private static void OnCheckComplete(IAsyncResult asyncResult)
{
if (asyncResult == null)
{
throw new InvalidOperationException("SharepointAccessManager.OnCheckComplete: asyncResult cannot be null here.");
}
SharepointAccessManager.PermissionCheckerClient permissionCheckerClient = asyncResult.AsyncState as SharepointAccessManager.PermissionCheckerClient;
if (permissionCheckerClient == null)
{
throw new InvalidOperationException("SharepointAccessManager.OnCheckComplete: asyncResult.AsyncState is not PermissionCheckerClient");
}
object obj = permissionCheckerClient.EndExecute(asyncResult);
if (obj is AccessState)
{
SharepointAccessManager.Instance.SetValue(permissionCheckerClient.SessionHashCode, permissionCheckerClient.Key, permissionCheckerClient.UserSid, permissionCheckerClient.MailboxGuid, (AccessState)obj);
}
}
private bool UpdateAccessTokenIfNeeded(Uri sharepointUrl, ExchangePrincipal siteMailbox, ICredentials accessingUserCredential, ClientSecurityContext accessingUserSecurityContext, int sessionHashCode, out Exception exception, bool isTest = false)
{
exception = null;
if (siteMailbox == null)
{
throw new ArgumentNullException("siteMailbox");
}
if (accessingUserSecurityContext == null)
{
throw new ArgumentNullException("accessingUserSecurityContext");
}
if (sharepointUrl == null)
{
ExTraceGlobals.SiteMailboxPermissionCheckTracer.TraceDebug <string>((long)sessionHashCode, "SharepointAccessManager.UpdateAccessTokenIfNeeded: Skip site mailbox {0} because its Sharepoint URL is null", siteMailbox.MailboxInfo.PrimarySmtpAddress.ToString());
return(false);
}
ExTraceGlobals.SiteMailboxPermissionCheckTracer.TraceDebug <ClientSecurityContext, string, string>((long)sessionHashCode, "SharepointAccessManager.UpdateAccessTokenIfNeeded: Entered with user {0}, site mailbox {1}, URL {2}", accessingUserSecurityContext, siteMailbox.MailboxInfo.PrimarySmtpAddress.ToString(), sharepointUrl.AbsoluteUri);
LoggingContext loggingContext = new LoggingContext(siteMailbox.MailboxInfo.MailboxGuid, sharepointUrl.AbsoluteUri, accessingUserSecurityContext.ToString(), null);
AccessState accessState = AccessState.Denied;
bool flag = false;
SharepointAccessManager.Key key = this.GetKey(accessingUserSecurityContext.UserSid, siteMailbox.MailboxInfo.MailboxGuid);
if (!SharepointAccessManager.Instance.TryGetValue(key, out accessState))
{
flag = true;
ExTraceGlobals.SiteMailboxPermissionCheckTracer.TraceDebug((long)sessionHashCode, "SharepointAccessManager.UpdateAccessTokenIfNeeded: Cache miss, query Sharepoint");
SharepointAccessManager.PermissionCheckerClient permissionCheckerClient = new SharepointAccessManager.PermissionCheckerClient(sessionHashCode, siteMailbox.MailboxInfo.MailboxGuid, sharepointUrl.AbsoluteUri, accessingUserSecurityContext.UserSid, key, accessingUserCredential, this.requestTimeout, this.requestThroughLocalProxy, isTest);
LazyAsyncResult lazyAsyncResult = (LazyAsyncResult)permissionCheckerClient.BeginExecute(new AsyncCallback(SharepointAccessManager.OnCheckComplete), permissionCheckerClient);
int num = (int)this.synchronousWaitTimeout.TotalSeconds * 2;
int num2 = 0;
while (!lazyAsyncResult.IsCompleted || lazyAsyncResult.Result == null)
{
Thread.Sleep(500);
num2++;
if (num2 > num)
{
break;
}
}
object result = lazyAsyncResult.Result;
if (!(result is AccessState))
{
exception = ((lazyAsyncResult.Result is Exception) ? (lazyAsyncResult.Result as Exception) : new TimeoutException("Timed out"));
WebException ex = exception as WebException;
if (ex != null)
{
SharePointException exception2 = new SharePointException(sharepointUrl.AbsoluteUri, ex, false);
ExTraceGlobals.SiteMailboxPermissionCheckTracer.TraceError <WebExceptionStatus, string, Exception>((long)permissionCheckerClient.SessionHashCode, "SharepointAccessManager.UpdateAccessTokenIfNeeded: Query failed with WebException. Status: {0}, Message: {1}, InnerException: {2}", ex.Status, ex.Message, ex.InnerException);
ProtocolLog.LogError(ProtocolLog.Component.SharepointAccessManager, loggingContext, "Query failed with SharePointException", exception2);
}
else
{
ExTraceGlobals.SiteMailboxPermissionCheckTracer.TraceError <Type, string, Exception>((long)permissionCheckerClient.SessionHashCode, "SharepointAccessManager.UpdateAccessTokenIfNeeded: Query failed with {0}, Message: {1}, InnerException: {2}", exception.GetType(), exception.Message, exception.InnerException);
ProtocolLog.LogError(ProtocolLog.Component.SharepointAccessManager, loggingContext, string.Format("Query failed with {0}", exception.GetType()), exception);
}
return(false);
}
accessState = (AccessState)result;
}
else if (accessState == AccessState.Pending)
{
ExTraceGlobals.SiteMailboxPermissionCheckTracer.TraceDebug((long)sessionHashCode, "SharepointAccessManager.UpdateAccessTokenIfNeeded: Skip because there is an pending request");
return(true);
}
if (accessState == AccessState.Allowed)
{
if (!accessingUserSecurityContext.AddGroupSids(new SidBinaryAndAttributes[]
{
new SidBinaryAndAttributes(WellKnownSids.SiteMailboxGrantedAccessMembers, 4U)
}))
{
ExTraceGlobals.SiteMailboxPermissionCheckTracer.TraceError((long)sessionHashCode, "SharepointAccessManager.UpdateAccessTokenIfNeeded: Failed to add SiteMailboxGrantedAccessMembers group sid to access token");
return(false);
}
ExTraceGlobals.SiteMailboxPermissionCheckTracer.TraceDebug <ClientSecurityContext, string, string>((long)sessionHashCode, "SharepointAccessManager.UpdateAccessTokenIfNeeded: Access is allowed for user {0}, site mailbox {1}, URL {2}", accessingUserSecurityContext, siteMailbox.MailboxInfo.PrimarySmtpAddress.ToString(), sharepointUrl.AbsoluteUri);
if (flag)
{
ProtocolLog.LogInformation(ProtocolLog.Component.SharepointAccessManager, loggingContext, string.Format("Allow access for site mailbox {0}, URL {1}", siteMailbox.MailboxInfo.PrimarySmtpAddress.ToString(), sharepointUrl));
}
}
else if (flag)
{
ProtocolLog.LogInformation(ProtocolLog.Component.SharepointAccessManager, loggingContext, string.Format("Deny access for site mailbox {0}, URL {1}", siteMailbox.MailboxInfo.PrimarySmtpAddress.ToString(), sharepointUrl));
}
return(true);
}
