private bool IsValidAdditionalDomain(AutodiscoverClient client, string applicationUri, string domain) { IEnumerable <GetFederationInformationResult> results = GetFederationInformationClient.Discover(client, domain); GetFederationInformationResult successfulResult = this.GetSuccessfulResult(results, domain); if (successfulResult == null || successfulResult.Type != AutodiscoverResult.Success) { base.WriteVerbose(Strings.DomainIgnoredBecauseUnableToDiscover(domain, GetFederationInformation.GetFormattedResults(results))); return(false); } if (!StringComparer.OrdinalIgnoreCase.Equals(applicationUri, successfulResult.ApplicationUri)) { base.WriteVerbose(Strings.DomainIgnoredBecauseApplicationUriInconsitent(domain, successfulResult.ApplicationUri, applicationUri)); return(false); } return(true); }
protected override TokenTarget CreateOnCacheMiss(string key, ref bool shouldAdd) { TargetUriViaGetFederationInformation.Tracer.TraceDebug <string>((long)this.GetHashCode(), "UriCache: cache miss for: {0}", key); ITopologyConfigurationSession topologyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 68, "CreateOnCacheMiss", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Sharing\\Authentication\\TargetUriViaGetFederationInformation.cs"); string[] autodiscoverTrustedHosters = topologyConfigurationSession.GetAutodiscoverTrustedHosters(); IEnumerable <GetFederationInformationResult> enumerable; using (AutodiscoverClient autodiscoverClient = new AutodiscoverClient()) { Server localServer = LocalServerCache.LocalServer; if (localServer != null && localServer.InternetWebProxy != null) { TargetUriViaGetFederationInformation.Tracer.TraceDebug <Uri>((long)this.GetHashCode(), "Using custom InternetWebProxy {0}.", localServer.InternetWebProxy); autodiscoverClient.Proxy = new WebProxy(localServer.InternetWebProxy); } if (autodiscoverTrustedHosters != null) { TargetUriViaGetFederationInformation.Tracer.TraceDebug <ArrayTracer <string> >((long)this.GetHashCode(), "Using trusted hostnames: {0}.", new ArrayTracer <string>(autodiscoverTrustedHosters)); autodiscoverClient.AllowedHostnames.AddRange(autodiscoverTrustedHosters); } enumerable = GetFederationInformationClient.Discover(autodiscoverClient, key); } foreach (GetFederationInformationResult getFederationInformationResult in enumerable) { if (getFederationInformationResult.Type == AutodiscoverResult.Success) { TargetUriViaGetFederationInformation.Tracer.TraceDebug <string, string, Uri>(0L, "Autodiscover's GetFederationInformation returned ApplicationUri {0} for domain {1} using {2} URL", getFederationInformationResult.ApplicationUri, key, getFederationInformationResult.Url); Uri uri = new Uri("http://" + getFederationInformationResult.ApplicationUri, UriKind.Absolute); if (getFederationInformationResult.TokenIssuerUris != null && getFederationInformationResult.TokenIssuerUris.Length > 0) { Uri[] tokenIssuerUris = Array.ConvertAll <string, Uri>(getFederationInformationResult.TokenIssuerUris, (string tokenIssuerUri) => new Uri(tokenIssuerUri, UriKind.RelativeOrAbsolute)); return(new TokenTarget(uri, tokenIssuerUris)); } return(new TokenTarget(uri)); } } return(null); }
protected override void InternalProcessRecord() { TaskLogger.LogEnter(); base.InternalProcessRecord(); ITopologyConfigurationSession topologyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 66, "InternalProcessRecord", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\GetFederationInformation.cs"); string[] autodiscoverTrustedHosters = topologyConfigurationSession.GetAutodiscoverTrustedHosters(); using (AutodiscoverClient autodiscoverClient = new AutodiscoverClient()) { Server localServer = LocalServerCache.LocalServer; if (localServer != null && localServer.InternetWebProxy != null) { base.WriteVerbose(Strings.GetFederationInformationProxy(localServer.InternetWebProxy.ToString())); autodiscoverClient.Proxy = new WebProxy(localServer.InternetWebProxy); } if (this.TrustedHostnames != null) { autodiscoverClient.AllowedHostnames.AddRange(this.TrustedHostnames); } if (autodiscoverTrustedHosters != null) { autodiscoverClient.AllowedHostnames.AddRange(autodiscoverTrustedHosters); } base.WriteVerbose(Strings.GetFederationInformationTrustedHostnames(autodiscoverClient.AllowedHostnames.ToString())); base.WriteProgress(Strings.GetFederationInformationProgress, Strings.DiscoveringDomain(this.DomainName.Domain), 5); List <GetFederationInformationResult> list = new List <GetFederationInformationResult>(GetFederationInformationClient.Discover(autodiscoverClient, this.DomainName.Domain)); base.WriteProgress(Strings.GetFederationInformationProgress, Strings.DiscoveringDomain(this.DomainName.Domain), 25); base.WriteVerbose(Strings.GetFederationInformationResults(GetFederationInformation.GetFormattedResults(list))); GetFederationInformationResult result = this.GetResult(list); if (result == null) { base.WriteError(new GetFederationInformationFailedException(list.ToArray()), (ErrorCategory)1001, null); } else { ICollection domainNames; if (this.BypassAdditionalDomainValidation) { domainNames = result.Domains; } else { domainNames = this.GetValidatedAdditionalDomains(autodiscoverClient, result.ApplicationUri, result.Domains); } if (result.TokenIssuerUris != null && result.TokenIssuerUris.Length > 0) { bool flag = false; Uri[] array = Array.ConvertAll <string, Uri>(result.TokenIssuerUris, (string uri) => new Uri(uri, UriKind.RelativeOrAbsolute)); ExternalAuthentication current = ExternalAuthentication.GetCurrent(); if (current.Enabled) { foreach (SecurityTokenService securityTokenService in current.SecurityTokenServices) { Uri tokenIssuerUri = securityTokenService.TokenIssuerUri; foreach (Uri uri2 in array) { if (tokenIssuerUri.Equals(uri2)) { base.WriteVerbose(Strings.GetFederationInformationTokenIssuerMatches(tokenIssuerUri.ToString(), uri2.ToString())); flag = true; break; } base.WriteVerbose(Strings.GetFederationInformationTokenIssuerDoesntMatch(tokenIssuerUri.ToString(), uri2.ToString())); } } if (!flag) { StringBuilder stringBuilder = new StringBuilder(100); foreach (SecurityTokenService securityTokenService2 in current.SecurityTokenServices) { if (stringBuilder.Length > 0) { stringBuilder.Append(","); } stringBuilder.Append(securityTokenService2.TokenIssuerUri.ToString()); } this.WriteWarning(Strings.GetFederationInformationTokenIssuerDoesntMatchAny(this.DomainName.ToString(), string.Join(",", result.TokenIssuerUris), stringBuilder.ToString())); } } } base.WriteObject(new FederationInformation(this.DomainName, new Uri(result.ApplicationUri, UriKind.RelativeOrAbsolute), result.TokenIssuerUris, domainNames, EwsWsSecurityUrl.Fix(result.Url))); } base.WriteProgress(Strings.GetFederationInformationProgress, Strings.ProgressStatusFinished, 100); } TaskLogger.LogExit(); }