Esempio n. 1
0
 private static Guid GetTenantContextId(OrganizationId organizationId)
 {
     if (organizationId == OrganizationId.ForestWideOrgId)
     {
         return(Guid.Empty);
     }
     return(new Guid(organizationId.ToExternalDirectoryOrganizationId()));
 }
        public static ExchangeValidator Create(IConfigurationSession configSession, Func <RecipientIdParameter, IRecipientSession, ReducedRecipient> recipientGetter, Task.TaskErrorLoggingDelegate writeErrorDelegate, Action <LocalizedString> writeWarningDelegate, Func <LocalizedString, bool> shouldContinueDelegate, bool allowGroups, string logTag, SourceValidator.Clients client, int existingRecipientsCount, ExecutionLog logger)
        {
            ArgumentValidator.ThrowIfNull("configSession", configSession);
            OrganizationId    organizationId  = configSession.GetOrgContainer().OrganizationId;
            ADSessionSettings sessionSettings = ADSessionSettings.FromExternalDirectoryOrganizationId(new Guid(organizationId.ToExternalDirectoryOrganizationId()));
            IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 205, "Create", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\transport\\UnifiedPolicy\\Validators\\ExchangeValidator.cs");
            int maxLimitFromConfig = SourceValidator.GetMaxLimitFromConfig("MaxRecipientsLimit", 1000, existingRecipientsCount);

            return(new ExchangeValidator(tenantOrRootOrgRecipientSession, recipientGetter, writeErrorDelegate, writeWarningDelegate, shouldContinueDelegate, allowGroups, maxLimitFromConfig, logger, logTag, organizationId.ToExternalDirectoryOrganizationId(), client));
        }
Esempio n. 3
0
        public static IAuthenticator Create(OrganizationId organizationId, ADObjectId executingUserId)
        {
            ArgumentValidator.ThrowIfNull("organizationId", organizationId);
            ArgumentValidator.ThrowIfNull("executingUserId", executingUserId);
            ADSessionSettings sessionSettings = ADSessionSettings.FromExternalDirectoryOrganizationId(new Guid(organizationId.ToExternalDirectoryOrganizationId()));
            IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 54, "Create", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\EOPRecipient\\Authenticator.cs");
            ADUser            actAsUser = tenantOrRootOrgRecipientSession.FindADUserByObjectId(executingUserId);
            OAuthCredentials  oauthCredentialsForAppActAsToken = OAuthCredentials.GetOAuthCredentialsForAppActAsToken(organizationId, actAsUser, null);

            return(new Authenticator(oauthCredentialsForAppActAsToken));
        }
Esempio n. 4
0
        private static string GetACSToken(OrganizationId tenantID, IConfigurationSession dataSession, ExecutionLog logger, Task task)
        {
            string             result           = null;
            LocalTokenIssuer   localTokenIssuer = new LocalTokenIssuer(tenantID);
            LocalConfiguration configuration    = ConfigProvider.Instance.Configuration;
            Uri    uri           = null;
            string text          = null;
            string applicationId = configuration.ApplicationId;
            string text2         = null;

            foreach (PartnerApplication partnerApplication in configuration.PartnerApplications)
            {
                if (partnerApplication.Enabled && partnerApplication.Name.Contains("Intune"))
                {
                    text2 = partnerApplication.ApplicationIdentifier;
                    break;
                }
            }
            foreach (AuthServer authServer in configuration.AuthServers)
            {
                if (authServer.Enabled && authServer.Type == AuthServerType.MicrosoftACS)
                {
                    text = authServer.IssuerIdentifier;
                    uri  = new Uri(authServer.TokenIssuingEndpoint);
                    break;
                }
            }
            if (localTokenIssuer.SigningCert == null)
            {
                logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No certificate found.", null);
            }
            if (text2 == null)
            {
                logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No partnerId found.", null);
            }
            if (uri == null)
            {
                logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No authorizationEndpoint found.", null);
            }
            if (string.IsNullOrEmpty(text))
            {
                logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No issuerIdentifier found.", null);
            }
            if (localTokenIssuer.SigningCert != null && text2 != null && uri != null && !string.IsNullOrEmpty(text))
            {
                string arg  = applicationId;
                string arg2 = text2;
                string intuneResourceUrl = UnifiedPolicyConfiguration.GetInstance().GetIntuneResourceUrl(dataSession);
                string arg3      = text;
                string authority = uri.Authority;
                string text3     = string.Format("{0}@{1}", arg, tenantID.ToExternalDirectoryOrganizationId());
                string text4     = string.Format("{0}/{1}@{2}", arg3, authority, tenantID.ToExternalDirectoryOrganizationId());
                string text5     = string.Format("{0}/{1}@{2}", arg2, intuneResourceUrl, tenantID.ToExternalDirectoryOrganizationId());
                X509SigningCredentials   x509SigningCredentials   = new X509SigningCredentials(localTokenIssuer.SigningCert, "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "http://www.w3.org/2001/04/xmlenc#sha256");
                JsonWebSecurityToken     jsonWebSecurityToken     = new JsonWebSecurityToken(text3, text4, DateTime.UtcNow, DateTime.UtcNow.AddMinutes(5.0), new List <JsonWebTokenClaim>(), x509SigningCredentials);
                OAuth2AccessTokenRequest oauth2AccessTokenRequest = OAuth2MessageFactory.CreateAccessTokenRequestWithAssertion(jsonWebSecurityToken, text5);
                OAuth2S2SClient          oauth2S2SClient          = new OAuth2S2SClient();
                try
                {
                    OAuth2AccessTokenResponse oauth2AccessTokenResponse = (OAuth2AccessTokenResponse)oauth2S2SClient.Issue(uri.AbsoluteUri, oauth2AccessTokenRequest);
                    if (oauth2AccessTokenResponse != null)
                    {
                        result = "Bearer " + oauth2AccessTokenResponse.AccessToken;
                    }
                }
                catch (RequestFailedException ex)
                {
                    ex.ToString();
                    WebException    ex2             = (WebException)ex.InnerException;
                    HttpWebResponse httpWebResponse = (HttpWebResponse)ex2.Response;
                    Stream          responseStream  = httpWebResponse.GetResponseStream();
                    Encoding        encoding        = Encoding.GetEncoding("utf-8");
                    string          text6           = "Auth service call failed: ";
                    if (responseStream != null)
                    {
                        StreamReader streamReader = new StreamReader(responseStream, encoding);
                        char[]       array        = new char[256];
                        for (int k = streamReader.Read(array, 0, 256); k > 0; k = streamReader.Read(array, 0, 256))
                        {
                            text6 += new string(array, 0, k);
                        }
                    }
                    logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, text6, ex);
                }
            }
            return(result);
        }
Esempio n. 5
0
 public static bool TryGetDiscoveryEndPoint(OrganizationId orgId, string crossPremiseDomain, Func <OrganizationId, OrganizationIdCacheValue> getOrgIdCacheValue, Func <OrganizationIdCacheValue, string, IntraOrganizationConnector> getIntraOrganizationConnector, Func <OrganizationIdCacheValue, string, OrganizationRelationship> getOrganizationRelationShip, out Uri discoveryEndPoint, out EndPointDiscoveryInfo info)
 {
     discoveryEndPoint = null;
     info = new EndPointDiscoveryInfo();
     if (orgId == null)
     {
         info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, "orgId is null");
         return(false);
     }
     if (string.IsNullOrEmpty(crossPremiseDomain))
     {
         info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, "crossPremiseDomain is invalid");
         return(false);
     }
     try
     {
         OrganizationIdCacheValue organizationIdCacheValue = null;
         if (getOrgIdCacheValue == null)
         {
             organizationIdCacheValue = OrganizationIdCache.Singleton.Get(orgId);
         }
         else
         {
             organizationIdCacheValue = getOrgIdCacheValue(orgId);
         }
         IntraOrganizationConnector intraOrganizationConnector = null;
         try
         {
             if (getIntraOrganizationConnector == null)
             {
                 if (organizationIdCacheValue == null)
                 {
                     info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, string.Format("OrganizationIdCacheValue == null. OrgID=[{0}], domain=[{1}]. getOrgIdCacheValue is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrgIdCacheValue == null) ? string.Empty : " not"));
                     return(false);
                 }
                 intraOrganizationConnector = organizationIdCacheValue.GetIntraOrganizationConnector(crossPremiseDomain);
             }
             else
             {
                 intraOrganizationConnector = getIntraOrganizationConnector(organizationIdCacheValue, crossPremiseDomain);
             }
         }
         catch (Exception ex)
         {
             info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.IocException, ex.ToString());
         }
         if (intraOrganizationConnector == null)
         {
             string message = string.Format("IntraOrganizationConnector lookup for org [{0}], domain [{1}] found nothing. getIntraOrganizationConnector is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getIntraOrganizationConnector == null) ? string.Empty : " not");
             info.AddInfo((info.Status == EndPointDiscoveryInfo.DiscoveryStatus.Success) ? EndPointDiscoveryInfo.DiscoveryStatus.IocNotFound : info.Status, message);
         }
         else
         {
             if (!(intraOrganizationConnector.DiscoveryEndpoint == null))
             {
                 ExTraceGlobals.ServiceDiscoveryTracer.TraceDebug(0L, "IntraOrganizationConnector lookup for org [{0}], domain [{1}] found [{2}]. End point=[{3}].", new object[]
                 {
                     orgId.ToExternalDirectoryOrganizationId(),
                     crossPremiseDomain,
                     intraOrganizationConnector.Id,
                     intraOrganizationConnector.DiscoveryEndpoint
                 });
                 discoveryEndPoint = intraOrganizationConnector.DiscoveryEndpoint;
                 return(true);
             }
             info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.IocNoUri, string.Format("IntraOrganizationConnector lookup for org [{0}], domain [{1}] found [{2}], but it doesn't have DiscoveryEndpoint set. getIntraOrganizationConnector is{3} null.", new object[]
             {
                 orgId.ToExternalDirectoryOrganizationId(),
                 crossPremiseDomain,
                 intraOrganizationConnector.Id,
                 (getIntraOrganizationConnector == null) ? string.Empty : " not"
             }));
         }
         OrganizationRelationship organizationRelationship;
         if (getOrganizationRelationShip == null)
         {
             if (organizationIdCacheValue == null)
             {
                 info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, string.Format("OrganizationIdCacheValue is null. OrgID=[{0}], domain=[{1}]. getOrgIdCacheValue is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrgIdCacheValue == null) ? string.Empty : " not"));
                 return(false);
             }
             organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(crossPremiseDomain);
         }
         else
         {
             organizationRelationship = getOrganizationRelationShip(organizationIdCacheValue, crossPremiseDomain);
         }
         if (organizationRelationship == null)
         {
             info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.OrNotFound, string.Format("Unable to find the org relationship for OrgID=[{0}], domain=[{1}]. getOrganizationRelationShip is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrganizationRelationShip == null) ? string.Empty : " not"));
             return(false);
         }
         if (organizationRelationship.TargetAutodiscoverEpr == null)
         {
             info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.OrNoUri, string.Format("The TargetAutodiscoverEpr in org relationship is null for OrgID=[{0}], domain=[{1}]. getOrganizationRelationShip is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrganizationRelationShip == null) ? string.Empty : " not"));
             return(false);
         }
         ExTraceGlobals.ServiceDiscoveryTracer.TraceDebug <string, string, Uri>(0L, "OrganizationRelationship lookup for org [{0}], domain [{1}] found end point: [{2}]", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, organizationRelationship.TargetAutodiscoverEpr);
         discoveryEndPoint = organizationRelationship.TargetAutodiscoverEpr;
     }
     catch (Exception ex2)
     {
         info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, ex2.ToString());
         return(false);
     }
     return(true);
 }
Esempio n. 6
0
        private static SharepointValidator Create(IConfigurationSession configurationSession, ADObjectId executingUserId, Task.TaskErrorLoggingDelegate writeErrorDelegate, Action <LocalizedString> writeWarningDelegate, Func <LocalizedString, bool> shouldContinueDelegate, string logTag, SourceValidator.Clients client, int existingSitesCount, ExecutionLog logger)
        {
            ArgumentValidator.ThrowIfNull("configurationSession", configurationSession);
            Uri            uri            = null;
            Uri            uri2           = null;
            OrganizationId organizationId = configurationSession.GetOrgContainer().OrganizationId;

            UnifiedPolicyConfiguration.GetInstance().GetTenantSharePointUrls(configurationSession, out uri, out uri2);
            if (uri == null)
            {
                EventNotificationItem.Publish(ExchangeComponent.UnifiedComplianceSourceValidation.Name, "SharepointValidatorUnexpectedError", client.ToString(), string.Format("Tenant {0}, Error:{1}", organizationId.ToExternalDirectoryOrganizationId(), Strings.FailedToGetSpSiteUrlForTenant), ResultSeverityLevel.Error, false);
                throw new SpValidatorException(Strings.FailedToGetSpSiteUrlForTenant);
            }
            ADUser actAsUser = null;

            if (executingUserId != null)
            {
                ADSessionSettings sessionSettings = ADSessionSettings.FromExternalDirectoryOrganizationId(new Guid(organizationId.ToExternalDirectoryOrganizationId()));
                IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 520, "Create", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\transport\\UnifiedPolicy\\Validators\\SharepointValidator.cs");
                actAsUser = tenantOrRootOrgRecipientSession.FindADUserByObjectId(executingUserId);
            }
            ICredentials credentials = UnifiedPolicyConfiguration.GetInstance().GetCredentials(configurationSession, actAsUser);

            if (credentials == null)
            {
                EventNotificationItem.Publish(ExchangeComponent.UnifiedComplianceSourceValidation.Name, "SharepointValidatorUnexpectedError", client.ToString(), string.Format("Tenant {0}, Error:{1}", organizationId.ToExternalDirectoryOrganizationId(), Strings.FailedToGetCredentialsForTenant), ResultSeverityLevel.Error, false);
                throw new SpValidatorException(Strings.FailedToGetCredentialsForTenant);
            }
            int maxLimitFromConfig = SourceValidator.GetMaxLimitFromConfig("MaxSitesLimit", 100, existingSitesCount);

            return(new SharepointValidator(uri, credentials, executingUserId != null, writeErrorDelegate, writeWarningDelegate, shouldContinueDelegate, maxLimitFromConfig, logger, logTag, organizationId.ToExternalDirectoryOrganizationId(), client));
        }
Esempio n. 7
0
        internal static IRecipientSession GetRecipientSession(IConfigurationSession configurationSession)
        {
            OrganizationId organizationId = configurationSession.GetOrgContainer().OrganizationId;

            return(DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromExternalDirectoryOrganizationId(new Guid(organizationId.ToExternalDirectoryOrganizationId())), 803, "GetRecipientSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\transport\\UnifiedPolicy\\Utils.cs"));
        }
        // Token: 0x060005CB RID: 1483 RVA: 0x000202C4 File Offset: 0x0001E4C4
        protected ADObjectId ResolveMailboxDatabase(ADRawEntry activeDirectoryRawEntry)
        {
            if (activeDirectoryRawEntry == null)
            {
                throw new ArgumentNullException("activeDirectoryRawEntry");
            }
            SmtpProxyAddress smtpProxyAddress = (SmtpProxyAddress)activeDirectoryRawEntry[ADRecipientSchema.ExternalEmailAddress];

            if (smtpProxyAddress != null)
            {
                OrganizationId           organizationId           = (OrganizationId)activeDirectoryRawEntry[ADObjectSchema.OrganizationId];
                OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
                SmtpAddress smtpAddress = (SmtpAddress)smtpProxyAddress;
                if (!smtpAddress.IsValidAddress)
                {
                    if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
                    {
                        ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: ExternalEmailAddress configured is invalid.");
                    }
                }
                else
                {
                    OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(((SmtpAddress)smtpProxyAddress).Domain);
                    if (organizationRelationship != null && organizationRelationship.TargetOwaURL != null)
                    {
                        string absoluteUri = organizationRelationship.TargetOwaURL.AbsoluteUri;
                        if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
                        {
                            ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: Stop processing and redirect to {0}.", absoluteUri);
                        }
                        base.Logger.AppendGenericInfo("ExternalRedir", absoluteUri);
                        throw new HttpException(302, this.GetCrossPremiseRedirectUrl(smtpAddress.Domain, organizationId.ToExternalDirectoryOrganizationId(), smtpProxyAddress.SmtpAddress));
                    }
                    if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
                    {
                        ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: Unable to find OrganizationRelationShip or its TargetOwaUrl is not configured.");
                    }
                    base.Logger.AppendGenericInfo("ExternalRedir", "Org-Relationship or targetOwaUrl not found.");
                }
            }
            return(null);
        }
 public string ToExternalDirectoryOrganizationId(OrganizationId orgId)
 {
     return(orgId.ToExternalDirectoryOrganizationId());
 }