private bool IsValidAdditionalDomain(AutodiscoverClient client, string applicationUri, string domain)
{
IEnumerable <GetFederationInformationResult> results = GetFederationInformationClient.Discover(client, domain);
GetFederationInformationResult successfulResult = this.GetSuccessfulResult(results, domain);
if (successfulResult == null || successfulResult.Type != AutodiscoverResult.Success)
{
base.WriteVerbose(Strings.DomainIgnoredBecauseUnableToDiscover(domain, GetFederationInformation.GetFormattedResults(results)));
return(false);
}
if (!StringComparer.OrdinalIgnoreCase.Equals(applicationUri, successfulResult.ApplicationUri))
{
base.WriteVerbose(Strings.DomainIgnoredBecauseApplicationUriInconsitent(domain, successfulResult.ApplicationUri, applicationUri));
return(false);
}
return(true);
}
protected override TokenTarget CreateOnCacheMiss(string key, ref bool shouldAdd)
{
TargetUriViaGetFederationInformation.Tracer.TraceDebug <string>((long)this.GetHashCode(), "UriCache: cache miss for: {0}", key);
ITopologyConfigurationSession topologyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 68, "CreateOnCacheMiss", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Sharing\\Authentication\\TargetUriViaGetFederationInformation.cs");
string[] autodiscoverTrustedHosters = topologyConfigurationSession.GetAutodiscoverTrustedHosters();
IEnumerable <GetFederationInformationResult> enumerable;
using (AutodiscoverClient autodiscoverClient = new AutodiscoverClient())
{
Server localServer = LocalServerCache.LocalServer;
if (localServer != null && localServer.InternetWebProxy != null)
{
TargetUriViaGetFederationInformation.Tracer.TraceDebug <Uri>((long)this.GetHashCode(), "Using custom InternetWebProxy {0}.", localServer.InternetWebProxy);
autodiscoverClient.Proxy = new WebProxy(localServer.InternetWebProxy);
}
if (autodiscoverTrustedHosters != null)
{
TargetUriViaGetFederationInformation.Tracer.TraceDebug <ArrayTracer <string> >((long)this.GetHashCode(), "Using trusted hostnames: {0}.", new ArrayTracer <string>(autodiscoverTrustedHosters));
autodiscoverClient.AllowedHostnames.AddRange(autodiscoverTrustedHosters);
}
enumerable = GetFederationInformationClient.Discover(autodiscoverClient, key);
}
foreach (GetFederationInformationResult getFederationInformationResult in enumerable)
{
if (getFederationInformationResult.Type == AutodiscoverResult.Success)
{
TargetUriViaGetFederationInformation.Tracer.TraceDebug <string, string, Uri>(0L, "Autodiscover's GetFederationInformation returned ApplicationUri {0} for domain {1} using {2} URL", getFederationInformationResult.ApplicationUri, key, getFederationInformationResult.Url);
Uri uri = new Uri("http://" + getFederationInformationResult.ApplicationUri, UriKind.Absolute);
if (getFederationInformationResult.TokenIssuerUris != null && getFederationInformationResult.TokenIssuerUris.Length > 0)
{
Uri[] tokenIssuerUris = Array.ConvertAll <string, Uri>(getFederationInformationResult.TokenIssuerUris, (string tokenIssuerUri) => new Uri(tokenIssuerUri, UriKind.RelativeOrAbsolute));
return(new TokenTarget(uri, tokenIssuerUris));
}
return(new TokenTarget(uri));
}
}
return(null);
}
protected override void InternalProcessRecord()
{
TaskLogger.LogEnter();
base.InternalProcessRecord();
ITopologyConfigurationSession topologyConfigurationSession = DirectorySessionFactory.Default.CreateTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromRootOrgScopeSet(), 66, "InternalProcessRecord", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\SystemConfigurationTasks\\Federation\\GetFederationInformation.cs");
string[] autodiscoverTrustedHosters = topologyConfigurationSession.GetAutodiscoverTrustedHosters();
using (AutodiscoverClient autodiscoverClient = new AutodiscoverClient())
{
Server localServer = LocalServerCache.LocalServer;
if (localServer != null && localServer.InternetWebProxy != null)
{
base.WriteVerbose(Strings.GetFederationInformationProxy(localServer.InternetWebProxy.ToString()));
autodiscoverClient.Proxy = new WebProxy(localServer.InternetWebProxy);
}
if (this.TrustedHostnames != null)
{
autodiscoverClient.AllowedHostnames.AddRange(this.TrustedHostnames);
}
if (autodiscoverTrustedHosters != null)
{
autodiscoverClient.AllowedHostnames.AddRange(autodiscoverTrustedHosters);
}
base.WriteVerbose(Strings.GetFederationInformationTrustedHostnames(autodiscoverClient.AllowedHostnames.ToString()));
base.WriteProgress(Strings.GetFederationInformationProgress, Strings.DiscoveringDomain(this.DomainName.Domain), 5);
List <GetFederationInformationResult> list = new List <GetFederationInformationResult>(GetFederationInformationClient.Discover(autodiscoverClient, this.DomainName.Domain));
base.WriteProgress(Strings.GetFederationInformationProgress, Strings.DiscoveringDomain(this.DomainName.Domain), 25);
base.WriteVerbose(Strings.GetFederationInformationResults(GetFederationInformation.GetFormattedResults(list)));
GetFederationInformationResult result = this.GetResult(list);
if (result == null)
{
base.WriteError(new GetFederationInformationFailedException(list.ToArray()), (ErrorCategory)1001, null);
}
else
{
ICollection domainNames;
if (this.BypassAdditionalDomainValidation)
{
domainNames = result.Domains;
}
else
{
domainNames = this.GetValidatedAdditionalDomains(autodiscoverClient, result.ApplicationUri, result.Domains);
}
if (result.TokenIssuerUris != null && result.TokenIssuerUris.Length > 0)
{
bool flag = false;
Uri[] array = Array.ConvertAll <string, Uri>(result.TokenIssuerUris, (string uri) => new Uri(uri, UriKind.RelativeOrAbsolute));
ExternalAuthentication current = ExternalAuthentication.GetCurrent();
if (current.Enabled)
{
foreach (SecurityTokenService securityTokenService in current.SecurityTokenServices)
{
Uri tokenIssuerUri = securityTokenService.TokenIssuerUri;
foreach (Uri uri2 in array)
{
if (tokenIssuerUri.Equals(uri2))
{
base.WriteVerbose(Strings.GetFederationInformationTokenIssuerMatches(tokenIssuerUri.ToString(), uri2.ToString()));
flag = true;
break;
}
base.WriteVerbose(Strings.GetFederationInformationTokenIssuerDoesntMatch(tokenIssuerUri.ToString(), uri2.ToString()));
}
}
if (!flag)
{
StringBuilder stringBuilder = new StringBuilder(100);
foreach (SecurityTokenService securityTokenService2 in current.SecurityTokenServices)
{
if (stringBuilder.Length > 0)
{
stringBuilder.Append(",");
}
stringBuilder.Append(securityTokenService2.TokenIssuerUri.ToString());
}
this.WriteWarning(Strings.GetFederationInformationTokenIssuerDoesntMatchAny(this.DomainName.ToString(), string.Join(",", result.TokenIssuerUris), stringBuilder.ToString()));
}
}
}
base.WriteObject(new FederationInformation(this.DomainName, new Uri(result.ApplicationUri, UriKind.RelativeOrAbsolute), result.TokenIssuerUris, domainNames, EwsWsSecurityUrl.Fix(result.Url)));
}
base.WriteProgress(Strings.GetFederationInformationProgress, Strings.ProgressStatusFinished, 100);
}
TaskLogger.LogExit();
}
