Ejemplo n.º 1
0
        public void Create(int employeeId, string userName, bool isDisabled, IEnumerable <int> roleIds)
        {
            SettingsService    settingsService    = new SettingsService(Name);
            MembershipSettings membershipSettings = settingsService.GetMembershipSettings();
            string             password           = settingsService.GetInitialPasswordSettings().InitialPassword;
            string             encryptedPassword  = PasswordSecurity.EncryptPassword(membershipSettings, password, out int crypto, out string key, out string iv);

            XElement xUser = new XElement("User");

            xUser.SetElementValue("EmployeeId", employeeId);
            xUser.SetElementValue("UserName", userName);
            xUser.SetElementValue("LoweredUserName", userName.ToLower());
            xUser.SetElementValue("IsDisabled", isDisabled);
            xUser.SetElementValue("Password", encryptedPassword);
            xUser.SetElementValue("PasswordCrypto", crypto);
            xUser.SetElementValue("PasswordKey", key);
            xUser.SetElementValue("PasswordIV", iv);

            XElement xRoles = new XElement("Roles");

            foreach (int roleId in roleIds)
            {
                XElement xRole = new XElement("Role");
                xRole.SetElementValue("Id", roleId);
                xRoles.Add(xRole);
            }

            if (xRoles.HasElements)
            {
                xUser.Add(xRoles);
            }

            Modifier.Create(xUser);
        }
Ejemplo n.º 2
0
        public static string EncryptPassword(MembershipSettings membershipSettings, string password, out int crypto, out string key, out string iv)
        {
            switch (membershipSettings.PasswordFormat)
            {
            // Clear
            case 0:
                crypto = 0;
                key    = null;
                iv     = null;
                return(password);

            // Hashed
            case 1:
                string salt = Convert.ToBase64String(new RandomNumGenerator().Generate());
                crypto = membershipSettings.PasswordHash;
                key    = null;
                iv     = salt;
                Hasher hasher = CreateHasher(crypto);
                return(hasher.Hash(password, salt));

            // Encrypted
            case 2:
                crypto = membershipSettings.PasswordCrypto;
                SymmetricCryptor cryptor = CreateSymmetricCryptor(crypto);
                key = Convert.ToBase64String(cryptor.Key);
                iv  = Convert.ToBase64String(cryptor.IV);
                return(cryptor.Encrypt(password));

            default:
                throw new NotSupportedException(membershipSettings.PasswordFormat.ToString());     // never
            }
        }
Ejemplo n.º 3
0
        public void ChangePassword(string password, string newPassword)
        {
            XElement xSecurityEntry = ThreadDataStore.RequestInfo.CreateSecurityEntry(ODataQuerier);

            xSecurityEntry.SetElementValue("Operation", "ChangePassword");

            SettingsService    settingsService    = new SettingsService(Name);
            MembershipSettings membershipSettings = settingsService.GetMembershipSettings();

            if (!PasswordSecurity.ValidatePassword(membershipSettings, newPassword, out string[] errorMessages))
Ejemplo n.º 4
0
        protected void UpdateLockedOutState(XElement user, bool isSuccessful)
        {
            DateTime           now                = ODataQuerier.GetNow();
            string             nowString          = new DotNETDateFormatter().Format(now);
            SettingsService    settingsService    = new SettingsService(Name);
            MembershipSettings membershipSettings = settingsService.GetMembershipSettings();

            if (isSuccessful)
            {
                user.SetElementValue("LastLoginDate", nowString);
                user.SetElementValue("FailedPasswordAttemptCount", 0);
            }
            else
            {
                if (membershipSettings.MaxInvalidPasswordAttempts == 0)
                {
                    return;
                }

                int failedCount = int.Parse(user.Element("FailedPasswordAttemptCount").Value);
                if (failedCount > 0)
                {
                    DateTime start = DateTime.Parse(user.Element("FailedPasswordAttemptWindowStart").Value);
                    if ((DateTime.Now - start).TotalMinutes < membershipSettings.PasswordAttemptWindow)
                    {
                        if (failedCount >= membershipSettings.MaxInvalidPasswordAttempts)
                        {
                            user.SetElementValue("IsLockedOut", true.ToString());
                            user.SetElementValue("LastLockoutDate", nowString);
                        }
                        else
                        {
                            failedCount++;
                            user.SetElementValue("FailedPasswordAttemptCount", failedCount);
                        }
                    }
                    else
                    {
                        user.SetElementValue("FailedPasswordAttemptCount", 1);
                        user.SetElementValue("FailedPasswordAttemptWindowStart", nowString);
                    }
                }
                else
                {
                    user.SetElementValue("FailedPasswordAttemptCount", 1);
                    user.SetElementValue("FailedPasswordAttemptWindowStart", nowString);
                }
            }
            Modifier.AppendUpdate(user);
        }
Ejemplo n.º 5
0
        public MembershipSettings GetMembershipSettings()
        {
            MembershipSettings     membershipSettings = new MembershipSettings();
            IEnumerable <XElement> elements           = ODataQuerier.GetCollection("Setting", null, "Catalog eq 'Membership'", null);

            foreach (XElement element in elements)
            {
                string name  = element.Element("Name").Value;
                string value = element.Element("Value").Value;
                switch (name)
                {
                case "PasswordFormat":
                    membershipSettings.PasswordFormat = int.Parse(value);
                    break;

                case "PasswordCrypto":
                    membershipSettings.PasswordCrypto = int.Parse(value);
                    break;

                case "PasswordHash":
                    membershipSettings.PasswordHash = int.Parse(value);
                    break;

                case "MaxInvalidPasswordAttempts":
                    membershipSettings.MaxInvalidPasswordAttempts = int.Parse(value);
                    break;

                case "PasswordAttemptWindow":
                    membershipSettings.PasswordAttemptWindow = int.Parse(value);
                    break;

                case "MinRequiredPasswordLength":
                    membershipSettings.MinRequiredPasswordLength = int.Parse(value);
                    break;

                case "MinRequiredNonAlphanumericCharacters":
                    membershipSettings.MinRequiredNonAlphanumericCharacters = int.Parse(value);
                    break;

                case "PasswordStrengthRegularExpression":
                    membershipSettings.PasswordStrengthRegularExpression = value;
                    break;
                }
            }
            return(membershipSettings);
        }
Ejemplo n.º 6
0
        protected void Validate(MembershipSettings value)
        {
            StringBuilder sb = new StringBuilder();

            if (value.PasswordFormat < 0)
            {
                sb.AppendLine("The PasswordFormat must be one of {Clear, Hashed, Encrypted}");
            }
            if (value.PasswordCrypto < 0)
            {
                sb.AppendLine("The PasswordCrypto must be one of {Aes, DES, RC2, Rijndael, TripleDES}");
            }
            if (value.PasswordHash < 0)
            {
                sb.AppendLine("The PasswordHash must be one of {MD5, SHA1, SHA256, SHA384, SHA512}");
            }
            if (value.MaxInvalidPasswordAttempts < 0)
            {
                sb.AppendLine("The MaxInvalidPasswordAttempts must be a non-negative number");
            }
            if (value.PasswordAttemptWindow < 0)
            {
                sb.AppendLine("The PasswordAttemptWindow must be a non-negative number");
            }
            if (value.MinRequiredPasswordLength < 0)
            {
                sb.AppendLine("The MinRequiredPasswordLength must be a non-negative number");
            }
            if (value.MinRequiredNonAlphanumericCharacters < 0)
            {
                sb.AppendLine("The MinRequiredNonAlphanumericCharacters must be a non-negative number");
            }

            string errorMessage = sb.ToString();

            if (!string.IsNullOrWhiteSpace(errorMessage))
            {
                throw ValidationHelper.CreateValidationException(errorMessage);
            }
        }
Ejemplo n.º 7
0
        public static bool ValidatePassword(MembershipSettings membershipSettings, string password, out string[] errorMessages)
        {
            List <string> errors = new List <string>();

            if (password.Length < membershipSettings.MinRequiredPasswordLength)
            {
                string error = string.Format("The new password must be at least {0} characters long", membershipSettings.MinRequiredPasswordLength);
                errors.Add(error);
            }
            if (membershipSettings.MinRequiredNonAlphanumericCharacters > 0)
            {
                int nonAlphanumericCount = 0;
                foreach (char c in password)
                {
                    if (char.IsLetterOrDigit(c))
                    {
                        continue;
                    }
                    nonAlphanumericCount++;
                }
                if (nonAlphanumericCount < membershipSettings.MinRequiredNonAlphanumericCharacters)
                {
                    string error = string.Format("The new password requires at least {0} non-letter or digit characters", membershipSettings.MinRequiredNonAlphanumericCharacters);
                    errors.Add(error);
                }
            }
            if (!string.IsNullOrWhiteSpace(membershipSettings.PasswordStrengthRegularExpression))
            {
                Match match = Regex.Match(password, membershipSettings.PasswordStrengthRegularExpression);
                if (!match.Success || match.Value != password)
                {
                    string error = string.Format("The new password must match the specified regular expression '{0}'", membershipSettings.PasswordStrengthRegularExpression);
                    errors.Add(error);
                }
            }
            errorMessages = errors.ToArray();
            return(errorMessages.Length == 0);
        }
Ejemplo n.º 8
0
        public void SetMembershipSettings(MembershipSettings value)
        {
            Validate(value);

            IEnumerable <XElement> elements = ODataQuerier.GetCollection("Setting", null, "Catalog eq 'Membership'", null);
            XElement xSettings = new XElement("Settings");

            xSettings.Add(elements);

            XElement xItem = xSettings.Elements().First(x => x.Element("Name").Value == "PasswordFormat");

            xItem.SetElementValue("Value", value.PasswordFormat);

            xItem = xSettings.Elements().First(x => x.Element("Name").Value == "PasswordCrypto");
            xItem.SetElementValue("Value", value.PasswordCrypto);

            xItem = xSettings.Elements().First(x => x.Element("Name").Value == "PasswordHash");
            xItem.SetElementValue("Value", value.PasswordHash);

            xItem = xSettings.Elements().First(x => x.Element("Name").Value == "MaxInvalidPasswordAttempts");
            xItem.SetElementValue("Value", value.MaxInvalidPasswordAttempts);

            xItem = xSettings.Elements().First(x => x.Element("Name").Value == "PasswordAttemptWindow");
            xItem.SetElementValue("Value", value.PasswordAttemptWindow);

            xItem = xSettings.Elements().First(x => x.Element("Name").Value == "MinRequiredPasswordLength");
            xItem.SetElementValue("Value", value.MinRequiredPasswordLength);

            xItem = xSettings.Elements().First(x => x.Element("Name").Value == "MinRequiredNonAlphanumericCharacters");
            xItem.SetElementValue("Value", value.MinRequiredNonAlphanumericCharacters);

            xItem = xSettings.Elements().First(x => x.Element("Name").Value == "PasswordStrengthRegularExpression");
            xItem.SetElementValue("Value", value.PasswordStrengthRegularExpression);

            Modifier.Update(xSettings);
        }