Ejemplo n.º 1
0
 public ApiSystemHelper(IConfiguration configuration, CommonLinkUtility commonLinkUtility, MachinePseudoKeys machinePseudoKeys)
 {
     ApiSystemUrl      = configuration["web:api-system"];
     ApiCacheUrl       = configuration["web:api-cache"];
     CommonLinkUtility = commonLinkUtility;
     Skey = machinePseudoKeys.GetMachineConstant();
 }
Ejemplo n.º 2
0
        static SignalrServiceClient()
        {
            Timeout       = TimeSpan.FromSeconds(1);
            Log           = LogManager.GetLogger("ASC");
            SKey          = MachinePseudoKeys.GetMachineConstant();
            Url           = ConfigurationManagerExtension.AppSettings["web.hub.internal"];
            EnableSignalr = !string.IsNullOrEmpty(Url);

            try
            {
                var replaceSetting = ConfigurationManagerExtension.AppSettings["jabber.replace-domain"];
                if (!string.IsNullOrEmpty(replaceSetting))
                {
                    JabberReplaceDomain = true;
                    var q =
                        replaceSetting.Split(new[] { "->" }, StringSplitOptions.RemoveEmptyEntries)
                        .Select(s => s.Trim().ToLowerInvariant())
                        .ToList();
                    JabberReplaceFromDomain = q.ElementAt(0);
                    JabberReplaceToDomain   = q.ElementAt(1);
                }
            }
            catch (Exception)
            {
            }
        }
Ejemplo n.º 3
0
        public void Configure(string name, SignalrServiceClient options)
        {
            options.Log           = Options.CurrentValue;
            options.hub           = name.Trim('/');
            options.TenantManager = TenantManager;
            options.CoreSettings  = CoreSettings;
            options.SKey          = MachinePseudoKeys.GetMachineConstant();
            options.Url           = Configuration["web:hub:internal"];
            options.EnableSignalr = !string.IsNullOrEmpty(options.Url);

            try
            {
                var replaceSetting = Configuration["jabber:replace-domain"];
                if (!string.IsNullOrEmpty(replaceSetting))
                {
                    options.JabberReplaceDomain = true;
                    var q =
                        replaceSetting.Split(new[] { "->" }, StringSplitOptions.RemoveEmptyEntries)
                        .Select(s => s.Trim().ToLowerInvariant())
                        .ToList();
                    options.JabberReplaceFromDomain = q.ElementAt(0);
                    options.JabberReplaceToDomain   = q.ElementAt(1);
                }
            }
            catch (Exception)
            {
            }
        }
Ejemplo n.º 4
0
        public OnlyoShortener()
        {
            url         = ConfigurationManagerExtension.AppSettings["web.url-shortener"];
            internalUrl = ConfigurationManagerExtension.AppSettings["web.url-shortener.internal"];
            sKey        = MachinePseudoKeys.GetMachineConstant();

            if (!url.EndsWith("/"))
            {
                url += '/';
            }
        }
Ejemplo n.º 5
0
        private static string GenerateAccessToken(UserInfo user)
        {
            var userSalt = TfaAppUserSettings.GetSalt(user.ID);

            //from Signature.Create
            var machineSalt  = Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant());
            var token        = Convert.ToBase64String(SHA256.Create().ComputeHash(Encoding.UTF8.GetBytes(userSalt + machineSalt)));
            var encodedToken = HttpServerUtility.UrlTokenEncode(Encoding.UTF8.GetBytes(token));

            return(encodedToken.Substring(0, 10));
        }
Ejemplo n.º 6
0
        public string GetDocKey <T>(T fileId, int fileVersion, DateTime modified)
        {
            var str = string.Format("teamlab_{0}_{1}_{2}_{3}",
                                    fileId,
                                    fileVersion,
                                    modified.GetHashCode(),
                                    Global.GetDocDbKey());

            var keyDoc = Encoding.UTF8.GetBytes(str)
                         .ToList()
                         .Concat(MachinePseudoKeys.GetMachineConstant())
                         .ToArray();

            return(DocumentServiceConnector.GenerateRevisionId(Hasher.Base64Hash(keyDoc, HashAlg.SHA256)));
        }
Ejemplo n.º 7
0
        public OnlyoShortener(
            IConfiguration configuration,
            CommonLinkUtility commonLinkUtility,
            MachinePseudoKeys machinePseudoKeys)
        {
            url         = configuration["web:url-shortener:value"];
            internalUrl = configuration["web:url-shortener:internal"];
            sKey        = machinePseudoKeys.GetMachineConstant();

            if (!url.EndsWith("/"))
            {
                url += '/';
            }
            CommonLinkUtility = commonLinkUtility;
        }
Ejemplo n.º 8
0
        public static string GetDocKey(object fileId, int fileVersion, DateTime modified)
        {
            var str = string.Format("teamlab_{0}_{1}_{2}_{3}",
                                    fileId,
                                    fileVersion,
                                    modified.GetHashCode(),
                                    GetDocDbKey());

            var keyDoc = Encoding.UTF8.GetBytes(str)
                         .ToList()
                         .Concat(MachinePseudoKeys.GetMachineConstant())
                         .ToArray();

            return(Global.InvalidTitleChars.Replace(Hasher.Base64Hash(keyDoc, HashAlg.SHA256), "_"));
        }
Ejemplo n.º 9
0
        protected override Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            if (Convert.ToBoolean(Configuration[Scheme.Name] ?? "false"))
            {
                Log.DebugFormat("Auth for {0} skipped", Scheme.Name);

                return(Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name))));
            }

            try
            {
                Context.Request.Headers.TryGetValue("Authorization", out var headers);

                var header = headers.FirstOrDefault();

                if (string.IsNullOrEmpty(header))
                {
                    Log.Debug("Auth header is NULL");

                    return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Unauthorized.ToString()))));
                }

                var substring = "ASC";

                if (header.StartsWith(substring, StringComparison.InvariantCultureIgnoreCase))
                {
                    var splitted = header.Substring(substring.Length).Trim().Split(':', StringSplitOptions.RemoveEmptyEntries);

                    if (splitted.Length < 3)
                    {
                        Log.DebugFormat("Auth failed: invalid token {0}.", header);

                        return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Unauthorized.ToString()))));
                    }

                    var pkey     = splitted[0];
                    var date     = splitted[1];
                    var orighash = splitted[2];

                    Log.Debug("Variant of correct auth:" + ApiSystemHelper.CreateAuthToken(pkey));

                    if (!string.IsNullOrWhiteSpace(date))
                    {
                        var timestamp = DateTime.ParseExact(date, "yyyyMMddHHmmss", CultureInfo.InvariantCulture);

                        var trustInterval = TimeSpan.FromMinutes(Convert.ToDouble(Configuration["auth:trust-interval"] ?? "5"));

                        if (DateTime.UtcNow > timestamp.Add(trustInterval))
                        {
                            Log.DebugFormat("Auth failed: invalid timesatmp {0}, now {1}.", timestamp, DateTime.UtcNow);

                            return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Forbidden.ToString()))));
                        }
                    }

                    var skey = MachinePseudoKeys.GetMachineConstant();
                    using var hasher = new HMACSHA1(skey);
                    var data = string.Join("\n", date, pkey);
                    var hash = hasher.ComputeHash(Encoding.UTF8.GetBytes(data));

                    if (WebEncoders.Base64UrlEncode(hash) != orighash && Convert.ToBase64String(hash) != orighash)
                    {
                        Log.DebugFormat("Auth failed: invalid token {0}, expect {1} or {2}.", orighash, WebEncoders.Base64UrlEncode(hash), Convert.ToBase64String(hash));

                        return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Forbidden.ToString()))));
                    }
                }
                else
                {
                    Log.DebugFormat("Auth failed: invalid auth header. Sheme: {0}, parameter: {1}.", Scheme.Name, header);

                    return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Forbidden.ToString()))));
                }
            }
            catch (Exception ex)
            {
                Log.Error(ex);

                return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.InternalServerError.ToString()))));
            }
            var identity = new ClaimsIdentity(Scheme.Name);

            Log.InfoFormat("Auth success {0}", Scheme.Name);
            if (HttpContextAccessor?.HttpContext != null)
            {
                HttpContextAccessor.HttpContext.User = new CustomClaimsPrincipal(new ClaimsIdentity(Scheme.Name), identity);
            }
            return(Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name))));
        }
Ejemplo n.º 10
0
 public static T Read <T>(string signature)
 {
     return(Read <T>(signature, Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant())));
 }
Ejemplo n.º 11
0
 public static string Create <T>(T obj)
 {
     return(Create(obj, Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant())));
 }
Ejemplo n.º 12
0
 protected static string GetPasswordHash(Guid userId, string password)
 {
     return(Hasher.Base64Hash(password + userId + Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant()), HashAlg.SHA512));
 }
Ejemplo n.º 13
0
 static ApiSystemHelper()
 {
     ApiSystemUrl = ConfigurationManagerExtension.AppSettings["web.api-system"];
     ApiCacheUrl  = ConfigurationManagerExtension.AppSettings["web.api-cache"];
     Skey         = MachinePseudoKeys.GetMachineConstant();
 }