protected override IConfigurable PrepareDataObject()
{
this.CreateAuthServersContainer();
AuthServer authServer = (AuthServer)base.PrepareDataObject();
ADObjectId containerId = AuthServer.GetContainerId(this.ConfigurationSession);
authServer.SetId(containerId.GetChildId(authServer.Name));
if (base.Fields.IsModified("AppSecretParameter"))
{
if (authServer.Type != AuthServerType.Facebook && authServer.Type != AuthServerType.LinkedIn)
{
base.WriteError(new TaskException(Strings.ErrorInvalidAuthServerTypeValue), ErrorCategory.InvalidArgument, null);
}
authServer.CurrentEncryptedAppSecret = OAuthTaskHelper.EncryptSecretWithDKM(this.AppSecret, new Task.TaskErrorLoggingDelegate(base.WriteError));
}
else if (authServer.IsModified(AuthServerSchema.AuthMetadataUrl))
{
if (!authServer.IsModified(AuthServerSchema.Type))
{
authServer.Type = AuthServerType.MicrosoftACS;
}
else if (authServer.Type != AuthServerType.ADFS && authServer.Type != AuthServerType.AzureAD)
{
base.WriteError(new TaskException(Strings.ErrorInvalidAuthServerTypeValue), ErrorCategory.InvalidArgument, null);
}
OAuthTaskHelper.FixAuthMetadataUrl(authServer, new Task.TaskErrorLoggingDelegate(base.WriteError));
OAuthTaskHelper.FetchAuthMetadata(authServer, this.TrustAnySSLCertificate, true, new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
OAuthTaskHelper.ValidateAuthServerRealmAndUniqueness(authServer, this.ConfigurationSession, new Task.TaskErrorLoggingDelegate(base.WriteError));
return(this.DataObject);
}
protected override IConfigurable PrepareDataObject()
{
AuthServer authServer = (AuthServer)base.PrepareDataObject();
if ((base.ParameterSetName == "AppSecretParameterSet" && !SetAuthServer.IsOneOfAuthServerTypes(authServer.Type, new AuthServerType[]
{
AuthServerType.Facebook,
AuthServerType.LinkedIn
})) || (base.ParameterSetName == "AuthMetadataUrlParameterSet" && !SetAuthServer.IsOneOfAuthServerTypes(authServer.Type, new AuthServerType[]
{
AuthServerType.MicrosoftACS,
AuthServerType.AzureAD,
AuthServerType.ADFS
})) || (base.ParameterSetName == "NativeClientAuthServerParameterSet" && !SetAuthServer.IsOneOfAuthServerTypes(authServer.Type, new AuthServerType[]
{
AuthServerType.AzureAD,
AuthServerType.ADFS
})))
{
base.WriteError(new TaskException(Strings.ErrorAuthServerCannotSwitchType), ErrorCategory.InvalidArgument, null);
}
if (base.Fields.IsModified("AppSecretParameter"))
{
authServer.CurrentEncryptedAppSecret = OAuthTaskHelper.EncryptSecretWithDKM(this.AppSecret, new Task.TaskErrorLoggingDelegate(base.WriteError));
}
if (base.Fields.IsModified(AuthServerSchema.IssuerIdentifier))
{
authServer.IssuerIdentifier = this.IssuerIdentifier;
}
if (base.Fields.IsModified(AuthServerSchema.TokenIssuingEndpoint))
{
authServer.TokenIssuingEndpoint = this.TokenIssuingEndpoint;
}
if (base.Fields.IsModified(AuthServerSchema.ApplicationIdentifier))
{
authServer.ApplicationIdentifier = this.ApplicationIdentifier;
}
if (base.Fields.IsModified(AuthServerSchema.AuthMetadataUrl))
{
authServer.AuthMetadataUrl = this.AuthMetadataUrl;
OAuthTaskHelper.FixAuthMetadataUrl(authServer, new Task.TaskErrorLoggingDelegate(base.WriteError));
OAuthTaskHelper.FetchAuthMetadata(authServer, this.TrustAnySSLCertificate, false, new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.TaskErrorLoggingDelegate(base.WriteError));
OAuthTaskHelper.ValidateAuthServerRealmAndUniqueness(authServer, this.ConfigurationSession, new Task.TaskErrorLoggingDelegate(base.WriteError));
}
if (base.Fields.IsModified(AuthServerSchema.IsDefaultAuthorizationEndpoint))
{
authServer.IsDefaultAuthorizationEndpoint = this.IsDefaultAuthorizationEndpoint;
OAuthTaskHelper.ValidateAuthServerAuthorizationEndpoint(authServer, this.ConfigurationSession, new Task.TaskWarningLoggingDelegate(this.WriteWarning), new Task.TaskErrorLoggingDelegate(base.WriteError));
}
return(authServer);
}