internal InternalClientContext(ClientSecurityContext clientSecurityContext, IBudget budget, ExTimeZone timeZone, CultureInfo clientCulture, string messageId, ADUser adUser) : base(budget, timeZone, clientCulture, messageId) { if (clientSecurityContext == null) { throw new ArgumentNullException("clientSecurityContext"); } this.clientSecurityContext = clientSecurityContext; this.ownsClientSecurityContext = false; if (adUser != null) { this.adUser = adUser; this.organizationId = adUser.OrganizationId; this.adUserInitialized = true; } else { this.adUser = null; this.adUserInitialized = false; } if (this.clientSecurityContext.UserSid != null) { this.identityForFilteredTracing = this.clientSecurityContext.UserSid.ToString(); } SecurityAccessToken securityAccessToken = new SecurityAccessToken(); this.clientSecurityContext.SetSecurityAccessToken(securityAccessToken); this.serializedSecurityContext = new SerializedSecurityContext(securityAccessToken); }
internal SerializedSecurityContext(SecurityAccessToken securityContext) { if (securityContext == null) { throw new ArgumentNullException("securityContext"); } this.userSid = securityContext.UserSid; this.groupSids = this.GroupSidArrayFromSidStringAndAttributeArray(securityContext.GroupSids); this.restrictedGroupSids = this.GroupSidArrayFromSidStringAndAttributeArray(securityContext.RestrictedGroupSids); this.groupSAArray = securityContext.GroupSids; this.restrictedGroupSAArray = securityContext.RestrictedGroupSids; }
private static SerializedSecurityContextType GetSecurityContext(OwaContext owaContext) { SecurityAccessToken securityAccessToken = new SecurityAccessToken(); owaContext.LogonIdentity.ClientSecurityContext.SetSecurityAccessToken(securityAccessToken); return(new SerializedSecurityContextType { UserSid = securityAccessToken.UserSid, RestrictedGroupSids = ProxyToEwsEventHandler.SidStringAndAttributesConverter(securityAccessToken.RestrictedGroupSids), GroupSids = ProxyToEwsEventHandler.SidStringAndAttributesConverter(securityAccessToken.GroupSids), PrimarySmtpAddress = owaContext.LogonIdentity.CreateExchangePrincipal().MailboxInfo.PrimarySmtpAddress.ToString() }); }
internal SecurityAccessToken GetSecurityAccessToken() { SecurityAccessToken securityAccessToken = new SecurityAccessToken(); securityAccessToken.UserSid = this.UserSid; if (this.groupSAArray == null) { this.groupSAArray = this.SidStringAndAttributeArrayFromGroupSidArray(this.groupSids); } if (this.restrictedGroupSAArray == null) { this.restrictedGroupSAArray = this.SidStringAndAttributeArrayFromGroupSidArray(this.restrictedGroupSids); } securityAccessToken.GroupSids = this.groupSAArray; securityAccessToken.RestrictedGroupSids = this.restrictedGroupSAArray; return(securityAccessToken); }
// Token: 0x0600136B RID: 4971 RVA: 0x000715A8 File Offset: 0x0006F7A8 public PropertyManager(OfflineAddressBook offlineAddressBook, SecurityIdentifier userSid, string userDomain, bool habEnabled) { PropertyManager.Tracer.TraceFunction((long)this.GetHashCode(), "PropertyManager.PropertyManager"); Dictionary <PropTag, OABPropertyFlags> dictionary = new Dictionary <PropTag, OABPropertyFlags>(); PropertyManager.AddProperties("RdnProperties", PropertyManager.RdnProperties, OABPropertyFlags.RDN, dictionary); PropertyManager.AddProperties("OfflineAddressBookSchema.ANRProperties", PropertyManager.GetPropTagArray(offlineAddressBook[OfflineAddressBookSchema.ANRProperties]), OABPropertyFlags.ANR, dictionary); PropertyManager.AddProperties("OfflineAddressBookSchema.DetailsProperties", PropertyManager.GetPropTagArray(offlineAddressBook[OfflineAddressBookSchema.DetailsProperties]), OABPropertyFlags.None, dictionary); if (habEnabled) { PropertyManager.AddProperties("HABProperties", PropertyManager.habProperties, OABPropertyFlags.None, dictionary); } PropertyManager.AddProperties("OfflineAddressBookSchema.TruncatedProperties", PropertyManager.GetPropTagArray(offlineAddressBook[OfflineAddressBookSchema.TruncatedProperties]), OABPropertyFlags.Truncated, dictionary); PropertyManager.AddProperties("RequiredProperties", PropertyManager.RequiredProperties, OABPropertyFlags.None, dictionary); foreach (PropTag key in PropertyManager.V4ANRPropTags) { OABPropertyFlags oabpropertyFlags; if (dictionary.TryGetValue(key, out oabpropertyFlags)) { dictionary[key] = (oabpropertyFlags | OABPropertyFlags.ANR); } } PropertyManager.InitializeNspiPropMapper(); this.oabProperties = OABProperty.CreateOABPropertyList(dictionary); SecurityAccessToken securityAccessToken = new SecurityAccessToken { UserSid = userSid.ToString() }; ClientSecurityContext clientSecurityContext = new ClientSecurityContext(securityAccessToken); this.nspiContext = new NspiContext(clientSecurityContext, userDomain, string.Empty, string.Empty, string.Empty, default(Guid)); if (!this.nspiContext.TryAcquireBudget()) { PropertyManager.Tracer.TraceError((long)this.GetHashCode(), "NspiContext.TryAcquireBudget failed"); } NspiState state = new NspiState { CodePage = Encoding.UTF8.CodePage }; this.nspiContext.Bind(NspiBindFlags.None, state); this.nspiPropMapper = new NspiPropMapper(this.nspiContext, Array.ConvertAll <OABProperty, PropTag>(this.oabProperties, (OABProperty property) => property.PropTag), Encoding.UTF8.CodePage, NspiPropMapperFlags.IncludeHiddenFromAddressListsEnabled); }
internal static void Sync(Folder folder) { MailboxSession mailboxSession = folder.Session as MailboxSession; if (mailboxSession == null) { RefreshSharingFolderClient.Tracer.TraceDebug <string>(0L, "Sync for folder {0} called with a non-mailbox session. Ignoring.", folder.DisplayName); return; } SecurityAccessToken securityAccessToken = new SecurityAccessToken(); using (ClientSecurityContext clientSecurityContext = RefreshSharingFolderClient.GetClientSecurityContext(mailboxSession)) { clientSecurityContext.SetSecurityAccessToken(securityAccessToken); } ExDateTime valueOrDefault = folder.GetValueOrDefault <ExDateTime>(FolderSchema.SubscriptionLastSuccessfulSyncTime, ExDateTime.MinValue); RefreshSharingFolderClient.SyncInternal(mailboxSession, valueOrDefault, folder.Id, folder.DisplayName, securityAccessToken); }
internal static ClientSecurityContext GetUserClientSecurityContext(SecurityIdentifier userSid, List <string> groupSids) { if (userSid == null) { throw new ArgumentNullException("UserSid"); } SecurityAccessToken securityAccessToken = new SecurityAccessToken(); securityAccessToken.UserSid = userSid.ToString(); if (groupSids != null) { securityAccessToken.GroupSids = (from s in groupSids select new SidStringAndAttributes(s, 4U)).ToArray <SidStringAndAttributes>(); } else { securityAccessToken.GroupSids = MailPublicFolderPermissionHandler.DefaultSidStringAndAttributes; } return(new ClientSecurityContext(securityAccessToken, AuthzFlags.AuthzSkipTokenGroups)); }
private static FreeBusyPermissionLevel FromExternalClientWithPersonalRelationship(ExternalClientContext externalClientContext, MailboxSession mailboxSession, RawSecurityDescriptor securityDescriptor, FreeBusyQuery freeBusyQuery) { string externalIdentity = FreeBusyPermission.GetExternalIdentity(externalClientContext, mailboxSession); if (externalIdentity == null) { FreeBusyPermission.SecurityTracer.TraceDebug <object, SmtpAddress, IExchangePrincipal>(0L, "{0}: No external identity for {1} in mailbox {2}.", TraceContext.Get(), externalClientContext.EmailAddress, mailboxSession.MailboxOwner); return(FreeBusyPermissionLevel.None); } ISecurityAccessToken securityAccessToken = new SecurityAccessToken { UserSid = externalIdentity, GroupSids = ClientSecurityContext.DisabledEveryoneOnlySidStringAndAttributesArray }; FreeBusyPermissionLevel result; using (ClientSecurityContext clientSecurityContext = new ClientSecurityContext(securityAccessToken, AuthzFlags.AuthzSkipTokenGroups)) { result = FreeBusyPermission.AccessCheck(securityDescriptor, clientSecurityContext); } return(result); }
protected EwsStoreDataProvider(LazilyInitialized <IExchangePrincipal> mailbox, SecurityAccessToken securityAccessToken) : this(mailbox) { this.securityAccessToken = securityAccessToken; }
public static SerializedSecurityContextType CreateSerializedSecurityContext(IExchangePrincipal mailbox, SecurityAccessToken securityAccessToken) { return(new SerializedSecurityContextType { UserSid = securityAccessToken.UserSid, GroupSids = EwsHelper.SidStringAndAttributesConverter(securityAccessToken.GroupSids), RestrictedGroupSids = EwsHelper.SidStringAndAttributesConverter(securityAccessToken.RestrictedGroupSids), PrimarySmtpAddress = mailbox.MailboxInfo.PrimarySmtpAddress.ToString() }); }
private static void SyncInternal(MailboxSession mailboxSession, ExDateTime lastSyncTime, StoreId folderId, string folderDisplayname, SecurityAccessToken securityAccessToken) { RefreshSharingFolderClient.Tracer.TraceDebug <string, IExchangePrincipal>(0L, "Sync sharing folder {0} from mailbox {1}", folderDisplayname, mailboxSession.MailboxOwner); if (!RefreshSharingFolderClient.CanSyncNow(lastSyncTime)) { return; } NetworkServiceImpersonator.Initialize(); if (NetworkServiceImpersonator.Exception != null) { RefreshSharingFolderClient.Tracer.TraceError <LocalizedException>(0L, "Unable to impersonate network service to call EWS due exception {0}", NetworkServiceImpersonator.Exception); return; } string id = StoreId.StoreIdToEwsId(mailboxSession.MailboxOwner.MailboxInfo.MailboxGuid, folderId); IList <WebServicesService> list; try { ClientAccessType clientAccessType = RefreshSharingFolderClient.ClientAccessType; RefreshSharingFolderClient.Tracer.TraceDebug <ClientAccessType>(0L, "Will try to discover the URL for EWS with the following client access type: {0}", clientAccessType); ServiceTopology currentServiceTopology = ServiceTopology.GetCurrentServiceTopology("f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Sharing\\RefreshSharingFolderClient.cs", "SyncInternal", 153); list = currentServiceTopology.FindAll <WebServicesService>(mailboxSession.MailboxOwner, clientAccessType, "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Sharing\\RefreshSharingFolderClient.cs", "SyncInternal", 154); } catch (LocalizedException arg) { RefreshSharingFolderClient.Tracer.TraceError <IExchangePrincipal, LocalizedException>(0L, "Unable to discover internal URL for EWS for mailbox {0} due exception {1}", mailboxSession.MailboxOwner, arg); return; } if (list.Count != 0) { string text = list[0].Url.ToString(); RefreshSharingFolderClient.Tracer.TraceDebug <string>(0L, "Using {0} to call BeginRefreshSharingFolder", text); ExchangeServiceBinding exchangeServiceBinding = new ExchangeServiceBinding("RefreshSharingFolder", new RemoteCertificateValidationCallback(RefreshSharingFolderClient.CertificateErrorHandler)); exchangeServiceBinding.Url = text; exchangeServiceBinding.RequestServerVersionValue = new RequestServerVersion(); exchangeServiceBinding.RequestServerVersionValue.Version = ExchangeVersionType.Exchange2010; exchangeServiceBinding.UserAgent = WellKnownUserAgent.GetEwsNegoAuthUserAgent("RefreshSharingFolder"); exchangeServiceBinding.Authenticator = SoapHttpClientAuthenticator.CreateNetworkService(); exchangeServiceBinding.Authenticator.AdditionalSoapHeaders.Add(new SerializedSecurityContextType { UserSid = securityAccessToken.UserSid, GroupSids = RefreshSharingFolderClient.SidStringAndAttributesConverter(securityAccessToken.GroupSids), RestrictedGroupSids = RefreshSharingFolderClient.SidStringAndAttributesConverter(securityAccessToken.RestrictedGroupSids), PrimarySmtpAddress = mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress.ToString() }); Exception ex = null; try { exchangeServiceBinding.BeginRefreshSharingFolder(new RefreshSharingFolderType { SharingFolderId = new FolderIdType { Id = id } }, new AsyncCallback(RefreshSharingFolderClient.TraceResponse), exchangeServiceBinding); } catch (SoapException ex2) { ex = ex2; } catch (WebException ex3) { ex = ex3; } catch (IOException ex4) { ex = ex4; } catch (InvalidOperationException ex5) { ex = ex5; } catch (LocalizedException ex6) { ex = ex6; } if (ex != null) { RefreshSharingFolderClient.Tracer.TraceError <StoreId, IExchangePrincipal, Exception>(0L, "Unable to sync sharing folder {0} in mailbox {1}. Exception {2}", folderId, mailboxSession.MailboxOwner, ex); } return; } RefreshSharingFolderClient.Tracer.TraceError <IExchangePrincipal>(0L, "Unable to find internal URL for EWS for mailbox {0}", mailboxSession.MailboxOwner); }