public async Task <IEnumerable <TIdentity> > FindIdentities(TLookupInfo item, IProviderManager providerManager, CancellationToken cancellationToken)
{
var providers = providerManager.GetItemIdentityProviders <TLookupInfo, TIdentity>();
var converters = providerManager.GetItemIdentityConverters <TIdentity>();
var identities = new List <IdentityPair>();
foreach (var provider in providers)
{
var result = new IdentityPair
{
Identity = await provider.FindIdentity(item),
Order = provider.Order
};
if (!Equals(result.Identity, default(TIdentity)))
{
identities.Add(result);
}
}
var convertersAvailable = new List <IItemIdentityConverter <TIdentity> >(converters);
bool changesMade;
do
{
changesMade = false;
for (int i = convertersAvailable.Count - 1; i >= 0; i--)
{
var converter = convertersAvailable[i];
var input = identities.FirstOrDefault(id => id.Identity.Type == converter.SourceType);
var existing = identities.Where(id => id.Identity.Type == converter.ResultType);
if (input != null && !existing.Any(id => id.Order <= converter.Order))
{
var result = new IdentityPair
{
Identity = await converter.Convert(input.Identity).ConfigureAwait(false),
Order = converter.Order
};
if (!Equals(result.Identity, default(TIdentity)))
{
identities.Add(result);
convertersAvailable.RemoveAt(i);
changesMade = true;
}
}
}
} while (changesMade);
return(identities.OrderBy(id => id.Order).Select(id => id.Identity));
}
private static IdentityPair GetUserIdentityPair(MailboxSession session, LogonType logonType)
{
IdentityPair result = default(IdentityPair);
ClientSessionInfo remoteClientSessionInfo = session.RemoteClientSessionInfo;
if (remoteClientSessionInfo != null)
{
result.LogonUserSid = remoteClientSessionInfo.LogonUserSid;
result.LogonUserDisplayName = remoteClientSessionInfo.LogonUserDisplayName;
}
else
{
result = IdentityHelper.GetIdentityPair(session);
if (result.LogonUserDisplayName == null && logonType == LogonType.Owner && session.MailboxOwner.MailboxInfo.IsArchive)
{
result.LogonUserDisplayName = AuditRecordFactory.ResolveMailboxOwnerName(session.MailboxOwner);
}
}
return(result);
}
private IdentityPair GetUserIdentityPair()
{
IdentityPair result = default(IdentityPair);
ClientSessionInfo remoteClientSessionInfo = this.MailboxSession.RemoteClientSessionInfo;
if (remoteClientSessionInfo != null)
{
result.LogonUserSid = remoteClientSessionInfo.LogonUserSid;
result.LogonUserDisplayName = remoteClientSessionInfo.LogonUserDisplayName;
}
else
{
result = IdentityHelper.GetIdentityPair(this.MailboxSession);
if (result.LogonUserDisplayName == null && this.LogonType == LogonType.Owner && this.MailboxSession.MailboxOwner.MailboxInfo.IsArchive)
{
result.LogonUserDisplayName = AuditEvent.ResolveMailboxOwnerName(this.MailboxSession.MailboxOwner);
}
}
return(result);
}
protected virtual IEnumerable <KeyValuePair <string, string> > InternalGetEventDetails()
{
yield return(new KeyValuePair <string, string>("Operation", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.AuditOperation
})));
yield return(new KeyValuePair <string, string>("OperationResult", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.OperationSucceeded
})));
yield return(new KeyValuePair <string, string>("LogonType", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.AuditScopeFromLogonType(this.LogonType)
})));
yield return(new KeyValuePair <string, string>("ExternalAccess", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.ExternalAccess
})));
yield return(new KeyValuePair <string, string>("UtcTime", this.CreationTime.ToString("s")));
yield return(new KeyValuePair <string, string>("InternalLogonType", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.MailboxSession.LogonType
})));
yield return(new KeyValuePair <string, string>("MailboxGuid", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.MailboxSession.MailboxOwner.MailboxInfo.MailboxGuid
})));
yield return(new KeyValuePair <string, string>("MailboxOwnerUPN", this.MailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString()));
if (this.MailboxSession.MailboxOwner.Sid != null)
{
yield return(new KeyValuePair <string, string>("MailboxOwnerSid", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.MailboxSession.MailboxOwner.Sid
})));
if (this.MailboxSession.MailboxOwner.MasterAccountSid != null)
{
yield return(new KeyValuePair <string, string>("MailboxOwnerMasterAccountSid", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.MailboxSession.MailboxOwner.MasterAccountSid
})));
}
}
IdentityPair pair = this.GetUserIdentityPair();
if (pair.LogonUserSid != null)
{
yield return(new KeyValuePair <string, string>("LogonUserSid", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
pair.LogonUserSid
})));
}
if (pair.LogonUserDisplayName != null)
{
yield return(new KeyValuePair <string, string>("LogonUserDisplayName", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
pair.LogonUserDisplayName
})));
}
string clientInfoString = (this.MailboxSession.RemoteClientSessionInfo == null) ? this.MailboxSession.ClientInfoString : this.MailboxSession.RemoteClientSessionInfo.ClientInfoString;
if (!string.IsNullOrEmpty(clientInfoString))
{
yield return(new KeyValuePair <string, string>("ClientInfoString", clientInfoString));
}
yield return(new KeyValuePair <string, string>("ClientIPAddress", string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
this.MailboxSession.ClientIPAddress
})));
if (!string.IsNullOrEmpty(this.MailboxSession.ClientMachineName))
{
yield return(new KeyValuePair <string, string>("ClientMachineName", this.MailboxSession.ClientMachineName));
}
if (!string.IsNullOrEmpty(this.MailboxSession.ClientProcessName))
{
yield return(new KeyValuePair <string, string>("ClientProcessName", this.MailboxSession.ClientProcessName));
}
if (this.MailboxSession.ClientVersion != 0L)
{
yield return(new KeyValuePair <string, string>("ClientVersion", AuditEvent.GetVersionString(this.MailboxSession.ClientVersion)));
}
yield return(new KeyValuePair <string, string>("OriginatingServer", string.Format(CultureInfo.InvariantCulture, "{0} ({1})\r\n", new object[]
{
AuditEvent.MachineName,
"15.00.1497.012"
})));
yield break;
}
private static void Fill(ExchangeMailboxAuditBaseRecord record, MailboxSession session, MailboxAuditOperations operation, OperationResult result, LogonType logonType, bool externalAccess)
{
EnumValidator.ThrowIfInvalid <MailboxAuditOperations>(operation);
EnumValidator.ThrowIfInvalid <OperationResult>(result, "result");
EnumValidator.ThrowIfInvalid <LogonType>(logonType, "logonType");
Util.ThrowOnNullArgument(session, "session");
record.Operation = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
operation
});
record.OperationResult = AuditRecordFactory.GetOperationResult(result);
record.LogonType = AuditRecordFactory.GetLogonType(logonType);
record.ExternalAccess = externalAccess;
record.CreationTime = DateTime.UtcNow;
record.InternalLogonType = AuditRecordFactory.GetLogonType(session.LogonType);
record.MailboxGuid = session.MailboxOwner.MailboxInfo.MailboxGuid;
OrganizationId organizationId = session.OrganizationId;
record.OrganizationId = ((organizationId == null || organizationId.OrganizationalUnit == null || organizationId.ConfigurationUnit == null) ? null : Convert.ToBase64String(organizationId.GetBytes(Encoding.UTF8)));
record.OrganizationName = AuditRecordFactory.GetOrgNameFromOrgId(organizationId);
record.MailboxOwnerUPN = session.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString();
if (session.MailboxOwner.Sid != null)
{
record.MailboxOwnerSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
session.MailboxOwner.Sid
});
if (session.MailboxOwner.MasterAccountSid != null)
{
record.MailboxOwnerMasterAccountSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
session.MailboxOwner.MasterAccountSid
});
}
}
IdentityPair userIdentityPair = AuditRecordFactory.GetUserIdentityPair(session, logonType);
if (userIdentityPair.LogonUserSid != null)
{
record.LogonUserSid = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
userIdentityPair.LogonUserSid
});
record.UserId = record.LogonUserSid;
}
else
{
record.UserId = session.MailboxOwner.MailboxInfo.MailboxGuid.ToString("D", CultureInfo.InvariantCulture);
}
if (userIdentityPair.LogonUserDisplayName != null)
{
record.LogonUserDisplayName = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
userIdentityPair.LogonUserDisplayName
});
}
string text = (session.RemoteClientSessionInfo == null) ? session.ClientInfoString : session.RemoteClientSessionInfo.ClientInfoString;
if (!string.IsNullOrEmpty(text))
{
record.ClientInfoString = text;
}
record.ClientIPAddress = string.Format(CultureInfo.InvariantCulture, "{0}", new object[]
{
session.ClientIPAddress
});
if (!string.IsNullOrEmpty(session.ClientMachineName))
{
record.ClientMachineName = session.ClientMachineName;
}
if (!string.IsNullOrEmpty(session.ClientProcessName))
{
record.ClientProcessName = session.ClientProcessName;
}
if (session.ClientVersion != 0L)
{
record.ClientVersion = AuditRecordFactory.GetVersionString(session.ClientVersion);
}
record.OriginatingServer = string.Format(CultureInfo.InvariantCulture, "{0} ({1})\r\n", new object[]
{
AuditRecordFactory.MachineName,
"15.00.1497.012"
});
}
