public static CompliancePolicySyncNotificationClient Create(IConfigurationSession configurationSession, WriteVerboseDelegate writeVerboseDelegate)
{
ArgumentValidator.ThrowIfNull("configurationSession", configurationSession);
OrganizationId organizationId = configurationSession.GetOrgContainer().OrganizationId;
return(ProvisioningCache.Instance.TryAddAndGetOrganizationDictionaryValue <CompliancePolicySyncNotificationClient, Workload>(CannedProvisioningCacheKeys.OrganizationUnifiedPolicyNotificationClients, organizationId, Workload.SharePoint, delegate()
{
if (writeVerboseDelegate != null)
{
writeVerboseDelegate(Strings.VerboseCreateNotificationClient(Workload.SharePoint.ToString()));
}
Uri syncSvrUrlFromCache = CompliancePolicySyncNotificationClient.GetSyncSvrUrlFromCache(SyncSvcEndPointType.RestOAuth);
ICredentials credentials = UnifiedPolicyConfiguration.GetInstance().GetCredentials(configurationSession, null);
Uri uri = null;
Uri uri2 = null;
UnifiedPolicyConfiguration.GetInstance().GetTenantSharePointUrls(configurationSession, out uri, out uri2);
if (uri == null || uri2 == null || syncSvrUrlFromCache == null)
{
throw new CompliancePolicySyncNotificationClientException(Strings.ErrorCannotInitializeNotificationClientToSharePoint(uri, uri2, syncSvrUrlFromCache));
}
SpCompliancePolicySyncNotificationClient result = new SpCompliancePolicySyncNotificationClient(uri, uri2, credentials, syncSvrUrlFromCache);
if (writeVerboseDelegate != null)
{
writeVerboseDelegate(Strings.VerboseSpNotificationClientInfo(uri, syncSvrUrlFromCache, credentials.GetType().Name));
}
return result;
}));
}
private static string MakeNotificationCall(Task task, List <SyncChangeInfo> syncChangeInfos, bool useFullSync, bool syncNow, IConfigurationSession dataSession, ExecutionLog logger)
{
string text = dataSession.GetOrgContainer().OrganizationId.ToExternalDirectoryOrganizationId();
Guid tenantId;
if (!Guid.TryParse(text, out tenantId))
{
task.WriteWarning(Strings.WarningInvalidTenant(text));
return("Error ExternalID not a guid");
}
string url = string.Format("{0}(guid'{1}')", UnifiedPolicyConfiguration.GetInstance().GetIntuneEndpointUrl(dataSession), text);
string body = IntuneCompliancePolicySyncNotificationClient.CreateJsonNotificationBody(tenantId, useFullSync, syncNow, syncChangeInfos);
string result = null;
try
{
result = IntuneCompliancePolicySyncNotificationClient.Send(url, body, dataSession.GetOrgContainer().OrganizationId, dataSession, logger, task);
}
catch (WebException ex)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Warning, string.Format("We failed to notify workload '{0}'", Workload.Intune), ex);
task.WriteVerbose(ex.ToString());
result = ex.ToString();
}
return(result);
}
private UnifiedCompliancePrerequisite LoadInitializedPrerequisite()
{
Uri spRootSiteUrl;
Uri spTenantAdminUrl;
UnifiedPolicyConfiguration.GetInstance().GetTenantSharePointUrls(this.ConfigurationSession, out spRootSiteUrl, out spTenantAdminUrl);
return(new UnifiedCompliancePrerequisite(spRootSiteUrl, spTenantAdminUrl, UnifiedPolicyConfiguration.GetInstance().GetUnifiedPolicyPreReqState(this.ConfigurationSession)));
}
internal static string NotifyChangesByWorkload(Task task, IConfigurationSession configurationSession, Workload workload, IEnumerable <SyncChangeInfo> syncChangeInfos, bool fullSync, bool syncNow, ExecutionLog logger, Type client, out string notificationIdentifier)
{
Exception exception = null;
notificationIdentifier = string.Empty;
string text = string.Empty;
try
{
CompliancePolicySyncNotificationClient compliancePolicySyncNotificationClient = AggregatedNotificationClients.workloadToNotificationClientsGetter[workload](configurationSession, new WriteVerboseDelegate(task.WriteVerbose));
if (compliancePolicySyncNotificationClient != null)
{
task.WriteVerbose(Strings.VerboseNotifyWorkloadWithChanges(workload.ToString(), string.Concat(from syncChangeInfo in syncChangeInfos
select syncChangeInfo.ToString())));
notificationIdentifier = compliancePolicySyncNotificationClient.NotifyPolicyConfigChanges(syncChangeInfos, fullSync, syncNow);
task.WriteVerbose(Strings.VerboseNotifyWorkloadWithChangesSuccess(workload.ToString(), notificationIdentifier));
}
else
{
text = Strings.WarningNotificationClientIsMissing(workload.ToString());
}
}
catch (CompliancePolicySyncNotificationClientException ex)
{
text = Strings.ErrorMessageForNotificationFailure(workload.ToString(), ex.Message);
exception = ex;
}
if (!string.IsNullOrEmpty(text))
{
logger.LogOneEntry(client.Name, string.Empty, ExecutionLog.EventType.Warning, string.Format("We failed to notify workload '{0}' with error message '{1}'", workload, text), exception);
MonitoringItemErrorPublisher.Instance.PublishEvent("UnifiedPolicySync.SendNotificationError", UnifiedPolicyConfiguration.GetInstance().GetOrganizationIdKey(configurationSession), string.Format("Workload={0};Timestamp={1}", workload, DateTime.UtcNow), exception);
}
else
{
ExecutionLog.EventType eventType = ExecutionLog.EventType.Verbose;
string name = client.Name;
string correlationId = notificationIdentifier;
string format = "Notification '{0}' was sent to workload '{1}' with sync change info: '{2}'";
object[] array = new object[3];
array[0] = notificationIdentifier;
array[1] = workload;
array[2] = string.Join(",", from x in syncChangeInfos
select x.ToString());
logger.LogOneEntry(eventType, name, correlationId, format, array);
}
return(text);
}
private static string GetACSToken(OrganizationId tenantID, IConfigurationSession dataSession, ExecutionLog logger, Task task)
{
string result = null;
LocalTokenIssuer localTokenIssuer = new LocalTokenIssuer(tenantID);
LocalConfiguration configuration = ConfigProvider.Instance.Configuration;
Uri uri = null;
string text = null;
string applicationId = configuration.ApplicationId;
string text2 = null;
foreach (PartnerApplication partnerApplication in configuration.PartnerApplications)
{
if (partnerApplication.Enabled && partnerApplication.Name.Contains("Intune"))
{
text2 = partnerApplication.ApplicationIdentifier;
break;
}
}
foreach (AuthServer authServer in configuration.AuthServers)
{
if (authServer.Enabled && authServer.Type == AuthServerType.MicrosoftACS)
{
text = authServer.IssuerIdentifier;
uri = new Uri(authServer.TokenIssuingEndpoint);
break;
}
}
if (localTokenIssuer.SigningCert == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No certificate found.", null);
}
if (text2 == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No partnerId found.", null);
}
if (uri == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No authorizationEndpoint found.", null);
}
if (string.IsNullOrEmpty(text))
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No issuerIdentifier found.", null);
}
if (localTokenIssuer.SigningCert != null && text2 != null && uri != null && !string.IsNullOrEmpty(text))
{
string arg = applicationId;
string arg2 = text2;
string intuneResourceUrl = UnifiedPolicyConfiguration.GetInstance().GetIntuneResourceUrl(dataSession);
string arg3 = text;
string authority = uri.Authority;
string text3 = string.Format("{0}@{1}", arg, tenantID.ToExternalDirectoryOrganizationId());
string text4 = string.Format("{0}/{1}@{2}", arg3, authority, tenantID.ToExternalDirectoryOrganizationId());
string text5 = string.Format("{0}/{1}@{2}", arg2, intuneResourceUrl, tenantID.ToExternalDirectoryOrganizationId());
X509SigningCredentials x509SigningCredentials = new X509SigningCredentials(localTokenIssuer.SigningCert, "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "http://www.w3.org/2001/04/xmlenc#sha256");
JsonWebSecurityToken jsonWebSecurityToken = new JsonWebSecurityToken(text3, text4, DateTime.UtcNow, DateTime.UtcNow.AddMinutes(5.0), new List <JsonWebTokenClaim>(), x509SigningCredentials);
OAuth2AccessTokenRequest oauth2AccessTokenRequest = OAuth2MessageFactory.CreateAccessTokenRequestWithAssertion(jsonWebSecurityToken, text5);
OAuth2S2SClient oauth2S2SClient = new OAuth2S2SClient();
try
{
OAuth2AccessTokenResponse oauth2AccessTokenResponse = (OAuth2AccessTokenResponse)oauth2S2SClient.Issue(uri.AbsoluteUri, oauth2AccessTokenRequest);
if (oauth2AccessTokenResponse != null)
{
result = "Bearer " + oauth2AccessTokenResponse.AccessToken;
}
}
catch (RequestFailedException ex)
{
ex.ToString();
WebException ex2 = (WebException)ex.InnerException;
HttpWebResponse httpWebResponse = (HttpWebResponse)ex2.Response;
Stream responseStream = httpWebResponse.GetResponseStream();
Encoding encoding = Encoding.GetEncoding("utf-8");
string text6 = "Auth service call failed: ";
if (responseStream != null)
{
StreamReader streamReader = new StreamReader(responseStream, encoding);
char[] array = new char[256];
for (int k = streamReader.Read(array, 0, 256); k > 0; k = streamReader.Read(array, 0, 256))
{
text6 += new string(array, 0, k);
}
}
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, text6, ex);
}
}
return(result);
}
internal static IList <ChangeNotificationData> NotifyChange(Task task, UnifiedPolicyStorageBase policyStorageObject, IEnumerable <UnifiedPolicyStorageBase> relatedStorageObjects, IConfigurationSession dataSession, ExecutionLog logger)
{
Exception exception = null;
string text = string.Empty;
string empty = string.Empty;
ChangeNotificationData changeNotificationData = IntuneCompliancePolicySyncNotificationClient.CreateChangeData(Workload.Intune, policyStorageObject);
List <ChangeNotificationData> list = new List <ChangeNotificationData>
{
changeNotificationData
};
List <SyncChangeInfo> list2 = new List <SyncChangeInfo>();
foreach (UnifiedPolicyStorageBase policyStorageObject2 in relatedStorageObjects)
{
list.Add(IntuneCompliancePolicySyncNotificationClient.CreateChangeData(Workload.Intune, policyStorageObject2));
}
foreach (ChangeNotificationData changeNotificationData2 in list)
{
SyncChangeInfo syncChangeInfo = changeNotificationData2.ShouldNotify ? changeNotificationData2.CreateSyncChangeInfo(true) : null;
if (syncChangeInfo == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Warning, string.Format("We did not notify workload '{0}' for changes to objectId {1}", Workload.Intune, changeNotificationData2.Id), exception);
}
list2.Add(syncChangeInfo);
}
try
{
if (list2.Any <SyncChangeInfo>())
{
text = IntuneCompliancePolicySyncNotificationClient.MakeNotificationCall(task, list2, changeNotificationData.UseFullSync, changeNotificationData.ShouldNotify, dataSession, logger);
}
}
catch (Exception ex)
{
text = Strings.ErrorMessageForNotificationFailure(Workload.Intune.ToString(), ex.Message);
exception = ex;
}
if (!string.IsNullOrEmpty(text))
{
task.WriteWarning(Strings.WarningNotifyWorkloadFailed(changeNotificationData.ToString()));
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Warning, string.Format("We failed to notify workload '{0}' with error message '{1}'", Workload.Intune, text), exception);
MonitoringItemErrorPublisher.Instance.PublishEvent("UnifiedPolicySync.SendNotificationError", UnifiedPolicyConfiguration.GetInstance().GetOrganizationIdKey(dataSession), string.Format("Workload={0};Timestamp={1}", Workload.Intune, DateTime.UtcNow), exception);
}
else
{
logger.LogOneEntry(ExecutionLog.EventType.Verbose, task.GetType().Name, empty, "Notification '{0}' was sent to workload '{1}' with sync change info: '{2}'", new object[]
{
empty,
Workload.Intune,
list2.First <SyncChangeInfo>().ToString()
});
}
AggregatedNotificationClients.SetNotificationResults(list, text);
return(list);
}
protected static Uri GetSyncSvrUrlFromCache(SyncSvcEndPointType endPointType = SyncSvcEndPointType.RestOAuth)
{
Uri uri = ProvisioningCache.Instance.TryAddAndGetGlobalDictionaryValue <Uri, string>(CannedProvisioningCacheKeys.GlobalUnifiedPolicyNotificationClientsInfo, "EopSyncSvcUrl", () => UnifiedPolicyConfiguration.GetInstance().GetSyncSvrBaseUrl());
Uri result;
switch (endPointType)
{
case SyncSvcEndPointType.RestOAuth:
result = uri;
break;
case SyncSvcEndPointType.SoapOAuth:
result = new Uri(uri.AbsoluteUri.TrimEnd(new char[]
{
'/'
}) + "/soapoauth");
break;
case SyncSvcEndPointType.SoapCert:
result = new Uri(uri.AbsoluteUri.TrimEnd(new char[]
{
'/'
}) + "/soap");
break;
default:
throw new NotSupportedException(endPointType + "is not supported by GetSyncSvrUrlFromCache");
}
return(result);
}
protected static Uri GetExoPswsHostUrlFromCache()
{
return(ProvisioningCache.Instance.TryAddAndGetGlobalDictionaryValue <Uri, string>(CannedProvisioningCacheKeys.GlobalUnifiedPolicyNotificationClientsInfo, "ExoPswsHostUrl", () => UnifiedPolicyConfiguration.GetInstance().GetExoPswsHostUrl()));
}
private void InitializeSharePoint(ref UnifiedCompliancePrerequisite prerequisite)
{
if (!this.PolicyCenterSiteOwner.IsValidAddress && base.CurrentTaskContext != null && base.CurrentTaskContext.UserInfo != null)
{
this.PolicyCenterSiteOwner = base.CurrentTaskContext.UserInfo.ExecutingWindowsLiveId;
}
if (!this.PolicyCenterSiteOwner.IsValidAddress)
{
throw new ErrorInvalidPolicyCenterSiteOwnerException();
}
base.WriteVerbose(Strings.VerbosePolicyCenterSiteOwner(this.PolicyCenterSiteOwner.ToString()));
SpPolicyCenterSite spPolicyCenterSite = new SpPolicyCenterSite(prerequisite.SharepointRootSiteUrl, prerequisite.SharepointTenantAdminUrl, UnifiedPolicyConfiguration.GetInstance().GetCredentials(this.ConfigurationSession, null));
bool flag = true;
long num = 3600000L;
Stopwatch stopwatch = new Stopwatch();
int num2 = 0;
while (num2 <= 999 && num > 0L)
{
stopwatch.Restart();
if (flag)
{
Uri policyCenterSite = spPolicyCenterSite.GetPolicyCenterSite(false);
base.WriteVerbose(Strings.VerboseTryLoadPolicyCenterSite(policyCenterSite));
flag = false;
if (policyCenterSite != null)
{
prerequisite.SharepointPolicyCenterSiteUrl = policyCenterSite.AbsoluteUri;
prerequisite.SharepointSuccessInitializedUtc = DateTime.UtcNow.ToString();
return;
}
}
Uri uri = spPolicyCenterSite.GeneratePolicyCenterSiteUri((num2 == 0) ? null : new int?(num2));
ServerException ex;
bool flag2 = !spPolicyCenterSite.IsAnExistingSite(uri, out ex);
base.WriteVerbose(Strings.VerboseTrytoCheckSiteExistence(uri, (ex == null) ? string.Empty : ex.Message));
if (flag2)
{
flag2 = !spPolicyCenterSite.IsADeletedSite(uri, out ex);
base.WriteVerbose(Strings.VerboseTrytoCheckSiteDeletedState(uri, (ex == null) ? string.Empty : ex.Message));
}
if (flag2)
{
base.WriteVerbose(Strings.VerboseTrytoCreatePolicyCenterSite(uri));
spPolicyCenterSite.CreatePolicyCenterSite(uri, this.PolicyCenterSiteOwner.ToString(), num);
flag = true;
}
stopwatch.Stop();
num -= stopwatch.ElapsedMilliseconds;
num2++;
}
}
private void SaveInitializedPrerequisite(UnifiedCompliancePrerequisite prerequisite)
{
UnifiedPolicyConfiguration.GetInstance().SetUnifiedPolicyPreReqState(this.ConfigurationSession, prerequisite.ToPrerequisiteList());
}
