internal InternalClientContext(ClientSecurityContext clientSecurityContext, IBudget budget, ExTimeZone timeZone, CultureInfo clientCulture, string messageId, ADUser adUser) : base(budget, timeZone, clientCulture, messageId)
{
if (clientSecurityContext == null)
{
throw new ArgumentNullException("clientSecurityContext");
}
this.clientSecurityContext = clientSecurityContext;
this.ownsClientSecurityContext = false;
if (adUser != null)
{
this.adUser = adUser;
this.organizationId = adUser.OrganizationId;
this.adUserInitialized = true;
}
else
{
this.adUser = null;
this.adUserInitialized = false;
}
if (this.clientSecurityContext.UserSid != null)
{
this.identityForFilteredTracing = this.clientSecurityContext.UserSid.ToString();
}
SecurityAccessToken securityAccessToken = new SecurityAccessToken();
this.clientSecurityContext.SetSecurityAccessToken(securityAccessToken);
this.serializedSecurityContext = new SerializedSecurityContext(securityAccessToken);
}
internal SerializedSecurityContext(SecurityAccessToken securityContext)
{
if (securityContext == null)
{
throw new ArgumentNullException("securityContext");
}
this.userSid = securityContext.UserSid;
this.groupSids = this.GroupSidArrayFromSidStringAndAttributeArray(securityContext.GroupSids);
this.restrictedGroupSids = this.GroupSidArrayFromSidStringAndAttributeArray(securityContext.RestrictedGroupSids);
this.groupSAArray = securityContext.GroupSids;
this.restrictedGroupSAArray = securityContext.RestrictedGroupSids;
}
private static SerializedSecurityContextType GetSecurityContext(OwaContext owaContext)
{
SecurityAccessToken securityAccessToken = new SecurityAccessToken();
owaContext.LogonIdentity.ClientSecurityContext.SetSecurityAccessToken(securityAccessToken);
return(new SerializedSecurityContextType
{
UserSid = securityAccessToken.UserSid,
RestrictedGroupSids = ProxyToEwsEventHandler.SidStringAndAttributesConverter(securityAccessToken.RestrictedGroupSids),
GroupSids = ProxyToEwsEventHandler.SidStringAndAttributesConverter(securityAccessToken.GroupSids),
PrimarySmtpAddress = owaContext.LogonIdentity.CreateExchangePrincipal().MailboxInfo.PrimarySmtpAddress.ToString()
});
}
internal SecurityAccessToken GetSecurityAccessToken()
{
SecurityAccessToken securityAccessToken = new SecurityAccessToken();
securityAccessToken.UserSid = this.UserSid;
if (this.groupSAArray == null)
{
this.groupSAArray = this.SidStringAndAttributeArrayFromGroupSidArray(this.groupSids);
}
if (this.restrictedGroupSAArray == null)
{
this.restrictedGroupSAArray = this.SidStringAndAttributeArrayFromGroupSidArray(this.restrictedGroupSids);
}
securityAccessToken.GroupSids = this.groupSAArray;
securityAccessToken.RestrictedGroupSids = this.restrictedGroupSAArray;
return(securityAccessToken);
}
// Token: 0x0600136B RID: 4971 RVA: 0x000715A8 File Offset: 0x0006F7A8
public PropertyManager(OfflineAddressBook offlineAddressBook, SecurityIdentifier userSid, string userDomain, bool habEnabled)
{
PropertyManager.Tracer.TraceFunction((long)this.GetHashCode(), "PropertyManager.PropertyManager");
Dictionary <PropTag, OABPropertyFlags> dictionary = new Dictionary <PropTag, OABPropertyFlags>();
PropertyManager.AddProperties("RdnProperties", PropertyManager.RdnProperties, OABPropertyFlags.RDN, dictionary);
PropertyManager.AddProperties("OfflineAddressBookSchema.ANRProperties", PropertyManager.GetPropTagArray(offlineAddressBook[OfflineAddressBookSchema.ANRProperties]), OABPropertyFlags.ANR, dictionary);
PropertyManager.AddProperties("OfflineAddressBookSchema.DetailsProperties", PropertyManager.GetPropTagArray(offlineAddressBook[OfflineAddressBookSchema.DetailsProperties]), OABPropertyFlags.None, dictionary);
if (habEnabled)
{
PropertyManager.AddProperties("HABProperties", PropertyManager.habProperties, OABPropertyFlags.None, dictionary);
}
PropertyManager.AddProperties("OfflineAddressBookSchema.TruncatedProperties", PropertyManager.GetPropTagArray(offlineAddressBook[OfflineAddressBookSchema.TruncatedProperties]), OABPropertyFlags.Truncated, dictionary);
PropertyManager.AddProperties("RequiredProperties", PropertyManager.RequiredProperties, OABPropertyFlags.None, dictionary);
foreach (PropTag key in PropertyManager.V4ANRPropTags)
{
OABPropertyFlags oabpropertyFlags;
if (dictionary.TryGetValue(key, out oabpropertyFlags))
{
dictionary[key] = (oabpropertyFlags | OABPropertyFlags.ANR);
}
}
PropertyManager.InitializeNspiPropMapper();
this.oabProperties = OABProperty.CreateOABPropertyList(dictionary);
SecurityAccessToken securityAccessToken = new SecurityAccessToken
{
UserSid = userSid.ToString()
};
ClientSecurityContext clientSecurityContext = new ClientSecurityContext(securityAccessToken);
this.nspiContext = new NspiContext(clientSecurityContext, userDomain, string.Empty, string.Empty, string.Empty, default(Guid));
if (!this.nspiContext.TryAcquireBudget())
{
PropertyManager.Tracer.TraceError((long)this.GetHashCode(), "NspiContext.TryAcquireBudget failed");
}
NspiState state = new NspiState
{
CodePage = Encoding.UTF8.CodePage
};
this.nspiContext.Bind(NspiBindFlags.None, state);
this.nspiPropMapper = new NspiPropMapper(this.nspiContext, Array.ConvertAll <OABProperty, PropTag>(this.oabProperties, (OABProperty property) => property.PropTag), Encoding.UTF8.CodePage, NspiPropMapperFlags.IncludeHiddenFromAddressListsEnabled);
}
internal static void Sync(Folder folder)
{
MailboxSession mailboxSession = folder.Session as MailboxSession;
if (mailboxSession == null)
{
RefreshSharingFolderClient.Tracer.TraceDebug <string>(0L, "Sync for folder {0} called with a non-mailbox session. Ignoring.", folder.DisplayName);
return;
}
SecurityAccessToken securityAccessToken = new SecurityAccessToken();
using (ClientSecurityContext clientSecurityContext = RefreshSharingFolderClient.GetClientSecurityContext(mailboxSession))
{
clientSecurityContext.SetSecurityAccessToken(securityAccessToken);
}
ExDateTime valueOrDefault = folder.GetValueOrDefault <ExDateTime>(FolderSchema.SubscriptionLastSuccessfulSyncTime, ExDateTime.MinValue);
RefreshSharingFolderClient.SyncInternal(mailboxSession, valueOrDefault, folder.Id, folder.DisplayName, securityAccessToken);
}
internal static ClientSecurityContext GetUserClientSecurityContext(SecurityIdentifier userSid, List <string> groupSids)
{
if (userSid == null)
{
throw new ArgumentNullException("UserSid");
}
SecurityAccessToken securityAccessToken = new SecurityAccessToken();
securityAccessToken.UserSid = userSid.ToString();
if (groupSids != null)
{
securityAccessToken.GroupSids = (from s in groupSids
select new SidStringAndAttributes(s, 4U)).ToArray <SidStringAndAttributes>();
}
else
{
securityAccessToken.GroupSids = MailPublicFolderPermissionHandler.DefaultSidStringAndAttributes;
}
return(new ClientSecurityContext(securityAccessToken, AuthzFlags.AuthzSkipTokenGroups));
}
private static FreeBusyPermissionLevel FromExternalClientWithPersonalRelationship(ExternalClientContext externalClientContext, MailboxSession mailboxSession, RawSecurityDescriptor securityDescriptor, FreeBusyQuery freeBusyQuery)
{
string externalIdentity = FreeBusyPermission.GetExternalIdentity(externalClientContext, mailboxSession);
if (externalIdentity == null)
{
FreeBusyPermission.SecurityTracer.TraceDebug <object, SmtpAddress, IExchangePrincipal>(0L, "{0}: No external identity for {1} in mailbox {2}.", TraceContext.Get(), externalClientContext.EmailAddress, mailboxSession.MailboxOwner);
return(FreeBusyPermissionLevel.None);
}
ISecurityAccessToken securityAccessToken = new SecurityAccessToken
{
UserSid = externalIdentity,
GroupSids = ClientSecurityContext.DisabledEveryoneOnlySidStringAndAttributesArray
};
FreeBusyPermissionLevel result;
using (ClientSecurityContext clientSecurityContext = new ClientSecurityContext(securityAccessToken, AuthzFlags.AuthzSkipTokenGroups))
{
result = FreeBusyPermission.AccessCheck(securityDescriptor, clientSecurityContext);
}
return(result);
}
protected EwsStoreDataProvider(LazilyInitialized <IExchangePrincipal> mailbox, SecurityAccessToken securityAccessToken) : this(mailbox)
{
this.securityAccessToken = securityAccessToken;
}
public static SerializedSecurityContextType CreateSerializedSecurityContext(IExchangePrincipal mailbox, SecurityAccessToken securityAccessToken)
{
return(new SerializedSecurityContextType
{
UserSid = securityAccessToken.UserSid,
GroupSids = EwsHelper.SidStringAndAttributesConverter(securityAccessToken.GroupSids),
RestrictedGroupSids = EwsHelper.SidStringAndAttributesConverter(securityAccessToken.RestrictedGroupSids),
PrimarySmtpAddress = mailbox.MailboxInfo.PrimarySmtpAddress.ToString()
});
}
private static void SyncInternal(MailboxSession mailboxSession, ExDateTime lastSyncTime, StoreId folderId, string folderDisplayname, SecurityAccessToken securityAccessToken)
{
RefreshSharingFolderClient.Tracer.TraceDebug <string, IExchangePrincipal>(0L, "Sync sharing folder {0} from mailbox {1}", folderDisplayname, mailboxSession.MailboxOwner);
if (!RefreshSharingFolderClient.CanSyncNow(lastSyncTime))
{
return;
}
NetworkServiceImpersonator.Initialize();
if (NetworkServiceImpersonator.Exception != null)
{
RefreshSharingFolderClient.Tracer.TraceError <LocalizedException>(0L, "Unable to impersonate network service to call EWS due exception {0}", NetworkServiceImpersonator.Exception);
return;
}
string id = StoreId.StoreIdToEwsId(mailboxSession.MailboxOwner.MailboxInfo.MailboxGuid, folderId);
IList <WebServicesService> list;
try
{
ClientAccessType clientAccessType = RefreshSharingFolderClient.ClientAccessType;
RefreshSharingFolderClient.Tracer.TraceDebug <ClientAccessType>(0L, "Will try to discover the URL for EWS with the following client access type: {0}", clientAccessType);
ServiceTopology currentServiceTopology = ServiceTopology.GetCurrentServiceTopology("f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Sharing\\RefreshSharingFolderClient.cs", "SyncInternal", 153);
list = currentServiceTopology.FindAll <WebServicesService>(mailboxSession.MailboxOwner, clientAccessType, "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Sharing\\RefreshSharingFolderClient.cs", "SyncInternal", 154);
}
catch (LocalizedException arg)
{
RefreshSharingFolderClient.Tracer.TraceError <IExchangePrincipal, LocalizedException>(0L, "Unable to discover internal URL for EWS for mailbox {0} due exception {1}", mailboxSession.MailboxOwner, arg);
return;
}
if (list.Count != 0)
{
string text = list[0].Url.ToString();
RefreshSharingFolderClient.Tracer.TraceDebug <string>(0L, "Using {0} to call BeginRefreshSharingFolder", text);
ExchangeServiceBinding exchangeServiceBinding = new ExchangeServiceBinding("RefreshSharingFolder", new RemoteCertificateValidationCallback(RefreshSharingFolderClient.CertificateErrorHandler));
exchangeServiceBinding.Url = text;
exchangeServiceBinding.RequestServerVersionValue = new RequestServerVersion();
exchangeServiceBinding.RequestServerVersionValue.Version = ExchangeVersionType.Exchange2010;
exchangeServiceBinding.UserAgent = WellKnownUserAgent.GetEwsNegoAuthUserAgent("RefreshSharingFolder");
exchangeServiceBinding.Authenticator = SoapHttpClientAuthenticator.CreateNetworkService();
exchangeServiceBinding.Authenticator.AdditionalSoapHeaders.Add(new SerializedSecurityContextType
{
UserSid = securityAccessToken.UserSid,
GroupSids = RefreshSharingFolderClient.SidStringAndAttributesConverter(securityAccessToken.GroupSids),
RestrictedGroupSids = RefreshSharingFolderClient.SidStringAndAttributesConverter(securityAccessToken.RestrictedGroupSids),
PrimarySmtpAddress = mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString()
});
Exception ex = null;
try
{
exchangeServiceBinding.BeginRefreshSharingFolder(new RefreshSharingFolderType
{
SharingFolderId = new FolderIdType
{
Id = id
}
}, new AsyncCallback(RefreshSharingFolderClient.TraceResponse), exchangeServiceBinding);
}
catch (SoapException ex2)
{
ex = ex2;
}
catch (WebException ex3)
{
ex = ex3;
}
catch (IOException ex4)
{
ex = ex4;
}
catch (InvalidOperationException ex5)
{
ex = ex5;
}
catch (LocalizedException ex6)
{
ex = ex6;
}
if (ex != null)
{
RefreshSharingFolderClient.Tracer.TraceError <StoreId, IExchangePrincipal, Exception>(0L, "Unable to sync sharing folder {0} in mailbox {1}. Exception {2}", folderId, mailboxSession.MailboxOwner, ex);
}
return;
}
RefreshSharingFolderClient.Tracer.TraceError <IExchangePrincipal>(0L, "Unable to find internal URL for EWS for mailbox {0}", mailboxSession.MailboxOwner);
}
