// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IPolicyData policyData) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Home/Error"); // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. app.UseHsts(); } app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseRouting(); app.UseAuthentication(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapAreaControllerRoute( name: "areas", areaName: "Admin", pattern: "Admin/{controller=Home}/{action=Index}/{id?}"); endpoints.MapControllerRoute( name: "default", pattern: "{controller=Home}/{action=Index}/{id?}"); }); }
public Core( IPolicyData policyData ) : base(policyData) { // do nothing. }
private static string BuildEASProvisionDoc(IPolicyData mailboxPolicy, int deviceVersion, out bool policyIsCompatibleWithDevice) { policyIsCompatibleWithDevice = true; if (mailboxPolicy == null) { return(null); } return(ProvisionCommandPhaseOne.BuildEASProvisionDoc(deviceVersion, out policyIsCompatibleWithDevice, mailboxPolicy)); }
public PolicyBusinessModule(IPolicyData policyData, IPolicyDataService policyDataService, ISubscribePolicyService subscribeService, IWebSiteModuleManager webSiteModule) { this.PolicyData = policyData; this.PolicyDataService = policyDataService; this.SubscribePolicyService = subscribeService; this.WebSiteModule = webSiteModule; }
public PolicyBusinessModule(IPolicyData policyData, SubscribeService.IPolicyService subscribeService, PolicyDataService.IPolicyService policyDataService, IWebSiteModuleManager webSiteModuleManager, ILogHandler logHandler) { _policyData = policyData; _subscribeService = subscribeService; _policyDataService = policyDataService; _webSiteModuleManager = webSiteModuleManager; _logHandler = logHandler; }
public Default( IPolicyData policyData ) { kind = IdentifierKind.Policy; // // VIRTUAL: Id of the deepest derived class. // id = AttributeOps.GetObjectId(this); // // VIRTUAL: Group of the deepest derived class. // group = AttributeOps.GetObjectGroup(this); // // NOTE: Is the supplied policy data valid? // if (policyData != null) { EntityOps.MaybeSetGroup( this, policyData.Group); name = policyData.Name; description = policyData.Description; typeName = policyData.TypeName; methodName = policyData.MethodName; bindingFlags = policyData.BindingFlags; methodFlags = policyData.MethodFlags; policyFlags = policyData.PolicyFlags; token = policyData.Token; plugin = policyData.Plugin; clientData = policyData.ClientData; } callback = null; }
public ProductionService(IBundleData bundleData, IPolicyData policyData, IProductData productData) { bundleDataAccess = bundleData; policyDataAccess = policyData; productDataAccess = productData; }
internal static string BuildEASProvisionDoc(int deviceVersion, out bool policyIsCompatibleWithDevice, IPolicyData mailboxPolicy) { policyIsCompatibleWithDevice = true; StringBuilder stringBuilder = new StringBuilder(300); stringBuilder.Append("<eas-provisioningdoc xmlns=\"Provision:\">"); policyIsCompatibleWithDevice = ProvisionCommandPhaseOne.BuildEAS25And120Provisions(stringBuilder, deviceVersion, mailboxPolicy); policyIsCompatibleWithDevice = (policyIsCompatibleWithDevice && ProvisionCommandPhaseOne.BuildEAS121Provisions(stringBuilder, deviceVersion, mailboxPolicy)); stringBuilder.Append("</eas-provisioningdoc>"); return(stringBuilder.ToString()); }
private static string BuildWAPProvisionDoc(IPolicyData mailboxPolicy) { StringBuilder stringBuilder = new StringBuilder(300); stringBuilder.Append("<wap-provisioningdoc>"); stringBuilder.Append("<characteristic type=\"SecurityPolicy\">"); bool flag = false; bool flag2 = false; if (mailboxPolicy != null) { flag = mailboxPolicy.DevicePasswordEnabled; flag2 = !mailboxPolicy.MaxDevicePasswordFailedAttempts.IsUnlimited; bool requireStorageCardEncryption = mailboxPolicy.RequireStorageCardEncryption; } stringBuilder.AppendFormat("<parm name=\"4131\" value=\"{0}\"/>", flag ? 0 : 1); stringBuilder.AppendFormat("<parm name=\"4133\" value=\"{0}\"/>", (flag && flag2) ? 0 : 1); stringBuilder.Append("</characteristic>"); if (flag) { stringBuilder.Append("<characteristic type=\"Registry\">"); bool flag3 = false; int num = 0; if (!mailboxPolicy.MaxInactivityTimeDeviceLock.IsUnlimited) { flag3 = true; num = (int)mailboxPolicy.MaxInactivityTimeDeviceLock.Value.TotalMinutes; if (mailboxPolicy.MaxInactivityTimeDeviceLock.Value.Seconds > 0) { num++; } if (num < 1) { num = 1; } if (num > 9999) { num = 9999; } } stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\AE\\{50C13377-C66D-400C-889E-C316FC4AB374}\">"); stringBuilder.AppendFormat("<parm name=\"AEFrequencyType\" value=\"{0}\"/>", flag3 ? 1 : 0); stringBuilder.AppendFormat("<parm name=\"AEFrequencyValue\" value=\"{0}\"/>", num); stringBuilder.Append("</characteristic>"); int num2 = 0; int num3 = -1; if (!mailboxPolicy.MaxDevicePasswordFailedAttempts.IsUnlimited) { num2 = mailboxPolicy.MaxDevicePasswordFailedAttempts.Value; if (num2 < 2) { num2 = 2; } num3 = num2 / 2; if (num3 > 8) { num3 = 8; } } stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">"); stringBuilder.AppendFormat("<parm name=\"DeviceWipeThreshold\" value=\"{0}\"/>", num2); stringBuilder.Append("</characteristic>"); stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">"); stringBuilder.AppendFormat("<parm name=\"CodewordFrequency\" value=\"{0}\"/>", num3); stringBuilder.Append("</characteristic>"); int num4 = 1; if (mailboxPolicy.MinDevicePasswordLength != null) { num4 = mailboxPolicy.MinDevicePasswordLength.Value; if (num4 < 1) { num4 = 1; } } stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">"); stringBuilder.AppendFormat("<parm name=\"MinimumPasswordLength\" value=\"{0}\"/>", num4); stringBuilder.Append("</characteristic>"); stringBuilder.Append("<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">"); stringBuilder.AppendFormat("<parm name=\"PasswordComplexity\" value=\"{0}\"/>", mailboxPolicy.AlphanumericDevicePasswordRequired ? 0 : 2); stringBuilder.Append("</characteristic>"); stringBuilder.Append("</characteristic>"); } stringBuilder.Append("</wap-provisioningdoc>"); return(stringBuilder.ToString()); }
private static bool BuildEAS25And120Provisions(StringBuilder xml, int deviceVersion, IPolicyData mailboxPolicy) { bool flag = true; bool allowNonProvisionableDevices = mailboxPolicy.AllowNonProvisionableDevices; flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordEnabled", mailboxPolicy.DevicePasswordEnabled, allowNonProvisionableDevices, deviceVersion, 20, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AlphanumericDevicePasswordRequired", mailboxPolicy.AlphanumericDevicePasswordRequired, allowNonProvisionableDevices, deviceVersion, 20, false); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "PasswordRecoveryEnabled", mailboxPolicy.PasswordRecoveryEnabled, allowNonProvisionableDevices, deviceVersion, 20, false); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireStorageCardEncryption", mailboxPolicy.RequireStorageCardEncryption, allowNonProvisionableDevices, deviceVersion, 20, false); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AttachmentsEnabled", mailboxPolicy.AttachmentsEnabled, allowNonProvisionableDevices, deviceVersion, 20, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MinDevicePasswordLength", mailboxPolicy.MinDevicePasswordLength, allowNonProvisionableDevices, deviceVersion, 20, 0); object value = null; if (!mailboxPolicy.MaxInactivityTimeDeviceLock.IsUnlimited) { value = (int)mailboxPolicy.MaxInactivityTimeDeviceLock.Value.TotalSeconds; } flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxInactivityTimeDeviceLock", value, allowNonProvisionableDevices, deviceVersion, 20, null); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxDevicePasswordFailedAttempts", mailboxPolicy.MaxDevicePasswordFailedAttempts, allowNonProvisionableDevices, deviceVersion, 20, null); value = null; if (!mailboxPolicy.MaxAttachmentSize.IsUnlimited) { value = mailboxPolicy.MaxAttachmentSize.Value.ToBytes(); } flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxAttachmentSize", value, allowNonProvisionableDevices, deviceVersion, 20, null); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSimpleDevicePassword", mailboxPolicy.AllowSimpleDevicePassword, allowNonProvisionableDevices, deviceVersion, 20, true); value = null; if (!mailboxPolicy.DevicePasswordExpiration.IsUnlimited) { value = (int)mailboxPolicy.DevicePasswordExpiration.Value.TotalDays; } flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordExpiration", value, allowNonProvisionableDevices, deviceVersion, 20, null); return(flag & ProvisionCommandPhaseOne.AppendEASAttribute(xml, "DevicePasswordHistory", mailboxPolicy.DevicePasswordHistory, allowNonProvisionableDevices, deviceVersion, 20, 0)); }
private bool ProcessPolicy(XmlNode response) { uint?headerPolicyKey = this.owningCommand.HeaderPolicyKey; base.GlobalInfo.ProvisionSupported = true; bool flag; Command.DetectPolicyChange(this.owningCommand.PolicyData, base.GlobalInfo, this.owningCommand.ProtocolVersion, out flag); if (!flag) { this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "DeviceNotFullyProvisionable"); this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.DeviceNotFullyProvisionable); base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; return(false); } if (this.requestPolicyType != null) { if (this.deviceInformationNode == null && this.owningCommand.ProtocolVersion >= 141) { throw new AirSyncPermanentException(StatusCode.DeviceInformationRequired, false) { ErrorStringForProtocolLogger = "DeviceInfoRequiredInProvision" }; } if (string.Equals(this.requestPolicyType, "MS-WAP-Provisioning-XML", StringComparison.OrdinalIgnoreCase)) { if (this.owningCommand.ProtocolVersion > 25) { this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "CannotUseWAP"); this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError; base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; return(true); } if (base.GlobalInfo.PolicyKeyNeeded != 0U || (string.Equals(this.requestPolicyType, "MS-WAP-Provisioning-XML", StringComparison.OrdinalIgnoreCase) && headerPolicyKey != null && headerPolicyKey != 0U)) { this.responsePolicyType = this.requestPolicyType; IPolicyData policyData = this.owningCommand.PolicyData; this.responsePolicyData = ProvisionCommandPhaseOne.BuildWAPProvisionDoc(policyData); this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success; this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck); } else { this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.NoPolicy; this.responsePolicyType = this.requestPolicyType; } } else if (string.Equals(this.requestPolicyType, "MS-EAS-Provisioning-WBXML", StringComparison.OrdinalIgnoreCase)) { if (base.GlobalInfo.PolicyKeyNeeded != 0U) { this.responsePolicyType = this.requestPolicyType; IPolicyData policyData2 = this.owningCommand.PolicyData; this.responsePolicyData = ProvisionCommandPhaseOne.BuildEASProvisionDoc(policyData2, this.owningCommand.ProtocolVersion, out flag); this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success; this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck); } else if (base.GlobalInfo.PolicyKeyOnDevice != 0U || (string.Equals(this.requestPolicyType, "MS-EAS-Provisioning-WBXML", StringComparison.OrdinalIgnoreCase) && headerPolicyKey != null && headerPolicyKey != 0U)) { this.responsePolicyType = this.requestPolicyType; this.responsePolicyData = "<eas-provisioningdoc xmlns=\"Provision:\"><DevicePasswordEnabled>0</DevicePasswordEnabled></eas-provisioningdoc>"; this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success; this.responsePolicyKey = new uint?(base.GlobalInfo.PolicyKeyWaitingAck); } else { this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.NoPolicy; this.responsePolicyType = this.requestPolicyType; } } else { if (this.requestPolicyType.Length == 0) { base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError; return(true); } base.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; this.responsePolicyType = this.requestPolicyType; this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.UnknownPolicyType; this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.Success; return(true); } } this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.Success; return(true); }
private static bool BuildEAS121Provisions(StringBuilder xml, int deviceVersion, IPolicyData mailboxPolicy) { bool flag = true; bool allowNonProvisionableDevices = mailboxPolicy.AllowNonProvisionableDevices; flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowStorageCard", mailboxPolicy.AllowStorageCard, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowCamera", mailboxPolicy.AllowCamera, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireDeviceEncryption", mailboxPolicy.RequireDeviceEncryption, allowNonProvisionableDevices, deviceVersion, 121, false); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowUnsignedApplications", mailboxPolicy.AllowUnsignedApplications, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowUnsignedInstallationPackages", mailboxPolicy.AllowUnsignedInstallationPackages, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= (ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MinDevicePasswordComplexCharacters", mailboxPolicy.MinDevicePasswordComplexCharacters, allowNonProvisionableDevices, deviceVersion, 121, 1) || !mailboxPolicy.AlphanumericDevicePasswordRequired); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowWiFi", mailboxPolicy.AllowWiFi, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowTextMessaging", mailboxPolicy.AllowTextMessaging, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowPOPIMAPEmail", mailboxPolicy.AllowPOPIMAPEmail, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowBluetooth", (int)mailboxPolicy.AllowBluetooth, allowNonProvisionableDevices, deviceVersion, 121, 2); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowIrDA", mailboxPolicy.AllowIrDA, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireManualSyncWhenRoaming", mailboxPolicy.RequireManualSyncWhenRoaming, allowNonProvisionableDevices, deviceVersion, 121, false); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowDesktopSync", mailboxPolicy.AllowDesktopSync, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxCalendarAgeFilter", (int)mailboxPolicy.MaxCalendarAgeFilter, allowNonProvisionableDevices, deviceVersion, 121, 0); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowHTMLEmail", mailboxPolicy.AllowHTMLEmail, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailAgeFilter", (int)mailboxPolicy.MaxEmailAgeFilter, allowNonProvisionableDevices, deviceVersion, 121, 0); if (!mailboxPolicy.MaxEmailBodyTruncationSize.IsUnlimited) { flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailBodyTruncationSize", mailboxPolicy.MaxEmailBodyTruncationSize.Value, allowNonProvisionableDevices, deviceVersion, 121, null); } else { flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailBodyTruncationSize", -1, allowNonProvisionableDevices, deviceVersion, 121, -1); } if (!mailboxPolicy.MaxEmailHTMLBodyTruncationSize.IsUnlimited) { flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailHTMLBodyTruncationSize", mailboxPolicy.MaxEmailHTMLBodyTruncationSize.Value, allowNonProvisionableDevices, deviceVersion, 121, null); } else { flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "MaxEmailHTMLBodyTruncationSize", -1, allowNonProvisionableDevices, deviceVersion, 121, -1); } flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireSignedSMIMEMessages", mailboxPolicy.RequireSignedSMIMEMessages, allowNonProvisionableDevices, deviceVersion, 121, false); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireEncryptedSMIMEMessages", mailboxPolicy.RequireEncryptedSMIMEMessages, allowNonProvisionableDevices, deviceVersion, 121, false); ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireSignedSMIMEAlgorithm", (int)mailboxPolicy.RequireSignedSMIMEAlgorithm, allowNonProvisionableDevices, deviceVersion, 121, false); ProvisionCommandPhaseOne.AppendEASAttribute(xml, "RequireEncryptionSMIMEAlgorithm", (int)mailboxPolicy.RequireEncryptionSMIMEAlgorithm, allowNonProvisionableDevices, deviceVersion, 121, false); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSMIMEEncryptionAlgorithmNegotiation", (int)mailboxPolicy.AllowSMIMEEncryptionAlgorithmNegotiation, allowNonProvisionableDevices, deviceVersion, 121, 2); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowSMIMESoftCerts", mailboxPolicy.AllowSMIMESoftCerts, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowBrowser", mailboxPolicy.AllowBrowser, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowConsumerEmail", mailboxPolicy.AllowConsumerEmail, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowRemoteDesktop", mailboxPolicy.AllowRemoteDesktop, allowNonProvisionableDevices, deviceVersion, 121, true); flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "AllowInternetSharing", mailboxPolicy.AllowInternetSharing, allowNonProvisionableDevices, deviceVersion, 121, true); StringBuilder stringBuilder = new StringBuilder(300); MultiValuedProperty <string> unapprovedInROMApplicationList = mailboxPolicy.UnapprovedInROMApplicationList; if (unapprovedInROMApplicationList != null) { foreach (string str in unapprovedInROMApplicationList) { stringBuilder.AppendFormat("<{0}>{1}</{0}>", "ApplicationName", SecurityElement.Escape(str)); } } flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "UnapprovedInROMApplicationList", stringBuilder.ToString(), allowNonProvisionableDevices, deviceVersion, 121, string.Empty); stringBuilder.Length = 0; ApprovedApplicationCollection approvedApplicationList = mailboxPolicy.ApprovedApplicationList; if (approvedApplicationList != null) { foreach (ApprovedApplication approvedApplication in approvedApplicationList) { stringBuilder.AppendFormat("<{0}>{1}</{0}>", "Hash", Convert.ToBase64String(HexStringConverter.GetBytes(approvedApplication.AppHash, false))); } } flag &= ProvisionCommandPhaseOne.AppendEASAttribute(xml, "ApprovedApplicationList", stringBuilder.ToString(), allowNonProvisionableDevices, deviceVersion, 121, string.Empty); return(flag); }
public PolicyService(IPolicyData policyData, IClientService clientService, ILogger <PolicyService> logger) { _policyData = policyData; _clientService = clientService; _logger = logger; }
private void ProcessPolicy(XmlNode response) { uint?headerPolicyKey = this.owningCommand.HeaderPolicyKey; this.owningCommand.GlobalInfo.ProvisionSupported = true; bool flag; Command.DetectPolicyChange(this.owningCommand.PolicyData, this.owningCommand.GlobalInfo, this.owningCommand.ProtocolVersion, out flag); if (!flag) { this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "DeviceNotFullyProvisionable"); this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.DeviceNotFullyProvisionable); this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; return; } if (!string.IsNullOrEmpty(this.requestPolicyType) && this.requestPolicyStatus != ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.NotPresent && this.requestPolicyKey != null) { if (!ProvisionCommandPhaseBase.IsValidPolicyType(this.requestPolicyType)) { this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; this.responsePolicyType = this.requestPolicyType; this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.UnknownPolicyType; } else { if (this.requestPolicyStatus < ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.MinValue || this.requestPolicyStatus > ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.AllowExternalDeviceManagement) { this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError; this.BuildPolicyResponse(response); return; } if (this.requestPolicyStatus >= ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.AllowExternalDeviceManagement && this.owningCommand.ProtocolVersion < 121) { this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError; this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; this.BuildPolicyResponse(response); return; } if (this.requestPolicyKey == null) { this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError; this.BuildPolicyResponse(response); return; } if (this.requestPolicyKey == this.owningCommand.GlobalInfo.PolicyKeyWaitingAck) { this.responsePolicyType = this.requestPolicyType; this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.Success; this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = ProvisionCommandPhaseTwo.MapPolicyStatusCodeFromClientToDevicePolicyApplicationStatus(this.requestPolicyStatus); IPolicyData policyData = this.owningCommand.PolicyData; if (policyData != null) { if (this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.AllowExternalDeviceManagement && !policyData.AllowExternalDeviceManagement) { this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "ExternallyManagedDevicesNotAllowed"); this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.ExternallyManagedDevicesNotAllowed); return; } if (this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.MinValue || this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.AllowExternalDeviceManagement || (this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.PartialError && policyData.AllowNonProvisionableDevices)) { this.responsePolicyKey = new uint?(this.owningCommand.GlobalInfo.PolicyKeyNeeded); this.owningCommand.GlobalInfo.LastPolicyTime = new ExDateTime?(ExDateTime.UtcNow); this.owningCommand.GlobalInfo.PolicyKeyOnDevice = this.owningCommand.GlobalInfo.PolicyKeyNeeded; } else if (this.requestPolicyStatus == ProvisionCommandPhaseTwo.PolicyStatusCodeFromClient.PartialError && !policyData.AllowNonProvisionableDevices) { this.owningCommand.ProtocolLogger.SetValue(ProtocolLoggerData.Error, "DevicePartiallyProvisionableStrictPolicy"); this.owningCommand.SetErrorResponse(HttpStatusCode.Forbidden, StatusCode.DeviceNotFullyProvisionable); this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; return; } } else { this.responsePolicyKey = new uint?(0U); this.owningCommand.GlobalInfo.PolicyKeyOnDevice = 0U; this.owningCommand.GlobalInfo.LastPolicyTime = new ExDateTime?(ExDateTime.UtcNow); } } else { this.responsePolicyStatus = ProvisionCommand.PolicyStatusCode.PolicyKeyMismatch; this.responsePolicyType = this.requestPolicyType; } } this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.Success; this.BuildPolicyResponse(response); return; } this.owningCommand.GlobalInfo.DevicePolicyApplicationStatus = DevicePolicyApplicationStatus.NotApplied; this.responseProvisionStatus = ProvisionCommand.ProvisionStatusCode.ProtocolError; this.BuildPolicyResponse(response); }