Ejemplo n.º 1
0
 public void AddCredentialAddsToUnderlyingList()
 {
     LoginRequest request = new LoginRequest();
     request.AddCredential(LoginRequest.PasswordCredential, "whoami");
     string actual = NameValuePair.FindNamedValue(request.Credentials, LoginRequest.PasswordCredential);
     Assert.AreEqual("whoami", actual);
 }
Ejemplo n.º 2
0
 public IResponse Execute(ICruiseRequest cruiseRequest)
 {
     Hashtable velocityContext = new Hashtable();
     string userName = cruiseRequest.Request.GetText("userName");
     string template = @"UserNameLogin.vm";
     if (!string.IsNullOrEmpty(userName))
     {
         try
         {
             LoginRequest credentials = new LoginRequest(userName);
             string password = cruiseRequest.Request.GetText("password");
             if (!string.IsNullOrEmpty(password)) credentials.AddCredential(LoginRequest.PasswordCredential, password);
             string sessionToken = farmService.Login(cruiseRequest.ServerName, credentials);
             if (string.IsNullOrEmpty(sessionToken)) throw new CruiseControlException("Login failed!");
             storer.StoreSessionToken(sessionToken);
             template = "LoggedIn.vm";
         }
         catch (Exception error)
         {
             velocityContext["errorMessage"] = error.Message;
         }
     }
     velocityContext["hidePassword"] = hidePassword;
     return viewGenerator.GenerateView(template, velocityContext);
 }
Ejemplo n.º 3
0
 public LoginRequest GenerateCredentials()
 {
     string[] settings = SplitSettings();
     LoginRequest credentials = new LoginRequest(settings[0]);
     credentials.AddCredential(LoginRequest.PasswordCredential, settings[1]);
     return credentials;
 }
Ejemplo n.º 4
0
 public void TestIncorrectUserName()
 {
     UserPasswordAuthentication authentication = new UserPasswordAuthentication("johndoe", "iknowyou");
     LoginRequest credentials = new LoginRequest("janedoe");
     credentials.AddCredential(LoginRequest.PasswordCredential, "iknowyou");
     bool isValid = authentication.Authenticate(credentials);
     Assert.IsFalse(isValid);
 }
Ejemplo n.º 5
0
 public void ToStringSerialisesAllValues()
 {
     LoginRequest request = new LoginRequest();
     request.Identifier = "identifier";
     request.ServerName = "serverName";
     request.SessionToken = "sessionToken";
     request.SourceName = "sourceName";
     request.Timestamp = DateTime.Now;
     request.AddCredential(LoginRequest.UserNameCredential, "johnDoe");
     string actual = request.ToString();
     string expected = string.Format("<loginMessage xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" " +
         "timestamp=\"{4:yyyy-MM-ddTHH:mm:ss.FFFFFFFzzz}\" identifier=\"{0}\" server=\"{1}\" source=\"{2}\" session=\"{3}\">" +
         "<credential name=\"userName\" value=\"johnDoe\" />" +
         "</loginMessage>",
         request.Identifier,
         request.ServerName,
         request.SourceName,
         request.SessionToken,
         request.Timestamp);
     Assert.AreEqual(expected, actual);
 }
Ejemplo n.º 6
0
 public LoginRequest GenerateCredentials()
 {
     LoginRequest credentials = new LoginRequest(Environment.UserName);
     credentials.AddCredential(LoginRequest.DomainCredential, Environment.UserDomainName);
     return credentials;
 }
Ejemplo n.º 7
0
        /// <summary>
        /// Initialise the password.
        /// </summary>
        private void InitialisePassword()
        {
            try
            {
                // Request the public key
                var publicKeyRequest = new ServerRequest();
                var publicKeyResponse = innerConnection.SendMessage("RetrievePublicKey", publicKeyRequest);
                if (publicKeyResponse.Result == ResponseResult.Failure)
                {
                    throw new CommunicationsException("Server does not export a public key: " + publicKeyResponse.ConcatenateErrors());
                }

                // Generate a password 
                var crypto = new RijndaelManaged();
                crypto.KeySize = 128;
                crypto.GenerateKey();
                crypto.GenerateIV();
                cryptoKey = crypto.Key;
                cryptoIv = crypto.IV;
                
                // Encrypt the password
                var passwordKey = Convert.ToBase64String(cryptoKey);
                var passwordIv = Convert.ToBase64String(cryptoIv);
                var provider = new RSACryptoServiceProvider();
                provider.FromXmlString((publicKeyResponse as DataResponse).Data);
                var encryptedPasswordKey = Convert.ToBase64String(
                    provider.Encrypt(
                        UTF8Encoding.UTF8.GetBytes(passwordKey), false));
                var encryptedPasswordIv = Convert.ToBase64String(
                    provider.Encrypt(
                        UTF8Encoding.UTF8.GetBytes(passwordIv), false));

                // Send the password to the server
                var loginRequest = new LoginRequest(encryptedPasswordKey);
                loginRequest.AddCredential(LoginRequest.PasswordCredential, encryptedPasswordIv);
                var loginResponse = innerConnection.SendMessage("InitialiseSecureConnection", loginRequest);
                if (loginResponse.Result == ResponseResult.Failure)
                {
                    throw new CommunicationsException("Server did not allow the connection to be secured: " + loginResponse.ConcatenateErrors());
                }
            }
            catch
            {
                // Reset the password on any exception
                cryptoIv = new byte[0];
                cryptoKey = new byte[0];
                throw;
            }
        }
Ejemplo n.º 8
0
        /// <summary>
        /// Changes the password of the user.
        /// </summary>
        /// <param name="sessionToken">The session token for the current user.</param>
        /// <param name="oldPassword">The person's old password.</param>
        /// <param name="newPassword">The person's new password.</param>
        public override void ChangePassword(string sessionToken, string oldPassword, string newPassword)
        {
            // Retrieve the user
            string userName = GetUserName(sessionToken);
            if (string.IsNullOrEmpty(userName)) throw new SessionInvalidException();
            IAuthentication user = RetrieveUser(userName);
            if (user == null) throw new SessionInvalidException();

            // Validate the old password
            LoginRequest credientals = new LoginRequest(userName);
            credientals.AddCredential(LoginRequest.PasswordCredential, oldPassword);
            if (!user.Authenticate(credientals))
            {
                LogEvent(null, userName, SecurityEvent.ChangePassword, SecurityRight.Deny, "Old password is incorrect");
                throw new SecurityException("Old password is incorrect");
            }

            // Change the password
            LogEvent(null, userName, SecurityEvent.ChangePassword, SecurityRight.Allow, null);
            user.ChangePassword(newPassword);

            // Update the file
            UpdateSetting(user);
        }
Ejemplo n.º 9
0
 private string InitialiseManagerAndLogin(ExternalFileSecurityManager manager, string userName)
 {
     manager.Files = new string[]
         {
             GenerateUsersFile()
         };
     manager.Initialise();
     LoginRequest credentials = new LoginRequest(userName);
     credentials.AddCredential(LoginRequest.PasswordCredential, "whoareyou");
     string session = manager.Login(credentials);
     Assert.IsFalse(string.IsNullOrEmpty(session), "Session has not been allocated");
     return session;
 }