store AuthenticationContext and AccessToken in SecurityContext

SMBLibrary/Server/ConnectionState/SMB1ConnectionState.cs

@@ -52,20 +52,20 @@ namespace SMBLibrary.Server
             return null;
         }
 
-        public SMB1Session CreateSession(ushort userID, string userName, string machineName)
+        public SMB1Session CreateSession(ushort userID, string userName, string machineName, object accessToken)
         {
-            SMB1Session session = new SMB1Session(this, userID, userName, machineName);
+            SMB1Session session = new SMB1Session(this, userID, userName, machineName, accessToken);
             m_sessions.Add(userID, session);
             return session;
         }
 
         /// <returns>null if all UserID values have already been allocated</returns>
-        public SMB1Session CreateSession(string userName, string machineName)
+        public SMB1Session CreateSession(string userName, string machineName, object accessToken)
         {
             ushort? userID = AllocateUserID();
             if (userID.HasValue)
             {
-                return CreateSession(userID.Value, userName, machineName);
+                return CreateSession(userID.Value, userName, machineName, accessToken);
             }
             return null;
         }

SMBLibrary/Server/ConnectionState/SMB1Session.cs

@@ -29,11 +29,11 @@ namespace SMBLibrary.Server
         private Dictionary<ushort, OpenSearch> m_openSearches = new Dictionary<ushort, OpenSearch>();
         private ushort m_nextSearchHandle = 1;
 
-        public SMB1Session(SMB1ConnectionState connection, ushort userID, string userName, string machineName)
+        public SMB1Session(SMB1ConnectionState connection, ushort userID, string userName, string machineName, object accessToken)
         {
             m_connection = connection;
             m_userID = userID;
-            m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint);
+            m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint, connection.AuthenticationContext, accessToken);
         }
 
         public ushort? AddConnectedTree(ISMBShare share)

SMBLibrary/Server/ConnectionState/SMB2ConnectionState.cs

@@ -44,9 +44,9 @@ namespace SMBLibrary.Server
             return null;
         }
 
-        public SMB2Session CreateSession(ulong sessionID, string userName, string machineName)
+        public SMB2Session CreateSession(ulong sessionID, string userName, string machineName, object accessToken)
         {
-            SMB2Session session = new SMB2Session(this, sessionID, userName, machineName);
+            SMB2Session session = new SMB2Session(this, sessionID, userName, machineName, accessToken);
             m_sessions.Add(sessionID, session);
             return session;
         }

SMBLibrary/Server/ConnectionState/SMB2Session.cs

@@ -28,11 +28,11 @@ namespace SMBLibrary.Server
         // Key is the persistent portion of the FileID
         private Dictionary<ulong, OpenSearch> m_openSearches = new Dictionary<ulong, OpenSearch>();
 
-        public SMB2Session(SMB2ConnectionState connecton, ulong sessionID, string userName, string machineName)
+        public SMB2Session(SMB2ConnectionState connection, ulong sessionID, string userName, string machineName, object accessToken)
         {
-            m_connection = connecton;
+            m_connection = connection;
             m_sessionID = sessionID;
-            m_securityContext = new SecurityContext(userName, machineName, connecton.ClientEndPoint);
+            m_securityContext = new SecurityContext(userName, machineName, connection.ClientEndPoint, connection.AuthenticationContext, accessToken);
         }
 
         private uint? AllocateTreeID()

SMBLibrary/Server/ConnectionState/SecurityContext.cs

@@ -15,12 +15,16 @@ namespace SMBLibrary
         private string m_userName;
         private string m_machineName;
         private IPEndPoint m_clientEndPoint;
+        public object AuthenticationContext;
+        public object AccessToken;
 
-        public SecurityContext(string userName, string machineName, IPEndPoint clientEndPoint)
+        public SecurityContext(string userName, string machineName, IPEndPoint clientEndPoint, object authenticationContext, object accessToken)
         {
             m_userName = userName;
             m_machineName = machineName;
             m_clientEndPoint = clientEndPoint;
+            AuthenticationContext = authenticationContext;
+            AccessToken = accessToken;
         }
 
         public string UserName

SMBLibrary/Server/SMB1/SessionSetupHelper.cs

@@ -33,17 +33,18 @@ namespace SMBLibrary.Server.SMB1
                 return new ErrorResponse(request.CommandName);
             }
 
+            object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
             bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
             SMB1Session session;
             if (!isGuest.HasValue || !isGuest.Value)
             {
                 state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", message.UserName);
-                session = state.CreateSession(message.UserName, message.WorkStation);
+                session = state.CreateSession(message.UserName, message.WorkStation, accessToken);
             }
             else
             {
                 state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", message.UserName);
-                session = state.CreateSession("Guest", message.WorkStation);
+                session = state.CreateSession("Guest", message.WorkStation, accessToken);
                 response.Action = SessionSetupAction.SetupGuest;
             }
 
@@ -109,16 +110,17 @@ namespace SMBLibrary.Server.SMB1
             {
                 string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
                 string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
+                object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
                 bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
                 if (!isGuest.HasValue || !isGuest.Value)
                 {
                     state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", userName);
-                    state.CreateSession(header.UID, userName, machineName);
+                    state.CreateSession(header.UID, userName, machineName, accessToken);
                 }
                 else
                 {
                     state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", userName);
-                    state.CreateSession(header.UID, "Guest", machineName);
+                    state.CreateSession(header.UID, "Guest", machineName, accessToken);
                     response.Action = SessionSetupAction.SetupGuest;
                 }
             }

SMBLibrary/Server/SMB2/SessionSetupHelper.cs

@@ -55,16 +55,17 @@ namespace SMBLibrary.Server.SMB2
             {
                 string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
                 string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
+                object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
                 bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
                 if (!isGuest.HasValue || !isGuest.Value)
                 {
                     state.LogToServer(Severity.Information, "User '{0}' authenticated successfully.", userName);
-                    state.CreateSession(request.Header.SessionID, userName, machineName);
+                    state.CreateSession(request.Header.SessionID, userName, machineName, accessToken);
                 }
                 else
                 {
                     state.LogToServer(Severity.Information, "User '{0}' failed authentication, logged in as guest.", userName);
-                    state.CreateSession(request.Header.SessionID, "Guest", machineName);
+                    state.CreateSession(request.Header.SessionID, "Guest", machineName, accessToken);
                     response.SessionFlags = SessionFlags.IsGuest;
                 }
             }