encoding = new UTF8Encoding(); mailboxUniqueKey = utf8Encoding.GetString(bytes); } return(UserContextCookie.IsValidUserContextId(userContextId)); }
// Token: 0x0600078F RID: 1935 RVA: 0x000181E9 File Offset: 0x000163E9 internal static UserContextCookie CreateFromKey(string cookieId, UserContextKey userContextKey, bool isSecure) { return(UserContextCookie.Create(cookieId, userContextKey.UserContextId, userContextKey.MailboxUniqueKey, isSecure)); }
// Token: 0x0600097E RID: 2430 RVA: 0x00020CF4 File Offset: 0x0001EEF4 internal static void HandleException(RequestContext requestContext, Exception exception) { if (exception is HttpException && (exception.InnerException is SlabManifestException || exception.InnerException is FlightConfigurationException)) { exception = exception.InnerException; } ErrorHandlerUtilities.RecordException(requestContext, exception); ExTraceGlobals.CoreTracer.TraceDebug <Type, Exception>(0L, "Exception: Type: {0} Error: {1}.", exception.GetType(), exception); HttpContext httpContext = requestContext.HttpContext; HttpUtilities.MakePageNoCacheNoStore(httpContext.Response); if (exception is HttpException) { HttpUtilities.EndResponse(httpContext, HttpStatusCode.BadRequest); return; } if (exception is OwaInvalidRequestException || exception is OwaInvalidIdFormatException) { HttpUtilities.EndResponse(httpContext, HttpStatusCode.BadRequest); return; } if (exception is MailboxInSiteFailoverException && requestContext.UserContext != null) { ExTraceGlobals.CoreTracer.TraceDebug <string>(0L, "User {0}'s mailbox in-site failover occurs.", requestContext.UserContext.ExchangePrincipal.LegacyDn); if (requestContext.UserContext != null) { requestContext.UserContext.DisconnectMailboxSession(); } } if (exception is MailboxCrossSiteFailoverException || exception is WrongServerException) { if (requestContext.UserContext != null) { ExTraceGlobals.CoreTracer.TraceDebug <string>(0L, "User {0}'s mailbox cross-site failover occurs.", requestContext.UserContext.ExchangePrincipal.LegacyDn); } UserContextCookie userContextCookie = UserContextCookie.GetUserContextCookie(httpContext); if (userContextCookie != null) { HttpUtilities.DeleteCookie(httpContext.Response, userContextCookie.CookieName); } } if (exception is OverBudgetException) { OverBudgetException ex = (OverBudgetException)exception; httpContext.Response.AppendToLog(string.Format("&OverBudget({0}/{1}),Owner:{2}[{3}]", new object[] { ex.IsServiceAccountBudget ? "ServiceAccount" : "Normal", ex.PolicyPart, ex.Owner, ex.Snapshot })); } ErrorInformation exceptionHandlingInformation = ErrorHandlerUtilities.GetExceptionHandlingInformation(exception, requestContext); try { if (!requestContext.ErrorSent) { requestContext.ErrorSent = true; httpContext.Response.Clear(); try { if (RequestDispatcherUtilities.GetRequestType(httpContext.Request) != OwaRequestType.ServiceRequest && RequestDispatcherUtilities.GetRequestType(httpContext.Request) != OwaRequestType.Oeh && !httpContext.Request.Path.Contains(OwaUrl.SessionDataPage.ImplicitUrl)) { StringBuilder stringBuilder = new StringBuilder("/owa/auth/errorfe.aspx"); stringBuilder.Append("?"); stringBuilder.Append("httpCode"); stringBuilder.Append("="); stringBuilder.Append(500); if (exceptionHandlingInformation.SharePointApp) { stringBuilder.Append("&sharepointapp=true"); } if (exceptionHandlingInformation.SiteMailbox) { stringBuilder.Append("&sm=true"); } if (exceptionHandlingInformation.GroupMailboxDestination != null) { stringBuilder.Append("&gm="); stringBuilder.Append(HttpUtility.UrlEncode(exceptionHandlingInformation.GroupMailboxDestination)); } if (exceptionHandlingInformation.MessageId != null) { stringBuilder.Append("&"); stringBuilder.Append("msg"); stringBuilder.Append("="); stringBuilder.Append((long)exceptionHandlingInformation.MessageId.Value); if (!string.IsNullOrWhiteSpace(exceptionHandlingInformation.MessageParameter)) { stringBuilder.Append("&"); stringBuilder.Append("msgParam"); stringBuilder.Append("="); stringBuilder.Append(HttpUtility.UrlEncode(exceptionHandlingInformation.MessageParameter)); } } if (!string.IsNullOrWhiteSpace(httpContext.Response.Headers["X-OWA-Error"])) { stringBuilder.Append("&owaError="); stringBuilder.Append(httpContext.Response.Headers["X-OWA-Error"]); } stringBuilder.Append("&owaVer="); stringBuilder.Append(Globals.ApplicationVersion); stringBuilder.Append("&be="); stringBuilder.Append(Environment.MachineName); stringBuilder.Append("&ts="); stringBuilder.Append(DateTime.UtcNow.ToFileTimeUtc()); if (!string.IsNullOrWhiteSpace(exceptionHandlingInformation.Lids)) { httpContext.Response.AppendToLog(string.Format("&lids={0}", exceptionHandlingInformation.Lids)); } if (exceptionHandlingInformation.SupportLevel != null && exceptionHandlingInformation.SupportLevel != SupportLevel.Unknown) { httpContext.Response.AppendHeader("X-OWASuppLevel", exceptionHandlingInformation.SupportLevel.ToString()); httpContext.Response.AppendToLog(string.Format("&{0}={1}", "suplvl", exceptionHandlingInformation.SupportLevel.ToString())); } httpContext.Response.Redirect(stringBuilder.ToString(), false); } else { httpContext.Response.Write(exceptionHandlingInformation.Message); httpContext.Response.StatusCode = 500; if (exceptionHandlingInformation.MessageId != null) { httpContext.Response.AddHeader(WellKnownHeader.XOWAErrorMessageID, exceptionHandlingInformation.MessageId.ToString()); } httpContext.Response.TrySkipIisCustomErrors = true; httpContext.Response.Flush(); } httpContext.ApplicationInstance.CompleteRequest(); } catch (HttpException arg) { ExTraceGlobals.CoreTracer.TraceDebug <HttpException>(0L, "Failed to flush and send response to client after submitting watson and rendering error page. {0}", arg); } } } finally { if (exceptionHandlingInformation.SendWatsonReport && Globals.SendWatsonReports) { ExTraceGlobals.CoreTracer.TraceDebug(0L, "Sending watson report"); ReportOptions options = (exception is AccessViolationException || exception is InvalidProgramException || exception is TypeInitializationException) ? ReportOptions.ReportTerminateAfterSend : ReportOptions.None; ExWatson.SendReport(exception, options, null); } if (exception is AccessViolationException) { ExTraceGlobals.CoreTracer.TraceDebug(0L, "Shutting down OWA due to unrecoverable exception"); ErrorHandlerUtilities.TerminateProcess(); } else if ((exception is InvalidProgramException || exception is TypeInitializationException) && Interlocked.Exchange(ref ErrorHandlerUtilities.queuedDelayedRestart, 1) == 0) { new Thread(new ThreadStart(ErrorHandlerUtilities.DelayedRestartUponUnexecutableCode)).Start(); } httpContext.Response.End(); } }
internal static UserContextKey CreateFromCookie(UserContextCookie userContextCookie, SecurityIdentifier sid) { string text = sid.ToString(); return(new UserContextKey(userContextCookie.UserContextId, text, userContextCookie.MailboxUniqueKey)); }