private ExternalAuthentication(ExternalAuthentication.ExternalAuthenticationFailureType failureType, ExternalAuthentication.ExternalAuthenticationSubFailureType subFailureType)
{
this.failureType = failureType;
this.subFailureType = subFailureType;
}
private ExternalAuthentication(Dictionary <ADObjectId, SecurityTokenService> securityTokenServices, TokenValidator tokenValidator, List <X509Certificate2> certificates, Uri applicationUri, ExternalAuthentication.ExternalAuthenticationFailureType failureType, ExternalAuthentication.ExternalAuthenticationSubFailureType subFailureType) : this(failureType, subFailureType)
{
this.securityTokenServices = securityTokenServices;
this.tokenValidator = tokenValidator;
this.certificates = certificates;
this.applicationUri = applicationUri;
}
private static ExternalAuthentication CreateExternalAuthentication()
{
ExternalAuthentication.InitializeNotificationsIfNeeded();
ExternalAuthentication.ConfigurationTracer.TraceDebug(0L, "Searching for federation trust configuration in AD");
WebProxy webProxy = null;
Server localServer = LocalServerCache.LocalServer;
Uri uri = null;
if (localServer != null && localServer.InternetWebProxy != null)
{
ExternalAuthentication.ConfigurationTracer.TraceDebug <Uri>(0L, "Using custom InternetWebProxy {0}.", localServer.InternetWebProxy);
uri = localServer.InternetWebProxy;
webProxy = new WebProxy(localServer.InternetWebProxy);
}
ExternalAuthentication.currentWebProxy = uri;
IEnumerable <FederationTrust> enumerable = null;
try
{
enumerable = FederationTrustCache.GetFederationTrusts();
}
catch (LocalizedException arg)
{
ExternalAuthentication.ConfigurationTracer.TraceError <LocalizedException>(0L, "Unable to get federation trust. Exception: {0}", arg);
return(new ExternalAuthentication(ExternalAuthentication.ExternalAuthenticationFailureType.ErrorReadingFederationTrust, ExternalAuthentication.ExternalAuthenticationSubFailureType.DirectoryReadError));
}
Uri uri2 = null;
List <X509Certificate2> list = new List <X509Certificate2>(4);
List <X509Certificate2> list2 = new List <X509Certificate2>(4);
Dictionary <ADObjectId, SecurityTokenService> dictionary = new Dictionary <ADObjectId, SecurityTokenService>(2);
ExternalAuthentication.ExternalAuthenticationFailureType externalAuthenticationFailureType = ExternalAuthentication.ExternalAuthenticationFailureType.NoFederationTrust;
ExternalAuthentication.ExternalAuthenticationSubFailureType externalAuthenticationSubFailureType = ExternalAuthentication.ExternalAuthenticationSubFailureType.NoFailure;
int num = 0;
bool flag = false;
if (enumerable != null)
{
foreach (FederationTrust federationTrust in enumerable)
{
num++;
ExternalAuthentication.FederationTrustResults federationTrustResults = ExternalAuthentication.TryCreateSecurityTokenService(federationTrust, webProxy);
if (federationTrustResults.FailureType == ExternalAuthentication.ExternalAuthenticationFailureType.NoFailure)
{
dictionary.Add(federationTrust.Id, federationTrustResults.SecurityTokenService);
list.AddRange(federationTrustResults.TokenSignatureCertificates);
list2.AddRange(federationTrustResults.TokenDecryptionCertificates);
if (uri2 == null)
{
uri2 = federationTrust.ApplicationUri;
ExternalAuthentication.ConfigurationTracer.TraceDebug <Uri>(0L, "Using {0} as applicationUri", uri2);
}
else if (!federationTrust.ApplicationUri.Equals(uri2))
{
ExternalAuthentication.ConfigurationTracer.TraceError <Uri>(0L, "Cannot have multiple FederationTrust with different ApplicationUri values: {0}. Uri will be ignored", federationTrust.ApplicationUri);
flag = true;
}
}
else
{
externalAuthenticationFailureType = federationTrustResults.FailureType;
externalAuthenticationSubFailureType = federationTrustResults.SubFailureType;
}
}
}
if (dictionary.Count == 0)
{
return(new ExternalAuthentication(externalAuthenticationFailureType, externalAuthenticationSubFailureType));
}
if (dictionary.Count != num)
{
ExternalAuthentication.ConfigurationTracer.TraceError <string, string>(0L, "Number of Security Token Service clients {0} does not match number of federation trusts {1}", dictionary.Count.ToString(), num.ToString());
}
TokenValidator tokenValidator = new TokenValidator(uri2, list, list2);
List <X509Certificate2> list3 = new List <X509Certificate2>(list.Count + list2.Count);
list3.AddRange(list);
list3.AddRange(list2);
if (flag)
{
return(new ExternalAuthentication(dictionary, tokenValidator, list3, uri2, ExternalAuthentication.ExternalAuthenticationFailureType.NoFailure, ExternalAuthentication.ExternalAuthenticationSubFailureType.WarningApplicationUriSkipped));
}
return(new ExternalAuthentication(dictionary, tokenValidator, list3, uri2));
}
