private void CheckSharePointUrlSafetyOnPremises(Uri proposedUrl)
{
bool flag = false;
if (proposedUrl != null)
{
string host = proposedUrl.Host;
PartnerApplication[] rootOrgPartnerApplications = OAuthConfigHelper.GetRootOrgPartnerApplications();
foreach (PartnerApplication partnerApplication in rootOrgPartnerApplications)
{
string a = null;
try
{
base.WriteVerbose(Strings.VerboseCheckingAgainstPartnerApplicationMetadataUrl(partnerApplication.AuthMetadataUrl));
Uri uri = new Uri(partnerApplication.AuthMetadataUrl);
a = uri.Host;
}
catch
{
}
if (string.Equals(a, host, StringComparison.OrdinalIgnoreCase))
{
flag = true;
break;
}
}
}
if (!flag)
{
base.WriteError(new UrlInValidException(Strings.ErrorSharePointUrlDoesNotMatchPartnerApplication), ExchangeErrorCategory.Authorization, null);
}
}
public AuthServer ReadLinkedInAuthServer()
{
return(OAuthConfigHelper.GetLinkedInAuthServer());
}
public AuthServer ReadFacebookAuthServer()
{
return(OAuthConfigHelper.GetFacebookAuthServer());
}
private JsonMetadataDocument BuildJsonMetadataDocument()
{
string text = null;
string serviceName = OAuthConfigHelper.GetServiceName();
if (!VariantConfiguration.InvariantNoFlightingSnapshot.Global.MultiTenancy.Enabled)
{
text = OAuthConfigHelper.GetOrganizationRealm(OrganizationId.ForestWideOrgId);
}
else
{
text = "*";
}
X509Certificate2 currentSigningKey = OAuthConfigHelper.GetCurrentSigningKey();
X509Certificate2 x509Certificate = null;
try
{
x509Certificate = OAuthConfigHelper.GetPreviousSigningKey();
}
catch (InvalidAuthConfigurationException arg)
{
this.Tracer.TraceDebug <InvalidAuthConfigurationException>((long)this.GetHashCode(), "[AuthMetadataBuilder.BuildJsonMetadataDocument] failed to get previous signing key with exception: {0}", arg);
}
JsonMetadataDocument jsonMetadataDocument = new JsonMetadataDocument();
jsonMetadataDocument.id = string.Format("_{0}", Guid.NewGuid().ToString("d"));
jsonMetadataDocument.version = AuthMetadataBuilder.Version;
jsonMetadataDocument.name = AuthMetadataBuilder.ServiceShortName;
jsonMetadataDocument.realm = text;
jsonMetadataDocument.serviceName = serviceName;
jsonMetadataDocument.issuer = string.Format("{0}@{1}", serviceName, text);
jsonMetadataDocument.allowedAudiences = new string[]
{
jsonMetadataDocument.issuer
};
List <JsonKey> list = new List <JsonKey>();
foreach (X509Certificate2 x509Certificate2 in new X509Certificate2[]
{
currentSigningKey,
x509Certificate
})
{
if (x509Certificate2 != null && x509Certificate2.NotAfter > DateTime.UtcNow)
{
JsonKey item = new JsonKey
{
usage = AuthMetadataConstants.KeyUsage,
keyinfo = new JsonKeyInfo
{
x5t = OAuthCommon.Base64UrlEncoder.EncodeBytes(x509Certificate2.GetCertHash())
},
keyvalue = new JsonKeyValue
{
type = AuthMetadataConstants.SigningKeyType,
value = Convert.ToBase64String(x509Certificate2.GetRawCertData())
}
};
list.Add(item);
}
}
jsonMetadataDocument.keys = list.ToArray();
jsonMetadataDocument.endpoints = new JsonEndpoint[]
{
new JsonEndpoint
{
location = null,
protocol = AuthMetadataConstants.Protocol,
usage = AuthMetadataConstants.MetadataEndpointUsage
}
};
return(jsonMetadataDocument);
}
