internal SharingProvider GetTargetSharingProvider(ADRecipient mailboxOwner)
{
Util.ThrowOnNullArgument(mailboxOwner, "mailboxOwner");
if (this.AvailableSharingProviders.Keys.Count == 1)
{
using (Dictionary <SharingProvider, CheckRecipientsResults> .KeyCollection.Enumerator enumerator = this.AvailableSharingProviders.Keys.GetEnumerator())
{
if (enumerator.MoveNext())
{
SharingProvider sharingProvider = enumerator.Current;
ExTraceGlobals.SharingTracer.TraceDebug <ADRecipient, SharingProvider>((long)this.GetHashCode(), "{0}: Found target provider {1} for current user.", mailboxOwner, sharingProvider);
return(sharingProvider);
}
}
}
foreach (KeyValuePair <SharingProvider, CheckRecipientsResults> keyValuePair in this.AvailableSharingProviders)
{
SharingProvider key = keyValuePair.Key;
CheckRecipientsResults value = keyValuePair.Value;
if (value != null && mailboxOwner.IsAnyAddressMatched(ValidRecipient.ConvertToStringArray(value.ValidRecipients)))
{
ExTraceGlobals.SharingTracer.TraceDebug <ADRecipient, SharingProvider>((long)this.GetHashCode(), "{0}: Found target provider {1} for current user.", mailboxOwner, key);
return(key);
}
}
ExTraceGlobals.SharingTracer.TraceError <ADRecipient>((long)this.GetHashCode(), "{0}: No available provider is found for this user.", mailboxOwner);
return(null);
}
protected override PerformInvitationResults InternalPerformInvitation(MailboxSession mailboxSession, SharingContext context, ValidRecipient[] recipients, IFrontEndLocator frontEndLocator)
{
if (recipients.Length != 1)
{
throw new InvalidOperationException("Only single recipient is allowed.");
}
ValidRecipient validRecipient = recipients[0];
string folderId = context.FolderId.ToBase64String();
ExternalUser externalUser = this.ApplyPermission(mailboxSession, new SmtpAddress(validRecipient.SmtpAddress), context);
IRecipientSession adrecipientSession = mailboxSession.GetADRecipientSession(false, ConsistencyMode.FullyConsistent);
ADUser aduser = (ADUser)adrecipientSession.Read(mailboxSession.MailboxOwner.ObjectId);
string text = aduser.SharingAnonymousIdentities.FindExistingUrlId(SharingDataType.ReachCalendar.PublishResourceName, folderId);
Uri owaVdirUrl = OwaAnonymousVdirLocater.Instance.GetOwaVdirUrl(mailboxSession.MailboxOwner, frontEndLocator);
SmtpAddress primarySmtpAddress = mailboxSession.MailboxOwner.MailboxInfo.PrimarySmtpAddress;
ObscureUrl obscureUrl = ObscureUrl.CreatePublishReachCalendarUrl(owaVdirUrl.ToString(), mailboxSession.MailboxGuid, primarySmtpAddress.Domain, text, externalUser.Sid);
if (string.IsNullOrEmpty(text))
{
aduser.SharingAnonymousIdentities.AddOrUpdate(SharingDataType.ReachCalendar.PublishResourceName, obscureUrl.Identity, folderId);
adrecipientSession.Save(aduser);
}
context.BrowseUrl = obscureUrl.ToString() + ".html";
context.ICalUrl = obscureUrl.ToString() + ".ics";
return(new PerformInvitationResults(recipients));
}
protected override void InternalPerformRevocation(MailboxSession mailboxSession, SharingContext context)
{
using (FolderPermissionContext current = FolderPermissionContext.GetCurrent(mailboxSession, context))
{
ValidRecipient recipient = new ValidRecipient(context.InitiatorSmtpAddress, null);
PermissionSecurityPrincipal principal = this.CreatePermissionSecurityPrincipal(recipient, mailboxSession.MailboxOwner);
current.RemovePermission(principal);
}
}
private PermissionSecurityPrincipal CreatePermissionSecurityPrincipal(ValidRecipient recipient, IExchangePrincipal mailboxPrincipal)
{
ADRecipient adrecipient = recipient.ADRecipient;
if (adrecipient == null)
{
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(null, true, ConsistencyMode.FullyConsistent, null, mailboxPrincipal.MailboxInfo.OrganizationId.ToADSessionSettings(), 248, "CreatePermissionSecurityPrincipal", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Sharing\\SharingProviderHandlerInternal.cs");
adrecipient = tenantOrRootOrgRecipientSession.FindByProxyAddress(new SmtpProxyAddress(recipient.SmtpAddress, false));
}
return(new PermissionSecurityPrincipal(adrecipient));
}
private CheckRecipientsResults CheckRecipients()
{
List <string> list = new List <string>(base.Recipients.Count);
List <string> list2 = new List <string>(base.Recipients.Count);
foreach (Recipient recipient in base.Recipients)
{
string valueOrDefault = recipient.GetValueOrDefault <string>(ParticipantSchema.SmtpAddress, string.Empty);
if (!string.IsNullOrEmpty(valueOrDefault))
{
list2.Add(valueOrDefault);
}
else
{
list.Add(recipient.Participant.EmailAddress);
}
}
List <ValidRecipient> list3 = new List <ValidRecipient>(list2.Count);
string[] array = list2.ToArray();
List <SharingProvider> list4 = new List <SharingProvider>(this.SharingContext.AvailableSharingProviders.Keys);
foreach (SharingProvider sharingProvider in list4)
{
if (array == null || array.Length == 0)
{
break;
}
CheckRecipientsResults checkRecipientsResults;
if (this.ForceSharingProvider != null)
{
if (sharingProvider == this.ForceSharingProvider)
{
checkRecipientsResults = new CheckRecipientsResults(ValidRecipient.ConvertFromStringArray(array));
}
else
{
checkRecipientsResults = new CheckRecipientsResults(array);
}
this.SharingContext.AvailableSharingProviders[sharingProvider] = checkRecipientsResults;
}
else
{
checkRecipientsResults = sharingProvider.CheckRecipients(this.MailboxOwner, this.SharingContext, array);
}
list3.AddRange(checkRecipientsResults.ValidRecipients);
array = checkRecipientsResults.InvalidRecipients;
}
list.AddRange(array);
return(new CheckRecipientsResults(list3.ToArray(), list.ToArray()));
}
internal CheckRecipientsResults CheckRecipients(ADRecipient mailboxOwner, string[] recipients)
{
Util.ThrowOnNullArgument(mailboxOwner, "mailboxOwner");
Util.ThrowOnNullArgument(recipients, "recipients");
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(null, true, ConsistencyMode.FullyConsistent, mailboxOwner.Session.NetworkCredential, mailboxOwner.OrganizationId.ToADSessionSettings(), 127, "CheckRecipients", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Sharing\\SharingProviderHandler.cs");
List <ValidRecipient> list = new List <ValidRecipient>(recipients.Length);
List <string> list2 = new List <string>(recipients.Length);
foreach (string text in recipients)
{
ValidRecipient validRecipient = this.InternalCheckOneRecipient(mailboxOwner, text, tenantOrRootOrgRecipientSession);
if (validRecipient != null)
{
ExTraceGlobals.SharingTracer.TraceDebug <ADRecipient, string, SharingProviderHandler>((long)this.GetHashCode(), "{0}: {1} is a valid recipient for sharing handler {2}.", mailboxOwner, text, this);
list.Add(validRecipient);
}
else
{
ExTraceGlobals.SharingTracer.TraceDebug <ADRecipient, string, SharingProviderHandler>((long)this.GetHashCode(), "{0}: {1} is an invalid recipient for sharing handler {2}.", mailboxOwner, text, this);
list2.Add(text);
}
}
return(new CheckRecipientsResults(list.ToArray(), list2.ToArray()));
}
public EncryptionResults Encrypt(IExchangePrincipal mailboxOwner, IRecipientSession recipientSession, ExternalUserCollection externalUserCollection, ValidRecipient[] recipients, string sender, string containerClass, string folderId, IFrontEndLocator frontEndLocator)
{
SharingDataType sharingDataType = SharingDataType.FromContainerClass(containerClass);
if (sharingDataType == null || !sharingDataType.IsExternallySharable)
{
throw new ArgumentOutOfRangeException("containerClass");
}
ADUser aduser = DirectoryHelper.ReadADRecipient(mailboxOwner.MailboxInfo.MailboxGuid, mailboxOwner.MailboxInfo.IsArchive, recipientSession) as ADUser;
if (aduser == null)
{
SharedFolderDataEncryption.Tracer.TraceError <SharedFolderDataEncryption, string>((long)this.GetHashCode(), "{0}: The Active Directory user was not found. Sender={1}.", this, sender);
throw new ObjectNotFoundException(ServerStrings.ADUserNotFound);
}
ProxyAddress item = new SmtpProxyAddress(sender, false);
if (!aduser.EmailAddresses.Contains(item))
{
SharedFolderDataEncryption.Tracer.TraceError <SharedFolderDataEncryption, string>((long)this.GetHashCode(), "{0}: The SMTP address was not found in the user AD object for this mailbox. Sender={1}.", this, sender);
throw new ObjectNotFoundException(ServerStrings.ADUserNotFound);
}
SharingPolicy sharingPolicy = DirectoryHelper.ReadSharingPolicy(mailboxOwner.MailboxInfo.MailboxGuid, mailboxOwner.MailboxInfo.IsArchive, recipientSession);
SharedFolderDataEncryption.Tracer.TraceDebug <SharedFolderDataEncryption, object>((long)this.GetHashCode(), "{0}: Sharing policy to be applied to this user: {1}", this, (sharingPolicy == null) ? "<null>" : sharingPolicy.Id);
SharingPolicyAction sharingPolicyActions = SharedFolderDataEncryption.GetSharingPolicyActions(sharingDataType.StoreObjectType);
SharedFolderDataRecipient[] externalIdentities = SharedFolderDataEncryption.GetExternalIdentities(externalUserCollection, recipients);
List <InvalidRecipient> list = new List <InvalidRecipient>();
Dictionary <TokenTarget, List <SharedFolderDataRecipient> > dictionary = new Dictionary <TokenTarget, List <SharedFolderDataRecipient> >(externalIdentities.Length, SharedFolderDataEncryption.TokenTargetComparer);
for (int i = 0; i < recipients.Length; i++)
{
SharedFolderDataRecipient item2 = externalIdentities[i];
ValidRecipient validRecipient = recipients[i];
SmtpAddress smtpAddress = new SmtpAddress(validRecipient.SmtpAddress);
string domain = smtpAddress.Domain;
if (sharingPolicy == null || !sharingPolicy.IsAllowedForAnySharing(domain, sharingPolicyActions))
{
SharedFolderDataEncryption.Tracer.TraceDebug <string>((long)this.GetHashCode(), "Sharing policy does not allow user to share with domain {0}", domain);
list.Add(new InvalidRecipient(validRecipient.SmtpAddress, InvalidRecipientResponseCodeType.SystemPolicyBlocksSharingWithThisRecipient));
}
else
{
SmtpAddress smtpAddress2 = new SmtpAddress(validRecipient.SmtpAddressForEncryption);
TokenTarget tokenTarget = TargetUriResolver.Resolve(smtpAddress2.Domain, aduser.OrganizationId);
if (tokenTarget == null)
{
list.Add(new InvalidRecipient(validRecipient.SmtpAddress, InvalidRecipientResponseCodeType.RecipientOrganizationNotFederated));
}
else
{
List <SharedFolderDataRecipient> list2;
if (!dictionary.TryGetValue(tokenTarget, out list2))
{
list2 = new List <SharedFolderDataRecipient>(1);
dictionary.Add(tokenTarget, list2);
}
list2.Add(item2);
}
}
}
List <EncryptedSharedFolderData> list3 = new List <EncryptedSharedFolderData>(dictionary.Count);
SharedFolderData sharedFolderData = new SharedFolderData();
sharedFolderData.DataType = sharingDataType.ExternalName;
sharedFolderData.FolderId = folderId;
sharedFolderData.SharingUrl = this.GetSharingUrl(aduser, frontEndLocator);
sharedFolderData.FederationUri = this.externalAuthentication.TokenValidator.TargetUri.ToString();
sharedFolderData.SenderSmtpAddress = sender;
DelegationTokenRequest delegationTokenRequest = new DelegationTokenRequest
{
FederatedIdentity = aduser.GetFederatedIdentity(),
EmailAddress = aduser.GetFederatedSmtpAddress(new SmtpAddress(sender)).ToString(),
Offer = Offer.SharingInviteMessage
};
SecurityTokenService securityTokenService = this.externalAuthentication.GetSecurityTokenService(aduser.OrganizationId);
foreach (KeyValuePair <TokenTarget, List <SharedFolderDataRecipient> > keyValuePair in dictionary)
{
delegationTokenRequest.Target = keyValuePair.Key;
sharedFolderData.Recipients = keyValuePair.Value.ToArray();
try
{
RequestedToken requestedToken = securityTokenService.IssueToken(delegationTokenRequest);
list3.Add(this.Encrypt(requestedToken, sharedFolderData));
}
catch (WSTrustException ex)
{
foreach (SharedFolderDataRecipient sharedFolderDataRecipient in sharedFolderData.Recipients)
{
list.Add(new InvalidRecipient(sharedFolderDataRecipient.SmtpAddress, SharedFolderDataEncryption.GetResponseCodeFromException(ex), ex.ToString()));
}
}
}
return(new EncryptionResults(list3.ToArray(), list.ToArray()));
}
private static SharedFolderDataRecipient GetExternalIdentity(ExternalUserCollection externalUserCollection, ValidRecipient recipient)
{
if (!SmtpAddress.IsValidSmtpAddress(recipient.SmtpAddress))
{
throw new ArgumentOutOfRangeException(ServerStrings.InvalidSmtpAddress(recipient.SmtpAddress));
}
SmtpAddress smtpAddress = new SmtpAddress(recipient.SmtpAddress);
ExternalUser externalUser = externalUserCollection.FindFederatedUserWithOriginalSmtpAddress(smtpAddress);
if (externalUser == null)
{
externalUser = externalUserCollection.AddFederatedUser(smtpAddress);
}
return(new SharedFolderDataRecipient
{
SmtpAddress = recipient.SmtpAddressForEncryption,
SharingKey = externalUser.ExternalId.ToString()
});
}
protected override PerformInvitationResults InternalPerformInvitation(MailboxSession mailboxSession, SharingContext context, ValidRecipient[] recipients, IFrontEndLocator frontEndLocator)
{
ExternalAuthentication current = ExternalAuthentication.GetCurrent();
if (!current.Enabled)
{
ExTraceGlobals.SharingTracer.TraceError <string>((long)this.GetHashCode(), "{0}: The organization is not federated for external sharing.", context.InitiatorSmtpAddress);
return(new PerformInvitationResults(new InvalidSharingRecipientsException(ValidRecipient.ConvertToStringArray(recipients), new OrganizationNotFederatedException())));
}
SharedFolderDataEncryption sharedFolderDataEncryption = new SharedFolderDataEncryption(current);
string text = StoreId.StoreIdToEwsId(mailboxSession.MailboxOwner.MailboxInfo.MailboxGuid, context.FolderId);
PerformInvitationResults result;
using (ExternalUserCollection externalUsers = mailboxSession.GetExternalUsers())
{
PerformInvitationResults performInvitationResults = null;
EncryptionResults encryptionResults = null;
Exception ex = null;
try
{
encryptionResults = sharedFolderDataEncryption.Encrypt(mailboxSession.MailboxOwner, mailboxSession.GetADRecipientSession(true, ConsistencyMode.IgnoreInvalid), externalUsers, recipients, context.InitiatorSmtpAddress, context.FolderClass, text, frontEndLocator);
}
catch (UserWithoutFederatedProxyAddressException ex2)
{
ex = ex2;
}
catch (InvalidFederatedOrganizationIdException ex3)
{
ex = ex3;
}
catch (StoragePermanentException ex4)
{
ex = ex4;
}
if (ex != null)
{
ExTraceGlobals.SharingTracer.TraceError <string, Exception>((long)this.GetHashCode(), "{0}: Error occurred when trying to encrypt. Exception = {1}", context.InitiatorSmtpAddress, ex);
result = new PerformInvitationResults(new InvalidSharingRecipientsException(ValidRecipient.ConvertToStringArray(recipients), ex));
}
else
{
if (encryptionResults.InvalidRecipients != null && encryptionResults.InvalidRecipients.Length > 0)
{
InvalidSharingRecipientsException exception = new InvalidSharingRecipientsException(encryptionResults.InvalidRecipients);
if (encryptionResults.InvalidRecipients.Length == recipients.Length)
{
return(new PerformInvitationResults(exception));
}
performInvitationResults = new PerformInvitationResults(recipients, exception);
recipients = performInvitationResults.SucceededRecipients;
}
else
{
performInvitationResults = new PerformInvitationResults(recipients);
}
PermissionLevel permissionLevel = this.GetPermissionLevel(context);
FreeBusyAccess? freeBusy = this.GetFreeBusy(context);
using (FolderPermissionContext current2 = FolderPermissionContext.GetCurrent(mailboxSession, context))
{
foreach (ValidRecipient validRecipient in recipients)
{
PermissionSecurityPrincipal principal = this.CreatePermissionSecurityPrincipal(validRecipient.SmtpAddress, externalUsers);
current2.AddOrChangePermission(principal, permissionLevel, freeBusy);
ExternalUser externalUser = externalUsers.FindReachUserWithOriginalSmtpAddress(new SmtpAddress(validRecipient.SmtpAddress));
if (externalUser != null)
{
current2.RemovePermission(new PermissionSecurityPrincipal(externalUser));
}
}
}
context.FolderEwsId = text;
context.EncryptedSharedFolderDataCollection = encryptionResults.EncryptedSharedFolderDataCollection;
result = performInvitationResults;
}
}
return(result);
}
private void ReadActionFromMetadataXml(SharingMessageAction action)
{
if (action != null)
{
this.context.IsPrimary = string.IsNullOrEmpty(action.Title);
if (!this.context.IsPrimary)
{
this.context.FolderName = action.Title;
}
foreach (SharingMessageProvider sharingMessageProvider in action.Providers)
{
string[] recipients = sharingMessageProvider.TargetRecipients.Split(new char[]
{
';'
});
SharingProvider sharingProvider = SharingProvider.FromExternalName(sharingMessageProvider.Type);
if (sharingProvider != null)
{
sharingProvider.ParseSharingMessageProvider(this.context, sharingMessageProvider);
this.context.AvailableSharingProviders.Add(sharingProvider, new CheckRecipientsResults(ValidRecipient.ConvertFromStringArray(recipients)));
}
}
}
}
