public List <string> Execute() { IExtensibleLogger logger = MailboxAssociationDiagnosticsFrameFactory.Default.CreateLogger(this.groupSession.MailboxGuid, this.groupSession.OrganizationId); IMailboxAssociationPerformanceTracker performanceTracker = MailboxAssociationDiagnosticsFrameFactory.Default.CreatePerformanceTracker(null); List <string> result; using (MailboxAssociationDiagnosticsFrameFactory.Default.CreateDiagnosticsFrame("XSO", "PinnersGetter", logger, performanceTracker)) { StoreBuilder storeBuilder = new StoreBuilder(this.groupSession, XSOFactory.Default, logger, this.groupSession.ClientInfoString); using (IAssociationStore associationStore = storeBuilder.Create(this.group, performanceTracker)) { IEnumerable <IPropertyBag> associationsByType = associationStore.GetAssociationsByType("IPM.MailboxAssociation.User", MailboxAssociationBaseSchema.IsPin, PinnersGetter.PinnerProperties); List <string> list = new List <string>(); foreach (IPropertyBag propertyBag in associationsByType) { string text = propertyBag[MailboxAssociationBaseSchema.LegacyDN] as string; if (text != null) { list.Add(text); } else { PinnersGetter.Tracer.TraceError <string>((long)this.GetHashCode(), "PinnersGetter.Execute: Missing LegacyDn for item with Id {0}.", propertyBag[ItemSchema.Id].ToString()); } } result = list; } } return(result); }
private bool IsGroupMemberInMailboxAssociation() { IExtensibleLogger logger = MailboxAssociationDiagnosticsFrameFactory.Default.CreateLogger(this.groupMailboxToLogon.MailboxInfo.MailboxGuid, this.organizationId); IMailboxAssociationPerformanceTracker performanceTracker = MailboxAssociationDiagnosticsFrameFactory.Default.CreatePerformanceTracker(null); bool result; using (MailboxAssociationDiagnosticsFrameFactory.Default.CreateDiagnosticsFrame("XSO", "CheckMembership", logger, performanceTracker)) { try { using (MailboxSession mailboxSession = MailboxSession.OpenAsAdmin(this.groupMailboxToLogon, CultureInfo.InvariantCulture, this.clientInfoString)) { using (IAssociationStore associationStore = this.GetAssociationStore(mailboxSession, performanceTracker)) { using (IMailboxAssociationUser memberAssociationInformation = this.GetMemberAssociationInformation(associationStore)) { result = (memberAssociationInformation != null && (bool)memberAssociationInformation[MailboxAssociationBaseSchema.IsMember]); } } } } catch (AssociationNotFoundException) { GroupMailboxAuthorizationHandler.Tracer.TraceDebug <string, string>((long)this.GetHashCode(), "MemberRetrieval: Unable to make IsMember() check for the user {0} on the mailbox {1}", this.accessingUserInfo.Identity, this.groupMailboxToLogon.MailboxInfo.DisplayName); result = false; } catch (LocalizedException) { GroupMailboxAuthorizationHandler.Tracer.TraceDebug <string, string>((long)this.GetHashCode(), "MemberRetrieval: Unable to make IsMember() check for the user {0} on the mailbox {1}", this.accessingUserInfo.Identity, this.groupMailboxToLogon.MailboxInfo.DisplayName); result = false; } } return(result); }
public List <string> Execute() { IExtensibleLogger logger = GroupEscalationGetterDiagnosticsFrameFactory.Default.CreateLogger(this.groupSession.MailboxGuid, this.groupSession.OrganizationId); IMailboxAssociationPerformanceTracker mailboxAssociationPerformanceTracker = GroupEscalationGetterDiagnosticsFrameFactory.Default.CreatePerformanceTracker(null); List <string> result; using (GroupEscalationGetterDiagnosticsFrameFactory.Default.CreateDiagnosticsFrame("XSO", "EscalationGetter", logger, mailboxAssociationPerformanceTracker)) { StoreBuilder storeBuilder = new StoreBuilder(this.groupSession, XSOFactory.Default, logger, this.groupSession.ClientInfoString); using (IAssociationStore associationStore = storeBuilder.Create(this.group, mailboxAssociationPerformanceTracker)) { IEnumerable <IPropertyBag> associationsByType = associationStore.GetAssociationsByType("IPM.MailboxAssociation.User", MailboxAssociationBaseSchema.ShouldEscalate, EscalationGetter.EscalateProperties); List <string> list = new List <string>(); foreach (IPropertyBag propertyBag in associationsByType) { string text = propertyBag[MailboxAssociationBaseSchema.LegacyDN] as string; if (text != null) { list.Add(text); } else { EscalationGetter.Tracer.TraceError <string>((long)this.GetHashCode(), "EscalationGetter.Execute: Missing LegacyDn for item with Id {0}.", propertyBag[ItemSchema.Id].ToString()); } bool valueOrDefault = associationStore.GetValueOrDefault <bool>(propertyBag, MailboxAssociationBaseSchema.IsAutoSubscribed, false); if (valueOrDefault) { mailboxAssociationPerformanceTracker.IncrementAutoSubscribedMembers(); } } result = list; } } return(result); }
internal GroupMailbox GetGroupMailbox(GroupMailboxLocator group, UserMailboxLocator user, bool loadAllDetails = false) { GroupMailbox mailbox; using (IAssociationStore associationStore = this.storeProviderBuilder.Create(group, this.PerformanceTracker)) { UserAssociationAdaptor userAssociationAdaptor = new UserAssociationAdaptor(associationStore, this.adSession, group); MailboxAssociation association = userAssociationAdaptor.GetAssociation(user); GroupMailboxBuilder groupMailboxBuilder = new GroupMailboxBuilder(group); groupMailboxBuilder.BuildFromAssociation(association); if (loadAllDetails) { ADUser aduser = group.FindAdUser(); if (aduser == null) { GroupMailboxAccessLayer.Tracer.TraceWarning <string>((long)this.GetHashCode(), "GroupMailboxAccessLayer::GetGroupMailbox. Unable to find group. LegacyDN={0}", group.LegacyDn); throw new MailboxNotFoundException(ServerStrings.ADUserNotFoundId(group.LegacyDn)); } GroupMailboxAccessLayer.Tracer.TraceDebug <string, bool, string>((long)this.GetHashCode(), "GroupMailboxAccessLayer::GetGroupMailbox. Found ADUser for group. LegacyDN={0}, IsCached={1}, OriginatingServer={2}", group.LegacyDn, aduser.IsCached, aduser.OriginatingServer); groupMailboxBuilder.BuildFromDirectory(aduser); } mailbox = groupMailboxBuilder.Mailbox; } return(mailbox); }
public void ReplicateQueuedAssociations() { QueuedInProcessAssociationReplicator.Tracer.TraceDebug((long)this.GetHashCode(), "MailboxTaskProcessor.ReplicateQueuedAssociations: Processing associations."); ADUser mailboxAdUser = this.mailbox.FindAdUser(); IDiagnosticsFrameFactory <IExtensibleLogger, IMailboxAssociationPerformanceTracker> diagnosticsFrameFactory = this.diagnosticsFrameFactoryCreator(); IMailboxAssociationPerformanceTracker performanceTracker = diagnosticsFrameFactory.CreatePerformanceTracker(null); IExtensibleLogger logger = diagnosticsFrameFactory.CreateLogger(mailboxAdUser.ExchangeGuid, mailboxAdUser.OrganizationId); IAssociationReplicator replicator = this.immediateReplicatorCreator(logger, performanceTracker); using (MailboxAssociationDiagnosticsFrameFactory.Default.CreateDiagnosticsFrame("QueuedInProcessAssociationReplicator", "ReplicateAssociations", logger, performanceTracker)) { bool inProcessReplicationSucceeded = true; GroupMailboxAccessLayerHelper.ExecuteOperationWithRetry(logger, "QueuedInProcessAssociationReplicator.ReplicateAssociations", delegate { IStoreBuilder storeBuilder = this.storeBuilderCreator(logger, this.clientInfoString); using (IAssociationStore associationStore = storeBuilder.Create(this.mailbox, performanceTracker)) { QueuedInProcessAssociationReplicator.Tracer.TraceDebug <string>((long)this.GetHashCode(), "QueuedInProcessAssociationReplicator.ReplicateAssociationsImplementation: Created store provider. Mailbox={0}.", mailboxAdUser.ExternalDirectoryObjectId); UserAssociationAdaptor masterAdaptor = new UserAssociationAdaptor(associationStore, this.adSession, this.mailbox); while (this.pendingAssociations.Count > 0) { MailboxAssociation association = this.pendingAssociations.Dequeue(); inProcessReplicationSucceeded &= this.ReplicateSingleAssociation(replicator, masterAdaptor, association); } if (!inProcessReplicationSucceeded) { IReplicationAssistantInvoker replicationAssistantInvoker = this.replicationAssistantInvokerCreator(logger, this.replicationServerFqdn); replicationAssistantInvoker.Invoke("QueuedInProcessAssociationReplicatorRpcReplication", masterAdaptor, new MailboxAssociation[0]); } } }, new Predicate <Exception>(GrayException.IsGrayException)); } QueuedInProcessAssociationReplicator.Tracer.TraceDebug((long)this.GetHashCode(), "MailboxTaskProcessor.SendNotificationImplementation: Task completed."); }
/// <summary> /// Initializes a new instance of the SigningBindingElement class for use by a Provider. /// </summary> /// <param name="associationStore">The association store used to look up the secrets needed for signing.</param> /// <param name="securitySettings">The security settings.</param> internal SigningBindingElement(IAssociationStore<AssociationRelyingPartyType> associationStore, ProviderSecuritySettings securitySettings) { Contract.Requires<ArgumentNullException>(associationStore != null); Contract.Requires<ArgumentNullException>(securitySettings != null); this.opAssociations = associationStore; this.opSecuritySettings = securitySettings; }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdChannel"/> class /// for use by a Relying Party. /// </summary> /// <param name="associationStore">The association store to use.</param> /// <param name="nonceStore">The nonce store to use.</param> /// <param name="messageTypeProvider">An object that knows how to distinguish the various OpenID message types for deserialization purposes.</param> /// <param name="securitySettings">The security settings to apply.</param> /// <param name="nonVerifying">A value indicating whether the channel is set up with no functional security binding elements.</param> private OpenIdChannel(IAssociationStore <Uri> associationStore, INonceStore nonceStore, IMessageFactory messageTypeProvider, RelyingPartySecuritySettings securitySettings, bool nonVerifying) : this(messageTypeProvider, InitializeBindingElements(associationStore, nonceStore, securitySettings, nonVerifying)) { Contract.Requires <ArgumentNullException>(messageTypeProvider != null); Contract.Requires <ArgumentNullException>(securitySettings != null); Contract.Requires <ArgumentException>(!nonVerifying || securitySettings is RelyingPartySecuritySettings); }
/// <summary> /// Initializes a new instance of the <see cref="PrivateSecretManager"/> class. /// </summary> /// <param name="securitySettings">The security settings.</param> /// <param name="store">The association store.</param> internal PrivateSecretManager(RelyingPartySecuritySettings securitySettings, IAssociationStore<Uri> store) { Contract.Requires<ArgumentNullException>(securitySettings != null); Contract.Requires<ArgumentNullException>(store != null); this.securitySettings = securitySettings; this.store = store; }
/// <summary> /// Creates a Provider's response to an incoming association request. /// </summary> /// <param name="associationStore">The association store where a new association (if created) will be stored. Must not be null.</param> /// <param name="securitySettings">The security settings on the Provider.</param> /// <returns> /// The appropriate association response that is ready to be sent back to the Relying Party. /// </returns> /// <remarks> /// <para>If an association is created, it will be automatically be added to the provided /// association store.</para> /// <para>Successful association response messages will derive from <see cref="AssociateSuccessfulResponse"/>. /// Failed association response messages will derive from <see cref="AssociateUnsuccessfulResponse"/>.</para> /// </remarks> internal IProtocolMessage CreateResponse(IAssociationStore <AssociationRelyingPartyType> associationStore, ProviderSecuritySettings securitySettings) { Contract.Requires <ArgumentNullException>(associationStore != null); Contract.Requires <ArgumentNullException>(securitySettings != null); IProtocolMessage response; if (securitySettings.IsAssociationInPermittedRange(Protocol, this.AssociationType) && HmacShaAssociation.IsDHSessionCompatible(Protocol, this.AssociationType, this.SessionType)) { response = this.CreateResponseCore(); // Create and store the association if this is a successful response. var successResponse = response as AssociateSuccessfulResponse; if (successResponse != null) { Association association = successResponse.CreateAssociation(this, securitySettings); associationStore.StoreAssociation(AssociationRelyingPartyType.Smart, association); } } else { response = this.CreateUnsuccessfulResponse(securitySettings); } return(response); }
/// <summary> /// Initializes a new instance of the <see cref="PrivateSecretManager"/> class. /// </summary> /// <param name="securitySettings">The security settings.</param> /// <param name="store">The association store.</param> internal PrivateSecretManager(RelyingPartySecuritySettings securitySettings, IAssociationStore <Uri> store) { ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); ErrorUtilities.VerifyArgumentNotNull(store, "store"); this.securitySettings = securitySettings; this.store = store; }
/// <summary> /// Initializes a new instance of the <see cref="AssociationManager"/> class. /// </summary> /// <param name="channel">The channel the relying party is using.</param> /// <param name="associationStore">The association store. May be null for dumb mode relying parties.</param> /// <param name="securitySettings">The security settings.</param> internal AssociationManager(Channel channel, IAssociationStore<Uri> associationStore, RelyingPartySecuritySettings securitySettings) { Contract.Requires<ArgumentNullException>(channel != null); Contract.Requires<ArgumentNullException>(securitySettings != null); this.channel = channel; this.associationStore = associationStore; this.securitySettings = securitySettings; }
/// <summary> /// Initializes a new instance of the SigningBindingElement class for use by a Provider. /// </summary> /// <param name="associationStore">The association store used to look up the secrets needed for signing.</param> /// <param name="securitySettings">The security settings.</param> internal SigningBindingElement(IAssociationStore<AssociationRelyingPartyType> associationStore, ProviderSecuritySettings securitySettings) { ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore"); ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); this.opAssociations = associationStore; this.opSecuritySettings = securitySettings; }
private IEnumerable <UserMailbox> GetEscalatedMembersInternal(IAssociationStore storeProvider, GroupMailboxLocator group, bool loadAllDetails = false) { UserAssociationAdaptor adaptor = new UserAssociationAdaptor(storeProvider, this.adSession, group); GetEscalatedAssociations getEscalatedAssociations = new GetEscalatedAssociations(adaptor); IEnumerable <MailboxAssociation> associations = getEscalatedAssociations.Execute(null); return(this.mailboxCollectionBuilder.BuildUserMailboxes(group, associations, loadAllDetails)); }
/// <summary> /// Initializes a new instance of the <see cref="PrivateSecretManager"/> class. /// </summary> /// <param name="securitySettings">The security settings.</param> /// <param name="store">The association store.</param> internal PrivateSecretManager(RelyingPartySecuritySettings securitySettings, IAssociationStore <Uri> store) { Contract.Requires <ArgumentNullException>(securitySettings != null); Contract.Requires <ArgumentNullException>(store != null); this.securitySettings = securitySettings; this.store = store; }
/// <summary> /// Initializes a new instance of the SigningBindingElement class for use by a Provider. /// </summary> /// <param name="associationStore">The association store used to look up the secrets needed for signing.</param> /// <param name="securitySettings">The security settings.</param> internal SigningBindingElement(IAssociationStore <AssociationRelyingPartyType> associationStore, ProviderSecuritySettings securitySettings) { Contract.Requires <ArgumentNullException>(associationStore != null); Contract.Requires <ArgumentNullException>(securitySettings != null); this.opAssociations = associationStore; this.opSecuritySettings = securitySettings; }
/// <summary> /// Initializes a new instance of the <see cref="PrivateSecretManager"/> class. /// </summary> /// <param name="securitySettings">The security settings.</param> /// <param name="store">The association store.</param> internal PrivateSecretManager(RelyingPartySecuritySettings securitySettings, IAssociationStore<Uri> store) { ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); ErrorUtilities.VerifyArgumentNotNull(store, "store"); this.securitySettings = securitySettings; this.store = store; }
/// <summary> /// Initializes a new instance of the SigningBindingElement class for use by a Provider. /// </summary> /// <param name="associationStore">The association store used to look up the secrets needed for signing.</param> /// <param name="securitySettings">The security settings.</param> internal SigningBindingElement(IAssociationStore <AssociationRelyingPartyType> associationStore, ProviderSecuritySettings securitySettings) { ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore"); ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); this.opAssociations = associationStore; this.opSecuritySettings = securitySettings; }
/// <summary> /// Initializes a new instance of the <see cref="AssociationManager"/> class. /// </summary> /// <param name="channel">The channel the relying party is using.</param> /// <param name="associationStore">The association store. May be null for dumb mode relying parties.</param> /// <param name="securitySettings">The security settings.</param> internal AssociationManager(Channel channel, IAssociationStore <Uri> associationStore, RelyingPartySecuritySettings securitySettings) { ErrorUtilities.VerifyArgumentNotNull(channel, "channel"); ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); this.channel = channel; this.associationStore = associationStore; this.securitySettings = securitySettings; }
/// <summary> /// Initializes a new instance of the <see cref="AssociationManager"/> class. /// </summary> /// <param name="channel">The channel the relying party is using.</param> /// <param name="associationStore">The association store. May be null for dumb mode relying parties.</param> /// <param name="securitySettings">The security settings.</param> internal AssociationManager(Channel channel, IAssociationStore<Uri> associationStore, RelyingPartySecuritySettings securitySettings) { ErrorUtilities.VerifyArgumentNotNull(channel, "channel"); ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); this.channel = channel; this.associationStore = associationStore; this.securitySettings = securitySettings; }
public BaseAssociationAdaptor(IAssociationStore associationStore, IRecipientSession adSession, MailboxLocator masterMailboxLocator) { ArgumentValidator.ThrowIfNull("associationStore", associationStore); ArgumentValidator.ThrowIfNull("adSession", adSession); ArgumentValidator.ThrowIfNull("masterMailboxLocator", masterMailboxLocator); this.associationStore = associationStore; this.adSession = adSession; this.masterMailboxLocator = masterMailboxLocator; }
/// <summary> /// Initializes a new instance of the <see cref="AssociationManager"/> class. /// </summary> /// <param name="channel">The channel the relying party is using.</param> /// <param name="associationStore">The association store. May be null for dumb mode relying parties.</param> /// <param name="securitySettings">The security settings.</param> internal AssociationManager(Channel channel, IAssociationStore <Uri> associationStore, RelyingPartySecuritySettings securitySettings) { Contract.Requires <ArgumentNullException>(channel != null); Contract.Requires <ArgumentNullException>(securitySettings != null); this.channel = channel; this.associationStore = associationStore; this.securitySettings = securitySettings; }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdProvider"/> class. /// </summary> /// <param name="associationStore">The association store to use. Cannot be null.</param> /// <param name="nonceStore">The nonce store to use. Cannot be null.</param> private OpenIdProvider(IAssociationStore <AssociationRelyingPartyType> associationStore, INonceStore nonceStore) { ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore"); ErrorUtilities.VerifyArgumentNotNull(nonceStore, "nonceStore"); this.AssociationStore = associationStore; this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings(); this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings); }
public IEnumerable <UserMailbox> GetEscalatedMembers(GroupMailboxLocator group, bool loadAllDetails = false) { using (IAssociationStore storeProvider = this.storeProviderBuilder.Create(group, this.PerformanceTracker)) { foreach (UserMailbox mailbox in this.GetEscalatedMembersInternal(storeProvider, group, loadAllDetails)) { yield return(mailbox); } } yield break; }
public void SetGroupPinState(UserMailboxLocator user, GroupMailboxLocator group, bool isPinned, bool isModernGroupsNewArchitecture) { using (IAssociationStore associationStore = this.storeProviderBuilder.Create(user, this.PerformanceTracker)) { this.LogCommandExecution(isPinned ? "PinGroup" : "UnpinGroup", group, new UserMailboxLocator[] { user }); GroupAssociationAdaptor masterAdaptor = new GroupAssociationAdaptor(associationStore, this.adSession, user); SetGroupPinState setGroupPinState = new SetGroupPinState(this.Logger, null, isPinned, masterAdaptor, group, this.PerformanceTracker, isModernGroupsNewArchitecture); setGroupPinState.Execute(); } }
public void SetLastVisitedDate(UserMailboxLocator user, GroupMailboxLocator group, ExDateTime lastVisitedDate) { using (IAssociationStore associationStore = this.storeProviderBuilder.Create(group, this.PerformanceTracker)) { this.LogCommandExecution("SetLastVisitedDate", group, new UserMailboxLocator[] { user }); UserAssociationAdaptor masterAdaptor = new UserAssociationAdaptor(associationStore, this.adSession, group); SetLastVisitedDate setLastVisitedDate = new SetLastVisitedDate(this.Logger, lastVisitedDate, masterAdaptor, user); setLastVisitedDate.Execute(); } }
public void SetEscalate(UserMailboxLocator user, GroupMailboxLocator group, bool shouldEscalate, SmtpAddress userSmtpAddress, int maxNumberOfSubscribers = 400) { using (IAssociationStore associationStore = this.storeProviderBuilder.Create(group, this.PerformanceTracker)) { this.LogCommandExecution("SetEscalate", group, new UserMailboxLocator[] { user }); UserAssociationAdaptor masterAdaptor = new UserAssociationAdaptor(associationStore, this.adSession, group); SetEscalate setEscalate = new SetEscalate(this.Logger, shouldEscalate, userSmtpAddress, masterAdaptor, user, maxNumberOfSubscribers); setEscalate.Execute(); } }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdProvider"/> class. /// </summary> /// <param name="associationStore">The association store to use. Cannot be null.</param> /// <param name="nonceStore">The nonce store to use. Cannot be null.</param> private OpenIdProvider(IAssociationStore<AssociationRelyingPartyType> associationStore, INonceStore nonceStore) { Contract.Requires(associationStore != null); Contract.Requires(nonceStore != null); Contract.Ensures(this.AssociationStore == associationStore); Contract.Ensures(this.SecuritySettings != null); Contract.Ensures(this.Channel != null); ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore"); ErrorUtilities.VerifyArgumentNotNull(nonceStore, "nonceStore"); this.AssociationStore = associationStore; this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings(); this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings); }
private void ReplicateOutOfSyncAssociation(Func <IAssociationStore, IAssociationAdaptor> associationAdaptorCreator, IMailboxLocator masterLocator, params IMailboxLocator[] slaveLocators) { ArgumentValidator.ThrowIfNull("masterLocator", masterLocator); ArgumentValidator.ThrowIfNull("slaveLocators", slaveLocators); ArgumentValidator.ThrowIfZeroOrNegative("slaveLocators.Length", slaveLocators.Length); GroupMailboxAccessLayer.Tracer.TraceDebug <IMailboxLocator, int>((long)this.GetHashCode(), "GroupMailboxAccessLayer::ReplicateOutOfSyncAssociation. Replicating data from mailbox: {0}. Number of out of sync mailboxes: {1}", masterLocator, slaveLocators.Length); using (IAssociationStore associationStore = this.storeProviderBuilder.Create(masterLocator, this.PerformanceTracker)) { IAssociationAdaptor associationAdaptor = associationAdaptorCreator(associationStore); InProcessAssociationReplicator replicator = new InProcessAssociationReplicator(this.Logger, this.PerformanceTracker, OpenAsAdminOrSystemServiceBudgetTypeType.RunAsBackgroundLoad); ICollection <MailboxAssociation> associations = slaveLocators.Select(new Func <IMailboxLocator, MailboxAssociation>(associationAdaptor.GetAssociation)); this.ReplicateAssociations(replicator, associationAdaptor, associations); } }
public IEnumerable <UserMailbox> GetMembers(GroupMailboxLocator group, IEnumerable <UserMailboxLocator> users, bool loadAllDetails = false) { using (IAssociationStore storeProvider = this.storeProviderBuilder.Create(group, this.PerformanceTracker)) { UserAssociationAdaptor adaptor = new UserAssociationAdaptor(storeProvider, this.adSession, group); IEnumerable <UserMailbox> mailboxes = this.mailboxCollectionBuilder.BuildUserMailboxes(group, from u in users select new GetMemberAssociation(adaptor, u).Execute(), loadAllDetails); foreach (UserMailbox mailbox in mailboxes) { yield return(mailbox); } } yield break; }
public IEnumerable <GroupMailbox> GetPinnedGroups(UserMailboxLocator user, bool loadAllDetails = false) { using (IAssociationStore storeProvider = this.storeProviderBuilder.Create(user, this.PerformanceTracker)) { GroupAssociationAdaptor adaptor = new GroupAssociationAdaptor(storeProvider, this.adSession, user); GetPinAssociations command = new GetPinAssociations(adaptor); IEnumerable <MailboxAssociation> pinAssociations = command.Execute(null); IEnumerable <GroupMailbox> mailboxes = this.mailboxCollectionBuilder.BuildGroupMailboxes(pinAssociations, loadAllDetails); foreach (GroupMailbox mailbox in mailboxes) { yield return(mailbox); } } yield break; }
public UserMailbox GetMember(GroupMailboxLocator group, UserMailboxLocator user, bool loadAllDetails = false) { UserMailbox result; using (IAssociationStore associationStore = this.storeProviderBuilder.Create(group, this.PerformanceTracker)) { UserAssociationAdaptor adaptor = new UserAssociationAdaptor(associationStore, this.adSession, group); GetMemberAssociation getMemberAssociation = new GetMemberAssociation(adaptor, user); MailboxAssociation item = getMemberAssociation.Execute(); result = this.mailboxCollectionBuilder.BuildUserMailboxes(group, new List <MailboxAssociation>(1) { item }, loadAllDetails).FirstOrDefault <UserMailbox>(); } return(result); }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdProvider"/> class. /// </summary> /// <param name="associationStore">The association store to use. Cannot be null.</param> /// <param name="nonceStore">The nonce store to use. Cannot be null.</param> private OpenIdProvider(IAssociationStore<AssociationRelyingPartyType> associationStore, INonceStore nonceStore) { Contract.Requires<ArgumentNullException>(associationStore != null); Contract.Requires<ArgumentNullException>(nonceStore != null); Contract.Ensures(this.AssociationStore == associationStore); Contract.Ensures(this.SecuritySettings != null); Contract.Ensures(this.Channel != null); this.AssociationStore = associationStore; this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings(); this.behaviors.CollectionChanged += this.OnBehaviorsChanged; foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.Provider.Behaviors.CreateInstances(false)) { this.behaviors.Add(behavior); } this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings); Reporting.RecordFeatureAndDependencyUse(this, associationStore, nonceStore); }
public void SetMembershipState(ADRecipient joinedBy, UserMailboxLocator[] joiningUsers, UserMailboxLocator[] departingUsers, GroupMailboxLocator group) { string joinedBy2 = string.Empty; if (joinedBy != null) { joinedBy2 = ((SmtpAddress)joinedBy[ADRecipientSchema.PrimarySmtpAddress]).ToString(); } using (IAssociationStore associationStore = this.storeProviderBuilder.Create(group, this.PerformanceTracker)) { ADUser groupMailbox = group.FindAdUser(); WelcomeToGroupMessageTemplate messageComposerBuilder = new WelcomeToGroupMessageTemplate(groupMailbox, associationStore.MailboxOwner, joinedBy); EmailNotificationHandler joinNotificationHandler = new EmailNotificationHandler(groupMailbox, associationStore.MailboxOwner, this.clientString, messageComposerBuilder); QueuedInProcessAssociationReplicator associationReplicator = new QueuedInProcessAssociationReplicator(group, this.adSession, associationStore.ServerFullyQualifiedDomainName, this.clientString); try { UserAssociationAdaptor userAssociationAdaptor = new UserAssociationAdaptor(associationStore, this.adSession, group); if (departingUsers != null && departingUsers.Length > 0) { this.LogCommandExecution("LeaveGroup", group, departingUsers); SetUserMembershipState setUserMembershipState = new SetUserMembershipState(this.Logger, associationReplicator, false, joinedBy2, userAssociationAdaptor, this.adSession, departingUsers); setUserMembershipState.Execute(); } if (joiningUsers != null && joiningUsers.Length > 0) { this.LogCommandExecution("JoinGroup", group, joiningUsers); userAssociationAdaptor.OnAfterJoin += joinNotificationHandler.AddNotificationRecipient; SetUserMembershipState setUserMembershipState2 = new SetUserMembershipState(this.Logger, associationReplicator, true, joinedBy2, userAssociationAdaptor, this.adSession, joiningUsers); setUserMembershipState2.Execute(); userAssociationAdaptor.OnAfterJoin -= joinNotificationHandler.AddNotificationRecipient; } } finally { Task.Run(delegate() { associationReplicator.ReplicateQueuedAssociations(); }).ContinueWith(delegate(Task t) { joinNotificationHandler.SendNotification(); }); } } }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdProvider"/> class. /// </summary> /// <param name="associationStore">The association store to use. Cannot be null.</param> /// <param name="nonceStore">The nonce store to use. Cannot be null.</param> private OpenIdProvider(IAssociationStore<AssociationRelyingPartyType> associationStore, INonceStore nonceStore) { Contract.Requires(associationStore != null); Contract.Requires(nonceStore != null); Contract.Ensures(this.AssociationStore == associationStore); Contract.Ensures(this.SecuritySettings != null); Contract.Ensures(this.Channel != null); ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore"); ErrorUtilities.VerifyArgumentNotNull(nonceStore, "nonceStore"); this.AssociationStore = associationStore; this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings(); this.behaviors.CollectionChanged += this.OnBehaviorsChanged; foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.Provider.Behaviors.CreateInstances(false)) { this.behaviors.Add(behavior); } this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings); }
public void UpdateSlaveDataFromMailboxAssociation(MasterMailboxType masterMailboxData, MailboxAssociationType associationType) { GroupMailboxAccessLayer.Tracer.TraceDebug <MasterMailboxType, MailboxAssociationType>((long)this.GetHashCode(), "GroupMailboxAccessLayer::UpdateSlaveDataFromMailboxAssociation. Replicating data from mailbox: {0}. Association data: {1}", masterMailboxData, associationType); if (masterMailboxData.MailboxType != UserMailboxLocator.MailboxLocatorType && masterMailboxData.MailboxType != GroupMailboxLocator.MailboxLocatorType) { throw new InvalidOperationException("UpdateSlaveDataFromMailboxAssociation: Invalid MasterMailboxType"); } MailboxAssociation mailboxAssociation = EwsAssociationDataConverter.Convert(associationType, this.adSession); IMailboxLocator mailboxLocator; if (!(masterMailboxData.MailboxType == GroupMailboxLocator.MailboxLocatorType)) { IMailboxLocator group = mailboxAssociation.Group; mailboxLocator = group; } else { mailboxLocator = mailboxAssociation.User; } IMailboxLocator targetMailbox = mailboxLocator; using (IAssociationStore associationStore = this.storeProviderBuilder.Create(targetMailbox, this.PerformanceTracker)) { this.LogCommandExecution("UpdateSlaveDataFromMailboxAssociation", mailboxAssociation.Group, new UserMailboxLocator[] { mailboxAssociation.User }); BaseAssociationAdaptor baseAssociationAdaptor = (masterMailboxData.MailboxType == GroupMailboxLocator.MailboxLocatorType) ? new GroupAssociationAdaptor(associationStore, this.adSession, mailboxAssociation.User) : new UserAssociationAdaptor(associationStore, this.adSession, mailboxAssociation.Group); baseAssociationAdaptor.UseAlternateLocatorLookup = true; baseAssociationAdaptor.MasterMailboxData = masterMailboxData; baseAssociationAdaptor.ReplicateAssociation(mailboxAssociation); if (masterMailboxData.MailboxType == GroupMailboxLocator.MailboxLocatorType && mailboxAssociation.IsMember) { TimeSpan latency = ExDateTime.UtcNow - mailboxAssociation.JoinDate; this.LogPerformanceCounter(MailboxAssociationLogSchema.PerformanceCounterName.JoinGroupAssociationReplication, latency, "Group={0}, User={1}", new object[] { mailboxAssociation.Group.ExternalId, mailboxAssociation.User.ExternalId }); } } }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdRelyingParty"/> class. /// </summary> /// <param name="associationStore">The association store. If null, the relying party will always operate in "dumb mode".</param> /// <param name="nonceStore">The nonce store to use. If null, the relying party will always operate in "dumb mode".</param> private OpenIdRelyingParty(IAssociationStore <Uri> associationStore, INonceStore nonceStore) { // If we are a smart-mode RP (supporting associations), then we MUST also be // capable of storing nonces to prevent replay attacks. // If we're a dumb-mode RP, then 2.0 OPs are responsible for preventing replays. ErrorUtilities.VerifyArgument(associationStore == null || nonceStore != null, OpenIdStrings.AssociationStoreRequiresNonceStore); this.securitySettings = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecuritySettings.CreateSecuritySettings(); // Without a nonce store, we must rely on the Provider to protect against // replay attacks. But only 2.0+ Providers can be expected to provide // replay protection. if (nonceStore == null) { this.SecuritySettings.MinimumRequiredOpenIdVersion = ProtocolVersion.V20; } this.channel = new OpenIdChannel(associationStore, nonceStore, this.SecuritySettings); this.AssociationManager = new AssociationManager(this.Channel, associationStore, this.SecuritySettings); }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdProvider"/> class. /// </summary> /// <param name="associationStore">The association store to use. Cannot be null.</param> /// <param name="nonceStore">The nonce store to use. Cannot be null.</param> private OpenIdProvider(IAssociationStore <AssociationRelyingPartyType> associationStore, INonceStore nonceStore) { Contract.Requires <ArgumentNullException>(associationStore != null); Contract.Requires <ArgumentNullException>(nonceStore != null); Contract.Ensures(this.AssociationStore == associationStore); Contract.Ensures(this.SecuritySettings != null); Contract.Ensures(this.Channel != null); this.AssociationStore = associationStore; this.SecuritySettings = DotNetOpenAuthSection.Configuration.OpenId.Provider.SecuritySettings.CreateSecuritySettings(); this.behaviors.CollectionChanged += this.OnBehaviorsChanged; foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.Provider.Behaviors.CreateInstances(false)) { this.behaviors.Add(behavior); } this.Channel = new OpenIdChannel(this.AssociationStore, nonceStore, this.SecuritySettings); Reporting.RecordFeatureAndDependencyUse(this, associationStore, nonceStore); }
private IMailboxAssociationUser GetMemberAssociationInformation(IAssociationStore associationStore) { GroupMailboxAuthorizationHandler.Tracer.TraceDebug <string, string>((long)this.GetHashCode(), "MemberRetrieval: Retrieving member information {0} from the mailbox = {1}", this.accessingUserInfo.Identity, this.groupMailboxToLogon.MailboxInfo.DisplayName); IMailboxAssociationUser userAssociationByIdProperty; if (!string.IsNullOrEmpty(this.accessingUserInfo.ExternalDirectoryObjectId)) { userAssociationByIdProperty = associationStore.GetUserAssociationByIdProperty(MailboxAssociationBaseSchema.ExternalId, new object[] { this.accessingUserInfo.ExternalDirectoryObjectId }); } else { userAssociationByIdProperty = associationStore.GetUserAssociationByIdProperty(MailboxAssociationBaseSchema.LegacyDN, new object[] { this.accessingUserInfo.LegacyExchangeDN }); } return(userAssociationByIdProperty); }
public IEnumerable <UserMailbox> GetUnseenMembers(GroupMailboxLocator group, IEnumerable <UserMailboxLocator> users) { IEnumerable <UserMailbox> result; using (IAssociationStore associationStore = this.storeProviderBuilder.Create(group, this.PerformanceTracker)) { UnseenDataUserAssociationAdaptor adaptor = new UnseenDataUserAssociationAdaptor(associationStore, this.adSession, group); GetMembershipAssociations getMembershipAssociations = new GetMembershipAssociations(adaptor); IEnumerable <MailboxAssociation> enumerable = getMembershipAssociations.Execute(null); Dictionary <string, MailboxAssociation> dictionary = new Dictionary <string, MailboxAssociation>(enumerable.Count <MailboxAssociation>()); foreach (MailboxAssociation mailboxAssociation in enumerable) { if (string.IsNullOrEmpty(mailboxAssociation.User.ExternalId)) { GroupMailboxAccessLayer.LogWarning(this.Logger, "GetUnseenMembers", string.Format("External Id is null or empty. LegacyDn - {0}", mailboxAssociation.User.LegacyDn)); } else if (dictionary.ContainsKey(mailboxAssociation.User.ExternalId)) { GroupMailboxAccessLayer.LogWarning(this.Logger, "GetUnseenMembers", string.Format("Duplicate External Id. ExternalId - {0}. LegacyDn - {1}", mailboxAssociation.User.ExternalId, mailboxAssociation.User.LegacyDn)); } else { dictionary.Add(mailboxAssociation.User.ExternalId, mailboxAssociation); } } List <UserMailbox> list = new List <UserMailbox>(); foreach (UserMailboxLocator userMailboxLocator in users) { MailboxAssociation association = null; if (!dictionary.TryGetValue(userMailboxLocator.ExternalId, out association)) { association = this.CreateMailboxAssociationWithDefaultValues(userMailboxLocator, group); } UserMailboxBuilder userMailboxBuilder = new UserMailboxBuilder(userMailboxLocator, null); list.Add(userMailboxBuilder.BuildFromAssociation(association).Mailbox); } result = list; } return(result); }
/// <summary> /// Initializes a new instance of the <see cref="StandardProviderApplicationStore"/> class. /// </summary> public StandardProviderApplicationStore() { this.nonceStore = new NonceMemoryStore(DotNetOpenAuthSection.Configuration.OpenId.MaxAuthenticationTime); this.associationStore = new AssociationMemoryStore<AssociationRelyingPartyType>(); }
public TestConsumer(IAssociationStore store, Fetcher fetcher) : base(store, fetcher) { }
public StoreTester( IAssociationStore store ) { this.store = store; }
/// <summary> /// Initializes a new instance of the SigningBindingElement class for use by a Relying Party. /// </summary> /// <param name="associationStore">The association store used to look up the secrets needed for signing. May be null for dumb Relying Parties.</param> internal SigningBindingElement(IAssociationStore<Uri> associationStore) { this.rpAssociations = associationStore; }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdRelyingParty"/> class. /// </summary> /// <param name="associationStore">The association store. If null, the relying party will always operate in "dumb mode".</param> /// <param name="nonceStore">The nonce store to use. If null, the relying party will always operate in "dumb mode".</param> private OpenIdRelyingParty(IAssociationStore<Uri> associationStore, INonceStore nonceStore) { // If we are a smart-mode RP (supporting associations), then we MUST also be // capable of storing nonces to prevent replay attacks. // If we're a dumb-mode RP, then 2.0 OPs are responsible for preventing replays. Contract.Requires(associationStore == null || nonceStore != null); ErrorUtilities.VerifyArgument(associationStore == null || nonceStore != null, OpenIdStrings.AssociationStoreRequiresNonceStore); this.securitySettings = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecuritySettings.CreateSecuritySettings(); this.behaviors.CollectionChanged += this.OnBehaviorsChanged; foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.Behaviors.CreateInstances(false)) { this.behaviors.Add(behavior); } // Without a nonce store, we must rely on the Provider to protect against // replay attacks. But only 2.0+ Providers can be expected to provide // replay protection. if (nonceStore == null) { this.SecuritySettings.MinimumRequiredOpenIdVersion = ProtocolVersion.V20; } this.channel = new OpenIdChannel(associationStore, nonceStore, this.SecuritySettings); this.AssociationManager = new AssociationManager(this.Channel, associationStore, this.SecuritySettings); }
/// <summary> /// Initializes a new instance of the <see cref="ReturnToSignatureBindingElement"/> class. /// </summary> /// <param name="secretStore">The secret store from which to retrieve the secret used for signing.</param> /// <param name="securitySettings">The security settings.</param> internal ReturnToSignatureBindingElement(IAssociationStore<Uri> secretStore, RelyingPartySecuritySettings securitySettings) { Contract.Requires<ArgumentNullException>(secretStore != null); this.secretManager = new PrivateSecretManager(securitySettings, secretStore); }
/// <summary> /// Initializes a new instance of the <see cref="StandardRelyingPartyApplicationStore"/> class. /// </summary> internal StandardRelyingPartyApplicationStore() { this.nonceStore = new NonceMemoryStore(DotNetOpenAuthSection.Configuration.OpenId.MaxAuthenticationTime); this.associationStore = new AssociationMemoryStore<Uri>(); }
/// <summary> /// Creates a Provider's response to an incoming association request. /// </summary> /// <param name="associationStore">The association store where a new association (if created) will be stored. Must not be null.</param> /// <param name="securitySettings">The security settings on the Provider.</param> /// <returns> /// The appropriate association response that is ready to be sent back to the Relying Party. /// </returns> /// <remarks> /// <para>If an association is created, it will be automatically be added to the provided /// association store.</para> /// <para>Successful association response messages will derive from <see cref="AssociateSuccessfulResponse"/>. /// Failed association response messages will derive from <see cref="AssociateUnsuccessfulResponse"/>.</para> /// </remarks> internal IProtocolMessage CreateResponse(IAssociationStore<AssociationRelyingPartyType> associationStore, ProviderSecuritySettings securitySettings) { ErrorUtilities.VerifyArgumentNotNull(associationStore, "associationStore"); ErrorUtilities.VerifyArgumentNotNull(securitySettings, "securitySettings"); IProtocolMessage response; if (securitySettings.IsAssociationInPermittedRange(Protocol, this.AssociationType) && HmacShaAssociation.IsDHSessionCompatible(Protocol, this.AssociationType, this.SessionType)) { response = this.CreateResponseCore(); // Create and store the association if this is a successful response. var successResponse = response as AssociateSuccessfulResponse; if (successResponse != null) { Association association = successResponse.CreateAssociation(this, securitySettings); associationStore.StoreAssociation(AssociationRelyingPartyType.Smart, association); } } else { response = this.CreateUnsuccessfulResponse(securitySettings); } return response; }
/// <summary> /// Initializes a new instance of the <see cref="ReturnToSignatureBindingElement"/> class. /// </summary> /// <param name="secretStore">The secret store from which to retrieve the secret used for signing.</param> /// <param name="securitySettings">The security settings.</param> internal ReturnToSignatureBindingElement(IAssociationStore<Uri> secretStore, RelyingPartySecuritySettings securitySettings) { ErrorUtilities.VerifyArgumentNotNull(secretStore, "secretStore"); this.secretManager = new PrivateSecretManager(securitySettings, secretStore); }
/// <summary> /// Initializes a new instance of the <see cref="OpenIdRelyingParty"/> class. /// </summary> /// <param name="associationStore">The association store. If null, the relying party will always operate in "dumb mode".</param> /// <param name="nonceStore">The nonce store to use. If null, the relying party will always operate in "dumb mode".</param> private OpenIdRelyingParty(IAssociationStore<Uri> associationStore, INonceStore nonceStore) { // If we are a smart-mode RP (supporting associations), then we MUST also be // capable of storing nonces to prevent replay attacks. // If we're a dumb-mode RP, then 2.0 OPs are responsible for preventing replays. Contract.Requires<ArgumentException>(associationStore == null || nonceStore != null, OpenIdStrings.AssociationStoreRequiresNonceStore); this.securitySettings = DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.SecuritySettings.CreateSecuritySettings(); foreach (var discoveryService in DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.DiscoveryServices.CreateInstances(true)) { this.discoveryServices.Add(discoveryService); } this.behaviors.CollectionChanged += this.OnBehaviorsChanged; foreach (var behavior in DotNetOpenAuthSection.Configuration.OpenId.RelyingParty.Behaviors.CreateInstances(false)) { this.behaviors.Add(behavior); } // Without a nonce store, we must rely on the Provider to protect against // replay attacks. But only 2.0+ Providers can be expected to provide // replay protection. if (nonceStore == null) { if (this.SecuritySettings.MinimumRequiredOpenIdVersion < ProtocolVersion.V20) { Logger.OpenId.Warn("Raising minimum OpenID version requirement for Providers to 2.0 to protect this stateless RP from replay attacks."); this.SecuritySettings.MinimumRequiredOpenIdVersion = ProtocolVersion.V20; } } this.channel = new OpenIdChannel(associationStore, nonceStore, this.SecuritySettings); this.AssociationManager = new AssociationManager(this.Channel, associationStore, this.SecuritySettings); Reporting.RecordFeatureAndDependencyUse(this, associationStore, nonceStore); }
/// <summary> /// Initializes a new <see cref="Consumer"/> instance. /// </summary> public Consumer(IAssociationStore store, Fetcher fetcher) { this.store = store; this.fetcher = fetcher; }