public AccountService(ICustomerService customerService,
ICustomerImportService customerImportService,
IAccountApplicationStoreService accountApplicationStoreService,
IAccountRepository accountRepository,
ICustomerRepository customerRepository,
IApplicationStoreRepository applicationStoreRepository,
IApplicationRepository applicationRepository,
IResetPasswordTokenFactory resetPasswordTokenFactory,
IEmailSender svcEmail,
IPasswordPolicy passwordPolicy,
IAccountPermissionService accPermissionService,
IRoleRepository roleRepository,
ILockedUpMemberPolicy lockedUpMemberPolicy)
{
this.customerService = customerService;
this.customerImportService = customerImportService;
this.accountApplicationStoreService = accountApplicationStoreService;
this.accPermissionService = accPermissionService;
this.roleRepository = roleRepository;
this.accountRepository = accountRepository;
this.customerRepository = customerRepository;
this.applicationStoreRepository = applicationStoreRepository;
this.applicationRepository = applicationRepository;
this.resetPasswordTokenFactory = resetPasswordTokenFactory;
this.svcEmail = svcEmail;
this.passwordPolicy = passwordPolicy;
this.lockedUpMemberPolicy = lockedUpMemberPolicy;
slack = new SlackMessager <AccountService>();
}
public void SetPassword(string newPassword, IPasswordPolicy passwordPolicy)
{
if (passwordPolicy == null || passwordPolicy.Validate(this.Email, newPassword))
{
this.Password = newPassword.Encrypt();
}
}
public LoginController(IUserRepository userRepository, IServiceBus bus, ITranslationService translationService, IPasswordPolicy passwordPolicy)
{
_userRepository = userRepository;
_bus = bus;
_translationService = translationService;
_passwordPolicy = passwordPolicy;
}
public ResetPasswordTokenAccountApplication(
IComponentContext context,
IResetPasswordTokenFactory resetPasswordTokenFactory,
IAccountService accountService,
ICustomerImportService customerImportService,
IResetPasswordTokenRepository resetPasswordTokenRepository,
IApplicationStoreRepository applicationStoreRepository,
IPasswordLogRepository passwordLogRepository,
IEmailSender svcEmail,
ILockedUpMemberPolicy lockedUpMemberPolicy,
ILockMemberPolicy lockMemberPolicy,
IPasswordPolicy passwordPolicy,
IAccountRepository accountRepository)
: base(context, resetPasswordTokenRepository, applicationStoreRepository)
{
this.resetPasswordTokenFactory = resetPasswordTokenFactory;
this.accountService = accountService;
this.customerImportService = customerImportService;
this.applicationStoreRepository = applicationStoreRepository;
this.passwordLogRepository = passwordLogRepository;
this.svcEmail = svcEmail;
this.lockedUpMemberPolicy = lockedUpMemberPolicy;
this.lockMemberPolicy = lockMemberPolicy;
this.passwordPolicy = passwordPolicy;
this.accountRepository = accountRepository;
}
public static void FromLegacy(
this MembershipRebootConfiguration config,
INotificationService notificationService,
IPasswordPolicy passwordPolicy)
{
if (config == null) throw new ArgumentNullException("config");
if (notificationService != null)
{
config.AddEventHandler(new NotificationServiceEventHandler(notificationService));
if (config.SecuritySettings.RequireAccountVerification)
{
config.AddEventHandler(new NotificationServiceAccountCreatedEventHandler(notificationService));
}
}
if (passwordPolicy != null)
{
config.RegisterPasswordValidator(new DelegateValidator(
(svc, acct, password) =>
{
if (!passwordPolicy.ValidatePassword(password))
{
return new ValidationResult("Invalid password: " + passwordPolicy.PolicyMessage);
}
return null;
}));
}
}
public PasswordChanger(IPasswordPolicy policy,
IPasswordAuthenticationService authService,
ICurrentUserReader userReader,
IUserPasswordUpdater updater,
IGetsTransaction transactionCreator)
{
if (transactionCreator == null)
{
throw new ArgumentNullException(nameof(transactionCreator));
}
if (updater == null)
{
throw new ArgumentNullException(nameof(updater));
}
if (userReader == null)
{
throw new ArgumentNullException(nameof(userReader));
}
if (authService == null)
{
throw new ArgumentNullException(nameof(authService));
}
if (policy == null)
{
throw new ArgumentNullException(nameof(policy));
}
this.policy = policy;
this.authService = authService;
this.userReader = userReader;
this.updater = updater;
this.transactionCreator = transactionCreator;
}
public static void FromLegacy(
this MembershipRebootConfiguration config,
INotificationService notificationService,
IPasswordPolicy passwordPolicy)
{
if (config == null)
{
throw new ArgumentNullException("config");
}
if (notificationService != null)
{
config.AddEventHandler(new NotificationServiceEventHandler(notificationService));
if (config.SecuritySettings.RequireAccountVerification)
{
config.AddEventHandler(new NotificationServiceAccountCreatedEventHandler(notificationService));
}
}
if (passwordPolicy != null)
{
config.RegisterPasswordValidator(new DelegateValidator(
(svc, acct, password) =>
{
if (!passwordPolicy.ValidatePassword(password))
{
return(new ValidationResult("Invalid password: " + passwordPolicy.PolicyMessage));
}
return(null);
}));
}
}
public LoginController(IUserRepository userRepository, IServiceBus bus, ITranslationService translationService, IPasswordPolicy passwordPolicy)
{
_userRepository = userRepository;
_bus = bus;
_translationService = translationService;
_passwordPolicy = passwordPolicy;
}
/// <summary>
/// Generate a new password
/// </summary>
/// <param name="policy">Policy that should be used when generating a new password.</param>
/// <returns>A password which is not encrypted.</returns>
/// <remarks>Uses characters which can't be mixed up along with <![CDATA["@!?&%/\"]]> if non alphas are required</remarks>
public static string GeneratePassword(this IPasswordPolicy policy)
{
var length = _random.Next(policy.PasswordMinimumLength, policy.PasswordMinimumLength + 5);
var password = "";
var allowedCharacters = "abcdefghjkmnopqrstuvxtzABCDEFGHJKLMNPQRSTUVXYZ23456789";
var alphas = "@!?&%/\\";
if (policy.MinRequiredNonAlphanumericCharacters > 0)
{
allowedCharacters += alphas;
}
var nonAlphaLeft = policy.MinRequiredNonAlphanumericCharacters;
for (var i = 0; i < length; i++)
{
var ch = allowedCharacters[_random.Next(0, allowedCharacters.Length)];
if (alphas.IndexOf(ch) != -1)
{
nonAlphaLeft--;
}
if (length - i <= nonAlphaLeft)
{
ch = alphas[_random.Next(0, alphas.Length)];
}
password += ch;
}
return(password);
}
public Password(
string password,
IPasswordPolicy policy)
{
this.password = password.Trim();
this.policy = policy;
}
public PasswordRecoveryService(IConfirmationCodeService confirmationCodeService,
IPasswordPolicy passwordPolicy, IPasswordHasher passwordHasher)
{
_passwordHasher = passwordHasher;
_confirmationCodeService = confirmationCodeService;
_passwordPolicy = passwordPolicy;
}
public CustomerImportService(ICustomerImportRepository customerImportRepository, IPasswordPolicy passwordPolicy, IIORepository ioRepository, ICustomerImportFileInfraService customerImportInfraService, IRequisitionRepository requisitionRepository)
{
this.customerImportRepository = customerImportRepository;
this.passwordPolicy = passwordPolicy;
this.ioRepository = ioRepository;
this.customerImportInfraService = customerImportInfraService;
this.requisitionRepository = requisitionRepository;
}
public static PassportBuilder Create(IPasswordPolicy policy)
{
if (policy == null)
{
return(null);
}
return(new PassportBuilder(policy));
}
public static List <T> AutoSetPassword <T>(this IPasswordPolicy policy, List <T> @objects, Expression <Func <T, string> > propertyAccessor)
{
foreach (var @object in @objects)
{
policy.AutoSetPassword <T>(@object, propertyAccessor);
}
return(@objects);
}
public UserAccountService(
IUserAccountRepository userAccountRepository,
NotificationService notificationService,
IPasswordPolicy passwordPolicy)
{
this.userRepository = userAccountRepository;
this.notificationService = notificationService;
this.passwordPolicy = passwordPolicy;
}
public static List <T> RenderPassword <T>(this IPasswordPolicy policy, List <T> @objects, Action <T, RandomSecurePassword> result)
{
foreach (var @object in @objects)
{
policy.RenderPassword <T>(@object, result);
}
return(@objects);
}
public static T AutoSetPassword <T>(this IPasswordPolicy policy, T @object, Expression <Func <T, string> > propertyAccessor)
{
var password = policy.Generate();
Expression <Action <T, string> > assigner = SetPropertyValue(propertyAccessor);
assigner.Compile()(@object, password.SecurePassword);
return(@object);
}
public UserService(IUserCommands userCommands, IUserQueries userQueries, [ImportMany] IEnumerable <Lazy <IPasswordStrategy, IPrioritisedMefMetaData> > passwordStrategies,
IPasswordPolicy passwordPolicy, IOAuthRegisteredClientCollection oAuthRegisteredClientCollection)
{
_userCommands = userCommands;
_userQueries = userQueries;
_passwordStrategy = passwordStrategies.OrderByDescending(x => x.Metadata.Priority).First().Value;
_passwordPolicy = passwordPolicy;
_oAuthRegisteredClientCollection = oAuthRegisteredClientCollection;
}
/// <summary>
/// Determines whether the password is valid by going through all defined policies.
/// </summary>
/// <param name="passwordPolicy">The password policy.</param>
/// <param name="password">The password.</param>
/// <returns>
/// <c>true</c> if the password is valid; otherwise, <c>false</c>.
/// </returns>
public static bool IsPasswordValid(this IPasswordPolicy passwordPolicy, string password)
{
var alphaCount = password.Count(ch => !char.IsLetterOrDigit(ch));
if (alphaCount < passwordPolicy.MinRequiredNonAlphanumericCharacters)
{
return(false);
}
return(password.Length >= passwordPolicy.PasswordMinimumLength);
}
public AccountApplication(
IComponentContext context,
IAccountService accountService,
IAccountRepository accountRepository,
IEmailSender svcEmail,
ILockedUpMemberPolicy lockedUpMemberPolicy,
ILockMemberPolicy lockMemberPolicy,
IPasswordPolicy passwordPolicy,
IApplicationStoreRepository applicationStoreRepository,
IResetPasswordTokenRepository resetPasswordTokenRepository,
IApplicationRepository applicationRepository,
IStoreRepository storeRepositoy,
IAccountRoleRepository accountRoleRepository,
IRoleRepository roleRepository,
IPermissionRepository permissionRepository,
IResourceRepository resourceRepository,
ICustomerImportService customerImportService,
IResetPasswordTokenService resetPasswordTokenService,
IPasswordLogRepository passwordLogRepository,
IApplicationStoreService applicationStoreService,
ICustomerRepository customerRepository,
IAccountPermissionService accPermissionService,
IAccountInfraService accountInfraService)
: base(context)
{
this.svcEmail = svcEmail;
this.lockedUpMemberPolicy = lockedUpMemberPolicy;
this.lockMemberPolicy = lockMemberPolicy;
this.passwordPolicy = passwordPolicy;
this.accountService = accountService;
this.applicationStoreRepository = applicationStoreRepository;
this.resetPasswordTokenRepository = resetPasswordTokenRepository;
this.applicationRepository = applicationRepository;
this.storeRepositoy = storeRepositoy;
this.accountRoleRepository = accountRoleRepository;
this.roleRepository = roleRepository;
this.permissionRepository = permissionRepository;
this.resourceRepository = resourceRepository;
this.passwordLogRepository = passwordLogRepository;
this.customerImportService = customerImportService;
this.resetPasswordTokenService = resetPasswordTokenService;
this.applicationStoreService = applicationStoreService;
this.accPermissionService = accPermissionService;
this.accountRepository = accountRepository;
this.customerRepository = customerRepository;
if (context.TryResolveNamed(FieldType.Account.ToLower(), typeof(IMetadataService), out var metadataService))
{
this.metadataService = metadataService as IMetadataService;
}
this.accountInfraService = accountInfraService;
}
public UserAccountService(
IUserAccountRepository userAccountRepository,
INotificationService notificationService,
IPasswordPolicy passwordPolicy)
{
if (userAccountRepository == null) throw new ArgumentNullException("userAccountRepository");
var config = new MembershipRebootConfiguration();
config.FromLegacy(notificationService, passwordPolicy);
this.InitFromConfiguration(config, userAccountRepository);
}
public UserAccountService(
IUserAccountRepository userAccountRepository,
INotificationService notificationService,
IPasswordPolicy passwordPolicy)
{
if (userAccountRepository == null) throw new ArgumentNullException("userAccountRepository");
this.userRepository = userAccountRepository;
this.notificationService = notificationService;
this.passwordPolicy = passwordPolicy;
}
public bool IsPasswordCompliant
(
IPasswordPolicy passwordPolicy,
string password
)
{
return(passwordPolicy switch
{
PasswordCharAmountPolicy charAmountPolicy => IsPasswordCharAmountPolicyCompliant(charAmountPolicy, password),
PasswordCharInOnePositionPolicy charInPositionPolicy => IsPasswordCharInRangePolicyCompliant(charInPositionPolicy, password),
_ => throw new NotSupportedException($"Password policy {passwordPolicy.GetType()} unknown")
});
public UserRepository(
ISession session,
IPasswordPolicy passwordPolicy,
IApplicationSettings applicationSettings,
IEncryptor encryptor
)
{
_session = session;
_passwordPolicy = passwordPolicy;
_applicationSettings = applicationSettings;
_encryptor = encryptor;
}
public static int CountValidPasswords(IPasswordPolicy policy, List <string> input)
{
return(input
.Count(i =>
{
var policyString = i.Split(':')[0];
var password = i.Split(separator: ':')[1].Trim();
policy.Parse(policyString);
return policy.Validate(password);
}));
}
public UserAccountService(
IUserAccountRepository userAccountRepository,
INotificationService notificationService,
IPasswordPolicy passwordPolicy)
{
if (userAccountRepository == null)
{
throw new ArgumentNullException("userAccountRepository");
}
this.userRepository = userAccountRepository;
this.notificationService = notificationService;
this.passwordPolicy = passwordPolicy;
}
public static string RenderUniquePassword(this IPasswordPolicy policy, Func <string, bool> result, int maxAttempt = 3)
{
bool status;
string finalPassword;
do
{
RandomSecurePassword securePassword = policy.Generate();
finalPassword = securePassword.SecurePassword;
status = result(finalPassword);
maxAttempt--;
} while (status && maxAttempt > 0);
return(status == false ? finalPassword : string.Empty);
}
public UserAccountService(
IUserRepository userAccountRepository,
INotificationService notificationService,
IPasswordPolicy passwordPolicy,
IMembershipSettings settings,
IUnitOfWork unitOfWork)
{
_settings = settings;
_unitOfWork = unitOfWork;
if (userAccountRepository == null) throw new ArgumentNullException("userAccountRepository");
this.userRepository = userAccountRepository;
this.notificationService = notificationService;
this.passwordPolicy = passwordPolicy;
}
static MembershipRebootConfiguration ConfigFromDeprecatedInterfaces(
IUserAccountRepository userAccountRepository,
INotificationService notificationService,
IPasswordPolicy passwordPolicy)
{
if (userAccountRepository == null)
{
throw new ArgumentNullException("userAccountRepository");
}
var config = new MembershipRebootConfiguration(SecuritySettings.Instance, new DelegateFactory(() => userAccountRepository));
config.FromLegacy(notificationService, passwordPolicy);
return(config);
}
public object ValidatePassword(string password, IPasswordPolicy passwordPolicy)
{
try
{
if (passwordPolicy != null)
{
passwordPolicy.Validate(this.Email, password);
}
return(null);
}
catch (PasswordException ex)
{
return(ex.Issues);
}
}
public UserAccountService(
IUserRepository userAccountRepository,
INotificationService notificationService,
IPasswordPolicy passwordPolicy,
IMembershipSettings settings,
IUnitOfWork unitOfWork)
{
_settings = settings;
_unitOfWork = unitOfWork;
if (userAccountRepository == null)
{
throw new ArgumentNullException("userAccountRepository");
}
this.userRepository = userAccountRepository;
this.notificationService = notificationService;
this.passwordPolicy = passwordPolicy;
}
public void ChangeOwnPassword_returns_success_response_when_request_is_valid([Frozen] IPasswordPolicy policy,
[Frozen] IPasswordAuthenticationService authService,
[LoggedIn] User currentUser,
PasswordChanger sut,
PasswordChangeRequest request)
{
// Arrange
Mock.Get(authService)
.Setup(x => x.Authenticate(It.IsAny <IPassword>()))
.Returns(Mock.Of <CSF.Security.Authentication.IAuthenticationResult>(x => x.Success == true));
Mock.Get(policy)
.Setup(x => x.IsPasswordOk(request.NewPassword, currentUser))
.Returns(true);
request.ConfirmNewPassword = request.NewPassword;
// Act
var result = sut.ChangeOwnPassword(request);
// Assert
Assert.IsTrue(result.Success);
}
public CustomerImportApplication(
IComponentContext context,
ICustomerImportRepository customerImportRepository,
ICustomerImportService customerImportService,
IResetPasswordTokenRepository resetPasswordTokenRepository,
IApplicationStoreRepository applicationStoreRepository,
IPasswordLogRepository passwordLogRepository,
IPasswordPolicy passwordPolicy,
IAccountService accountService,
IRoleRepository roleRepository)
: base(context)
{
this.customerImportRepository = customerImportRepository;
this.customerImportService = customerImportService;
this.resetPasswordTokenRepository = resetPasswordTokenRepository;
this.applicationStoreRepository = applicationStoreRepository;
this.passwordLogRepository = passwordLogRepository;
this.passwordPolicy = passwordPolicy;
this.accountService = accountService;
this.roleRepository = roleRepository;
}
private static void Generate(PasswordGeneratorArguments parsedArguments)
{
IPasswordPolicy <string, int> passwordPolicy = PasswordPolicyFactory.Create(parsedArguments.PasswordPolicy);
if (parsedArguments.PasswordPolicy == PasswordPolicyType.User)
{
ILengthStrategy lengthStrategy = parsedArguments.LengthPolicy == LengthStrategyType.Fixed
? new FixedLengthStrategy(parsedArguments.PasswordLength) as
ILengthStrategy
: new VariableLengthStrategy(parsedArguments.MinPasswordLength,
parsedArguments.MaxPasswordLength);
passwordPolicy
.WithLengthStategy(lengthStrategy)
.UseCatalog(StringCatalogFactory.Create(parsedArguments.Catalog))
.UseRandom(RandomGeneratorFactory.Create(parsedArguments.RandomGeneration));
}
IPasswordGenerator <string> generator = new StringPasswordGenerator(passwordPolicy);
for (int i = 0; i < parsedArguments.Count; i++)
{
System.Console.WriteLine(generator.Generate());
}
}
public UserManager(ISecurityDataContext context, IPasswordPolicy passwordPolicy)
{
this.context = context;
this.passwordPolicy = passwordPolicy;
}
public UsuarioService(IUsuarioDataContext context, IPasswordPolicy passwordPolicy, ISecurityContext securityContext, IUserManager userManager)
: base(context, securityContext)
{
this.passwordPolicy = passwordPolicy;
this.userManager = userManager;
}
/// <summary>
/// Checks if the specified password is valid
/// </summary>
/// <param name="password">Password being checked</param>
/// <param name="passwordPolicy">Policy used to validate password.</param>
/// <returns></returns>
public bool IsValid(string password, IPasswordPolicy passwordPolicy)
{
return passwordPolicy.IsPasswordValid(password);
}
/// <summary>
/// Generate a new password
/// </summary>
/// <param name="policy">Policy that should be used when generating a new password.</param>
/// <returns>A password which is not encrypted.</returns>
public string GeneratePassword(IPasswordPolicy policy)
{
return policy.GeneratePassword();
}
public UserAccountService(IUserAccountRepository userAccountRepository, INotificationService notificationService, IPasswordPolicy passwordPolicy)
: this(ConfigFromDeprecatedInterfaces(userAccountRepository, notificationService, passwordPolicy))
{
}
static MembershipRebootConfiguration ConfigFromDeprecatedInterfaces(
IUserAccountRepository userAccountRepository,
INotificationService notificationService,
IPasswordPolicy passwordPolicy)
{
if (userAccountRepository == null) throw new ArgumentNullException("userAccountRepository");
var config = new MembershipRebootConfiguration(SecuritySettings.Instance, new DelegateFactory(() => userAccountRepository));
config.FromLegacy(notificationService, passwordPolicy);
return config;
}
