// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IPolicyData policyData)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapAreaControllerRoute(
name: "areas",
areaName: "Admin",
pattern: "Admin/{controller=Home}/{action=Index}/{id?}");
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
public Core(
IPolicyData policyData
)
: base(policyData)
{
// do nothing.
}
private static string BuildEASProvisionDoc(IPolicyData mailboxPolicy, int deviceVersion, out bool policyIsCompatibleWithDevice)
{
policyIsCompatibleWithDevice = true;
if (mailboxPolicy == null)
{
return(null);
}
return(ProvisionCommandPhaseOne.BuildEASProvisionDoc(deviceVersion, out policyIsCompatibleWithDevice, mailboxPolicy));
}
public PolicyBusinessModule(IPolicyData policyData,
IPolicyDataService policyDataService,
ISubscribePolicyService subscribeService,
IWebSiteModuleManager webSiteModule)
{
this.PolicyData = policyData;
this.PolicyDataService = policyDataService;
this.SubscribePolicyService = subscribeService;
this.WebSiteModule = webSiteModule;
}
public PolicyBusinessModule(IPolicyData policyData,
IPolicyDataService policyDataService,
ISubscribePolicyService subscribeService,
IWebSiteModuleManager webSiteModule)
{
this.PolicyData = policyData;
this.PolicyDataService = policyDataService;
this.SubscribePolicyService = subscribeService;
this.WebSiteModule = webSiteModule;
}
public PolicyBusinessModule(IPolicyData policyData,
SubscribeService.IPolicyService subscribeService,
PolicyDataService.IPolicyService policyDataService,
IWebSiteModuleManager webSiteModuleManager, ILogHandler logHandler)
{
_policyData = policyData;
_subscribeService = subscribeService;
_policyDataService = policyDataService;
_webSiteModuleManager = webSiteModuleManager;
_logHandler = logHandler;
}
public Default(
IPolicyData policyData
)
{
kind = IdentifierKind.Policy;
//
// VIRTUAL: Id of the deepest derived class.
//
id = AttributeOps.GetObjectId(this);
//
// VIRTUAL: Group of the deepest derived class.
//
group = AttributeOps.GetObjectGroup(this);
//
// NOTE: Is the supplied policy data valid?
//
if (policyData != null)
{
EntityOps.MaybeSetGroup(
this, policyData.Group);
name = policyData.Name;
description = policyData.Description;
typeName = policyData.TypeName;
methodName = policyData.MethodName;
bindingFlags = policyData.BindingFlags;
methodFlags = policyData.MethodFlags;
policyFlags = policyData.PolicyFlags;
token = policyData.Token;
plugin = policyData.Plugin;
clientData = policyData.ClientData;
}
callback = null;
}
public ProductionService(IBundleData bundleData, IPolicyData policyData, IProductData productData)
{
bundleDataAccess = bundleData;
policyDataAccess = policyData;
productDataAccess = productData;
}
internal static string BuildEASProvisionDoc(int deviceVersion, out bool policyIsCompatibleWithDevice, IPolicyData mailboxPolicy)
{
policyIsCompatibleWithDevice = true;
StringBuilder stringBuilder = new StringBuilder(300);
stringBuilder.Append("<eas-provisioningdoc xmlns=\"Provision:\">");
policyIsCompatibleWithDevice = ProvisionCommandPhaseOne.BuildEAS25And120Provisions(stringBuilder, deviceVersion, mailboxPolicy);
policyIsCompatibleWithDevice = (policyIsCompatibleWithDevice && ProvisionCommandPhaseOne.BuildEAS121Provisions(stringBuilder, deviceVersion, mailboxPolicy));
stringBuilder.Append("</eas-provisioningdoc>");
return(stringBuilder.ToString());
}
private static string BuildWAPProvisionDoc(IPolicyData mailboxPolicy)
{
StringBuilder stringBuilder = new StringBuilder(300);
stringBuilder.Append("<wap-provisioningdoc>");
stringBuilder.Append("<characteristic type=\"SecurityPolicy\">");
bool flag = false;
bool flag2 = false;
if (mailboxPolicy != null)
{
flag = mailboxPolicy.DevicePasswordEnabled;
flag2 = !mailboxPolicy.MaxDevicePasswordFailedAttempts.IsUnlimited;
bool requireStorageCardEncryption = mailboxPolicy.RequireStorageCardEncryption;
}
stringBuilder.AppendFormat("<parm name=\"4131\" value=\"{0}\"/>", flag ? 0 : 1);
stringBuilder.AppendFormat("<parm name=\"4133\" value=\"{0}\"/>", (flag && flag2) ? 0 : 1);
stringBuilder.Append("</characteristic>");
if (flag)
{
stringBuilder.Append("<characteristic type=\"Registry\">");
bool flag3 = false;
int num = 0;
if (!mailboxPolicy.MaxInactivityTimeDeviceLock.IsUnlimited)
{
flag3 = true;
num = (int)mailboxPolicy.MaxInactivityTimeDeviceLock.Value.TotalMinutes;
if (mailboxPolicy.MaxInactivityTimeDeviceLock.Value.Seconds > 0)
{
num++;
}
if (num < 1)
{
num = 1;
}
if (num > 9999)
{
num = 9999;
}
}
stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\AE\\{50C13377-C66D-400C-889E-C316FC4AB374}\">");
stringBuilder.AppendFormat("<parm name=\"AEFrequencyType\" value=\"{0}\"/>", flag3 ? 1 : 0);
stringBuilder.AppendFormat("<parm name=\"AEFrequencyValue\" value=\"{0}\"/>", num);
stringBuilder.Append("</characteristic>");
int num2 = 0;
int num3 = -1;
if (!mailboxPolicy.MaxDevicePasswordFailedAttempts.IsUnlimited)
{
num2 = mailboxPolicy.MaxDevicePasswordFailedAttempts.Value;
if (num2 < 2)
{
num2 = 2;
}
num3 = num2 / 2;
if (num3 > 8)
{
num3 = 8;
}
}
stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">");
stringBuilder.AppendFormat("<parm name=\"DeviceWipeThreshold\" value=\"{0}\"/>", num2);
stringBuilder.Append("</characteristic>");
stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">");
stringBuilder.AppendFormat("<parm name=\"CodewordFrequency\" value=\"{0}\"/>", num3);
stringBuilder.Append("</characteristic>");
int num4 = 1;
if (mailboxPolicy.MinDevicePasswordLength != null)
{
num4 = mailboxPolicy.MinDevicePasswordLength.Value;
if (num4 < 1)
{
num4 = 1;
}
}
stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">");
stringBuilder.AppendFormat("<parm name=\"MinimumPasswordLength\" value=\"{0}\"/>", num4);
stringBuilder.Append("</characteristic>");
stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">");
stringBuilder.AppendFormat("<parm name=\"PasswordComplexity\" value=\"{0}\"/>", mailboxPolicy.AlphanumericDevicePasswordRequired ? 0 : 2);
stringBuilder.Append("</characteristic>");
stringBuilder.Append("</characteristic>");
}
stringBuilder.Append("</wap-provisioningdoc>");
return(stringBuilder.ToString());
}
private static bool BuildEAS25And120Provisions(StringBuilder xml, int deviceVersion, IPolicyData mailboxPolicy)
{
bool flag = true;
bool allowNonProvisionableDevices = mailboxPolicy.AllowNonProvisionableDevices;
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordEnabled", mailboxPolicy.DevicePasswordEnabled, allowNonProvisionableDevices, deviceVersion, 20, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AlphanumericDevicePasswordRequired", mailboxPolicy.AlphanumericDevicePasswordRequired, allowNonProvisionableDevices, deviceVersion, 20, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "PasswordRecoveryEnabled", mailboxPolicy.PasswordRecoveryEnabled, allowNonProvisionableDevices, deviceVersion, 20, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireStorageCardEncryption", mailboxPolicy.RequireStorageCardEncryption, allowNonProvisionableDevices, deviceVersion, 20, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AttachmentsEnabled", mailboxPolicy.AttachmentsEnabled, allowNonProvisionableDevices, deviceVersion, 20, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MinDevicePasswordLength", mailboxPolicy.MinDevicePasswordLength, allowNonProvisionableDevices, deviceVersion, 20, 0);
object value = null;
if (!mailboxPolicy.MaxInactivityTimeDeviceLock.IsUnlimited)
{
value = (int)mailboxPolicy.MaxInactivityTimeDeviceLock.Value.TotalSeconds;
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxInactivityTimeDeviceLock", value, allowNonProvisionableDevices, deviceVersion, 20, null);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxDevicePasswordFailedAttempts", mailboxPolicy.MaxDevicePasswordFailedAttempts, allowNonProvisionableDevices, deviceVersion, 20, null);
value = null;
if (!mailboxPolicy.MaxAttachmentSize.IsUnlimited)
{
value = mailboxPolicy.MaxAttachmentSize.Value.ToBytes();
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxAttachmentSize", value, allowNonProvisionableDevices, deviceVersion, 20, null);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSimpleDevicePassword", mailboxPolicy.AllowSimpleDevicePassword, allowNonProvisionableDevices, deviceVersion, 20, true);
value = null;
if (!mailboxPolicy.DevicePasswordExpiration.IsUnlimited)
{
value = (int)mailboxPolicy.DevicePasswordExpiration.Value.TotalDays;
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordExpiration", value, allowNonProvisionableDevices, deviceVersion, 20, null);
return(flag & ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordHistory", mailboxPolicy.DevicePasswordHistory, allowNonProvisionableDevices, deviceVersion, 20, 0));
}
private bool ProcessPolicy(XmlNode response)
{
uint?headerPolicyKey = this.owningCommand.HeaderPolicyKey;
base.GlobalInfo.ProvisionSupported = true;
bool flag;
Command.DetectPolicyChange(this.owningCommand.PolicyData, base.GlobalInfo, this.owningCommand.ProtocolVersion, out flag);
if (!flag)
{
this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "DeviceNotFullyProvisionable");
this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.DeviceNotFullyProvisionable);
base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
return(false);
}
if (this.requestPolicyType != null)
{
if (this.deviceInformationNode == null && this.owningCommand.ProtocolVersion >= 141)
{
throw new AirSyncPermanentException(StatusCode.DeviceInformationRequired, false)
{
ErrorStringForProtocolLogger = "DeviceInfoRequiredInProvision"
};
}
if (string.Equals(this.requestPolicyType, "MS-WAP-Provisioning-XML", StringComparison.OrdinalIgnoreCase))
{
if (this.owningCommand.ProtocolVersion > 25)
{
this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "CannotUseWAP");
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError;
base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
return(true);
}
if (base.GlobalInfo.PolicyKeyNeeded != 0U || (string.Equals(this.requestPolicyType, "MS-WAP-Provisioning-XML", StringComparison.OrdinalIgnoreCase) && headerPolicyKey != null && headerPolicyKey != 0U))
{
this.responsePolicyType = this.requestPolicyType;
IPolicyData policyData = this.owningCommand.PolicyData;
this.responsePolicyData = ProvisionCommandPhaseOne.BuildWAPProvisionDoc(policyData);
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success;
this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck);
}
else
{
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.NoPolicy;
this.responsePolicyType = this.requestPolicyType;
}
}
else if (string.Equals(this.requestPolicyType, "MS-EAS-Provisioning-WBXML", StringComparison.OrdinalIgnoreCase))
{
if (base.GlobalInfo.PolicyKeyNeeded != 0U)
{
this.responsePolicyType = this.requestPolicyType;
IPolicyData policyData2 = this.owningCommand.PolicyData;
this.responsePolicyData = ProvisionCommandPhaseOne.BuildEASProvisionDoc(policyData2, this.owningCommand.ProtocolVersion, out flag);
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success;
this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck);
}
else if (base.GlobalInfo.PolicyKeyOnDevice != 0U || (string.Equals(this.requestPolicyType, "MS-EAS-Provisioning-WBXML", StringComparison.OrdinalIgnoreCase) && headerPolicyKey != null && headerPolicyKey != 0U))
{
this.responsePolicyType = this.requestPolicyType;
this.responsePolicyData = "<eas-provisioningdoc xmlns=\"Provision:\"><DevicePasswordEnabled>0</DevicePasswordEnabled></eas-provisioningdoc>";
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success;
this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck);
}
else
{
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.NoPolicy;
this.responsePolicyType = this.requestPolicyType;
}
}
else
{
if (this.requestPolicyType.Length == 0)
{
base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError;
return(true);
}
base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.responsePolicyType = this.requestPolicyType;
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.UnknownPolicyType;
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.Success;
return(true);
}
}
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.Success;
return(true);
}
private static bool BuildEAS121Provisions(StringBuilder xml, int deviceVersion, IPolicyData mailboxPolicy)
{
bool flag = true;
bool allowNonProvisionableDevices = mailboxPolicy.AllowNonProvisionableDevices;
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowStorageCard", mailboxPolicy.AllowStorageCard, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowCamera", mailboxPolicy.AllowCamera, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireDeviceEncryption", mailboxPolicy.RequireDeviceEncryption, allowNonProvisionableDevices, deviceVersion, 121, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowUnsignedApplications", mailboxPolicy.AllowUnsignedApplications, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowUnsignedInstallationPackages", mailboxPolicy.AllowUnsignedInstallationPackages, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= (ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MinDevicePasswordComplexCharacters", mailboxPolicy.MinDevicePasswordComplexCharacters, allowNonProvisionableDevices, deviceVersion, 121, 1) || !mailboxPolicy.AlphanumericDevicePasswordRequired);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowWiFi", mailboxPolicy.AllowWiFi, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowTextMessaging", mailboxPolicy.AllowTextMessaging, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowPOPIMAPEmail", mailboxPolicy.AllowPOPIMAPEmail, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowBluetooth", (int)mailboxPolicy.AllowBluetooth, allowNonProvisionableDevices, deviceVersion, 121, 2);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowIrDA", mailboxPolicy.AllowIrDA, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireManualSyncWhenRoaming", mailboxPolicy.RequireManualSyncWhenRoaming, allowNonProvisionableDevices, deviceVersion, 121, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowDesktopSync", mailboxPolicy.AllowDesktopSync, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxCalendarAgeFilter", (int)mailboxPolicy.MaxCalendarAgeFilter, allowNonProvisionableDevices, deviceVersion, 121, 0);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowHTMLEmail", mailboxPolicy.AllowHTMLEmail, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailAgeFilter", (int)mailboxPolicy.MaxEmailAgeFilter, allowNonProvisionableDevices, deviceVersion, 121, 0);
if (!mailboxPolicy.MaxEmailBodyTruncationSize.IsUnlimited)
{
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailBodyTruncationSize", mailboxPolicy.MaxEmailBodyTruncationSize.Value, allowNonProvisionableDevices, deviceVersion, 121, null);
}
else
{
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailBodyTruncationSize", -1, allowNonProvisionableDevices, deviceVersion, 121, -1);
}
if (!mailboxPolicy.MaxEmailHTMLBodyTruncationSize.IsUnlimited)
{
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailHTMLBodyTruncationSize", mailboxPolicy.MaxEmailHTMLBodyTruncationSize.Value, allowNonProvisionableDevices, deviceVersion, 121, null);
}
else
{
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailHTMLBodyTruncationSize", -1, allowNonProvisionableDevices, deviceVersion, 121, -1);
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireSignedSMIMEMessages", mailboxPolicy.RequireSignedSMIMEMessages, allowNonProvisionableDevices, deviceVersion, 121, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireEncryptedSMIMEMessages", mailboxPolicy.RequireEncryptedSMIMEMessages, allowNonProvisionableDevices, deviceVersion, 121, false);
ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireSignedSMIMEAlgorithm", (int)mailboxPolicy.RequireSignedSMIMEAlgorithm, allowNonProvisionableDevices, deviceVersion, 121, false);
ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireEncryptionSMIMEAlgorithm", (int)mailboxPolicy.RequireEncryptionSMIMEAlgorithm, allowNonProvisionableDevices, deviceVersion, 121, false);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSMIMEEncryptionAlgorithmNegotiation", (int)mailboxPolicy.AllowSMIMEEncryptionAlgorithmNegotiation, allowNonProvisionableDevices, deviceVersion, 121, 2);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSMIMESoftCerts", mailboxPolicy.AllowSMIMESoftCerts, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowBrowser", mailboxPolicy.AllowBrowser, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowConsumerEmail", mailboxPolicy.AllowConsumerEmail, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowRemoteDesktop", mailboxPolicy.AllowRemoteDesktop, allowNonProvisionableDevices, deviceVersion, 121, true);
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowInternetSharing", mailboxPolicy.AllowInternetSharing, allowNonProvisionableDevices, deviceVersion, 121, true);
StringBuilder stringBuilder = new StringBuilder(300);
MultiValuedProperty <string> unapprovedInROMApplicationList = mailboxPolicy.UnapprovedInROMApplicationList;
if (unapprovedInROMApplicationList != null)
{
foreach (string str in unapprovedInROMApplicationList)
{
stringBuilder.AppendFormat("<{0}>{1}</{0}>", "ApplicationName", SecurityElement.Escape(str));
}
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "UnapprovedInROMApplicationList", stringBuilder.ToString(), allowNonProvisionableDevices, deviceVersion, 121, string.Empty);
stringBuilder.Length = 0;
ApprovedApplicationCollection approvedApplicationList = mailboxPolicy.ApprovedApplicationList;
if (approvedApplicationList != null)
{
foreach (ApprovedApplication approvedApplication in approvedApplicationList)
{
stringBuilder.AppendFormat("<{0}>{1}</{0}>", "Hash", Convert.ToBase64String(HexStringConverter.GetBytes(approvedApplication.AppHash, false)));
}
}
flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "ApprovedApplicationList", stringBuilder.ToString(), allowNonProvisionableDevices, deviceVersion, 121, string.Empty);
return(flag);
}
public PolicyService(IPolicyData policyData, IClientService clientService, ILogger <PolicyService> logger)
{
_policyData = policyData;
_clientService = clientService;
_logger = logger;
}
private void ProcessPolicy(XmlNode response)
{
uint?headerPolicyKey = this.owningCommand.HeaderPolicyKey;
this.owningCommand.GlobalInfo.ProvisionSupported = true;
bool flag;
Command.DetectPolicyChange(this.owningCommand.PolicyData, this.owningCommand.GlobalInfo, this.owningCommand.ProtocolVersion, out flag);
if (!flag)
{
this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "DeviceNotFullyProvisionable");
this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.DeviceNotFullyProvisionable);
this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
return;
}
if (!string.IsNullOrEmpty(this.requestPolicyType) && this.requestPolicyStatus != ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.NotPresent && this.requestPolicyKey != null)
{
if (!ProvisionCommandPhaseBase.IsValidPolicyType(this.requestPolicyType))
{
this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.responsePolicyType = this.requestPolicyType;
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.UnknownPolicyType;
}
else
{
if (this.requestPolicyStatus < ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.MinValue || this.requestPolicyStatus > ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.AllowExternalDeviceManagement)
{
this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError;
this.BuildPolicyResponse(response);
return;
}
if (this.requestPolicyStatus >= ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.AllowExternalDeviceManagement && this.owningCommand.ProtocolVersion < 121)
{
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError;
this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.BuildPolicyResponse(response);
return;
}
if (this.requestPolicyKey == null)
{
this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError;
this.BuildPolicyResponse(response);
return;
}
if (this.requestPolicyKey == this.owningCommand.GlobalInfo.PolicyKeyWaitingAck)
{
this.responsePolicyType = this.requestPolicyType;
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success;
this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = ProvisionCommandPhaseTwo.MapPolicyStatusCodeFromClientToDevicePolicyApplicationStatus(this.requestPolicyStatus);
IPolicyData policyData = this.owningCommand.PolicyData;
if (policyData != null)
{
if (this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.AllowExternalDeviceManagement && !policyData.AllowExternalDeviceManagement)
{
this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "ExternallyManagedDevicesNotAllowed");
this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.ExternallyManagedDevicesNotAllowed);
return;
}
if (this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.MinValue || this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.AllowExternalDeviceManagement || (this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.PartialError && policyData.AllowNonProvisionableDevices))
{
this.responsePolicyKey = new uint?(this.owningCommand.GlobalInfo.PolicyKeyNeeded);
this.owningCommand.GlobalInfo.LastPolicyTime = new ExDateTime?(ExDateTime.UtcNow);
this.owningCommand.GlobalInfo.PolicyKeyOnDevice = this.owningCommand.GlobalInfo.PolicyKeyNeeded;
}
else if (this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.PartialError && !policyData.AllowNonProvisionableDevices)
{
this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "DevicePartiallyProvisionableStrictPolicy");
this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.DeviceNotFullyProvisionable);
this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
return;
}
}
else
{
this.responsePolicyKey = new uint?(0U);
this.owningCommand.GlobalInfo.PolicyKeyOnDevice = 0U;
this.owningCommand.GlobalInfo.LastPolicyTime = new ExDateTime?(ExDateTime.UtcNow);
}
}
else
{
this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.PolicyKeyMismatch;
this.responsePolicyType = this.requestPolicyType;
}
}
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.Success;
this.BuildPolicyResponse(response);
return;
}
this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied;
this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError;
this.BuildPolicyResponse(response);
}
