public bool ChangePass(Guid sid, string user, Guid token, string newPass)
{
if (!Guid.Empty.Equals(sid))
{
if (resetTokens.ContainsKey(token))
{
ModuleRuntimeSession sess = Session.Prov.Get(sid);
if (sess != null)
{
IIdentityProvider idProv = IdentityManager.Instance.GetProvider(ctx);
UserIdentityBase userId = idProv.Get(resetTokens[token].Token);
if (userId != null && userId.UserState != UserState.Dead)
{
IAuthenticationProvider authProv = AuthenticationManager.Instance.GetProvider(ctx);
if (authProv.AddCredential(userId, new UserPasswordCredential(user, newPass)))
{
resetTokens.Remove(token);
sess.SetUserBinding(userId.Uid, sess.Binding);
Session.Prov.Update(sess);
return(true);
}
}
}
}
}
return(false);
}
private void SignUp(HttpContext context, CancellationToken cancel)
{
string url = this.ActivateUrl;
if (!string.IsNullOrEmpty(url))
{
IQueryCollection qry = context.Request.Query;
string ty = qry[type];
if (knownType.Equals(ty))
{
string u = qry[user];
if (!string.IsNullOrEmpty(u))
{
string p = qry[pass];
if (!string.IsNullOrEmpty(p))
{
if (ValidUserEmail(u))
{
IIdentityProvider idProv = IdentityManager.Instance.GetProvider(ctx);
if (!idProv.Exists(u))
{
IAuthenticationProvider authProv = AuthenticationManager.Instance.GetProvider(ctx);
UserIdentityBase user = idProv.CreateUser(u);
user.UserState = UserState.Pending;
idProv.Update(user);
UserPasswordCredential cred = new UserPasswordCredential(u, p);
if (authProv.AddCredential(user, cred))
{
Guid token = Authenticator.Instance.Reset(u, false); //create a reset token
//notice we create a url with the token at the end, this COULD map to the REST api directly - but is expected instead not to
//we instead expect this to be a simple page that makes the rest request and "looks pretty" to confirm and perhaps send the user then back to the signin page.
if (url.EndsWith("?"))
{
url = url + token.ToString();
}
else
{
url = url + "?" + token.ToString();
}
if (SendEmail(u, url, false))
{
RestUtils.Push(context.Response, JsonOpStatus.Ok);
return;
}
else
{
idProv.Delete(user.Uid);
authProv.DeleteCredential(user, cred);
RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"Couldn't send email\"");
return;
}
}
else
{
idProv.Delete(user.Uid);
authProv.DeleteCredential(user, cred);
RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"Couldn't set credential\"");
return;
}
}
else
{
RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"UserExists\"");
return;
}
}
else
{
RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"InvalidEmail\"");
return;
}
}
}
}
}
RestUtils.Push(context.Response, JsonOpStatus.Failed);
}
static void DoWork(string[] args)
{
AuthenticationManager.Instance.Bootstrap();
Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State);
if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Bootstrapped)
{
return;
}
AuthenticationManager.Instance.Initialize();
Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State);
if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Initialized)
{
return;
}
AuthenticationManager.Instance.Start();
Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State);
if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Running)
{
return;
}
LocalSystemUser u = new LocalSystemUser(SecurityUtils.AdminIdentity, "Admin", UserState.Active);
UserSecurityContext ctx = new UserSecurityContext(u);
string myUname = "*****@*****.**";
IIdentityProvider accts = IdentityManager.Instance.GetProvider(ctx);
UserIdentityBase user = null;
if (!accts.Exists(myUname))
{
Console.WriteLine("Creating user account");
user = accts.CreateUser(myUname);
}
else
{
Console.WriteLine("Fetching user account");
IEnumerable <UserIdentityBase> users = accts.Get(myUname, UserType.Person);
if (users != null)
{
foreach (UserIdentityBase cur in users)
{
user = cur;
break;
}
}
}
if (user == null)
{
Console.WriteLine("Failed to get/create user");
return;
}
IAuthenticationProvider provider = AuthenticationManager.Instance.GetProvider(ctx);
UserPasswordCredential cred = new UserPasswordCredential(myUname, "Hello World");
IUserIdentity u2 = provider.Authenticate(cred);
if (u2 == null)
{
Console.WriteLine("Didn't authenticate -- adding credential");
if (!provider.AddCredential(user, cred))
{
Console.WriteLine("Failed to add credential");
return;
}
u2 = provider.Authenticate(cred);
if (u2 == null)
{
Console.WriteLine("Didn't authenticate -- giving up");
return;
}
else
{
Console.WriteLine("Authenticated second try");
}
}
else
{
Console.WriteLine("Authenticated first try");
}
Console.WriteLine("Replacing credential with same (should fail)");
if (provider.ReplaceCredential(u2, cred, cred))
{
Console.WriteLine("Replace credential succeeded -- a failing result");
return;
}
else
{
Console.WriteLine("Replace credential failed -- a successful result");
}
UserPasswordCredential cred2 = new UserPasswordCredential(myUname, "Alabaster Barkers 123");
Console.WriteLine("Replacing credential with different (should succeed)");
if (provider.ReplaceCredential(u2, cred, cred2))
{
Console.WriteLine("Replace credential succeeded -- a successful result");
}
else
{
Console.WriteLine("Replace credential failed -- a failing result");
return;
}
u2 = provider.Authenticate(cred);
if (u2 == null)
{
Console.WriteLine("Didn't authenticate with old credential -- successful");
u2 = provider.Authenticate(cred2);
if (u2 != null)
{
Console.WriteLine("Authenticated with new credential -- successful");
return;
}
}
Console.WriteLine("Password change didn't work out");
}
