private static FreeBusyPermissionLevel FromInternalClient(InternalClientContext internalClientContext, RawSecurityDescriptor securityDescriptor, FreeBusyQuery freeBusyQuery)
{
if (internalClientContext.ClientSecurityContext == null)
{
FreeBusyPermission.SecurityTracer.TraceDebug <object, EmailAddress>(0L, "{0}: Caller {1} has no ClientSecurityContext, using default context as 'everyone'.", TraceContext.Get(), freeBusyQuery.Email);
return(FreeBusyPermission.AccessCheck(securityDescriptor, ClientSecurityContext.FreeBusyPermissionDefaultClientSecurityContext));
}
if (!Configuration.UseDisabledAccount || VariantConfiguration.GetSnapshot(MachineSettingsContext.Local, null, null).Global.MultiTenancy.Enabled)
{
return(FreeBusyPermission.GetPermissionLevel(internalClientContext.ClientSecurityContext, freeBusyQuery, securityDescriptor));
}
FreeBusyPermission.SecurityTracer.TraceDebug <object, InternalClientContext>(0L, "{0}: Creating a munged security context for caller {1}.", TraceContext.Get(), internalClientContext);
ClientSecurityContext clientSecurityContext = null;
try
{
clientSecurityContext = new SlaveAccountTokenMunger().MungeToken(internalClientContext.ClientSecurityContext, OrganizationId.ForestWideOrgId);
return(FreeBusyPermission.GetPermissionLevel(clientSecurityContext, freeBusyQuery, securityDescriptor));
}
catch (TokenMungingException arg)
{
FreeBusyPermission.SecurityTracer.TraceError <object, InternalClientContext, TokenMungingException>(0L, "{0}: Unable to get the munged token for Caller {1}, error {2}, using the client context supplied.", TraceContext.Get(), internalClientContext, arg);
}
finally
{
if (clientSecurityContext != null)
{
clientSecurityContext.Dispose();
}
}
return(FreeBusyPermission.GetPermissionLevel(internalClientContext.ClientSecurityContext, freeBusyQuery, securityDescriptor));
}
public static FreeBusyPermissionLevel DetermineAllowedAccess(ClientContext clientContext, MailboxSession session, CalendarFolder calendarFolder, FreeBusyQuery freeBusyQuery, bool defaultFreeBusyOnly)
{
RawSecurityDescriptor rawSecurityDescriptor = calendarFolder.TryGetProperty(CalendarFolderSchema.FreeBusySecurityDescriptor) as RawSecurityDescriptor;
if (rawSecurityDescriptor == null)
{
FreeBusyPermission.SecurityTracer.TraceDebug <object, CalendarFolder>(0L, "{0}: Unable to retrieve FreeBusySecurityDescriptor from folder {1}. Using None as permission level.", TraceContext.Get(), calendarFolder);
return(FreeBusyPermissionLevel.None);
}
if (FreeBusyPermission.SecurityTracer.IsTraceEnabled(TraceType.DebugTrace))
{
string sddlForm = rawSecurityDescriptor.GetSddlForm(AccessControlSections.All);
FreeBusyPermission.SecurityTracer.TraceDebug <object, EmailAddress, string>(0L, "{0}: The SDDL form of calendar folder security descriptor of mailbox {1} is: {2}.", TraceContext.Get(), freeBusyQuery.Email, sddlForm);
}
if (defaultFreeBusyOnly)
{
FreeBusyPermission.SecurityTracer.TraceDebug(0L, "{0}: Using DefaultClientSecurityContext because of defaultFreeBusyOnly is set.", new object[]
{
TraceContext.Get()
});
return(FreeBusyPermission.AccessCheck(rawSecurityDescriptor, ClientSecurityContext.FreeBusyPermissionDefaultClientSecurityContext));
}
InternalClientContext internalClientContext = clientContext as InternalClientContext;
if (internalClientContext != null)
{
return(FreeBusyPermission.FromInternalClient(internalClientContext, rawSecurityDescriptor, freeBusyQuery));
}
ExternalClientContext externalClientContext = clientContext as ExternalClientContext;
return(FreeBusyPermission.FromExternalClient(externalClientContext, session, rawSecurityDescriptor, freeBusyQuery));
}
public ExternalProxyWebRequestWithAutoDiscover(Application application, InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, ExternalAuthenticationRequest autoDiscoverExternalAuthenticationRequest, ExternalAuthenticationRequest webProxyExternalAuthenticationRequest, Uri autoDiscoverUrl, SmtpAddress sharingKey, CreateAutoDiscoverRequestDelegate createAutoDiscoverRequest) : base(application, clientContext, RequestType.FederatedCrossForest, requestLogger, queryList)
{
this.autoDiscoverExternalAuthenticationRequest = autoDiscoverExternalAuthenticationRequest;
this.webProxyExternalAuthenticationRequest = webProxyExternalAuthenticationRequest;
this.autoDiscoverUrl = autoDiscoverUrl;
this.sharingKey = sharingKey;
this.createAutoDiscoverRequest = createAutoDiscoverRequest;
}
private void DisposeIfInternalContext()
{
InternalClientContext internalClientContext = base.ClientContext as InternalClientContext;
if (internalClientContext != null)
{
internalClientContext.Dispose();
}
}
private static ClientContext CloneIfInternalContext(ClientContext clientContext)
{
InternalClientContext internalClientContext = clientContext as InternalClientContext;
if (internalClientContext != null)
{
return(internalClientContext.Clone());
}
return(clientContext);
}
private static void SetCredentialsProperties(OAuthCredentials creds, InternalClientContext clientContext, RequestLogger requestLogger)
{
creds.Tracer = new OAuthCredentialsFactory.OAuthOutboundTracer(requestLogger);
string messageId = clientContext.MessageId;
Guid value;
if (messageId.StartsWith(OAuthCredentialsFactory.messagePrefix) && messageId.Length > OAuthCredentialsFactory.messagePrefixLength && Guid.TryParse(messageId.Substring(OAuthCredentialsFactory.messagePrefixLength), out value))
{
creds.ClientRequestId = new Guid?(value);
}
}
private InternalClientContext(InternalClientContext clientContext, ClientSecurityContext clientSecurityContext, bool ownsClientSecurityContext, ExchangeVersionType requestSchemaVersion) : base(clientContext.Budget, clientContext.TimeZone, clientContext.ClientCulture, clientContext.MessageId)
{
this.clientSecurityContext = clientSecurityContext;
this.ownsClientSecurityContext = ownsClientSecurityContext;
this.adUser = clientContext.adUser;
this.adUserInitialized = clientContext.adUserInitialized;
this.organizationId = clientContext.OrganizationId;
this.serializedSecurityContext = clientContext.serializedSecurityContext;
this.identityForFilteredTracing = clientContext.identityForFilteredTracing;
this.RequestSchemaVersion = requestSchemaVersion;
}
public static OAuthCredentials CreateAsApp(InternalClientContext clientContext, RequestLogger requestLogger)
{
ArgumentValidator.ThrowIfNull("clientContext", clientContext);
OrganizationId organizationId = clientContext.OrganizationId;
string domain = clientContext.ADUser.PrimarySmtpAddress.Domain;
string text = FaultInjection.TraceTest <string>((FaultInjection.LIDs) 2743479613U);
if (!string.IsNullOrEmpty(text))
{
domain = SmtpAddress.Parse(text).Domain;
organizationId = OrganizationId.FromAcceptedDomain(domain);
}
OAuthCredentials oauthCredentialsForAppToken = OAuthCredentials.GetOAuthCredentialsForAppToken(organizationId, domain);
OAuthCredentialsFactory.SetCredentialsProperties(oauthCredentialsForAppToken, clientContext, requestLogger);
return(oauthCredentialsForAppToken);
}
public static OAuthCredentials Create(InternalClientContext clientContext, RequestLogger requestLogger)
{
ArgumentValidator.ThrowIfNull("clientContext", clientContext);
OrganizationId organizationId = clientContext.OrganizationId;
ADUser aduser = clientContext.ADUser;
string text = FaultInjection.TraceTest <string>((FaultInjection.LIDs) 2743479613U);
if (!string.IsNullOrEmpty(text))
{
SmtpAddress smtpAddress = SmtpAddress.Parse(text);
IRecipientSession recipientSession = DirectorySessionFactory.Default.CreateTenantRecipientSession(true, ConsistencyMode.IgnoreInvalid, ADSessionSettings.FromTenantAcceptedDomain(smtpAddress.Domain), 68, "Create", "f:\\15.00.1497\\sources\\dev\\infoworker\\src\\common\\RequestDispatch\\OAuthCredentialsFactory.cs");
aduser = (recipientSession.FindByProxyAddress(ProxyAddress.Parse(text)) as ADUser);
organizationId = aduser.OrganizationId;
}
OAuthCredentials oauthCredentialsForAppActAsToken = OAuthCredentials.GetOAuthCredentialsForAppActAsToken(organizationId, aduser, null);
OAuthCredentialsFactory.SetCredentialsProperties(oauthCredentialsForAppActAsToken, clientContext, requestLogger);
return(oauthCredentialsForAppActAsToken);
}
private AutoDiscoverResult GetResult(RecipientData recipientData, WebServiceUri webServiceUri)
{
if (!base.Application.IsVersionSupported(webServiceUri.ServerVersion))
{
AutoDiscoverQuery.AutoDiscoverTracer.TraceError <object, int, Type>((long)this.GetHashCode(), "{0}: Remote server version {1} is considered a legacy server by {2} application.", TraceContext.Get(), webServiceUri.ServerVersion, base.Application.GetType());
return(new AutoDiscoverResult(base.Application.CreateExceptionForUnsupportedVersion(recipientData, webServiceUri.ServerVersion)));
}
AutoDiscoverQuery.AutoDiscoverTracer.TraceDebug <object, Uri, EmailAddress>((long)this.GetHashCode(), "{0}: Found availability service {1} that can fill request for mailbox {2}", TraceContext.Get(), webServiceUri.Uri, (recipientData != null) ? recipientData.EmailAddress : null);
SerializedSecurityContext serializedSecurityContext = null;
InternalClientContext internalClientContext = base.ClientContext as InternalClientContext;
if (this.targetForestConfiguration.IsPerUserAuthorizationSupported && internalClientContext != null)
{
serializedSecurityContext = internalClientContext.SerializedSecurityContext;
}
ProxyAuthenticator proxyAuthenticatorForAutoDiscover = this.targetForestConfiguration.GetProxyAuthenticatorForAutoDiscover(webServiceUri.Uri, serializedSecurityContext, base.ClientContext.MessageId);
return(new AutoDiscoverResult(webServiceUri, proxyAuthenticatorForAutoDiscover));
}
public GetFolderRequest(Application application, InternalClientContext clientContext, RequestType requestType, RequestLogger requestLogger, BaseQuery query, Uri url) : base(application, clientContext, requestLogger, "GetFolderRequest")
{
if (query.RecipientData == null || query.RecipientData.AssociatedFolderId == null)
{
throw new InvalidOperationException("Unable to get associated folder id");
}
this.query = query;
this.url = url.OriginalString;
this.binding = new ExchangeServiceBinding(Globals.CertificateValidationComponentId, new RemoteCertificateValidationCallback(CertificateErrorHandler.CertValidationCallback));
this.binding.Url = url.OriginalString;
this.binding.RequestServerVersionValue = new RequestServerVersion();
this.binding.RequestServerVersionValue.Version = ExchangeVersionType.Exchange2007_SP1;
Server localServer = LocalServerCache.LocalServer;
if (localServer != null && localServer.InternetWebProxy != null)
{
GetFolderRequest.GetFolderRequestTracer.TraceDebug <GetFolderRequest, Uri>((long)this.GetHashCode(), "{0}: Using custom InternetWebProxy {1}", this, localServer.InternetWebProxy);
this.binding.Proxy = new WebProxy(localServer.InternetWebProxy);
}
}
public GetFolderAndProxyRequestWithAutoDiscover(Application application, InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, TargetForestConfiguration targetForestConfiguration) : base(application, clientContext, RequestType.CrossForest, requestLogger, queryList)
{
this.targetForestConfiguration = targetForestConfiguration;
}
public override AsyncRequestWithQueryList CreateExternalByOAuthAsyncRequestWithAutoDiscover(InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, Uri autoDiscoverUrl)
{
return(new ExternalByOAuthProxyWebRequestWithAutoDiscover(this, clientContext, requestLogger, queryList, autoDiscoverUrl, new CreateAutoDiscoverRequestDelegate(AutoDiscoverRequestByUser.Create)));
}
public override AsyncRequestWithQueryList CreateExternalAsyncRequestWithAutoDiscover(InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, ExternalAuthenticationRequest autoDiscoverExternalAuthenticationRequest, ExternalAuthenticationRequest webProxyExternalAuthenticationRequest, Uri autoDiscoverUrl, SmtpAddress sharingKey)
{
return(new ExternalProxyWebRequestWithAutoDiscover(this, clientContext, requestLogger, queryList, autoDiscoverExternalAuthenticationRequest, webProxyExternalAuthenticationRequest, autoDiscoverUrl, sharingKey, new CreateAutoDiscoverRequestDelegate(AutoDiscoverRequestByUser.Create)));
}
public ExternalByOAuthProxyWebRequestWithAutoDiscover(Application application, InternalClientContext clientContext, RequestLogger requestLogger, QueryList queryList, Uri autoDiscoverUrl, CreateAutoDiscoverRequestDelegate createAutoDiscoverRequest) : base(application, clientContext, RequestType.FederatedCrossForest, requestLogger, queryList)
{
this.autoDiscoverUrl = autoDiscoverUrl;
this.createAutoDiscoverRequest = createAutoDiscoverRequest;
}
public GetFolderAndProxyRequest(Application application, InternalClientContext clientContext, RequestType requestType, RequestLogger requestLogger, QueryList queryList, TargetServerVersion targetVersion, ProxyAuthenticator proxyAuthenticator, WebServiceUri webServiceUri) : base(application, clientContext, requestType, requestLogger, queryList)
{
this.targetVersion = targetVersion;
this.proxyAuthenticator = proxyAuthenticator;
this.webServiceUri = webServiceUri;
}
