public ExternalAuthenticationRequest(RequestLogger requestLogger, ExternalAuthentication externalAuthentication, ADUser user, SmtpAddress emailAddress, TokenTarget target, Offer offer)
{
this.requestLogger = requestLogger;
this.user = user;
this.emailAddress = emailAddress;
this.target = target;
this.offer = offer;
this.securityTokenService = externalAuthentication.GetSecurityTokenService(user.OrganizationId);
}
protected virtual bool TryGetSecurityTokenService(OrganizationId organizationId, out SecurityTokenService securityTokenService)
{
securityTokenService = null;
ExternalAuthentication current = ExternalAuthentication.GetCurrent();
if (current.Enabled)
{
securityTokenService = current.GetSecurityTokenService(organizationId);
}
return(securityTokenService != null);
}
private SecurityTokenService GetSecurityTokenService(OrganizationId organizationId)
{
if (this.securityTokenService == null)
{
ExternalAuthentication current = ExternalAuthentication.GetCurrent();
if (current.Enabled)
{
this.securityTokenService = current.GetSecurityTokenService(organizationId);
if (this.securityTokenService == null)
{
throw new AutoDAccessException(ServerStrings.AutoDFailedToGetToken);
}
}
}
return(this.securityTokenService);
}
internal override AutodiscoverResponseMessage Execute()
{
GetFederationInformationResponseMessage getFederationInformationResponseMessage = new GetFederationInformationResponseMessage();
GetFederationInformationResponse response = getFederationInformationResponseMessage.Response;
if (this.Request == null || this.Request.Domain == null || !SmtpAddress.IsValidDomain(this.Request.Domain))
{
response.ErrorCode = ErrorCode.InvalidRequest;
response.ErrorMessage = Strings.InvalidRequest;
}
else
{
ExternalAuthentication current = ExternalAuthentication.GetCurrent();
if (!current.Enabled)
{
response.ErrorCode = ErrorCode.NotFederated;
response.ErrorMessage = Strings.NotFederated;
}
else
{
IEnumerable <string> enumerable = null;
OrganizationId organizationId = DomainToOrganizationIdCache.Singleton.Get(new SmtpDomain(this.Request.Domain));
if (organizationId != null)
{
OrganizationIdCacheValue organizationIdCacheValue = OrganizationIdCache.Singleton.Get(organizationId);
enumerable = organizationIdCacheValue.FederatedDomains;
}
else
{
try
{
string text = MserveDomainCache.Singleton.Get(this.Request.Domain);
if (!string.IsNullOrEmpty(text))
{
AutodiscoverAuthorizationManager.BuildRedirectUrlAndRedirectCaller(OperationContext.Current, text);
return(null);
}
}
catch (OverBudgetException arg)
{
ExTraceGlobals.FrameworkTracer.TraceError <OverBudgetException>(0L, "GetFederationInformationRequestMessage.Execute() returning ServerBusy for exception: {0}.", arg);
response.ErrorCode = ErrorCode.ServerBusy;
response.ErrorMessage = Strings.ServerBusy;
return(getFederationInformationResponseMessage);
}
}
if (enumerable == null)
{
response.ErrorCode = ErrorCode.InvalidDomain;
response.ErrorMessage = Strings.InvalidDomain;
}
else
{
List <TokenIssuer> list = new List <TokenIssuer>(2);
SecurityTokenService securityTokenService = current.GetSecurityTokenService(organizationId);
if (securityTokenService != null)
{
list.Add(new TokenIssuer(securityTokenService.TokenIssuerUri, securityTokenService.TokenIssuerEndpoint));
}
response.ErrorCode = ErrorCode.NoError;
response.ApplicationUri = current.ApplicationUri;
response.Domains = new DomainCollection(enumerable);
response.TokenIssuers = new TokenIssuerCollection(list);
}
}
}
return(getFederationInformationResponseMessage);
}
public FederatedClientCredentials GetFederatedCredentialsForDelegation(ExternalAuthentication extAuth)
{
this.UpdateCrossPremiseStatus();
if ((!this.isArchiveCrossPremise || !this.isCrossPremiseArchiveEnabled) && !this.isMailboxCrossPremise)
{
throw new InvalidOperationException("This is not an enabled remote mailbox.");
}
if (this.xropTokenRequest == null)
{
throw new InvalidOperationException("We shouldn't be requesting DelegationTokenRequest for misconfigured remote mailbox properties.");
}
FedOrgCredentials organizationCredentials = new FedOrgCredentials(this.xropTokenRequest, extAuth.GetSecurityTokenService(this.adUser.OrganizationId));
return(new FederatedClientCredentials(this.xropUserFederatedIdentity, this.xropUserEmailAddress, organizationCredentials));
}