private static FreeBusyPermissionLevel FromInternalClient(InternalClientContext internalClientContext, RawSecurityDescriptor securityDescriptor, FreeBusyQuery freeBusyQuery) { if (internalClientContext.ClientSecurityContext == null) { FreeBusyPermission.SecurityTracer.TraceDebug <object, EmailAddress>(0L, "{0}: Caller {1} has no ClientSecurityContext, using default context as 'everyone'.", TraceContext.Get(), freeBusyQuery.Email); return(FreeBusyPermission.AccessCheck(securityDescriptor, ClientSecurityContext.FreeBusyPermissionDefaultClientSecurityContext)); } if (!Configuration.UseDisabledAccount || VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).Global.MultiTenancy.Enabled) { return(FreeBusyPermission.GetPermissionLevel(internalClientContext.ClientSecurityContext, freeBusyQuery, securityDescriptor)); } FreeBusyPermission.SecurityTracer.TraceDebug <object, InternalClientContext>(0L, "{0}: Creating a munged security context for caller {1}.", TraceContext.Get(), internalClientContext); ClientSecurityContext clientSecurityContext = null; try { clientSecurityContext = new SlaveAccountTokenMunger().MungeToken(internalClientContext.ClientSecurityContext, OrganizationId.ForestWideOrgId); return(FreeBusyPermission.GetPermissionLevel(clientSecurityContext, freeBusyQuery, securityDescriptor)); } catch (TokenMungingException arg) { FreeBusyPermission.SecurityTracer.TraceError <object, InternalClientContext, TokenMungingException>(0L, "{0}: Unable to get the munged token for Caller {1}, error {2}, using the client context supplied.", TraceContext.Get(), internalClientContext, arg); } finally { if (clientSecurityContext != null) { clientSecurityContext.Dispose(); } } return(FreeBusyPermission.GetPermissionLevel(internalClientContext.ClientSecurityContext, freeBusyQuery, securityDescriptor)); }
public static FreeBusyPermissionLevel DetermineAllowedAccess(ClientContext clientContext, MailboxSession session, CalendarFolder calendarFolder, FreeBusyQuery freeBusyQuery, bool defaultFreeBusyOnly) { RawSecurityDescriptor rawSecurityDescriptor = calendarFolder.TryGetProperty(CalendarFolderSchema.FreeBusySecurityDescriptor) as RawSecurityDescriptor; if (rawSecurityDescriptor == null) { FreeBusyPermission.SecurityTracer.TraceDebug <object, CalendarFolder>(0L, "{0}: Unable to retrieve FreeBusySecurityDescriptor from folder {1}. Using None as permission level.", TraceContext.Get(), calendarFolder); return(FreeBusyPermissionLevel.None); } if (FreeBusyPermission.SecurityTracer.IsTraceEnabled(TraceType.DebugTrace)) { string sddlForm = rawSecurityDescriptor.GetSddlForm(AccessControlSections.All); FreeBusyPermission.SecurityTracer.TraceDebug <object, EmailAddress, string>(0L, "{0}: The SDDL form of calendar folder security descriptor of mailbox {1} is: {2}.", TraceContext.Get(), freeBusyQuery.Email, sddlForm); } if (defaultFreeBusyOnly) { FreeBusyPermission.SecurityTracer.TraceDebug(0L, "{0}: Using DefaultClientSecurityContext because of defaultFreeBusyOnly is set.", new object[] { TraceContext.Get() }); return(FreeBusyPermission.AccessCheck(rawSecurityDescriptor, ClientSecurityContext.FreeBusyPermissionDefaultClientSecurityContext)); } InternalClientContext internalClientContext = clientContext as InternalClientContext; if (internalClientContext != null) { return(FreeBusyPermission.FromInternalClient(internalClientContext, rawSecurityDescriptor, freeBusyQuery)); } ExternalClientContext externalClientContext = clientContext as ExternalClientContext; return(FreeBusyPermission.FromExternalClient(externalClientContext, session, rawSecurityDescriptor, freeBusyQuery)); }
public ExternalProxyWebRequestWithAutoDiscover(Application application, InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, ExternalAuthenticationRequest autoDiscoverExternalAuthenticationRequest, ExternalAuthenticationRequest webProxyExternalAuthenticationRequest, Uri autoDiscoverUrl, SmtpAddress sharingKey, CreateAutoDiscoverRequestDelegate createAutoDiscoverRequest) : base(application, clientContext, RequestType.FederatedCrossForest, requestLogger, queryList) { this.autoDiscoverExternalAuthenticationRequest = autoDiscoverExternalAuthenticationRequest; this.webProxyExternalAuthenticationRequest = webProxyExternalAuthenticationRequest; this.autoDiscoverUrl = autoDiscoverUrl; this.sharingKey = sharingKey; this.createAutoDiscoverRequest = createAutoDiscoverRequest; }
private void DisposeIfInternalContext() { InternalClientContext internalClientContext = base.ClientContext as InternalClientContext; if (internalClientContext != null) { internalClientContext.Dispose(); } }
private static ClientContext CloneIfInternalContext(ClientContext clientContext) { InternalClientContext internalClientContext = clientContext as InternalClientContext; if (internalClientContext != null) { return(internalClientContext.Clone()); } return(clientContext); }
private static void SetCredentialsProperties(OAuthCredentials creds, InternalClientContext clientContext, RequestLogger requestLogger) { creds.Tracer = new OAuthCredentialsFactory.OAuthOutboundTracer(requestLogger); string messageId = clientContext.MessageId; Guid value; if (messageId.StartsWith(OAuthCredentialsFactory.messagePrefix) && messageId.Length > OAuthCredentialsFactory.messagePrefixLength && Guid.TryParse(messageId.Substring(OAuthCredentialsFactory.messagePrefixLength), out value)) { creds.ClientRequestId = new Guid?(value); } }
private InternalClientContext(InternalClientContext clientContext, ClientSecurityContext clientSecurityContext, bool ownsClientSecurityContext, ExchangeVersionType requestSchemaVersion) : base(clientContext.Budget, clientContext.TimeZone, clientContext.ClientCulture, clientContext.MessageId) { this.clientSecurityContext = clientSecurityContext; this.ownsClientSecurityContext = ownsClientSecurityContext; this.adUser = clientContext.adUser; this.adUserInitialized = clientContext.adUserInitialized; this.organizationId = clientContext.OrganizationId; this.serializedSecurityContext = clientContext.serializedSecurityContext; this.identityForFilteredTracing = clientContext.identityForFilteredTracing; this.RequestSchemaVersion = requestSchemaVersion; }
public static OAuthCredentials CreateAsApp(InternalClientContext clientContext, RequestLogger requestLogger) { ArgumentValidator.ThrowIfNull("clientContext", clientContext); OrganizationId organizationId = clientContext.OrganizationId; string domain = clientContext.ADUser.PrimarySmtpAddress.Domain; string text = FaultInjection.TraceTest <string>((FaultInjection.LIDs) 2743479613U); if (!string.IsNullOrEmpty(text)) { domain = SmtpAddress.Parse(text).Domain; organizationId = OrganizationId.FromAcceptedDomain(domain); } OAuthCredentials oauthCredentialsForAppToken = OAuthCredentials.GetOAuthCredentialsForAppToken(organizationId, domain); OAuthCredentialsFactory.SetCredentialsProperties(oauthCredentialsForAppToken, clientContext, requestLogger); return(oauthCredentialsForAppToken); }
public static OAuthCredentials Create(InternalClientContext clientContext, RequestLogger requestLogger) { ArgumentValidator.ThrowIfNull("clientContext", clientContext); OrganizationId organizationId = clientContext.OrganizationId; ADUser aduser = clientContext.ADUser; string text = FaultInjection.TraceTest <string>((FaultInjection.LIDs) 2743479613U); if (!string.IsNullOrEmpty(text)) { SmtpAddress smtpAddress = SmtpAddress.Parse(text); IRecipientSession recipientSession = DirectorySessionFactory.Default.CreateTenantRecipientSession(true, ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromTenantAcceptedDomain(smtpAddress.Domain), 68, "Create", "f:\\15.00.1497\\sources\\dev\\infoworker\\src\\common\\RequestDispatch\\OAuthCredentialsFactory.cs"); aduser = (recipientSession.FindByProxyAddress(ProxyAddress.Parse(text)) as ADUser); organizationId = aduser.OrganizationId; } OAuthCredentials oauthCredentialsForAppActAsToken = OAuthCredentials.GetOAuthCredentialsForAppActAsToken(organizationId, aduser, null); OAuthCredentialsFactory.SetCredentialsProperties(oauthCredentialsForAppActAsToken, clientContext, requestLogger); return(oauthCredentialsForAppActAsToken); }
private AutoDiscoverResult GetResult(RecipientData recipientData, WebServiceUri webServiceUri) { if (!base.Application.IsVersionSupported(webServiceUri.ServerVersion)) { AutoDiscoverQuery.AutoDiscoverTracer.TraceError <object, int, Type>((long)this.GetHashCode(), "{0}: Remote server version {1} is considered a legacy server by {2} application.", TraceContext.Get(), webServiceUri.ServerVersion, base.Application.GetType()); return(new AutoDiscoverResult(base.Application.CreateExceptionForUnsupportedVersion(recipientData, webServiceUri.ServerVersion))); } AutoDiscoverQuery.AutoDiscoverTracer.TraceDebug <object, Uri, EmailAddress>((long)this.GetHashCode(), "{0}: Found availability service {1} that can fill request for mailbox {2}", TraceContext.Get(), webServiceUri.Uri, (recipientData != null) ? recipientData.EmailAddress : null); SerializedSecurityContext serializedSecurityContext = null; InternalClientContext internalClientContext = base.ClientContext as InternalClientContext; if (this.targetForestConfiguration.IsPerUserAuthorizationSupported && internalClientContext != null) { serializedSecurityContext = internalClientContext.SerializedSecurityContext; } ProxyAuthenticator proxyAuthenticatorForAutoDiscover = this.targetForestConfiguration.GetProxyAuthenticatorForAutoDiscover(webServiceUri.Uri, serializedSecurityContext, base.ClientContext.MessageId); return(new AutoDiscoverResult(webServiceUri, proxyAuthenticatorForAutoDiscover)); }
public GetFolderRequest(Application application, InternalClientContext clientContext, RequestType requestType, RequestLogger requestLogger, BaseQuery query, Uri url) : base(application, clientContext, requestLogger, "GetFolderRequest") { if (query.RecipientData == null || query.RecipientData.AssociatedFolderId == null) { throw new InvalidOperationException("Unable to get associated folder id"); } this.query = query; this.url = url.OriginalString; this.binding = new ExchangeServiceBinding(Globals.CertificateValidationComponentId, new RemoteCertificateValidationCallback(CertificateErrorHandler.CertValidationCallback)); this.binding.Url = url.OriginalString; this.binding.RequestServerVersionValue = new RequestServerVersion(); this.binding.RequestServerVersionValue.Version = ExchangeVersionType.Exchange2007_SP1; Server localServer = LocalServerCache.LocalServer; if (localServer != null && localServer.InternetWebProxy != null) { GetFolderRequest.GetFolderRequestTracer.TraceDebug <GetFolderRequest, Uri>((long)this.GetHashCode(), "{0}: Using custom InternetWebProxy {1}", this, localServer.InternetWebProxy); this.binding.Proxy = new WebProxy(localServer.InternetWebProxy); } }
public GetFolderAndProxyRequestWithAutoDiscover(Application application, InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, TargetForestConfiguration targetForestConfiguration) : base(application, clientContext, RequestType.CrossForest, requestLogger, queryList) { this.targetForestConfiguration = targetForestConfiguration; }
public override AsyncRequestWithQueryList CreateExternalByOAuthAsyncRequestWithAutoDiscover(InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, Uri autoDiscoverUrl) { return(new ExternalByOAuthProxyWebRequestWithAutoDiscover(this, clientContext, requestLogger, queryList, autoDiscoverUrl, new CreateAutoDiscoverRequestDelegate(AutoDiscoverRequestByUser.Create))); }
public override AsyncRequestWithQueryList CreateExternalAsyncRequestWithAutoDiscover(InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, ExternalAuthenticationRequest autoDiscoverExternalAuthenticationRequest, ExternalAuthenticationRequest webProxyExternalAuthenticationRequest, Uri autoDiscoverUrl, SmtpAddress sharingKey) { return(new ExternalProxyWebRequestWithAutoDiscover(this, clientContext, requestLogger, queryList, autoDiscoverExternalAuthenticationRequest, webProxyExternalAuthenticationRequest, autoDiscoverUrl, sharingKey, new CreateAutoDiscoverRequestDelegate(AutoDiscoverRequestByUser.Create))); }
public ExternalByOAuthProxyWebRequestWithAutoDiscover(Application application, InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, Uri autoDiscoverUrl, CreateAutoDiscoverRequestDelegate createAutoDiscoverRequest) : base(application, clientContext, RequestType.FederatedCrossForest, requestLogger, queryList) { this.autoDiscoverUrl = autoDiscoverUrl; this.createAutoDiscoverRequest = createAutoDiscoverRequest; }
public GetFolderAndProxyRequest(Application application, InternalClientContext clientContext, RequestType requestType, RequestLogger requestLogger, QueryList queryList, TargetServerVersion targetVersion, ProxyAuthenticator proxyAuthenticator, WebServiceUri webServiceUri) : base(application, clientContext, requestType, requestLogger, queryList) { this.targetVersion = targetVersion; this.proxyAuthenticator = proxyAuthenticator; this.webServiceUri = webServiceUri; }