private string IssueTenantAccessToken(string tenantId)
{
string text = string.Format("{0}@{1}", this.settings.PartnerId, tenantId);
string arg = string.Format("{0}/{1}", this.settings.AcsId, this.settings.AcsUrl.Authority);
string text2 = string.Format("{0}@{1}", arg, tenantId);
JsonWebSecurityToken jsonWebSecurityToken = new JsonWebSecurityToken(text, text2, DateTime.UtcNow, DateTime.UtcNow.AddDays(1.0), Enumerable.Empty <JsonWebTokenClaim>(), CertificateStore.GetSigningCredentials(this.settings.CertificateSubject));
string text3 = string.Format("{0}/{1}@{2}", this.settings.ServiceId, this.settings.ServiceHostName, tenantId);
OAuth2AccessTokenRequest oauth2AccessTokenRequest = OAuth2MessageFactory.CreateAccessTokenRequestWithAssertion(jsonWebSecurityToken, text3);
oauth2AccessTokenRequest.Scope = text3;
OAuth2S2SClient oauth2S2SClient = new OAuth2S2SClient();
OAuth2AccessTokenResponse oauth2AccessTokenResponse = (OAuth2AccessTokenResponse)oauth2S2SClient.Issue(this.settings.AcsUrl.AbsoluteUri, oauth2AccessTokenRequest);
return(oauth2AccessTokenResponse.AccessToken);
}
private static string GetACSToken(OrganizationId tenantID, IConfigurationSession dataSession, ExecutionLog logger, Task task)
{
string result = null;
LocalTokenIssuer localTokenIssuer = new LocalTokenIssuer(tenantID);
LocalConfiguration configuration = ConfigProvider.Instance.Configuration;
Uri uri = null;
string text = null;
string applicationId = configuration.ApplicationId;
string text2 = null;
foreach (PartnerApplication partnerApplication in configuration.PartnerApplications)
{
if (partnerApplication.Enabled && partnerApplication.Name.Contains("Intune"))
{
text2 = partnerApplication.ApplicationIdentifier;
break;
}
}
foreach (AuthServer authServer in configuration.AuthServers)
{
if (authServer.Enabled && authServer.Type == AuthServerType.MicrosoftACS)
{
text = authServer.IssuerIdentifier;
uri = new Uri(authServer.TokenIssuingEndpoint);
break;
}
}
if (localTokenIssuer.SigningCert == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No certificate found.", null);
}
if (text2 == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No partnerId found.", null);
}
if (uri == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No authorizationEndpoint found.", null);
}
if (string.IsNullOrEmpty(text))
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No issuerIdentifier found.", null);
}
if (localTokenIssuer.SigningCert != null && text2 != null && uri != null && !string.IsNullOrEmpty(text))
{
string arg = applicationId;
string arg2 = text2;
string intuneResourceUrl = UnifiedPolicyConfiguration.GetInstance().GetIntuneResourceUrl(dataSession);
string arg3 = text;
string authority = uri.Authority;
string text3 = string.Format("{0}@{1}", arg, tenantID.ToExternalDirectoryOrganizationId());
string text4 = string.Format("{0}/{1}@{2}", arg3, authority, tenantID.ToExternalDirectoryOrganizationId());
string text5 = string.Format("{0}/{1}@{2}", arg2, intuneResourceUrl, tenantID.ToExternalDirectoryOrganizationId());
X509SigningCredentials x509SigningCredentials = new X509SigningCredentials(localTokenIssuer.SigningCert, "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "http://www.w3.org/2001/04/xmlenc#sha256");
JsonWebSecurityToken jsonWebSecurityToken = new JsonWebSecurityToken(text3, text4, DateTime.UtcNow, DateTime.UtcNow.AddMinutes(5.0), new List <JsonWebTokenClaim>(), x509SigningCredentials);
OAuth2AccessTokenRequest oauth2AccessTokenRequest = OAuth2MessageFactory.CreateAccessTokenRequestWithAssertion(jsonWebSecurityToken, text5);
OAuth2S2SClient oauth2S2SClient = new OAuth2S2SClient();
try
{
OAuth2AccessTokenResponse oauth2AccessTokenResponse = (OAuth2AccessTokenResponse)oauth2S2SClient.Issue(uri.AbsoluteUri, oauth2AccessTokenRequest);
if (oauth2AccessTokenResponse != null)
{
result = "Bearer " + oauth2AccessTokenResponse.AccessToken;
}
}
catch (RequestFailedException ex)
{
ex.ToString();
WebException ex2 = (WebException)ex.InnerException;
HttpWebResponse httpWebResponse = (HttpWebResponse)ex2.Response;
Stream responseStream = httpWebResponse.GetResponseStream();
Encoding encoding = Encoding.GetEncoding("utf-8");
string text6 = "Auth service call failed: ";
if (responseStream != null)
{
StreamReader streamReader = new StreamReader(responseStream, encoding);
char[] array = new char[256];
for (int k = streamReader.Read(array, 0, 256); k > 0; k = streamReader.Read(array, 0, 256))
{
text6 += new string(array, 0, k);
}
}
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, text6, ex);
}
}
return(result);
}