private bool HasOrganizationRelationship(OrganizationId organizationId)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(this.callerExternalIdentity.EmailAddress.Domain);
return(organizationRelationship != null && organizationRelationship.Enabled && organizationRelationship.DomainNames.Contains(new SmtpDomain(this.callerExternalIdentity.EmailAddress.Domain)));
}
protected ADObjectId ResolveMailboxDatabase(ADRawEntry activeDirectoryRawEntry)
{
if (activeDirectoryRawEntry == null)
{
throw new ArgumentNullException("activeDirectoryRawEntry");
}
SmtpProxyAddress smtpProxyAddress = (SmtpProxyAddress)activeDirectoryRawEntry[ADRecipientSchema.ExternalEmailAddress];
if (smtpProxyAddress != null)
{
OrganizationId key = (OrganizationId)activeDirectoryRawEntry[ADObjectSchema.OrganizationId];
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(key);
if (!((SmtpAddress)smtpProxyAddress).IsValidAddress)
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: ExternalEmailAddress configured is invalid.");
}
else
{
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(((SmtpAddress)smtpProxyAddress).Domain);
if (organizationRelationship != null && organizationRelationship.TargetOwaURL != null)
{
string absoluteUri = organizationRelationship.TargetOwaURL.AbsoluteUri;
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: Stop processing and redirect to {0}.", absoluteUri);
base.Logger.AppendGenericInfo("ExternalRedir", absoluteUri);
throw new ServerSideTransferException(absoluteUri, LegacyRedirectTypeOptions.Manual);
}
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: Unable to find OrganizationRelationShip or its TargetOwaUrl is not configured.");
base.Logger.AppendGenericInfo("ExternalRedir", "Org-Relationship or targetOwaUrl not found.");
}
}
return(null);
}
private static bool IsOrganizationHasOrganizationRelationshipWithDomain(OrganizationId organizationId, string domain)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
return(organizationRelationship != null);
}
private static List <string> GetFederatedEmailAddresses(OrganizationId orgId, ProxyAddressCollection proxyAddresses)
{
if (proxyAddresses == null || proxyAddresses.Count == 0)
{
return((List <string>)RmsClientManagerUtils.EmptyProxyList);
}
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(orgId);
if (organizationIdCacheValue == null || organizationIdCacheValue.FederatedDomains == null)
{
Microsoft.Exchange.Diagnostics.Components.Data.Storage.ExTraceGlobals.RightsManagementTracer.TraceError <OrganizationId>(0L, "GetFederatedEmailAddresses: Organization {0} does not have any federated domains.", orgId);
throw new RightsManagementException(RightsManagementFailureCode.FederationNotEnabled, ServerStrings.FederationNotEnabled);
}
List <string> list = new List <string>(proxyAddresses.Count);
List <string> list2 = new List <string>(organizationIdCacheValue.FederatedDomains);
if (list2.Count > 50)
{
list2.RemoveRange(50, list2.Count - 50);
}
foreach (ProxyAddress proxyAddress in proxyAddresses)
{
if (proxyAddress.Prefix == ProxyAddressPrefix.Smtp)
{
SmtpAddress arg = new SmtpAddress(proxyAddress.AddressString);
if (list2.Contains(arg.Domain, StringComparer.OrdinalIgnoreCase))
{
Microsoft.Exchange.Diagnostics.Components.Data.Storage.ExTraceGlobals.RightsManagementTracer.TraceDebug <SmtpAddress>(0L, "Adding address {0} to the list of email addresses", arg);
list.Add(proxyAddress.AddressString);
}
}
}
return(list);
}
private static TokenTarget FromOrganizationRelationship(string domain, OrganizationId organizationId)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
TargetUriResolver.Tracer.TraceDebug <string, OrganizationId>(0L, "Searching for OrganizationRelationship that matches domain {0} in organization {1}", domain, organizationId);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
if (organizationRelationship == null)
{
TargetUriResolver.Tracer.TraceError <string, OrganizationId>(0L, "Found no OrganizationRelationship that matches domain {0} in organization {1}", domain, organizationId);
return(null);
}
if (organizationRelationship.TargetApplicationUri == null)
{
TargetUriResolver.Tracer.TraceError <string, OrganizationId, ADObjectId>(0L, "Found OrganizationRelationship that matches domain {0} in organization {1}, but it has not TargetApplicationUri. OrganizationRelationship is {2}", domain, organizationId, organizationRelationship.Id);
return(null);
}
TokenTarget tokenTarget = organizationRelationship.GetTokenTarget();
TargetUriResolver.Tracer.TraceDebug(0L, "Found OrganizationRelationship that matches domain {0} in organization {1}. Target is '{2}'. OrganizationRelationship is {3}", new object[]
{
domain,
organizationId,
tokenTarget,
organizationRelationship.Id
});
return(tokenTarget);
}
public SecurityTokenService GetSecurityTokenService(OrganizationId organizationId)
{
this.ThrowIfNotEnabled();
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
FederatedOrganizationId federatedOrganizationId = organizationIdCacheValue.FederatedOrganizationId;
if (federatedOrganizationId == null)
{
ExternalAuthentication.ConfigurationTracer.TraceError <string>(0L, "Unable to find Federated Organization Identifier for organization {0}.", organizationId.ToString());
return(null);
}
if (federatedOrganizationId.DelegationTrustLink == null)
{
ExternalAuthentication.ConfigurationTracer.TraceError <string>(0L, "Unable to find configured delegation trust link for organization {0}.", organizationId.ToString());
return(null);
}
SecurityTokenService result;
if (this.securityTokenServices.TryGetValue(federatedOrganizationId.DelegationTrustLink, out result))
{
return(result);
}
ExternalAuthentication.ConfigurationTracer.TraceError <string, string>(0L, "Unable to find configured Security Token Service client for delegation trust link {0} for organization {1}.", federatedOrganizationId.DelegationTrustLink.DistinguishedName, organizationId.ToString());
ExternalAuthentication.ConfigurationTracer.TraceError <string>(0L, "Current Security Token Service client list is {0}.", this.SecurityTokenServicesIdentifiers);
return(null);
}
private HashSet <string> GetLocalFederatedDomains(ADUser user)
{
OrganizationId organizationId = user.OrganizationId;
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
return(new HashSet <string>(organizationIdCacheValue.FederatedDomains));
}
public static TargetForestConfiguration FindByDomain(OrganizationId organizationId, string domainName)
{
if (!VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).Global.MultiTenancy.Enabled)
{
TargetForestConfiguration result;
if (!TargetForestConfigurationCache.cache.TryGetValue(domainName, out result))
{
TargetForestConfigurationCache.ConfigurationTracer.TraceError <object, string>(0L, "{0}: TargetForestConfiguration for domain {1} could not be found in cache", TraceContext.Get(), domainName);
throw new AddressSpaceNotFoundException(Strings.descConfigurationInformationNotFound(domainName), 51004U);
}
return(result);
}
else
{
if (organizationId == null)
{
OrganizationId forestWideOrgId = OrganizationId.ForestWideOrgId;
}
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
if (organizationIdCacheValue == null)
{
TargetForestConfigurationCache.ConfigurationTracer.TraceError <object, OrganizationId>(0L, "{0}: Unable to find organization {1} in the OrgId cache", TraceContext.Get(), organizationId);
throw new AddressSpaceNotFoundException(Strings.descConfigurationInformationNotFound(domainName), 64316U);
}
AvailabilityAddressSpace availabilityAddressSpace = organizationIdCacheValue.GetAvailabilityAddressSpace(domainName);
if (availabilityAddressSpace != null)
{
TargetForestConfiguration result = TargetForestConfigurationCache.ConstructTargetForestConfiguration(availabilityAddressSpace, null);
return(result);
}
TargetForestConfigurationCache.ConfigurationTracer.TraceError <object, string, OrganizationId>(0L, "{0}: TargetForestConfiguration for domain {1} could not be found in cache for organization {2}", TraceContext.Get(), domainName, organizationId);
throw new AddressSpaceNotFoundException(Strings.descConfigurationInformationNotFound(domainName), 47932U);
}
}
public OrganizationRelationship GetOrganizationRelationship(OrganizationId organizationId, string domain)
{
OrganizationRelationship relationship = null;
this.DoAdCallAndTranslateExceptions(delegate
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
relationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
}, "DirectoryAccessor:GetOrganizationRelationship");
return(relationship);
}
public static SmtpAddress GetFederatedSmtpAddress(this IGenericADUser genericAdUser, SmtpAddress preferredSmtpAddress)
{
OrganizationId key = genericAdUser.OrganizationId ?? OrganizationId.ForestWideOrgId;
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(key);
if (organizationIdCacheValue.FederatedDomains == null)
{
throw new UserWithoutFederatedProxyAddressException();
}
if (organizationIdCacheValue.DefaultFederatedDomain != null)
{
foreach (ProxyAddress proxyAddress in genericAdUser.EmailAddresses)
{
if (proxyAddress.Prefix == ProxyAddressPrefix.Smtp)
{
SmtpAddress result = new SmtpAddress(proxyAddress.AddressString);
if (StringComparer.OrdinalIgnoreCase.Equals(result.Domain, organizationIdCacheValue.DefaultFederatedDomain))
{
return(result);
}
}
}
}
List <string> source = new List <string>(organizationIdCacheValue.FederatedDomains);
bool isValidAddress = preferredSmtpAddress.IsValidAddress;
if (isValidAddress && !genericAdUser.EmailAddresses.Contains(new SmtpProxyAddress(preferredSmtpAddress.ToString(), false)))
{
throw new ArgumentException("preferredSmtpAddress");
}
if (isValidAddress)
{
if (source.Contains(preferredSmtpAddress.Domain, StringComparer.OrdinalIgnoreCase))
{
return(preferredSmtpAddress);
}
if (genericAdUser.PrimarySmtpAddress.IsValidAddress && !StringComparer.OrdinalIgnoreCase.Equals(genericAdUser.PrimarySmtpAddress.Domain, preferredSmtpAddress.Domain) && source.Contains(genericAdUser.PrimarySmtpAddress.Domain, StringComparer.OrdinalIgnoreCase))
{
return(genericAdUser.PrimarySmtpAddress);
}
}
foreach (ProxyAddress proxyAddress2 in genericAdUser.EmailAddresses)
{
if (proxyAddress2.Prefix == ProxyAddressPrefix.Smtp)
{
SmtpAddress result2 = new SmtpAddress(proxyAddress2.AddressString);
if (source.Contains(result2.Domain, StringComparer.OrdinalIgnoreCase))
{
return(result2);
}
}
}
throw new UserWithoutFederatedProxyAddressException();
}
// Token: 0x060003AA RID: 938 RVA: 0x00016C3C File Offset: 0x00014E3C
private OrganizationIdCacheValue GetOrganizationIdCachedValueFromDomains()
{
OrganizationId organizationId = null;
OrganizationIdCacheValue result = null;
bool flag = false;
foreach (string text in this.Request.Domains)
{
if (!SmtpAddress.IsValidDomain(text))
{
ExTraceGlobals.FrameworkTracer.TraceDebug <string>(0L, "GetOrganizationRelationshipSettingsRequestMessage.GetOrganizationIdCachedValueFromDomains() returning null because of an invalid smtp domain in the request: {0}.", text);
flag = true;
break;
}
OrganizationId organizationId2 = DomainToOrganizationIdCache.Singleton.Get(new SmtpDomain(text));
if (!(organizationId2 == null))
{
if (organizationId == null)
{
organizationId = organizationId2;
}
else
{
string x = string.Empty;
if (organizationId.OrganizationalUnit != null)
{
x = (organizationId.OrganizationalUnit.DistinguishedName ?? string.Empty);
}
string y = string.Empty;
if (organizationId2.OrganizationalUnit != null)
{
y = (organizationId2.OrganizationalUnit.DistinguishedName ?? string.Empty);
}
if (!StringComparer.OrdinalIgnoreCase.Equals(x, y))
{
ExTraceGlobals.FrameworkTracer.TraceDebug <string>(0L, "GetOrganizationRelationshipSettingsRequestMessage.GetOrganizationIdCachedValueFromDomains() returning null because domain: {0} resolves to multiple organizations.", text);
flag = true;
break;
}
}
}
}
if (organizationId == null)
{
return(null);
}
if (!flag)
{
result = OrganizationIdCache.Singleton.Get(organizationId);
}
return(result);
}
private OrganizationRelationship TryGetOrganizationRelationship(OrganizationId orgId, string targetDomain)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(orgId);
if (organizationIdCacheValue == null)
{
TraceWrapper.SearchLibraryTracer.TraceError(this.GetHashCode(), "Null cache value returned from OrganizationIdCacheValue", new object[0]);
TrackingFatalException.RaiseED(ErrorCode.InvalidADData, "Organization Relationships could not be read for organization {0}", new object[]
{
orgId
});
}
return(organizationIdCacheValue.GetOrganizationRelationship(targetDomain));
}
// Token: 0x060003A8 RID: 936 RVA: 0x00016AF8 File Offset: 0x00014CF8
internal override AutodiscoverResponseMessage Execute()
{
GetOrganizationRelationshipSettingsResponseMessage getOrganizationRelationshipSettingsResponseMessage = new GetOrganizationRelationshipSettingsResponseMessage();
GetOrganizationRelationshipSettingsResponse response = getOrganizationRelationshipSettingsResponseMessage.Response;
if (this.Request == null || this.Request.Domains == null)
{
response.ErrorCode = ErrorCode.InvalidRequest;
response.ErrorMessage = Strings.InvalidRequest;
}
else
{
OrganizationIdCacheValue organizationIdCachedValueFromDomains = this.GetOrganizationIdCachedValueFromDomains();
if (organizationIdCachedValueFromDomains == null)
{
response.ErrorCode = ErrorCode.InvalidRequest;
response.ErrorMessage = Strings.InvalidRequest;
}
else
{
List <SmtpAddress> emailAddressesInClaimSets = this.GetEmailAddressesInClaimSets();
if (emailAddressesInClaimSets == null)
{
response.ErrorCode = ErrorCode.InvalidRequest;
response.ErrorMessage = Strings.InvalidRequest;
}
else
{
ICollection <OrganizationRelationshipSettings> organizationRelationships = this.GetOrganizationRelationships(organizationIdCachedValueFromDomains, emailAddressesInClaimSets);
if (organizationRelationships == null)
{
response.ErrorCode = ErrorCode.InvalidRequest;
response.ErrorMessage = Strings.InvalidRequest;
}
else
{
response.ErrorCode = ErrorCode.NoError;
response.OrganizationRelationships = new OrganizationRelationshipSettingsCollection(organizationRelationships);
}
}
}
}
if (getOrganizationRelationshipSettingsResponseMessage.Response.ErrorCode == ErrorCode.InvalidRequest)
{
this.Set401Status();
getOrganizationRelationshipSettingsResponseMessage = null;
}
return(getOrganizationRelationshipSettingsResponseMessage);
}
// Token: 0x06000302 RID: 770 RVA: 0x000100E8 File Offset: 0x0000E2E8
private string GetRedirectAddressForUserHasNoMailbox(ActiveSyncMiniRecipient activesyncMiniRecipient)
{
string easEndpoint = null;
if (!VariantConfiguration.InvariantNoFlightingSnapshot.ActiveSync.RedirectForOnBoarding.Enabled)
{
AirSyncDiagnostics.TraceDebug(ExTraceGlobals.RequestsTracer, this, "The hybrid on boarding redirect feature is only for OnPrem servers.");
return(null);
}
if (this.context.CommandType != CommandType.Options && this.context.AirSyncVersion < GlobalSettings.MinRedirectProtocolVersion)
{
AirSyncDiagnostics.TraceDebug(ExTraceGlobals.RequestsTracer, this, "The protocol version is less than 14.0 that doesn't support 451 redirect protocol call.");
return(null);
}
AirSyncDiagnostics.FaultInjectionPoint(3414568253U, delegate
{
if (activesyncMiniRecipient != null && activesyncMiniRecipient.ExternalEmailAddress != null)
{
AirSyncDiagnostics.TraceDebug <string>(ExTraceGlobals.RequestsTracer, this, "Try to figure out eas endpoint for user: {0}.", activesyncMiniRecipient.ExternalEmailAddress.AddressString);
this.context.ProtocolLogger.SetValue(ProtocolLoggerData.RedirectTo, "TryToFigureOutEasEndpoint");
SmtpProxyAddress smtpProxyAddress = activesyncMiniRecipient.ExternalEmailAddress as SmtpProxyAddress;
if (smtpProxyAddress != null && !string.IsNullOrEmpty(smtpProxyAddress.AddressString))
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(activesyncMiniRecipient.OrganizationId);
string domain = ((SmtpAddress)smtpProxyAddress).Domain;
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
if (organizationRelationship != null)
{
Uri targetOwaURL = organizationRelationship.TargetOwaURL;
easEndpoint = this.TransferTargetOwaUrlToEasEndpoint(targetOwaURL);
AirSyncDiagnostics.TraceDebug <string>(ExTraceGlobals.RequestsTracer, this, "Redirect to EASEndpoint : {0}.", easEndpoint);
this.context.ProtocolLogger.AppendValue(ProtocolLoggerData.RedirectTo, easEndpoint);
return;
}
AirSyncDiagnostics.TraceDebug <string>(ExTraceGlobals.RequestsTracer, this, "OrganizationRelationShip is null for the domain {0}", domain);
return;
}
else
{
AirSyncDiagnostics.TraceDebug(ExTraceGlobals.RequestsTracer, this, "External email address is null");
}
}
}, delegate
{
Uri targetOwaUri = new Uri("http://outlook.com/owa");
easEndpoint = this.TransferTargetOwaUrlToEasEndpoint(targetOwaUri);
});
return(easEndpoint);
}
internal static OrganizationRelationship GetOrganizationRelationship(OrganizationId organizationId, string requesterDomain)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get((organizationId == null) ? OrganizationId.ForestWideOrgId : organizationId);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(requesterDomain);
if (organizationRelationship == null)
{
FreeBusyPermission.SecurityTracer.TraceDebug <object, string>(0L, "{0}: No organization relationship found for domain {1}", TraceContext.Get(), requesterDomain);
return(null);
}
if (!organizationRelationship.Enabled)
{
FreeBusyPermission.SecurityTracer.TraceDebug <object, string>(0L, "{0}: Organization relationship for domain {1} is disabled.", TraceContext.Get(), requesterDomain);
return(null);
}
return(organizationRelationship);
}
private static FederatedIdentity GetFederatedIdentityForTenant(OrganizationIdCacheValue organizationIdCacheValue, IFederatedIdentityParameters parameters)
{
if (parameters.WindowsLiveID == SmtpAddress.Empty)
{
ExTraceGlobals.FederatedIdentityTracer.TraceError <ADObjectId>(0L, "User '{0}' is in a tenant but doesn't have WindowsLiveID set, so we cannot find if its namespace is federated or managed", parameters.ObjectId);
throw new FederatedIdentityMisconfiguredException();
}
string domain = parameters.WindowsLiveID.Domain;
AuthenticationType arg;
if (!organizationIdCacheValue.NamespaceAuthenticationTypeHash.TryGetValue(domain, out arg))
{
ExTraceGlobals.FederatedIdentityTracer.TraceError <ADObjectId>(0L, "User '{0}' is in a tenant but cannot find AuthenticationType from the cache", parameters.ObjectId);
throw new FederatedIdentityMisconfiguredException();
}
switch (arg)
{
case AuthenticationType.Managed:
return(new FederatedIdentity(parameters.WindowsLiveID.ToString(), IdentityType.UPN));
case AuthenticationType.Federated:
{
string immutableIdPartial = parameters.ImmutableIdPartial;
string text = parameters.ImmutableId;
if (string.IsNullOrEmpty(text) && string.IsNullOrEmpty(immutableIdPartial))
{
ExTraceGlobals.FederatedIdentityTracer.TraceError <ADObjectId>(0L, "User '{0}' is in a federated namespace but doesn't have ImmutableId or OnPremisesObjectId", parameters.ObjectId);
throw new FederatedIdentityMisconfiguredException();
}
if (string.IsNullOrEmpty(text))
{
text = immutableIdPartial + "@" + domain;
ExTraceGlobals.FederatedIdentityTracer.TraceDebug <ADObjectId, string>(0L, "User '{0}' doesn't have ImmutableId set, defaulting to: {1}", parameters.ObjectId, text);
}
else
{
ExTraceGlobals.FederatedIdentityTracer.TraceDebug <ADObjectId, string>(0L, "User '{0}' has ImmutableId set: {1}", parameters.ObjectId, parameters.ImmutableId);
}
return(new FederatedIdentity(text, IdentityType.ImmutableId));
}
default:
ExTraceGlobals.FederatedIdentityTracer.TraceError <ADObjectId, AuthenticationType>(0L, "User '{0}' is in a tenant and its AuthenticationType is unknown: {1}", parameters.ObjectId, arg);
throw new FederatedIdentityMisconfiguredException();
}
}
internal static FederatedIdentity GetFederatedIdentity(IFederatedIdentityParameters parameters)
{
OrganizationId organizationId = parameters.OrganizationId ?? OrganizationId.ForestWideOrgId;
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
FederatedIdentity federatedIdentity;
if (organizationId.ConfigurationUnit == null)
{
ExTraceGlobals.FederatedIdentityTracer.TraceDebug <ADObjectId>(0L, "Handling user '{0}' as enterprise user.", parameters.ObjectId);
federatedIdentity = FederatedIdentityHelper.GetFederatedIdentityForEnterprise(organizationIdCacheValue, parameters);
}
else
{
ExTraceGlobals.FederatedIdentityTracer.TraceDebug <ADObjectId>(0L, "Handling user '{0}' as tenant user.", parameters.ObjectId);
federatedIdentity = FederatedIdentityHelper.GetFederatedIdentityForTenant(organizationIdCacheValue, parameters);
}
ExTraceGlobals.FederatedIdentityTracer.TraceDebug <ADObjectId, FederatedIdentity>(0L, "Federated identity for user '{0}' is: {1}", parameters.ObjectId, federatedIdentity);
return(federatedIdentity);
}
// Token: 0x06001232 RID: 4658 RVA: 0x0004D0F0 File Offset: 0x0004B2F0
private bool PhotoSharingEnabled(PhotoPrincipal requestor, PhotoPrincipal target)
{
OrganizationIdCacheValue organizationIdCacheValue = this.organizationConfigCache.Get((target.OrganizationId == null) ? OrganizationId.ForestWideOrgId : target.OrganizationId);
if (organizationIdCacheValue == null)
{
this.tracer.TraceError((long)this.GetHashCode(), "Photo authorization: target organization's configuration not available in cache.");
return(false);
}
foreach (string domain in requestor.GetEmailAddressDomains())
{
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
if (organizationRelationship != null && organizationRelationship.Enabled && organizationRelationship.PhotosEnabled)
{
return(true);
}
}
return(false);
}
// Token: 0x060005CB RID: 1483 RVA: 0x000202C4 File Offset: 0x0001E4C4
protected ADObjectId ResolveMailboxDatabase(ADRawEntry activeDirectoryRawEntry)
{
if (activeDirectoryRawEntry == null)
{
throw new ArgumentNullException("activeDirectoryRawEntry");
}
SmtpProxyAddress smtpProxyAddress = (SmtpProxyAddress)activeDirectoryRawEntry[ADRecipientSchema.ExternalEmailAddress];
if (smtpProxyAddress != null)
{
OrganizationId organizationId = (OrganizationId)activeDirectoryRawEntry[ADObjectSchema.OrganizationId];
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
SmtpAddress smtpAddress = (SmtpAddress)smtpProxyAddress;
if (!smtpAddress.IsValidAddress)
{
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: ExternalEmailAddress configured is invalid.");
}
}
else
{
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(((SmtpAddress)smtpProxyAddress).Domain);
if (organizationRelationship != null && organizationRelationship.TargetOwaURL != null)
{
string absoluteUri = organizationRelationship.TargetOwaURL.AbsoluteUri;
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug <string>((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: Stop processing and redirect to {0}.", absoluteUri);
}
base.Logger.AppendGenericInfo("ExternalRedir", absoluteUri);
throw new HttpException(302, this.GetCrossPremiseRedirectUrl(smtpAddress.Domain, organizationId.ToExternalDirectoryOrganizationId(), smtpProxyAddress.SmtpAddress));
}
if (ExTraceGlobals.VerboseTracer.IsTraceEnabled(1))
{
ExTraceGlobals.VerboseTracer.TraceDebug((long)this.GetHashCode(), "[OwaProxyRequestHandler::ResolveMailboxDatabase]: Unable to find OrganizationRelationShip or its TargetOwaUrl is not configured.");
}
base.Logger.AppendGenericInfo("ExternalRedir", "Org-Relationship or targetOwaUrl not found.");
}
}
return(null);
}
public static LicenseIdentity GetFederatedLicenseIdentity(OrganizationId organizationId)
{
ArgumentValidator.ThrowIfNull("organizationId", organizationId);
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
FederatedOrganizationId federatedOrganizationId = (organizationIdCacheValue != null) ? organizationIdCacheValue.FederatedOrganizationId : null;
if (organizationIdCacheValue == null || organizationIdCacheValue.FederatedDomains == null || federatedOrganizationId == null || !federatedOrganizationId.Enabled || federatedOrganizationId.AccountNamespace == null || federatedOrganizationId.AccountNamespace.Domain == null)
{
Microsoft.Exchange.Diagnostics.Components.Data.Storage.ExTraceGlobals.RightsManagementTracer.TraceError <OrganizationId>(0L, "GetFederatedLicenseIdentity: Organization {0} does not have any federated domains.", organizationId);
throw new RightsManagementException(RightsManagementFailureCode.FederationNotEnabled, ServerStrings.FederationNotEnabled);
}
string tenantFederatedMailbox = RmsClientManager.IRMConfig.GetTenantFederatedMailbox(organizationId);
if (string.IsNullOrEmpty(tenantFederatedMailbox))
{
Microsoft.Exchange.Diagnostics.Components.Data.Storage.ExTraceGlobals.RightsManagementTracer.TraceError <OrganizationId>(0L, "GetFederatedLicenseIdentity: Organization {0} doesn't have federated identity set.", organizationId);
throw new RightsManagementException(RightsManagementFailureCode.FederatedMailboxNotSet, ServerStrings.FederatedMailboxNotSet(organizationId.ToString()));
}
string[] array = organizationIdCacheValue.FederatedDomains.ToArray <string>();
int num = 0;
while (num < array.Length && num < 50)
{
array[num] = string.Format(CultureInfo.InvariantCulture, "{0}{1}", new object[]
{
"@",
array[num]
});
num++;
}
if (organizationId == OrganizationId.ForestWideOrgId)
{
return(new LicenseIdentity(string.Format(CultureInfo.InvariantCulture, "{0}{1}{2}", new object[]
{
new SmtpAddress(tenantFederatedMailbox).Local,
"@",
federatedOrganizationId.AccountNamespace.Domain
}), array));
}
return(new LicenseIdentity(tenantFederatedMailbox, array));
}
protected override AutoDiscoverQuery CreateAutoDiscoverQuery(string domain, AutoDiscoverQueryItem[] queryItems, int redirectionDepth)
{
AutoDiscoverQuery.AutoDiscoverTracer.TraceDebug <object, string>((long)this.GetHashCode(), "{0}: Search for OrganizationRelationship for domain {1}", TraceContext.Get(), domain);
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(base.ClientContext.OrganizationId);
IntraOrganizationConnector intraOrganizationConnector = organizationIdCacheValue.GetIntraOrganizationConnector(domain);
if (intraOrganizationConnector == null)
{
AutoDiscoverQuery.AutoDiscoverTracer.TraceError <object, string>((long)this.GetHashCode(), "{0}: IntraOrganizationConnector lookup for domain {1} found nothing", TraceContext.Get(), domain);
throw new AutoDiscoverFailedException(Strings.descConfigurationInformationNotFound(domain), 58684U);
}
if (intraOrganizationConnector.DiscoveryEndpoint == null)
{
AutoDiscoverQuery.AutoDiscoverTracer.TraceError <object, string, ADObjectId>((long)this.GetHashCode(), "{0}: IntraOrganizationConnector lookup for domain {1} found {2}, but it doesn't have DiscoveryEndpoint set", TraceContext.Get(), domain, intraOrganizationConnector.Id);
throw new AutoDiscoverFailedException(Strings.descMisconfiguredIntraOrganizationConnector(intraOrganizationConnector.Id.ToString()), 34108U);
}
AutoDiscoverQuery.AutoDiscoverTracer.TraceDebug <object, string, ADObjectId>((long)this.GetHashCode(), "{0}: IntraOrganizationConnector lookup for domain {1} found {2}", TraceContext.Get(), domain, intraOrganizationConnector.Id);
QueryList queryListFromQueryItems = base.GetQueryListFromQueryItems(queryItems);
return(new AutoDiscoverQueryExternalByOAuth(base.Application, base.ClientContext, base.RequestLogger, intraOrganizationConnector.DiscoveryEndpoint, base.Authenticator, queryItems, redirectionDepth, base.CreateAutoDiscoverRequest, queryListFromQueryItems));
}
protected override AutoDiscoverQuery CreateAutoDiscoverQuery(string domain, AutoDiscoverQueryItem[] queryItems, int redirectionDepth)
{
AutoDiscoverQuery.AutoDiscoverTracer.TraceDebug <object, string>((long)this.GetHashCode(), "{0}: Search for OrganizationRelationship for domain {1}", TraceContext.Get(), domain);
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(base.ClientContext.OrganizationId);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
if (organizationRelationship == null)
{
AutoDiscoverQuery.AutoDiscoverTracer.TraceError <object, string>((long)this.GetHashCode(), "{0}: OrganizationRelationship lookup for domain {1} found nothing", TraceContext.Get(), domain);
throw new AutoDiscoverFailedException(Strings.descConfigurationInformationNotFound(domain), 54588U);
}
if (organizationRelationship.TargetAutodiscoverEpr == null)
{
AutoDiscoverQuery.AutoDiscoverTracer.TraceError <object, string, ADObjectId>((long)this.GetHashCode(), "{0}: OrganizationRelationship lookup for domain {1} found {2}, but it doesn't have TargetAutodiscoverEpr set", TraceContext.Get(), domain, organizationRelationship.Id);
throw new AutoDiscoverFailedException(Strings.descMisconfiguredOrganizationRelationship(organizationRelationship.Id.ToString()), 42300U);
}
AutoDiscoverQuery.AutoDiscoverTracer.TraceDebug <object, string, ADObjectId>((long)this.GetHashCode(), "{0}: OrganizationRelationship lookup for domain {1} found {2}", TraceContext.Get(), domain, organizationRelationship.Id);
QueryList queryListFromQueryItems = base.GetQueryListFromQueryItems(queryItems);
return(new AutoDiscoverQueryExternal(base.Application, base.ClientContext, base.RequestLogger, organizationRelationship.TargetAutodiscoverEpr, base.Authenticator, queryItems, redirectionDepth, base.CreateAutoDiscoverRequest, queryListFromQueryItems));
}
private static FederatedIdentity GetFederatedIdentityForEnterprise(OrganizationIdCacheValue organizationIdCacheValue, IFederatedIdentityParameters parameters)
{
string domain = organizationIdCacheValue.FederatedOrganizationId.AccountNamespaceWithWellKnownSubDomain.Domain;
string text = parameters.ImmutableId;
if (!string.IsNullOrEmpty(text))
{
string value = "@" + domain;
if (!text.EndsWith(value, StringComparison.OrdinalIgnoreCase))
{
ExTraceGlobals.FederatedIdentityTracer.TraceError <ADObjectId, string, string>(0L, "User '{0}' has ImmutableId set to '{1}' but it doesn't match AccountNamespace '{2}' and it was ignored.", parameters.ObjectId, text, domain);
text = null;
}
}
if (string.IsNullOrEmpty(text))
{
text = Convert.ToBase64String(parameters.ObjectId.ObjectGuid.ToByteArray()) + "@" + domain;
ExTraceGlobals.FederatedIdentityTracer.TraceDebug <ADObjectId, string>(0L, "User '{0}' doesn't have ImmutableId set, generated one: {1}", parameters.ObjectId, text);
}
return(new FederatedIdentity(text, IdentityType.ImmutableId));
}
// Token: 0x06000220 RID: 544 RVA: 0x0000CBEC File Offset: 0x0000ADEC
private static OrganizationRelationship GetOrganizationRelationship(ADRecipient user, string overrideOwaUrlString = null)
{
if (overrideOwaUrlString != null)
{
ExTraceGlobals.FrameworkTracer.TraceDebug(0L, "[MobileRedirectOptimization] Creating mock OrganizationRelationship for testing.");
return(new OrganizationRelationship
{
TargetOwaURL = new Uri(overrideOwaUrlString),
Enabled = true
});
}
ExTraceGlobals.FrameworkTracer.TraceDebug <string>(0L, "[MobileRedirectOptimization] Attempting to retrieve OrganizationRelationship for user {0}.", MobileRedirectOptimization.SafeGetEmailAddressStringFromADUser(user));
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(user.OrganizationId);
if (organizationIdCacheValue != null)
{
string text = MobileRedirectOptimization.SafeGetEmailDomainFromADUser(user);
if (text != null)
{
return(organizationIdCacheValue.GetOrganizationRelationship(text));
}
}
return(null);
}
internal override AutodiscoverResponseMessage Execute()
{
GetFederationInformationResponseMessage getFederationInformationResponseMessage = new GetFederationInformationResponseMessage();
GetFederationInformationResponse response = getFederationInformationResponseMessage.Response;
if (this.Request == null || this.Request.Domain == null || !SmtpAddress.IsValidDomain(this.Request.Domain))
{
response.ErrorCode = ErrorCode.InvalidRequest;
response.ErrorMessage = Strings.InvalidRequest;
}
else
{
ExternalAuthentication current = ExternalAuthentication.GetCurrent();
if (!current.Enabled)
{
response.ErrorCode = ErrorCode.NotFederated;
response.ErrorMessage = Strings.NotFederated;
}
else
{
IEnumerable <string> enumerable = null;
OrganizationId organizationId = DomainToOrganizationIdCache.Singleton.Get(new SmtpDomain(this.Request.Domain));
if (organizationId != null)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
enumerable = organizationIdCacheValue.FederatedDomains;
}
else
{
try
{
string text = MserveDomainCache.Singleton.Get(this.Request.Domain);
if (!string.IsNullOrEmpty(text))
{
AutodiscoverAuthorizationManager.BuildRedirectUrlAndRedirectCaller(OperationContext.Current, text);
return(null);
}
}
catch (OverBudgetException arg)
{
ExTraceGlobals.FrameworkTracer.TraceError <OverBudgetException>(0L, "GetFederationInformationRequestMessage.Execute() returning ServerBusy for exception: {0}.", arg);
response.ErrorCode = ErrorCode.ServerBusy;
response.ErrorMessage = Strings.ServerBusy;
return(getFederationInformationResponseMessage);
}
}
if (enumerable == null)
{
response.ErrorCode = ErrorCode.InvalidDomain;
response.ErrorMessage = Strings.InvalidDomain;
}
else
{
List <TokenIssuer> list = new List <TokenIssuer>(2);
SecurityTokenService securityTokenService = current.GetSecurityTokenService(organizationId);
if (securityTokenService != null)
{
list.Add(new TokenIssuer(securityTokenService.TokenIssuerUri, securityTokenService.TokenIssuerEndpoint));
}
response.ErrorCode = ErrorCode.NoError;
response.ApplicationUri = current.ApplicationUri;
response.Domains = new DomainCollection(enumerable);
response.TokenIssuers = new TokenIssuerCollection(list);
}
}
}
return(getFederationInformationResponseMessage);
}
public static bool TryGetDiscoveryEndPoint(OrganizationId orgId, string crossPremiseDomain, Func <OrganizationId, OrganizationIdCacheValue> getOrgIdCacheValue, Func <OrganizationIdCacheValue, string, IntraOrganizationConnector> getIntraOrganizationConnector, Func <OrganizationIdCacheValue, string, OrganizationRelationship> getOrganizationRelationShip, out Uri discoveryEndPoint, out EndPointDiscoveryInfo info)
{
discoveryEndPoint = null;
info = new EndPointDiscoveryInfo();
if (orgId == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, "orgId is null");
return(false);
}
if (string.IsNullOrEmpty(crossPremiseDomain))
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, "crossPremiseDomain is invalid");
return(false);
}
try
{
OrganizationIdCacheValue organizationIdCacheValue = null;
if (getOrgIdCacheValue == null)
{
organizationIdCacheValue = OrganizationIdCache.Singleton.Get(orgId);
}
else
{
organizationIdCacheValue = getOrgIdCacheValue(orgId);
}
IntraOrganizationConnector intraOrganizationConnector = null;
try
{
if (getIntraOrganizationConnector == null)
{
if (organizationIdCacheValue == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, string.Format("OrganizationIdCacheValue == null. OrgID=[{0}], domain=[{1}]. getOrgIdCacheValue is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrgIdCacheValue == null) ? string.Empty : " not"));
return(false);
}
intraOrganizationConnector = organizationIdCacheValue.GetIntraOrganizationConnector(crossPremiseDomain);
}
else
{
intraOrganizationConnector = getIntraOrganizationConnector(organizationIdCacheValue, crossPremiseDomain);
}
}
catch (Exception ex)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.IocException, ex.ToString());
}
if (intraOrganizationConnector == null)
{
string message = string.Format("IntraOrganizationConnector lookup for org [{0}], domain [{1}] found nothing. getIntraOrganizationConnector is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getIntraOrganizationConnector == null) ? string.Empty : " not");
info.AddInfo((info.Status == EndPointDiscoveryInfo.DiscoveryStatus.Success) ? EndPointDiscoveryInfo.DiscoveryStatus.IocNotFound : info.Status, message);
}
else
{
if (!(intraOrganizationConnector.DiscoveryEndpoint == null))
{
ExTraceGlobals.ServiceDiscoveryTracer.TraceDebug(0L, "IntraOrganizationConnector lookup for org [{0}], domain [{1}] found [{2}]. End point=[{3}].", new object[]
{
orgId.ToExternalDirectoryOrganizationId(),
crossPremiseDomain,
intraOrganizationConnector.Id,
intraOrganizationConnector.DiscoveryEndpoint
});
discoveryEndPoint = intraOrganizationConnector.DiscoveryEndpoint;
return(true);
}
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.IocNoUri, string.Format("IntraOrganizationConnector lookup for org [{0}], domain [{1}] found [{2}], but it doesn't have DiscoveryEndpoint set. getIntraOrganizationConnector is{3} null.", new object[]
{
orgId.ToExternalDirectoryOrganizationId(),
crossPremiseDomain,
intraOrganizationConnector.Id,
(getIntraOrganizationConnector == null) ? string.Empty : " not"
}));
}
OrganizationRelationship organizationRelationship;
if (getOrganizationRelationShip == null)
{
if (organizationIdCacheValue == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, string.Format("OrganizationIdCacheValue is null. OrgID=[{0}], domain=[{1}]. getOrgIdCacheValue is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrgIdCacheValue == null) ? string.Empty : " not"));
return(false);
}
organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(crossPremiseDomain);
}
else
{
organizationRelationship = getOrganizationRelationShip(organizationIdCacheValue, crossPremiseDomain);
}
if (organizationRelationship == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.OrNotFound, string.Format("Unable to find the org relationship for OrgID=[{0}], domain=[{1}]. getOrganizationRelationShip is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrganizationRelationShip == null) ? string.Empty : " not"));
return(false);
}
if (organizationRelationship.TargetAutodiscoverEpr == null)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.OrNoUri, string.Format("The TargetAutodiscoverEpr in org relationship is null for OrgID=[{0}], domain=[{1}]. getOrganizationRelationShip is{2} null.", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, (getOrganizationRelationShip == null) ? string.Empty : " not"));
return(false);
}
ExTraceGlobals.ServiceDiscoveryTracer.TraceDebug <string, string, Uri>(0L, "OrganizationRelationship lookup for org [{0}], domain [{1}] found end point: [{2}]", orgId.ToExternalDirectoryOrganizationId(), crossPremiseDomain, organizationRelationship.TargetAutodiscoverEpr);
discoveryEndPoint = organizationRelationship.TargetAutodiscoverEpr;
}
catch (Exception ex2)
{
info.AddInfo(EndPointDiscoveryInfo.DiscoveryStatus.Error, ex2.ToString());
return(false);
}
return(true);
}
// Token: 0x060003AC RID: 940 RVA: 0x00016E68 File Offset: 0x00015068
private ICollection <OrganizationRelationshipSettings> GetOrganizationRelationships(OrganizationIdCacheValue organizationIdCacheValue, List <SmtpAddress> addressList)
{
Dictionary <string, OrganizationRelationshipSettings> dictionary = new Dictionary <string, OrganizationRelationshipSettings>();
foreach (SmtpAddress smtpAddress in addressList)
{
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(smtpAddress.Domain);
if (organizationRelationship == null)
{
ExTraceGlobals.FrameworkTracer.TraceDebug <string>(0L, "GetOrganizationRelationshipSettingsRequestMessage.GetOrganizationRelationships() domain: {0} does not match any organization relationship.", smtpAddress.Domain);
}
else if (!organizationRelationship.Enabled)
{
ExTraceGlobals.FrameworkTracer.TraceDebug <string, OrganizationId>(0L, "GetOrganizationRelationshipSettingsRequestMessage.GetOrganizationRelationships() organization relationship for domain: {0} with id {1} is disabled.", smtpAddress.Domain, organizationIdCacheValue.OrganizationId);
}
else if (!dictionary.ContainsKey(organizationRelationship.DistinguishedName))
{
dictionary.Add(organizationRelationship.DistinguishedName, new OrganizationRelationshipSettings(organizationRelationship));
}
}
if (dictionary.Count == 0)
{
return(null);
}
return(dictionary.Values);
}
protected static bool IsNamespaceFederated(OrganizationId organizationId, string domain)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
return(organizationIdCacheValue.GetNamespaceAuthenticationType(domain) == AuthenticationType.Federated);
}
private void Discover(ExchangePrincipal principal, ADUser executingUser, out string ewsEndpoint, out DelegationTokenRequest ewsTokenRequest)
{
SmtpAddress value = principal.MailboxInfo.RemoteIdentity.Value;
ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(OrganizationId.ForestWideOrgId);
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(null, true, ConsistencyMode.FullyConsistent, null, sessionSettings, ConfigScopes.TenantSubTree, 168, "Discover", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Search\\MailboxSearch\\MailboxSearchEwsClient.cs");
ADUser aduser = null;
TransportConfigContainer transportConfigContainer = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(true, ConsistencyMode.IgnoreInvalid, sessionSettings, 171, "Discover", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Search\\MailboxSearch\\MailboxSearchEwsClient.cs").FindSingletonConfigurationObject <TransportConfigContainer>();
if (transportConfigContainer != null && transportConfigContainer.OrganizationFederatedMailbox != SmtpAddress.NullReversePath)
{
SmtpAddress organizationFederatedMailbox = transportConfigContainer.OrganizationFederatedMailbox;
ProxyAddress proxyAddress = null;
try
{
proxyAddress = ProxyAddress.Parse(organizationFederatedMailbox.ToString());
}
catch (ArgumentException ex)
{
ExTraceGlobals.SessionTracer.TraceError <string>((long)this.GetHashCode(), "Proxy address of organization federated mailbox is invalid: {0}", ex.ToString());
}
if (proxyAddress != null && !(proxyAddress is InvalidProxyAddress))
{
aduser = (tenantOrRootOrgRecipientSession.FindByProxyAddress(proxyAddress) as ADUser);
}
}
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(OrganizationId.ForestWideOrgId);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(value.Domain);
if (aduser == null || organizationRelationship == null)
{
throw new OrganizationNotFederatedException();
}
DelegationTokenRequest request = new DelegationTokenRequest
{
FederatedIdentity = aduser.GetFederatedIdentity(),
EmailAddress = aduser.GetFederatedSmtpAddress().ToString(),
Target = organizationRelationship.GetTokenTarget(),
Offer = Offer.Autodiscover
};
FedOrgCredentials credentials = new FedOrgCredentials(request, this.GetSecurityTokenService(aduser.OrganizationId));
Uri uri = null;
using (AutoDiscoverUserSettingsClient autoDiscoverUserSettingsClient = AutoDiscoverUserSettingsClient.CreateInstance(DirectorySessionFactory.Default.CreateTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 215, "Discover", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Search\\MailboxSearch\\MailboxSearchEwsClient.cs"), credentials, value, organizationRelationship.TargetAutodiscoverEpr, MailboxSearchEwsClient.AutoDiscoverRequestedSettings))
{
UserSettings userSettings = autoDiscoverUserSettingsClient.Discover();
StringSetting stringSetting = userSettings.GetSetting("ExternalEwsUrl") as StringSetting;
if (stringSetting == null || !Uri.TryCreate(stringSetting.Value, UriKind.Absolute, out uri))
{
throw new AutoDAccessException(ServerStrings.AutoDRequestFailed);
}
}
ewsEndpoint = EwsWsSecurityUrl.Fix(uri.ToString());
string text = null;
if (executingUser.EmailAddresses != null && executingUser.EmailAddresses.Count > 0)
{
List <string> federatedEmailAddresses = executingUser.GetFederatedEmailAddresses();
if (federatedEmailAddresses != null && federatedEmailAddresses.Count > 0)
{
text = federatedEmailAddresses[0];
}
}
if (string.IsNullOrEmpty(text))
{
ewsTokenRequest = new DelegationTokenRequest
{
FederatedIdentity = aduser.GetFederatedIdentity(),
EmailAddress = aduser.GetFederatedSmtpAddress().ToString(),
Target = organizationRelationship.GetTokenTarget(),
Offer = Offer.MailboxSearch
};
return;
}
ewsTokenRequest = new DelegationTokenRequest
{
FederatedIdentity = executingUser.GetFederatedIdentity(),
EmailAddress = text.ToString(),
Target = organizationRelationship.GetTokenTarget(),
Offer = Offer.MailboxSearch
};
}
public SharingInformation Read(EmailAddress emailAddress, Application application)
{
if (this.requester == null)
{
SharingReader.RequestRoutingTracer.TraceError <object, string>((long)this.GetHashCode(), "{0}: Unable to get the requestor from the client context - address {1}", TraceContext.Get(), emailAddress.Address);
return(new SharingInformation(new InvalidClientSecurityContextException()));
}
if (this.supportsPersonalSharing)
{
SharingSubscriptionData userSubscription = this.SubscriptionLoader.GetUserSubscription(emailAddress);
if (!this.SubscriptionLoader.IsValid)
{
SharingReader.RequestRoutingTracer.TraceError <object, EmailAddress, Exception>((long)this.GetHashCode(), "{0}: SubscriptionLoader cannot open mailbox {1}. Exception: {2}", TraceContext.Get(), emailAddress, this.SubscriptionLoader.HandledException);
}
if (userSubscription != null)
{
SharingReader.RequestRoutingTracer.TraceDebug <object, string>((long)this.GetHashCode(), "{0}: Found a personal relationship for {1}", TraceContext.Get(), emailAddress.Address);
if (SmtpAddress.IsValidSmtpAddress(userSubscription.SubscriberIdentity) && SmtpAddress.IsValidSmtpAddress(userSubscription.SharingKey))
{
Uri sharingUrl = userSubscription.SharingUrl;
return(new SharingInformation(new SmtpAddress(userSubscription.SubscriberIdentity), new SmtpAddress(userSubscription.SharingKey), new TokenTarget(userSubscription.SharerIdentityFederationUri), new WebServiceUri(sharingUrl.OriginalString, sharingUrl.Scheme, UriSource.Directory, Globals.E14SP2Version), null));
}
SharingReader.RequestRoutingTracer.TraceError <object, EmailAddress>((long)this.GetHashCode(), "{0}: The subscriber information in the mailbox is invalid for address {1}. Personal subscription can't be used.", TraceContext.Get(), emailAddress);
}
}
string domain = emailAddress.Domain;
OrganizationId key = (this.requester.OrganizationId == null) ? OrganizationId.ForestWideOrgId : this.requester.OrganizationId;
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(key);
SharingReader.RequestRoutingTracer.TraceDebug <object, string>((long)this.GetHashCode(), "{0}: Looking for an Intra-Organization connector with domain {1}.", TraceContext.Get(), domain);
IntraOrganizationConnector intraOrganizationConnector = organizationIdCacheValue.GetIntraOrganizationConnector(domain);
WebServiceUri targetSharingEpr;
if (intraOrganizationConnector != null && intraOrganizationConnector.Enabled)
{
Uri discoveryEndpoint = intraOrganizationConnector.DiscoveryEndpoint;
int autodiscoverVersionBucket = application.GetAutodiscoverVersionBucket(AutodiscoverType.External);
targetSharingEpr = RemoteServiceUriCache.Get(emailAddress, autodiscoverVersionBucket);
return(new SharingInformation(this.requester.PrimarySmtpAddress, targetSharingEpr, discoveryEndpoint));
}
SharingReader.RequestRoutingTracer.TraceDebug <object, string>((long)this.GetHashCode(), "{0}: Looking for an Organization Relationship with domain {1}.", TraceContext.Get(), domain);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
if (organizationRelationship == null)
{
SharingReader.RequestRoutingTracer.TraceError <object, string, EmailAddress>((long)this.GetHashCode(), "{0}: Unable to find a organization Relationship with domain {1} for emailAddress {2}.", TraceContext.Get(), emailAddress.Domain, emailAddress);
return(null);
}
if (!organizationRelationship.Enabled)
{
SharingReader.RequestRoutingTracer.TraceError <object, OrganizationRelationship, string>((long)this.GetHashCode(), "{0}: Organization Relationship {1} is not enabled for access to domain {2}. Ignoring this relationship.", TraceContext.Get(), organizationRelationship, emailAddress.Domain);
return(null);
}
if (!application.EnabledInRelationship(organizationRelationship))
{
SharingReader.RequestRoutingTracer.TraceError((long)this.GetHashCode(), "{0}: Organization Relationship {1} is not enabled for application {2} to domain {3}. Ignoring this relationship.", new object[]
{
TraceContext.Get(),
organizationRelationship,
application.GetType(),
emailAddress.Domain
});
return(null);
}
if (!organizationRelationship.IsValidForRequestDispatcher())
{
SharingReader.RequestRoutingTracer.TraceError((long)this.GetHashCode(), "{0}: Organization Relationship is invalid for dispatching requests, TargetApplicationUri:{1}, TargetSharingEpr:{2}, AutoDiscoverEpr:{3}.", new object[]
{
TraceContext.Get(),
organizationRelationship.TargetApplicationUri,
organizationRelationship.TargetSharingEpr,
organizationRelationship.TargetAutodiscoverEpr
});
return(new SharingInformation(new InvalidOrganizationRelationshipForRequestDispatcherException(organizationRelationship.ToString())));
}
if (DateTime.UtcNow > this.readDeadline)
{
return(new SharingInformation(new TimeoutExpiredException("OrganizationRelationship lookup")));
}
Uri targetSharingEpr2 = organizationRelationship.TargetSharingEpr;
if (targetSharingEpr2 == null)
{
int autodiscoverVersionBucket2 = application.GetAutodiscoverVersionBucket(AutodiscoverType.External);
targetSharingEpr = RemoteServiceUriCache.Get(emailAddress, autodiscoverVersionBucket2);
}
else
{
targetSharingEpr = new WebServiceUri(targetSharingEpr2.OriginalString, targetSharingEpr2.Scheme, UriSource.Directory, Globals.E14SP2Version);
}
return(new SharingInformation(this.requester.PrimarySmtpAddress, SmtpAddress.Empty, organizationRelationship.GetTokenTarget(), targetSharingEpr, organizationRelationship.TargetAutodiscoverEpr));
}
