private string AuthenticateByHash(string hashId) { var accounts = new AccountLinker(WebConfigurationManager.ConnectionStrings["webstudio"]).GetLinkedObjectsByHashId(hashId); var userId = GetUserGuid(hashId); if (userId.Equals(Guid.Empty)) return String.Empty; var coreAcc = CoreContext.UserManager.GetUsers(userId); var cookiesKey = SecurityContext.AuthenticateMe(coreAcc.Email, CoreContext.Authentication.GetUserPasswordHash(coreAcc.ID)); return cookiesKey; }
private Guid GetUserGuid(string hashId) { var accounts = new AccountLinker(WebConfigurationManager.ConnectionStrings["webstudio"]).GetLinkedObjectsByHashId(hashId); foreach (var account in accounts.Select(x => { try { return new Guid(x); } catch { return Guid.Empty; } })) { if (CoreContext.UserManager.UserExists(account) && account != Guid.Empty) { return account; } } return Guid.Empty; }
private static bool CurrentUser(string googleId) { var linker = new AccountLinker("webstudio"); var linkedProfiles = linker.GetLinkedObjectsByHashId(HashHelper.MD5(string.Format("{0}/{1}", ProviderConstants.Google, googleId))); linkedProfiles = linkedProfiles.Concat(linker.GetLinkedObjectsByHashId(HashHelper.MD5(string.Format("{0}/{1}", ProviderConstants.OpenId, googleId)))); Guid tmp; return linkedProfiles.Any(profileId => Guid.TryParse(profileId, out tmp) && tmp == SecurityContext.CurrentAccount.ID); }
private static void AddLinker(string googleUserId) { Global.Logger.Debug("GoogleDriveApp: AddLinker " + googleUserId); var linker = new AccountLinker("webstudio"); linker.AddLink(SecurityContext.CurrentAccount.ID.ToString(), googleUserId, ProviderConstants.Google); }
private static bool CurrentUser(string googleId) { var linker = new AccountLinker("webstudio"); var accounts = linker.GetLinkedObjectsByHashId(HashHelper.MD5(string.Format("{0}/{1}", ProviderConstants.Google, googleId))); accounts = accounts.Concat(linker.GetLinkedObjectsByHashId(HashHelper.MD5(string.Format("{0}/{1}", ProviderConstants.OpenId, googleId)))); return accounts.Select(x => { try { return new Guid(x); } catch { return Guid.Empty; } }) .Any(account => account == SecurityContext.CurrentAccount.ID); }
protected void Page_Load(object sender, EventArgs e) { Page.RegisterBodyScripts(ResolveUrl("~/usercontrols/management/confirminviteactivation/js/confirm_invite_activation.js")); Page.RegisterStyleControl(VirtualPathUtility.ToAbsolute("~/usercontrols/management/confirminviteactivation/css/confirm_invite_activation.less")); _tenantInfoSettings = SettingsManager.Instance.LoadSettings<TenantInfoSettings>(TenantProvider.CurrentTenantID); var uid = Guid.Empty; try { uid = new Guid(Request["uid"]); } catch { } var email = GetEmailAddress(); if (_type != ConfirmType.Activation && AccountLinkControl.IsNotEmpty) { var thrd = (AccountLinkControl) LoadControl(AccountLinkControl.Location); thrd.InviteView = true; thrd.ClientCallback = "loginJoinCallback"; thrdParty.Visible = true; thrdParty.Controls.Add(thrd); } Page.Title = HeaderStringHelper.GetPageTitle(Resource.Authorization); UserInfo user; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); user = CoreContext.UserManager.GetUserByEmail(email); var usr = CoreContext.UserManager.GetUsers(uid); if (usr.ID.Equals(ASC.Core.Users.Constants.LostUser.ID) || usr.ID.Equals(ASC.Core.Configuration.Constants.Guest.ID)) usr = CoreContext.UserManager.GetUsers(CoreContext.TenantManager.GetCurrentTenant().OwnerId); _userAvatar = usr.GetMediumPhotoURL(); _userName = usr.DisplayUserName(true); _userPost = (usr.Title ?? "").HtmlEncode(); } finally { SecurityContext.Logout(); } if (_type == ConfirmType.LinkInvite || _type == ConfirmType.EmpInvite) { if (TenantStatisticsProvider.GetUsersCount() >= TenantExtra.GetTenantQuota().ActiveUsers && _employeeType == EmployeeType.User) { ShowError(UserControlsCommonResource.TariffUserLimitReason); return; } if (!user.ID.Equals(ASC.Core.Users.Constants.LostUser.ID)) { ShowError(CustomNamingPeople.Substitute<Resource>("ErrorEmailAlreadyExists")); return; } } else if (_type == ConfirmType.Activation) { if (user.IsActive) { ShowError(Resource.ErrorConfirmURLError); return; } if (user.ID.Equals(ASC.Core.Users.Constants.LostUser.ID) || user.Status == EmployeeStatus.Terminated) { ShowError(string.Format(Resource.ErrorUserNotFoundByEmail, email)); return; } } if (!IsPostBack) return; var firstName = GetFirstName(); var lastName = GetLastName(); var pwd = (Request["pwdInput"] ?? "").Trim(); var repwd = (Request["repwdInput"] ?? "").Trim(); LoginProfile thirdPartyProfile; //thirdPartyLogin confirmInvite if (Request["__EVENTTARGET"] == "thirdPartyLogin") { var valueRequest = Request["__EVENTARGUMENT"]; thirdPartyProfile = new LoginProfile(valueRequest); if (!string.IsNullOrEmpty(thirdPartyProfile.AuthorizationError)) { // ignore cancellation if (thirdPartyProfile.AuthorizationError != "Canceled at provider") ShowError(HttpUtility.HtmlEncode(thirdPartyProfile.AuthorizationError)); return; } if (string.IsNullOrEmpty(thirdPartyProfile.EMail)) { ShowError(HttpUtility.HtmlEncode(Resource.ErrorNotCorrectEmail)); return; } } if (Request["__EVENTTARGET"] == "confirmInvite") { if (String.IsNullOrEmpty(email)) { _errorMessage = Resource.ErrorEmptyUserEmail; return; } if (!email.TestEmailRegex()) { _errorMessage = Resource.ErrorNotCorrectEmail; return; } if (String.IsNullOrEmpty(firstName)) { _errorMessage = Resource.ErrorEmptyUserFirstName; return; } if (String.IsNullOrEmpty(lastName)) { _errorMessage = Resource.ErrorEmptyUserLastName; return; } var checkPassResult = CheckPassword(pwd, repwd); if (!String.IsNullOrEmpty(checkPassResult)) { _errorMessage = checkPassResult; return; } } var userID = Guid.Empty; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); if (_type == ConfirmType.EmpInvite || _type == ConfirmType.LinkInvite) { if (TenantStatisticsProvider.GetUsersCount() >= TenantExtra.GetTenantQuota().ActiveUsers && _employeeType == EmployeeType.User) { ShowError(UserControlsCommonResource.TariffUserLimitReason); return; } UserInfo newUser; if (Request["__EVENTTARGET"] == "confirmInvite") { var fromInviteLink = _type == ConfirmType.LinkInvite; newUser = CreateNewUser(firstName, lastName, email, pwd, _employeeType, fromInviteLink); userID = newUser.ID; } if (Request["__EVENTTARGET"] == "thirdPartyLogin") { if (!String.IsNullOrEmpty(CheckPassword(pwd, repwd))) pwd = UserManagerWrapper.GeneratePassword(); var valueRequest = Request["__EVENTARGUMENT"]; thirdPartyProfile = new LoginProfile(valueRequest); newUser = CreateNewUser(GetFirstName(thirdPartyProfile), GetLastName(thirdPartyProfile), GetEmailAddress(thirdPartyProfile), pwd, _employeeType, false); userID = newUser.ID; if (!String.IsNullOrEmpty(thirdPartyProfile.Avatar)) SaveContactImage(userID, thirdPartyProfile.Avatar); var linker = new AccountLinker("webstudio"); linker.AddLink(userID.ToString(), thirdPartyProfile); } } else if (_type == ConfirmType.Activation) { user.ActivationStatus = EmployeeActivationStatus.Activated; user.FirstName = firstName; user.LastName = lastName; CoreContext.UserManager.SaveUserInfo(user); SecurityContext.SetUserPassword(user.ID, pwd); userID = user.ID; //notify if (user.IsVisitor()) { StudioNotifyService.Instance.GuestInfoAddedAfterInvite(user, pwd); } else { StudioNotifyService.Instance.UserInfoAddedAfterInvite(user, pwd); } } } catch (Exception exception) { _errorMessage = HttpUtility.HtmlEncode(exception.Message); return; } finally { SecurityContext.Logout(); } try { var cookiesKey = SecurityContext.AuthenticateMe(userID.ToString(), pwd); CookiesManager.SetCookies(CookiesType.UserID, userID.ToString()); CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey); StudioNotifyService.Instance.UserHasJoin(); } catch (Exception exception) { (Page as confirm).ErrorMessage = HttpUtility.HtmlEncode(exception.Message); return; } user = CoreContext.UserManager.GetUsers(userID); UserHelpTourHelper.IsNewUser = true; Response.Redirect(user.IsVisitor() ? "~/" : "~/welcome.aspx"); }
private static void AddLinker(string boxUserId) { Global.Logger.Debug("BoxApp: AddLinker " + boxUserId); var linker = new AccountLinker("webstudio"); linker.AddLink(SecurityContext.CurrentAccount.ID.ToString(), boxUserId, ProviderConstants.Box); }
private static string JoinByThirdPartyAccount(LoginProfile thirdPartyProfile) { var userInfo = new UserInfo { Status = EmployeeStatus.Active, FirstName = string.IsNullOrEmpty(thirdPartyProfile.FirstName) ? Resources.UserControlsCommonResource.UnknownFirstName : thirdPartyProfile.FirstName, LastName = string.IsNullOrEmpty(thirdPartyProfile.LastName) ? Resources.UserControlsCommonResource.UnknownLastName : thirdPartyProfile.LastName, Email = thirdPartyProfile.EMail, Title = string.Empty, Location = string.Empty, WorkFromDate = ASC.Core.Tenants.TenantUtil.DateTimeNow(), }; var pwd = UserManagerWrapper.GeneratePassword(); UserInfo newUserInfo; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); SecurityContext.DemandPermissions(Constants.Action_AddRemoveUser); newUserInfo = UserManagerWrapper.AddUser(userInfo, pwd); } finally { SecurityContext.Logout(); } var linker = new AccountLinker("webstudio"); linker.AddLink(newUserInfo.ID.ToString(), thirdPartyProfile); return SecurityContext.AuthenticateMe(newUserInfo.ID); }
private static string JoinByThirdPartyAccount(LoginProfile thirdPartyProfile) { var userInfo = new UserInfo { Status = EmployeeStatus.Active, FirstName = string.IsNullOrEmpty(thirdPartyProfile.FirstName) ? Resources.UserControlsCommonResource.UnknownFirstName : thirdPartyProfile.FirstName, LastName = string.IsNullOrEmpty(thirdPartyProfile.LastName) ? Resources.UserControlsCommonResource.UnknownLastName : thirdPartyProfile.LastName, Email = thirdPartyProfile.EMail, Title = string.Empty, Location = string.Empty, WorkFromDate = ASC.Core.Tenants.TenantUtil.DateTimeNow(), }; var cultureInfo = SetupInfo.EnabledCultures.Find(c => String.Equals(c.TwoLetterISOLanguageName, CultureInfo.CurrentUICulture.Name, StringComparison.InvariantCultureIgnoreCase)); if (cultureInfo != null) { userInfo.CultureName = cultureInfo.Name; } var pwd = UserManagerWrapper.GeneratePassword(); UserInfo newUserInfo; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); newUserInfo = UserManagerWrapper.AddUser(userInfo, pwd); } finally { SecurityContext.Logout(); } var linker = new AccountLinker("webstudio"); linker.AddLink(newUserInfo.ID.ToString(), thirdPartyProfile); return SecurityContext.AuthenticateMe(newUserInfo.ID); }
private static bool CurrentUser(string boxUserId) { var accounts = new AccountLinker("webstudio") .GetLinkedObjectsByHashId(HashHelper.MD5(string.Format("{0}/{1}", ProviderConstants.Box, boxUserId))); return accounts.Select(x => { try { return new Guid(x); } catch { return Guid.Empty; } }) .Any(account => account == SecurityContext.CurrentAccount.ID); }
private static UserInfo GetUserInfo(Token token) { if (token == null) { Global.Logger.Info("GoogleDriveApp: token is null"); throw new SecurityException("Access token is null"); } var resultResponse = PerformRequest(GoogleUrlUserInfo.Replace("{access_token}", token.AccessToken)); Global.Logger.Debug("GoogleDriveApp: userinfo response - " + resultResponse); var googleUserInfo = JObject.Parse(resultResponse); if (googleUserInfo == null) { Global.Logger.Error("Error in userinfo request"); return null; } var email = googleUserInfo.Value<string>("email"); var userInfo = CoreContext.UserManager.GetUserByEmail(email); if (!Equals(userInfo, Constants.LostUser)) { return userInfo; } userInfo = new UserInfo { Status = EmployeeStatus.Active, FirstName = googleUserInfo.Value<string>("given_name"), LastName = googleUserInfo.Value<string>("family_name"), Email = email, Title = string.Empty, Location = string.Empty, WorkFromDate = TenantUtil.DateTimeNow(), }; var cultureName = googleUserInfo.Value<string>("locale") ?? CultureInfo.CurrentUICulture.Name; var cultureInfo = SetupInfo.EnabledCultures.Find(c => String.Equals(c.TwoLetterISOLanguageName, cultureName, StringComparison.InvariantCultureIgnoreCase)); if (cultureInfo != null) { userInfo.CultureName = cultureInfo.Name; } if (string.IsNullOrEmpty(userInfo.FirstName)) { userInfo.FirstName = FilesCommonResource.UnknownFirstName; } if (string.IsNullOrEmpty(userInfo.LastName)) { userInfo.LastName = FilesCommonResource.UnknownLastName; } var pwd = UserManagerWrapper.GeneratePassword(); UserInfo newUserInfo; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); newUserInfo = UserManagerWrapper.AddUser(userInfo, pwd); } finally { SecurityContext.Logout(); } var linker = new AccountLinker("webstudio"); linker.AddLink(newUserInfo.ID.ToString(), googleUserInfo.Value<string>("id") ?? "", ProviderConstants.OpenId); UserHelpTourHelper.IsNewUser = true; PersonalSettings.IsNewUser = true; Global.Logger.Debug("GoogleDriveApp: new user " + newUserInfo.ID); return newUserInfo; }
private static UserInfo JoinByThirdPartyAccount(LoginProfile loginProfile) { if (string.IsNullOrEmpty(loginProfile.EMail)) throw new Exception(Resource.ErrorNotCorrectEmail); var firstName = loginProfile.FirstName; if (string.IsNullOrEmpty(firstName)) firstName = loginProfile.DisplayName; var userInfo = new UserInfo { FirstName = string.IsNullOrEmpty(firstName) ? UserControlsCommonResource.UnknownFirstName : firstName, LastName = string.IsNullOrEmpty(loginProfile.LastName) ? UserControlsCommonResource.UnknownLastName : loginProfile.LastName, Email = loginProfile.EMail, Title = string.Empty, Location = string.Empty, CultureName = Thread.CurrentThread.CurrentUICulture.Name, ActivationStatus = EmployeeActivationStatus.Activated, }; var pwd = UserManagerWrapper.GeneratePassword(); UserInfo newUserInfo; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); newUserInfo = UserManagerWrapper.AddUser(userInfo, pwd); } finally { SecurityContext.Logout(); } var linker = new AccountLinker("webstudio"); linker.AddLink(newUserInfo.ID.ToString(), loginProfile); return newUserInfo; }
public static bool TryGetUserByHash(string hashId, out Guid userId) { userId = Guid.Empty; if (string.IsNullOrEmpty(hashId)) return false; var linkedProfiles = new AccountLinker("webstudio").GetLinkedObjectsByHashId(hashId); var tmp = Guid.Empty; if (linkedProfiles.Any(profileId => Guid.TryParse(profileId, out tmp) && CoreContext.UserManager.UserExists(tmp))) userId = tmp; return true; }
private static bool TryByHashId(string hashId, out Guid userId) { userId = Guid.Empty; if (string.IsNullOrEmpty(hashId)) { return false; } var accountsStrId = new AccountLinker("webstudio").GetLinkedObjectsByHashId(hashId); userId = accountsStrId .Select(x => { try { return new Guid(x); } catch { return Guid.Empty; } }) .Where(x => x != Guid.Empty) .FirstOrDefault(x => CoreContext.UserManager.UserExists(x)); return true; }
protected void Page_Load(object sender, EventArgs e) { Page.ClientScript.RegisterClientScriptBlock(this.GetType(), "confirm_invite_activation_style", "<link rel=\"stylesheet\" type=\"text/css\" href=\"" + WebSkin.GetUserSkin().GetAbsoluteWebPath("usercontrols/management/confirminviteactivation/css/<theme_folder>/confirm_invite_activation.css") + "\">", false); Page.ClientScript.RegisterClientScriptInclude(typeof(string), "confirm_invite_activation_script", WebPath.GetPath("usercontrols/management/confirminviteactivation/js/confirm_invite_activation.js")); _tenantInfoSettings = SettingsManager.Instance.LoadSettings<TenantInfoSettings>(TenantProvider.CurrentTenantID); Guid uid = Guid.Empty; try { uid = new Guid(Request["uid"]); } catch { } var type = typeof(ConfirmType).TryParseEnum(Request["type"] ?? "", ConfirmType.EmpInvite); var email = GetEmailAddress(); var key = Request["key"] ?? ""; var fap = Request["fap"] ?? ""; //if (!string.IsNullOrEmpty(_email)) //{ //var thrd = LoadControl(AccountLinkControl.Location) as AccountLinkControl; //thrd.InviteView = true; //thrd.ClientCallback = "loginJoinCallback"; //thrdParty.Controls.Add(thrd); //} Page.Title = HeaderStringHelper.GetPageTitle(Resources.Resource.Authorization, null, null); UserInfo user; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); user = CoreContext.UserManager.GetUserByEmail(email); var usr = CoreContext.UserManager.GetUsers(uid); if (usr.ID.Equals(ASC.Core.Users.Constants.LostUser.ID) || usr.ID.Equals(ASC.Core.Configuration.Constants.Guest.ID)) usr = CoreContext.UserManager.GetUsers(CoreContext.TenantManager.GetCurrentTenant().OwnerId); _userAvatar = usr.GetMediumPhotoURL(); _userName = usr.DisplayUserName(true); _userPost = (usr.Title ?? "").HtmlEncode(); } finally { SecurityContext.Logout(); } if (type == ConfirmType.LinkInvite || type == ConfirmType.EmpInvite) { if (!user.ID.Equals(ASC.Core.Users.Constants.LostUser.ID)) { ShowError(CustomNamingPeople.Substitute<Resources.Resource>("ErrorEmailAlreadyExists")); return; } } else if (type == ConfirmType.Activation) { if (user.IsActive) { ShowError(Resources.Resource.ErrorConfirmURLError); return; } if (user.ID.Equals(ASC.Core.Users.Constants.LostUser.ID)) { ShowError(string.Format(Resources.Resource.ErrorUserNotFoundByEmail, email)); return; } } if (!IsPostBack) return; var firstName = GetFirstName(); var lastName = GetLastName(); var pwd = (Request["pwdInput"] ?? "").Trim(); var repwd = (Request["repwdInput"] ?? "").Trim(); LoginProfile thirdPartyProfile; //thirdPartyLogin confirmInvite if (Request["__EVENTTARGET"] == "thirdPartyLogin") { var valueRequest = Request["__EVENTARGUMENT"]; thirdPartyProfile = new LoginProfile(valueRequest); if (!string.IsNullOrEmpty(thirdPartyProfile.AuthorizationError)) { // ignore cancellation if (thirdPartyProfile.AuthorizationError != "Canceled at provider") ShowError(HttpUtility.HtmlEncode(thirdPartyProfile.AuthorizationError)); return; } if (string.IsNullOrEmpty(thirdPartyProfile.EMail)) { ShowError(HttpUtility.HtmlEncode(Resources.Resource.ErrorNotCorrectEmail)); return; } } if (Request["__EVENTTARGET"] == "confirmInvite") { if (String.IsNullOrEmpty(email)) { _errorMessage = Resources.Resource.ErrorEmptyUserEmail; return; } if (!email.TestEmailRegex()) { _errorMessage = Resources.Resource.ErrorNotCorrectEmail; return; } if (String.IsNullOrEmpty(firstName)) { _errorMessage = Resources.Resource.ErrorEmptyUserFirstName; return; } if (String.IsNullOrEmpty(lastName)) { _errorMessage = Resources.Resource.ErrorEmptyUserLastName; return; } var checkPassResult = CheckPassword(pwd, repwd); if (!String.IsNullOrEmpty(checkPassResult)) { _errorMessage = checkPassResult; return; } } var userID = Guid.Empty; try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); if (type == ConfirmType.EmpInvite || type == ConfirmType.LinkInvite) { UserInfo newUser; if (Request["__EVENTTARGET"] == "confirmInvite") { newUser = CreateNewUser(firstName, lastName, email, pwd); userID = newUser.ID; } if (Request["__EVENTTARGET"] == "thirdPartyLogin") { if (!String.IsNullOrEmpty(CheckPassword(pwd, repwd))) pwd = UserManagerWrapper.GeneratePassword(); var valueRequest = Request["__EVENTARGUMENT"]; thirdPartyProfile = new LoginProfile(valueRequest); newUser = CreateNewUser(GetFirstName(thirdPartyProfile), GetLastName(thirdPartyProfile), GetEmailAddress(thirdPartyProfile), pwd); userID = newUser.ID; var linker = new AccountLinker(WebConfigurationManager.ConnectionStrings["webstudio"]); linker.AddLink(userID.ToString(), thirdPartyProfile); } #region Department try { var deptID = new Guid((Request["deptID"] ?? "").Trim()); CoreContext.UserManager.AddUserIntoGroup(userID, deptID); } catch { } #endregion } else if (type == ConfirmType.Activation) { user.ActivationStatus = EmployeeActivationStatus.Activated; user.FirstName = firstName; user.LastName = lastName; CoreContext.UserManager.SaveUserInfo(user); SecurityContext.SetUserPassword(user.ID, pwd); userID = user.ID; //notify StudioNotifyService.Instance.UserInfoAddedAfterInvite(user, pwd); } if (String.Equals(fap, "1")) CoreContext.UserManager.AddUserIntoGroup(userID, ASC.Core.Users.Constants.GroupAdmin.ID); } catch (Exception exception) { (Page as confirm).ErrorMessage = HttpUtility.HtmlEncode(exception.Message); return; } finally { SecurityContext.Logout(); } try { var cookiesKey = SecurityContext.AuthenticateMe(userID.ToString(), pwd); CookiesManager.SetCookies(CookiesType.UserID, userID.ToString()); CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey); StudioNotifyService.Instance.UserHasJoin(); } catch (Exception exception) { (Page as confirm).ErrorMessage = HttpUtility.HtmlEncode(exception.Message); return; } UserOnlineManager.Instance.RegistryOnlineUser(SecurityContext.CurrentAccount.ID); WebItemManager.Instance.ItemGlobalHandlers.Login(SecurityContext.CurrentAccount.ID); var smsAuthSettings = SettingsManager.Instance.LoadSettings<StudioSmsNotificationSettings>(TenantProvider.CurrentTenantID); if (smsAuthSettings.Enable) { var uData = new UserTransferData(); var usr = CoreContext.UserManager.GetUsers(userID); uData.Login = usr.Email; uData.UserId = userID; Session["UserTransferData"] = uData; } Response.Redirect("~/"); }