private static TokenTarget FromOrganizationRelationship(string domain, OrganizationId organizationId)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
TargetUriResolver.Tracer.TraceDebug <string, OrganizationId>(0L, "Searching for OrganizationRelationship that matches domain {0} in organization {1}", domain, organizationId);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
if (organizationRelationship == null)
{
TargetUriResolver.Tracer.TraceError <string, OrganizationId>(0L, "Found no OrganizationRelationship that matches domain {0} in organization {1}", domain, organizationId);
return(null);
}
if (organizationRelationship.TargetApplicationUri == null)
{
TargetUriResolver.Tracer.TraceError <string, OrganizationId, ADObjectId>(0L, "Found OrganizationRelationship that matches domain {0} in organization {1}, but it has not TargetApplicationUri. OrganizationRelationship is {2}", domain, organizationId, organizationRelationship.Id);
return(null);
}
TokenTarget tokenTarget = organizationRelationship.GetTokenTarget();
TargetUriResolver.Tracer.TraceDebug(0L, "Found OrganizationRelationship that matches domain {0} in organization {1}. Target is '{2}'. OrganizationRelationship is {3}", new object[]
{
domain,
organizationId,
tokenTarget,
organizationRelationship.Id
});
return(tokenTarget);
}
protected virtual bool TryGetAutodiscoveryEndpoint(IGenericADUser user, string domain, out TokenTarget tokenTarget, out Uri autodiscoveryEndpoint)
{
tokenTarget = null;
autodiscoveryEndpoint = null;
OrganizationRelationship organizationRelationship = this.directoryAccessor.GetOrganizationRelationship(user.OrganizationId ?? OrganizationId.ForestWideOrgId, domain);
if (this.CheckOrgRelationshipFromRemoteConnection(organizationRelationship, user, domain))
{
tokenTarget = organizationRelationship.GetTokenTarget();
autodiscoveryEndpoint = organizationRelationship.TargetAutodiscoverEpr;
return(true);
}
return(false);
}
private void Discover(ExchangePrincipal principal, ADUser executingUser, out string ewsEndpoint, out DelegationTokenRequest ewsTokenRequest)
{
SmtpAddress value = principal.MailboxInfo.RemoteIdentity.Value;
ADSessionSettings sessionSettings = ADSessionSettings.FromOrganizationIdWithoutRbacScopesServiceOnly(OrganizationId.ForestWideOrgId);
IRecipientSession tenantOrRootOrgRecipientSession = DirectorySessionFactory.Default.GetTenantOrRootOrgRecipientSession(null, true, ConsistencyMode.FullyConsistent, null, sessionSettings, ConfigScopes.TenantSubTree, 168, "Discover", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Search\\MailboxSearch\\MailboxSearchEwsClient.cs");
ADUser aduser = null;
TransportConfigContainer transportConfigContainer = DirectorySessionFactory.Default.GetTenantOrTopologyConfigurationSession(true, ConsistencyMode.IgnoreInvalid, sessionSettings, 171, "Discover", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Search\\MailboxSearch\\MailboxSearchEwsClient.cs").FindSingletonConfigurationObject <TransportConfigContainer>();
if (transportConfigContainer != null && transportConfigContainer.OrganizationFederatedMailbox != SmtpAddress.NullReversePath)
{
SmtpAddress organizationFederatedMailbox = transportConfigContainer.OrganizationFederatedMailbox;
ProxyAddress proxyAddress = null;
try
{
proxyAddress = ProxyAddress.Parse(organizationFederatedMailbox.ToString());
}
catch (ArgumentException ex)
{
ExTraceGlobals.SessionTracer.TraceError <string>((long)this.GetHashCode(), "Proxy address of organization federated mailbox is invalid: {0}", ex.ToString());
}
if (proxyAddress != null && !(proxyAddress is InvalidProxyAddress))
{
aduser = (tenantOrRootOrgRecipientSession.FindByProxyAddress(proxyAddress) as ADUser);
}
}
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(OrganizationId.ForestWideOrgId);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(value.Domain);
if (aduser == null || organizationRelationship == null)
{
throw new OrganizationNotFederatedException();
}
DelegationTokenRequest request = new DelegationTokenRequest
{
FederatedIdentity = aduser.GetFederatedIdentity(),
EmailAddress = aduser.GetFederatedSmtpAddress().ToString(),
Target = organizationRelationship.GetTokenTarget(),
Offer = Offer.Autodiscover
};
FedOrgCredentials credentials = new FedOrgCredentials(request, this.GetSecurityTokenService(aduser.OrganizationId));
Uri uri = null;
using (AutoDiscoverUserSettingsClient autoDiscoverUserSettingsClient = AutoDiscoverUserSettingsClient.CreateInstance(DirectorySessionFactory.Default.CreateTopologyConfigurationSession(ConsistencyMode.IgnoreInvalid, sessionSettings, 215, "Discover", "f:\\15.00.1497\\sources\\dev\\data\\src\\storage\\Search\\MailboxSearch\\MailboxSearchEwsClient.cs"), credentials, value, organizationRelationship.TargetAutodiscoverEpr, MailboxSearchEwsClient.AutoDiscoverRequestedSettings))
{
UserSettings userSettings = autoDiscoverUserSettingsClient.Discover();
StringSetting stringSetting = userSettings.GetSetting("ExternalEwsUrl") as StringSetting;
if (stringSetting == null || !Uri.TryCreate(stringSetting.Value, UriKind.Absolute, out uri))
{
throw new AutoDAccessException(ServerStrings.AutoDRequestFailed);
}
}
ewsEndpoint = EwsWsSecurityUrl.Fix(uri.ToString());
string text = null;
if (executingUser.EmailAddresses != null && executingUser.EmailAddresses.Count > 0)
{
List <string> federatedEmailAddresses = executingUser.GetFederatedEmailAddresses();
if (federatedEmailAddresses != null && federatedEmailAddresses.Count > 0)
{
text = federatedEmailAddresses[0];
}
}
if (string.IsNullOrEmpty(text))
{
ewsTokenRequest = new DelegationTokenRequest
{
FederatedIdentity = aduser.GetFederatedIdentity(),
EmailAddress = aduser.GetFederatedSmtpAddress().ToString(),
Target = organizationRelationship.GetTokenTarget(),
Offer = Offer.MailboxSearch
};
return;
}
ewsTokenRequest = new DelegationTokenRequest
{
FederatedIdentity = executingUser.GetFederatedIdentity(),
EmailAddress = text.ToString(),
Target = organizationRelationship.GetTokenTarget(),
Offer = Offer.MailboxSearch
};
}
public SharingInformation Read(EmailAddress emailAddress, Application application)
{
if (this.requester == null)
{
SharingReader.RequestRoutingTracer.TraceError <object, string>((long)this.GetHashCode(), "{0}: Unable to get the requestor from the client context - address {1}", TraceContext.Get(), emailAddress.Address);
return(new SharingInformation(new InvalidClientSecurityContextException()));
}
if (this.supportsPersonalSharing)
{
SharingSubscriptionData userSubscription = this.SubscriptionLoader.GetUserSubscription(emailAddress);
if (!this.SubscriptionLoader.IsValid)
{
SharingReader.RequestRoutingTracer.TraceError <object, EmailAddress, Exception>((long)this.GetHashCode(), "{0}: SubscriptionLoader cannot open mailbox {1}. Exception: {2}", TraceContext.Get(), emailAddress, this.SubscriptionLoader.HandledException);
}
if (userSubscription != null)
{
SharingReader.RequestRoutingTracer.TraceDebug <object, string>((long)this.GetHashCode(), "{0}: Found a personal relationship for {1}", TraceContext.Get(), emailAddress.Address);
if (SmtpAddress.IsValidSmtpAddress(userSubscription.SubscriberIdentity) && SmtpAddress.IsValidSmtpAddress(userSubscription.SharingKey))
{
Uri sharingUrl = userSubscription.SharingUrl;
return(new SharingInformation(new SmtpAddress(userSubscription.SubscriberIdentity), new SmtpAddress(userSubscription.SharingKey), new TokenTarget(userSubscription.SharerIdentityFederationUri), new WebServiceUri(sharingUrl.OriginalString, sharingUrl.Scheme, UriSource.Directory, Globals.E14SP2Version), null));
}
SharingReader.RequestRoutingTracer.TraceError <object, EmailAddress>((long)this.GetHashCode(), "{0}: The subscriber information in the mailbox is invalid for address {1}. Personal subscription can't be used.", TraceContext.Get(), emailAddress);
}
}
string domain = emailAddress.Domain;
OrganizationId key = (this.requester.OrganizationId == null) ? OrganizationId.ForestWideOrgId : this.requester.OrganizationId;
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(key);
SharingReader.RequestRoutingTracer.TraceDebug <object, string>((long)this.GetHashCode(), "{0}: Looking for an Intra-Organization connector with domain {1}.", TraceContext.Get(), domain);
IntraOrganizationConnector intraOrganizationConnector = organizationIdCacheValue.GetIntraOrganizationConnector(domain);
WebServiceUri targetSharingEpr;
if (intraOrganizationConnector != null && intraOrganizationConnector.Enabled)
{
Uri discoveryEndpoint = intraOrganizationConnector.DiscoveryEndpoint;
int autodiscoverVersionBucket = application.GetAutodiscoverVersionBucket(AutodiscoverType.External);
targetSharingEpr = RemoteServiceUriCache.Get(emailAddress, autodiscoverVersionBucket);
return(new SharingInformation(this.requester.PrimarySmtpAddress, targetSharingEpr, discoveryEndpoint));
}
SharingReader.RequestRoutingTracer.TraceDebug <object, string>((long)this.GetHashCode(), "{0}: Looking for an Organization Relationship with domain {1}.", TraceContext.Get(), domain);
OrganizationRelationship organizationRelationship = organizationIdCacheValue.GetOrganizationRelationship(domain);
if (organizationRelationship == null)
{
SharingReader.RequestRoutingTracer.TraceError <object, string, EmailAddress>((long)this.GetHashCode(), "{0}: Unable to find a organization Relationship with domain {1} for emailAddress {2}.", TraceContext.Get(), emailAddress.Domain, emailAddress);
return(null);
}
if (!organizationRelationship.Enabled)
{
SharingReader.RequestRoutingTracer.TraceError <object, OrganizationRelationship, string>((long)this.GetHashCode(), "{0}: Organization Relationship {1} is not enabled for access to domain {2}. Ignoring this relationship.", TraceContext.Get(), organizationRelationship, emailAddress.Domain);
return(null);
}
if (!application.EnabledInRelationship(organizationRelationship))
{
SharingReader.RequestRoutingTracer.TraceError((long)this.GetHashCode(), "{0}: Organization Relationship {1} is not enabled for application {2} to domain {3}. Ignoring this relationship.", new object[]
{
TraceContext.Get(),
organizationRelationship,
application.GetType(),
emailAddress.Domain
});
return(null);
}
if (!organizationRelationship.IsValidForRequestDispatcher())
{
SharingReader.RequestRoutingTracer.TraceError((long)this.GetHashCode(), "{0}: Organization Relationship is invalid for dispatching requests, TargetApplicationUri:{1}, TargetSharingEpr:{2}, AutoDiscoverEpr:{3}.", new object[]
{
TraceContext.Get(),
organizationRelationship.TargetApplicationUri,
organizationRelationship.TargetSharingEpr,
organizationRelationship.TargetAutodiscoverEpr
});
return(new SharingInformation(new InvalidOrganizationRelationshipForRequestDispatcherException(organizationRelationship.ToString())));
}
if (DateTime.UtcNow > this.readDeadline)
{
return(new SharingInformation(new TimeoutExpiredException("OrganizationRelationship lookup")));
}
Uri targetSharingEpr2 = organizationRelationship.TargetSharingEpr;
if (targetSharingEpr2 == null)
{
int autodiscoverVersionBucket2 = application.GetAutodiscoverVersionBucket(AutodiscoverType.External);
targetSharingEpr = RemoteServiceUriCache.Get(emailAddress, autodiscoverVersionBucket2);
}
else
{
targetSharingEpr = new WebServiceUri(targetSharingEpr2.OriginalString, targetSharingEpr2.Scheme, UriSource.Directory, Globals.E14SP2Version);
}
return(new SharingInformation(this.requester.PrimarySmtpAddress, SmtpAddress.Empty, organizationRelationship.GetTokenTarget(), targetSharingEpr, organizationRelationship.TargetAutodiscoverEpr));
}