protected void Page_Load(object sender, EventArgs e)
{
ChangePasswordOptions options = ChangePasswordOptions.CreateNew();
// this check necessary to allow creation of new instance every postback (known bug),
// but allowing UI changes
if (string.IsNullOrEmpty(_newPassword.Text))
{
_newPassword.Text = options.NewPassword; // default is empty
_confirmPassword.Text = options.NewPassword; // default is empty
}
var userService = Sage.Platform.Application.ApplicationContext.Current.Services.Get <Sage.Platform.Security.IUserService>(true);
curUser = userService.UserId;
if (curUser.ToString().Trim() != "ADMIN")
{
lblUser.Visible = false;
this.User.Visible = false;
PrefsPasswordHelpLink.NavigateUrl = "prefspass.aspx";
}
else
{
PrefsPasswordHelpLink.NavigateUrl = "prefspassadmin.aspx";
lblCurrentPassword.Visible = false;
_currentPassword.Visible = false;
if (this.User.LookupResultValue == null)
{
this.User.LookupResultValue = curUser;
}
}
}
public async Task <ActionResult> ChangePasswordAsync(ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View("ChangePassword", model));
}
var changePasswordOptions = new ChangePasswordOptions()
{
OldPassword = model.OldPassword,
NewPassword = model.NewPassword,
StateToken = Session["stateToken"]?.ToString(),
};
try
{
var authnResponse = await _oktaAuthenticationClient.ChangePasswordAsync(changePasswordOptions).ConfigureAwait(false);
if (authnResponse.AuthenticationStatus == AuthenticationStatus.Success)
{
return(RedirectToAction("Login", "Account"));
}
ModelState.AddModelError("Oops! Something went wrong:", authnResponse.AuthenticationStatus);
return(View("ChangePassword", model));
}
catch (OktaApiException exception)
{
ModelState.AddModelError(string.Empty, exception.ErrorSummary);
return(View("ChangePassword", model));
}
}
//Save new password to Okta
public async Task <ActionResult> OnPostSetPassword()
{
if (oktaChangePasswordProfile.NewPassword == oktaChangePasswordProfile.VerifyPassword)
{
//Post password reset to Okta
var client = new OktaClient(new Okta.Sdk.Configuration.OktaClientConfiguration
{
OktaDomain = _globalConfiguration.Okta_Org,
Token = helpers.GetOktaAPIToken()
});
oktaProfile.Email = GetUserName();
var currentUser = await client.Users.GetUserAsync(oktaProfile.Email);
ChangePasswordOptions options = new ChangePasswordOptions {
CurrentPassword = oktaChangePasswordProfile.CurrentPassword, NewPassword = oktaChangePasswordProfile.NewPassword
};
var changePassResult = await currentUser.ChangePasswordAsync(options);
//TODO: Do some error checking here
SuccessMessage = "Your Password Has Been Changed";
bShowSuccessMessage = true;
}
else
{
ErrorMessage = "The Passwords Dont Match";
bShowErrorMessage = true;
}
//TODO Present result / error to user in banner
return(Redirect("page-profile-settings-1"));
}
public async Task <ActionResult> ChangePasswordAsync(ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View("ChangePassword", model));
}
// Password was selected during registration.
if ((bool?)Session["isPasswordSelected"] ?? false)
{
return(await VerifyAuthenticatorAsync(model.NewPassword, "ChangePassword", model));
}
var changePasswordOptions = new ChangePasswordOptions()
{
NewPassword = model.NewPassword,
};
try
{
var authnResponse = await _idxClient.ChangePasswordAsync(changePasswordOptions, (IIdxContext)Session["idxContext"]).ConfigureAwait(false);
Session["idxContext"] = authnResponse.IdxContext;
switch (authnResponse.AuthenticationStatus)
{
case AuthenticationStatus.Success:
ClaimsIdentity identity = await AuthenticationHelper.GetIdentityFromTokenResponseAsync(_idxClient.Configuration, authnResponse.TokenInfo);
_authenticationManager.SignIn(new AuthenticationProperties(), identity);
return(RedirectToAction("Index", "Home"));
case AuthenticationStatus.AwaitingAuthenticatorEnrollment:
Session["authenticators"] = ViewModelHelper.ConvertToAuthenticatorViewModelList(authnResponse.Authenticators);
TempData["canSkip"] = authnResponse.CanSkip;
return(RedirectToAction("SelectAuthenticator", "Manage"));
case AuthenticationStatus.AwaitingChallengeAuthenticatorSelection:
Session["authenticators"] = ViewModelHelper.ConvertToAuthenticatorViewModelList(authnResponse.Authenticators);
Session["isChallengeFlow"] = true;
return(RedirectToAction("selectAuthenticator", "Manage"));
}
return(View("ChangePassword", model));
}
catch (OktaApiException exception)
{
ModelState.AddModelError("Oops! Something went wrong.", exception.ErrorSummary
?? "Cannot change password. Check if the new password meets the requirements.");
return(View("ChangePassword", model));
}
catch (OktaException exception)
{
ModelState.AddModelError("Oops! Something went wrong.", exception.Message);
return(View("ChangePassword", model));
}
}
protected void _changePassword_Click(object sender, EventArgs e)
{
// *** 10.06.11 kw Moving the logic for validating the password to the User.Rules business rule
// ***
var optionSvc = ApplicationContext.Current.Services.Get <Sage.SalesLogix.Services.ISystemOptionsService>(true);
// get the new password
string newPassword = _newPassword.Text;
// if the value in the new password textbox and the confirm textbox match, attempt to save
if (newPassword == _confirmPassword.Text)
{
// set up the change pwd options
ChangePasswordOptions options = ChangePasswordOptions.CreateNew();
// Check to see if the current user is ADMIN or just normal user
var slxUserService = (Sage.SalesLogix.Security.ISlxUserService)Sage.Platform.Application.ApplicationContext.Current.Services.Get <Sage.Platform.Security.IUserService>(true);
var currentUser = slxUserService.GetUser();
if (currentUser.UserName.ToString().Trim().ToUpper() == "ADMIN")
{
// Get the user name of the person selected from the lookup to change their password
Sage.Entity.Interfaces.IUser us = User.LookupResultValue as IUser;
if (us == null)
{
us = currentUser;
}
// validate the new password against all system pwd options
try
{
us.ValidateUserPassword(newPassword);
}
catch (ValidationException ex)
{
lblMessage.Text = ex.Message;
return;
}
// passed validation, assign new pwd
options.NewPassword = newPassword;
options.UserId = us.Id.ToString();
options.Save();
// If Admin is changing their password then re-authenticate
if (us.UserName == currentUser.UserName)
{
var data = (Sage.SalesLogix.SLXDataService)ApplicationContext.Current.Services.Get <IDataService>(true);
var auth = (Sage.SalesLogix.Web.SLXWebAuthenticationProvider)data.AuthenticationProvider;
auth.AuthenticateWithContext(currentUser.UserName, newPassword);
}
}
else
{
// regular user attempting to change their own password
if (!currentUser.ValidateCurrentPassword(_currentPassword.Text))
{
lblMessage.Text = this.GetLocalResourceObject("currentPasswordValidationFailure").ToString();
return;
}
// validate the new password against all system pwd options
try
{
currentUser.ValidateUserPassword(newPassword);
}
catch (ValidationException ex)
{
lblMessage.Text = ex.Message;
return;
}
// passed validation, assign new pwd
options.NewPassword = newPassword;
options.UserId = currentUser.Id.ToString();
options.Save();
//re-authenticate user with new password
var data = (Sage.SalesLogix.SLXDataService)ApplicationContext.Current.Services.Get <IDataService>(true);
var auth = (Sage.SalesLogix.Web.SLXWebAuthenticationProvider)data.AuthenticationProvider;
auth.AuthenticateWithContext(currentUser.UserName, newPassword);
}
lblMessage.Text = this.GetLocalResourceObject("passwordChangeSuccess").ToString();
if (string.IsNullOrEmpty(newPassword))
{
lblMessage.Text = this.GetLocalResourceObject("PasswordBlank").ToString();
}
}
else
{
_newPassword.Text = string.Empty;
lblMessage.Text = this.GetLocalResourceObject("PasswordNotMatch").ToString();
}
}
protected void _changePassword_Click(object sender, EventArgs e)
{
var optionSvc = ApplicationContext.Current.Services.Get <Sage.SalesLogix.Services.ISystemOptionsService>(true);
SByte minPasswordLength = optionSvc.MinPasswordLength;
bool noBlankPassword = optionSvc.NoBlankPassword;
bool alphaNumPassword = optionSvc.AlphaNumPassword;
bool noNameInPassword = optionSvc.NoNameInPassword;
Regex objAlphaNumericPattern = new Regex("[a-zA-Z][0-9]");
string changingUser = string.Empty;
// Get the user name of the person who's getting their password changed
Sage.Entity.Interfaces.IUser us = User.LookupResultValue as IUser;
if (us != null)
{
changingUser = us.UserName;
}
else
{
changingUser = slxUserService.UserName;
}
string newPassword = _newPassword.Text;
if (Convert.ToInt32(minPasswordLength) != 0)
{
if (newPassword.Length < Convert.ToInt32(minPasswordLength))
{
lblMessage.Text = string.Format(GetLocalResourceObject("minPasswordLength").ToString(), minPasswordLength); // "Password length must be {0} chars or greater!"
return;
}
if (alphaNumPassword && !objAlphaNumericPattern.IsMatch(newPassword))
{
lblMessage.Text = GetLocalResourceObject("alphaNumPassword").ToString();// "Passwords must be alphanumeric!";
return;
}
}
else if (noBlankPassword && newPassword.Length == 0)
{
lblMessage.Text = GetLocalResourceObject("noBlankPassword").ToString();//Passwords can not be blank!";
return;
}
if (noNameInPassword && newPassword.ToUpper().Contains(changingUser.ToUpper()))
{
if (curUser.ToUpper().Contains("ADMIN") && !changingUser.ToUpper().Contains("ADMIN"))
{
lblMessage.Text = GetLocalResourceObject("noNameInPasswordAdmin").ToString(); // "Passwords cannot contain the user name!";
}
else
{
lblMessage.Text = GetLocalResourceObject("noNameInPasswordUser").ToString(); //"Passwords cannot contain your user name!";
}
return;
}
// save values
if (newPassword == _confirmPassword.Text)
{
ChangePasswordOptions options = new ChangePasswordOptions();
options.NewPassword = newPassword;
string curUser = slxUserService.GetUser().Id.ToString();
if (curUser.ToString().Trim() != "ADMIN")
{
options.UserId = curUser;
}
else
{
options.UserId = ((IUser)this.User.LookupResultValue).Id.ToString();
}
options.Save();
var webAuthProvider = ApplicationContext.Current.Services.Get <IAuthenticationProvider>() as SLXWebAuthenticationProvider;
if (webAuthProvider != null)
{
// reset the authentication token, otherwise the OleDb connection string will be out of sync until the next logon
webAuthProvider.AuthenticateWithContext(changingUser, newPassword);
}
if (_newPassword.Text.Length == 0)
{
lblMessage.Text = GetLocalResourceObject("PasswordBlank").ToString();
}
else
{
lblMessage.Text = string.Empty;
}
}
else
{
lblMessage.Text = GetLocalResourceObject("PasswordNotMatch").ToString();
}
}
protected void _changePassword_Click(object sender, EventArgs e)
{
DelphiComponent dc = new DelphiComponent();
Sage.SalesLogix.SystemInformation si = Sage.SalesLogix.SystemInformationRules.GetSystemInfo();
DelphiBinaryReader delphi = new DelphiBinaryReader(si.Data);
dc = delphi.ReadComponent(true);
string minPasswordLength = dc.Properties["MinPasswordLength"].ToString();
bool noBlankPassword = (bool)dc.Properties["NoBlankPassword"];
bool alphaNumPassword = (bool)dc.Properties["AlphaNumPassword"];
bool noNameInPassword = (bool)dc.Properties["NoNameInPassword"];
Regex objAlphaNumericPattern = new Regex("[a-zA-Z][0-9]");
string changingUser = string.Empty;
// Get the user name of the person who's getting their password changed
Sage.Entity.Interfaces.IUser us = User.LookupResultValue as IUser;
if (us != null)
{
changingUser = us.UserName;
}
else
{
changingUser = slxUserService.UserName;
}
string newPassword = _newPassword.Text;
if (Convert.ToInt32(minPasswordLength) != 0)
{
if (newPassword.Length < Convert.ToInt32(minPasswordLength))
{
lblMessage.Text = string.Format(GetLocalResourceObject("minPasswordLength").ToString(), minPasswordLength); // "Password length must be {0} chars or greater!"
return;
}
if (alphaNumPassword && !objAlphaNumericPattern.IsMatch(newPassword))
{
lblMessage.Text = GetLocalResourceObject("alphaNumPassword").ToString();// "Passwords must be alphanumeric!";
return;
}
}
else if (noBlankPassword && newPassword.Length == 0)
{
lblMessage.Text = GetLocalResourceObject("noBlankPassword").ToString();//Passwords can not be blank!";
return;
}
if (noNameInPassword && newPassword.ToUpper().Contains(changingUser.ToUpper()))
{
if (curUser.ToUpper().Contains("ADMIN") && !changingUser.ToUpper().Contains("ADMIN"))
lblMessage.Text = GetLocalResourceObject("noNameInPasswordAdmin").ToString(); // "Passwords cannot contain the user name!";
else
lblMessage.Text = GetLocalResourceObject("noNameInPasswordUser").ToString(); //"Passwords cannot contain your user name!";
return;
}
// save values
if (newPassword == _confirmPassword.Text)
{
ChangePasswordOptions options = new ChangePasswordOptions();
options.NewPassword = newPassword;
string curUser = slxUserService.GetUser().Id;
if (curUser.ToString().Trim() != "ADMIN")
{
options.UserId = curUser;
}
else
{
options.UserId = ((IUser)this.User.LookupResultValue).Id.ToString();
}
options.Save();
if (_newPassword.Text.Length == 0)
{
lblMessage.Text = GetLocalResourceObject("PasswordBlank").ToString();
}
else
{
lblMessage.Text = string.Empty;
}
}
else
{
lblMessage.Text = GetLocalResourceObject("PasswordNotMatch").ToString();
}
}
public async Task ChangePassword()
{
var oktaClient = new OktaClient();
var guid = Guid.NewGuid();
var createdUser = await oktaClient.Users.CreateUserAsync(new CreateUserWithPasswordOptions
{
Profile = new UserProfile
{
FirstName = "John",
LastName = "Test",
Email = $"john-change-pass-dotnet-authn-{guid}@example.com",
Login = $"john-change-pass-dotnet-authn-{guid}@example.com",
},
Password = "******",
Activate = true,
});
var authClient = TestAuthenticationClient.Create();
var authnOptions = new AuthenticateOptions()
{
Username = $"john-change-pass-dotnet-authn-{guid}@example.com",
Password = "******",
MultiOptionalFactorEnroll = true,
WarnBeforePasswordExpired = true,
};
try
{
var authnResponse = await authClient.AuthenticateAsync(authnOptions);
authnResponse.Should().NotBeNull();
authnResponse.AuthenticationStatus.Should().Be(AuthenticationStatus.Success);
await createdUser.ExpirePasswordAsync();
var authnResponse1 = await authClient.AuthenticateAsync(authnOptions);
authnResponse1.Should().NotBeNull();
authnResponse1.AuthenticationStatus.Should().Be(AuthenticationStatus.PasswordExpired);
var changePasswordOptions = new ChangePasswordOptions()
{
StateToken = authnResponse1.StateToken,
OldPassword = "******",
NewPassword = "******",
};
var authnResponse2 = await authClient.ChangePasswordAsync(changePasswordOptions);
authnResponse2.Should().NotBeNull();
authnResponse2.AuthenticationStatus.Should().Be(AuthenticationStatus.Success);
}
finally
{
await createdUser.DeactivateAsync();
await createdUser.DeactivateOrDeleteAsync();
}
}
protected void _changePassword_Click(object sender, EventArgs e)
{
var optionSvc = ApplicationContext.Current.Services.Get<Sage.SalesLogix.Services.ISystemOptionsService>(true);
SByte minPasswordLength = optionSvc.MinPasswordLength;
bool noBlankPassword = optionSvc.NoBlankPassword;
bool alphaNumPassword = optionSvc.AlphaNumPassword;
bool noNameInPassword = optionSvc.NoNameInPassword;
Regex objAlphaNumericPattern = new Regex("[a-zA-Z][0-9]");
string changingUser = string.Empty;
// Get the user name of the person who's getting their password changed
Sage.Entity.Interfaces.IUser us = User.LookupResultValue as IUser;
if (us != null)
{
changingUser = us.UserName;
}
else
{
changingUser = slxUserService.UserName;
}
string newPassword = _newPassword.Text;
if (Convert.ToInt32(minPasswordLength) != 0)
{
if (newPassword.Length < Convert.ToInt32(minPasswordLength))
{
lblMessage.Text = string.Format(GetLocalResourceObject("minPasswordLength").ToString(), minPasswordLength); // "Password length must be {0} chars or greater!"
return;
}
if (alphaNumPassword && !objAlphaNumericPattern.IsMatch(newPassword))
{
lblMessage.Text = GetLocalResourceObject("alphaNumPassword").ToString();// "Passwords must be alphanumeric!";
return;
}
}
else if (noBlankPassword && newPassword.Length == 0)
{
lblMessage.Text = GetLocalResourceObject("noBlankPassword").ToString();//Passwords can not be blank!";
return;
}
if (noNameInPassword && newPassword.ToUpper().Contains(changingUser.ToUpper()))
{
if (curUser.ToUpper().Contains("ADMIN") && !changingUser.ToUpper().Contains("ADMIN"))
lblMessage.Text = GetLocalResourceObject("noNameInPasswordAdmin").ToString(); // "Passwords cannot contain the user name!";
else
lblMessage.Text = GetLocalResourceObject("noNameInPasswordUser").ToString(); //"Passwords cannot contain your user name!";
return;
}
// save values
if (newPassword == _confirmPassword.Text)
{
ChangePasswordOptions options = new ChangePasswordOptions();
options.NewPassword = newPassword;
string curUser = slxUserService.GetUser().Id.ToString();
if (curUser.ToString().Trim() != "ADMIN")
{
options.UserId = curUser;
}
else
{
options.UserId = ((IUser)this.User.LookupResultValue).Id.ToString();
}
options.Save();
var webAuthProvider = ApplicationContext.Current.Services.Get<IAuthenticationProvider>() as SLXWebAuthenticationProvider;
if (webAuthProvider != null)
{
// reset the authentication token, otherwise the OleDb connection string will be out of sync until the next logon
webAuthProvider.AuthenticateWithContext(changingUser, newPassword);
}
if (_newPassword.Text.Length == 0)
{
lblMessage.Text = GetLocalResourceObject("PasswordBlank").ToString();
}
else
{
lblMessage.Text = string.Empty;
}
}
else
{
lblMessage.Text = GetLocalResourceObject("PasswordNotMatch").ToString();
}
}
