private static Guid GetTenantContextId(OrganizationId organizationId)
{
if (organizationId == OrganizationId.ForestWideOrgId)
{
return(Guid.Empty);
}
return(new Guid(organizationId.ToExternalDirectoryOrganizationId()));
}
public static ExchangeValidator Create(IConfigurationSession configSession, Func <RecipientIdParameter, IRecipientSession, ReducedRecipient> recipientGetter, Task.TaskErrorLoggingDelegate writeErrorDelegate, Action <LocalizedString> writeWarningDelegate, Func <LocalizedString, bool> shouldContinueDelegate, bool allowGroups, string logTag, SourceValidator.Clients client, int existingRecipientsCount, ExecutionLog logger)
{
ArgumentValidator.ThrowIfNull("configSession", configSession);
OrganizationId organizationId = configSession.GetOrgContainer().OrganizationId;
ADSessionSettings sessionSettings = ADSessionSettings.FromExternalDirectoryOrganizationId(new Guid(organizationId.ToExternalDirectoryOrganizationId()));
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 205, "Create", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\transport\\UnifiedPolicy\\Validators\\ExchangeValidator.cs");
int maxLimitFromConfig = SourceValidator.GetMaxLimitFromConfig("MaxRecipientsLimit", 1000, existingRecipientsCount);
return(new ExchangeValidator(tenantOrRootOrgRecipientSession, recipientGetter, writeErrorDelegate, writeWarningDelegate, shouldContinueDelegate, allowGroups, maxLimitFromConfig, logger, logTag, organizationId.ToExternalDirectoryOrganizationId(), client));
}
public static IAuthenticator Create(OrganizationId organizationId, ADObjectId executingUserId)
{
ArgumentValidator.ThrowIfNull("organizationId", organizationId);
ArgumentValidator.ThrowIfNull("executingUserId", executingUserId);
ADSessionSettings sessionSettings = ADSessionSettings.FromExternalDirectoryOrganizationId(new Guid(organizationId.ToExternalDirectoryOrganizationId()));
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 54, "Create", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\RecipientTasks\\EOPRecipient\\Authenticator.cs");
ADUser actAsUser = tenantOrRootOrgRecipientSession.FindADUserByObjectId(executingUserId);
OAuthCredentials oauthCredentialsForAppActAsToken = OAuthCredentials.GetOAuthCredentialsForAppActAsToken(organizationId, actAsUser, null);
return(new Authenticator(oauthCredentialsForAppActAsToken));
}
private static string GetACSToken(OrganizationId tenantID, IConfigurationSession dataSession, ExecutionLog logger, Task task)
{
string result = null;
LocalTokenIssuer localTokenIssuer = new LocalTokenIssuer(tenantID);
LocalConfiguration configuration = ConfigProvider.Instance.Configuration;
Uri uri = null;
string text = null;
string applicationId = configuration.ApplicationId;
string text2 = null;
foreach (PartnerApplication partnerApplication in configuration.PartnerApplications)
{
if (partnerApplication.Enabled && partnerApplication.Name.Contains("Intune"))
{
text2 = partnerApplication.ApplicationIdentifier;
break;
}
}
foreach (AuthServer authServer in configuration.AuthServers)
{
if (authServer.Enabled && authServer.Type == AuthServerType.MicrosoftACS)
{
text = authServer.IssuerIdentifier;
uri = new Uri(authServer.TokenIssuingEndpoint);
break;
}
}
if (localTokenIssuer.SigningCert == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No certificate found.", null);
}
if (text2 == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No partnerId found.", null);
}
if (uri == null)
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No authorizationEndpoint found.", null);
}
if (string.IsNullOrEmpty(text))
{
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, "No issuerIdentifier found.", null);
}
if (localTokenIssuer.SigningCert != null && text2 != null && uri != null && !string.IsNullOrEmpty(text))
{
string arg = applicationId;
string arg2 = text2;
string intuneResourceUrl = UnifiedPolicyConfiguration.GetInstance().GetIntuneResourceUrl(dataSession);
string arg3 = text;
string authority = uri.Authority;
string text3 = string.Format("{0}@{1}", arg, tenantID.ToExternalDirectoryOrganizationId());
string text4 = string.Format("{0}/{1}@{2}", arg3, authority, tenantID.ToExternalDirectoryOrganizationId());
string text5 = string.Format("{0}/{1}@{2}", arg2, intuneResourceUrl, tenantID.ToExternalDirectoryOrganizationId());
X509SigningCredentials x509SigningCredentials = new X509SigningCredentials(localTokenIssuer.SigningCert, "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "http://www.w3.org/2001/04/xmlenc#sha256");
JsonWebSecurityToken jsonWebSecurityToken = new JsonWebSecurityToken(text3, text4, DateTime.UtcNow, DateTime.UtcNow.AddMinutes(5.0), new List <JsonWebTokenClaim>(), x509SigningCredentials);
OAuth2AccessTokenRequest oauth2AccessTokenRequest = OAuth2MessageFactory.CreateAccessTokenRequestWithAssertion(jsonWebSecurityToken, text5);
OAuth2S2SClient oauth2S2SClient = new OAuth2S2SClient();
try
{
OAuth2AccessTokenResponse oauth2AccessTokenResponse = (OAuth2AccessTokenResponse)oauth2S2SClient.Issue(uri.AbsoluteUri, oauth2AccessTokenRequest);
if (oauth2AccessTokenResponse != null)
{
result = "Bearer " + oauth2AccessTokenResponse.AccessToken;
}
}
catch (RequestFailedException ex)
{
ex.ToString();
WebException ex2 = (WebException)ex.InnerException;
HttpWebResponse httpWebResponse = (HttpWebResponse)ex2.Response;
Stream responseStream = httpWebResponse.GetResponseStream();
Encoding encoding = Encoding.GetEncoding("utf-8");
string text6 = "Auth service call failed: ";
if (responseStream != null)
{
StreamReader streamReader = new StreamReader(responseStream, encoding);
char[] array = new char[256];
for (int k = streamReader.Read(array, 0, 256); k > 0; k = streamReader.Read(array, 0, 256))
{
text6 += new string(array, 0, k);
}
}
logger.LogOneEntry(task.GetType().Name, string.Empty, ExecutionLog.EventType.Error, text6, ex);
}
}
return(result);
}
public static bool TryGetDiscoveryEndPoint(OrganizationId orgId, string crossPremiseDomain, Func <OrganizationId, OrganizationIdCacheValue> getOrgIdCacheValue, Func <OrganizationIdCacheValue, string, IntraOrganizationConnector> getIntraOrganizationConnector, Func <OrganizationIdCacheValue, string, OrganizationRelationship> getOrganizationRelationShip, out Uri discoveryEndPoint, out EndPointDiscoveryInfo info)
{
discoveryEndPoint = null;
info = new EndPointDiscoveryInfo();
if (orgId == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, "orgId is null");
return(false);
}
if (string.IsNullOrEmpty(crossPremiseDomain))
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, "crossPremiseDomain is invalid");
return(false);
}
try
{
OrganizationIdCacheValue organizationIdCacheValue = null;
if (getOrgIdCacheValue == null)
{
organizationIdCacheValue = OrganizationIdCache.Singleton.Get(orgId);
}
else
{
organizationIdCacheValue = getOrgIdCacheValue(orgId);
}
IntraOrganizationConnector intraOrganizationConnector = null;
try
{
if (getIntraOrganizationConnector == null)
{
if (organizationIdCacheValue == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, string.Format("OrganizationIdCacheValue == null. OrgID=[{0}], domain=[{1}]. getOrgIdCacheValue is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrgIdCacheValue == null) ? string.Empty : " not"));
return(false);
}
intraOrganizationConnector = organizationIdCacheValue.GetIntraOrganizationConnector(crossPremiseDomain);
}
else
{
intraOrganizationConnector = getIntraOrganizationConnector(organizationIdCacheValue, crossPremiseDomain);
}
}
catch (Exception ex)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.IocException, ex.ToString());
}
if (intraOrganizationConnector == null)
{
string message = string.Format("IntraOrganizationConnector lookup for org [{0}], domain [{1}] found nothing. getIntraOrganizationConnector is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getIntraOrganizationConnector == null) ? string.Empty : " not");
info.AddInfo((info.Status == EndPointDiscoveryInfo.DiscoveryStatus.Success) ? EndPointDiscoveryInfo.DiscoveryStatus.IocNotFound : info.Status, message);
}
else
{
if (!(intraOrganizationConnector.DiscoveryEndpoint == null))
{
ExTraceGlobals.ServiceDiscoveryTracer.TraceDebug(0L, "IntraOrganizationConnector lookup for org [{0}], domain [{1}] found [{2}]. End point=[{3}].", new object[]
{
orgId.ToExternalDirectoryOrganizationId(),
crossPremiseDomain,
intraOrganizationConnector.Id,
intraOrganizationConnector.DiscoveryEndpoint
});
discoveryEndPoint = intraOrganizationConnector.DiscoveryEndpoint;
return(true);
}
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.IocNoUri, string.Format("IntraOrganizationConnector lookup for org [{0}], domain [{1}] found [{2}], but it doesn't have DiscoveryEndpoint set. getIntraOrganizationConnector is{3} null.", new object[]
{
orgId.ToExternalDirectoryOrganizationId(),
crossPremiseDomain,
intraOrganizationConnector.Id,
(getIntraOrganizationConnector == null) ? string.Empty : " not"
}));
}
OrganizationRelationship organizationRelationship;
if (getOrganizationRelationShip == null)
{
if (organizationIdCacheValue == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, string.Format("OrganizationIdCacheValue is null. OrgID=[{0}], domain=[{1}]. getOrgIdCacheValue is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrgIdCacheValue == null) ? string.Empty : " not"));
return(false);
}
organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(crossPremiseDomain);
}
else
{
organizationRelationship = getOrganizationRelationShip(organizationIdCacheValue, crossPremiseDomain);
}
if (organizationRelationship == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.OrNotFound, string.Format("Unable to find the org relationship for OrgID=[{0}], domain=[{1}]. getOrganizationRelationShip is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrganizationRelationShip == null) ? string.Empty : " not"));
return(false);
}
if (organizationRelationship.TargetAutodiscoverEpr == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.OrNoUri, string.Format("The TargetAutodiscoverEpr in org relationship is null for OrgID=[{0}], domain=[{1}]. getOrganizationRelationShip is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrganizationRelationShip == null) ? string.Empty : " not"));
return(false);
}
ExTraceGlobals.ServiceDiscoveryTracer.TraceDebug <string, string, Uri>(0L, "OrganizationRelationship lookup for org [{0}], domain [{1}] found end point: [{2}]", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, organizationRelationship.TargetAutodiscoverEpr);
discoveryEndPoint = organizationRelationship.TargetAutodiscoverEpr;
}
catch (Exception ex2)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, ex2.ToString());
return(false);
}
return(true);
}
private static SharepointValidator Create(IConfigurationSession configurationSession, ADObjectId executingUserId, Task.TaskErrorLoggingDelegate writeErrorDelegate, Action <LocalizedString> writeWarningDelegate, Func <LocalizedString, bool> shouldContinueDelegate, string logTag, SourceValidator.Clients client, int existingSitesCount, ExecutionLog logger)
{
ArgumentValidator.ThrowIfNull("configurationSession", configurationSession);
Uri uri = null;
Uri uri2 = null;
OrganizationId organizationId = configurationSession.GetOrgContainer().OrganizationId;
UnifiedPolicyConfiguration.GetInstance().GetTenantSharePointUrls(configurationSession, out uri, out uri2);
if (uri == null)
{
EventNotificationItem.Publish(ExchangeComponent.UnifiedComplianceSourceValidation.Name, "SharepointValidatorUnexpectedError", client.ToString(), string.Format("Tenant {0}, Error:{1}", organizationId.ToExternalDirectoryOrganizationId(), Strings.FailedToGetSpSiteUrlForTenant), ResultSeverityLevel.Error, false);
throw new SpValidatorException(Strings.FailedToGetSpSiteUrlForTenant);
}
ADUser actAsUser = null;
if (executingUserId != null)
{
ADSessionSettings sessionSettings = ADSessionSettings.FromExternalDirectoryOrganizationId(new Guid(organizationId.ToExternalDirectoryOrganizationId()));
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 520, "Create", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\transport\\UnifiedPolicy\\Validators\\SharepointValidator.cs");
actAsUser = tenantOrRootOrgRecipientSession.FindADUserByObjectId(executingUserId);
}
ICredentials credentials = UnifiedPolicyConfiguration.GetInstance().GetCredentials(configurationSession, actAsUser);
if (credentials == null)
{
EventNotificationItem.Publish(ExchangeComponent.UnifiedComplianceSourceValidation.Name, "SharepointValidatorUnexpectedError", client.ToString(), string.Format("Tenant {0}, Error:{1}", organizationId.ToExternalDirectoryOrganizationId(), Strings.FailedToGetCredentialsForTenant), ResultSeverityLevel.Error, false);
throw new SpValidatorException(Strings.FailedToGetCredentialsForTenant);
}
int maxLimitFromConfig = SourceValidator.GetMaxLimitFromConfig("MaxSitesLimit", 100, existingSitesCount);
return(new SharepointValidator(uri, credentials, executingUserId != null, writeErrorDelegate, writeWarningDelegate, shouldContinueDelegate, maxLimitFromConfig, logger, logTag, organizationId.ToExternalDirectoryOrganizationId(), client));
}
internal static IRecipientSession GetRecipientSession(IConfigurationSession configurationSession)
{
OrganizationId organizationId = configurationSession.GetOrgContainer().OrganizationId;
return(DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromExternalDirectoryOrganizationId(new Guid(organizationId.ToExternalDirectoryOrganizationId())), 803, "GetRecipientSession", "f:\\15.00.1497\\sources\\dev\\Management\\src\\Management\\transport\\UnifiedPolicy\\Utils.cs"));
}
// Token: 0x060005CB RID: 1483 RVA: 0x000202C4 File Offset: 0x0001E4C4
protected ADObjectId ResolveMailboxDatabase(ADRawEntry activeDirectoryRawEntry)
{
if (activeDirectoryRawEntry == null)
{
throw new ArgumentNullException("activeDirectoryRawEntry");
}
SmtpProxyAddress smtpProxyAddress = (SmtpProxyAddress)activeDirectoryRawEntry[ADRecipientSchema.ExternalEmailAddress];
if (smtpProxyAddress != null)
{
OrganizationId organizationId = (OrganizationId)activeDirectoryRawEntry[ADObjectSchema.OrganizationId];
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
SmtpAddress smtpAddress = (SmtpAddress)smtpProxyAddress;
if (!smtpAddress.IsValidAddress)
{
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: ExternalEmailAddress configured is invalid.");
}
}
else
{
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(((SmtpAddress)smtpProxyAddress).Domain);
if (organizationRelationship != null && organizationRelationship.TargetOwaURL != null)
{
string absoluteUri = organizationRelationship.TargetOwaURL.AbsoluteUri;
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: Stop processing and redirect to {0}.", absoluteUri);
}
base.Logger.AppendGenericInfo("ExternalRedir", absoluteUri);
throw new HttpException(302, this.GetCrossPremiseRedirectUrl(smtpAddress.Domain, organizationId.ToExternalDirectoryOrganizationId(), smtpProxyAddress.SmtpAddress));
}
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: Unable to find OrganizationRelationShip or its TargetOwaUrl is not configured.");
}
base.Logger.AppendGenericInfo("ExternalRedir", "Org-Relationship or targetOwaUrl not found.");
}
}
return(null);
}
public string ToExternalDirectoryOrganizationId(OrganizationId orgId)
{
return(orgId.ToExternalDirectoryOrganizationId());
}
