public override DbxObject GetObject(Instance instance, string type, object rawauthdata) { //bool create; Dictionary<string, object> paramaters; try { paramaters = (Dictionary<string, object>)rawauthdata; } catch { throw new UserErrorException("parameter.invalid", "auth; Invalid structure"); } if (!paramaters.ContainsKey("token")) throw new UserErrorException("parameter.missing", "auth[token]; Required field missing"); string token = ((string)paramaters["token"]); if (String.IsNullOrEmpty(token)) throw new UserErrorException("parameter.invalid", "auth[token]; Token blank"); if (!Tokens.Validate(token)) throw new UserErrorException("parameter.invalid", "auth[token]; Invalid token"); // Locate user with email var objs = instance.LocateEq(type, Locate.GenerateSimple("accesstoken", token)); if (objs.Count < 1) { // User does not exist in database throw new UserErrorException("auth.notregistered", "Token not registered"); } else if (objs.Count > 1) { // Multiple matches throw new UserErrorException("auth.ambigious", "Token ambigious"); // HACK: Need to manage race condition } // Load object var obj = objs[0]; // Logon success return obj; }
// New object public DbxObject(Instance instance, string type, Dictionary<string, object> properties, string srcuid, BlobDetails blob = null) { // Start createMode createMode = true; // Set magic property default this.instance = instance; this.magicOid = 0; this.magicUid = Uids.Generate(type); this.magicType = type; this.magicSerial = Util.SerialNow(); this.magicPredecessor = 0; this.magicCreator = srcuid; // Check access var userLevel = UserLevel(srcuid); if (!DbxObject.Creatable(instance, srcuid, type)) throw new UserErrorException("access.create", "Access violation attempt while creating object '" + type + "' (object level " + userLevel + ")"); // Enable writing writable = true; // Prepare properties this.properties = new Dictionary<string, object>(); // Make sure properties isn't null if (null == properties) properties = new Dictionary<string, object>(); // If property is not defined - set it to be the detault. This is to make sure all triggers and particularly null constraints are fired foreach (var item in Subschema.Properties) { if (!properties.ContainsKey(item.Key) && AccessFields(srcuid, false, true).Contains(item.Key)) { properties[item.Key] = item.Value.DefaultValue; } } // Set properties Set(properties, srcuid, true); // Set blob data if (null != Subschema.Blob) { try { SetBlob(srcuid, blob); } catch (UserErrorException) { // Error occured creating blob - rollback database entry Delete("system"); // Throw error anyway throw; } } // Create trigger (PROBABLY SHOULD HAPPEN BEFORE SET, but validation wouldn't have happened yet) instance.Mode.TriggerCreating(this, magicType, properties, blob, srcuid); // Stop createMode createMode = false; }
public static Mode Select(string mode, Instance instance) { switch (mode) { case "mp": return (Mode)new MP(instance); case "kpb": return (Mode)new KPB(instance); default: throw new Exception("Invalid or unset mode"); } }
public KPB(Instance instance) { this.instance = instance; emailtransport = SendGridMail.Transport.Web.GetInstance(new NetworkCredential(GridMailUsername, GridMailPassword)); // Start queue timer mailqueueTimer.Elapsed += new ElapsedEventHandler(ProcessMailqueueue); mailqueueTimer.Enabled = true; // Start the auto-payment timer autopaymentTimer.Elapsed += new ElapsedEventHandler(ProcessAutopayment); autopaymentTimer.Enabled = true; }
// Load object public DbxObject(Instance instance, long oid, string uid, string type, long serial, long predecessor, string creator, string properties) { // Load magic properties this.instance = instance; this.magicOid = oid; this.magicUid = uid; this.magicType = type; this.magicSerial = serial; this.magicPredecessor = predecessor; this.magicCreator = creator; // Load properties this.properties = Util.JsonDeserialize<Dictionary<string, object>>(properties); if (null == this.properties) this.properties = new Dictionary<string, object>(); }
public static DbxObject Register(Instance instance, string type, string email, string password) { // Check email isn't already in use var objs = instance.LocateEq(type, Locate.GenerateSimple("email", email)); // TODO: Race condition? if (objs.Count > 0) throw new UserErrorException("auth.ambigious", "Invalid address, email already in use '" + email + "'"); // Calculate auth factors var salt = Util.GenerateSalt(32); var authhash = GenerateAuthHash(email, password, salt); // Create object var properties = new Dictionary<string, object>(); properties["email"] = email; properties["authhash"] = authhash; properties["salt"] = salt; return instance.Create(type, "system", properties); }
public override DbxObject GetObject(Instance instance, string type, object rawauthdata) { //bool create; Dictionary<string, object> paramaters; try { paramaters = (Dictionary<string, object>)rawauthdata; //create = authdata.ContainsKey("create") ? (bool)authdata["create"] : false; } catch { throw new UserErrorException("parameter.invalid", "auth; Invalid structure"); } if (!paramaters.ContainsKey("email")) throw new UserErrorException("parameter.missing", "auth[email]; Required field missing"); string email = ((string)paramaters["email"]).ToLowerInvariant(); if (!paramaters.ContainsKey("password")) throw new UserErrorException("parameter.missing", "auth[password]; Required field missing"); string password = (string)paramaters["password"]; // Locate user with email var objs = instance.LocateEq(type, Locate.GenerateSimple("email", email)); if (objs.Count < 1) { // User does not exist in database // if (!create) throw new UserErrorException("auth.notregistered", "email; Email address not registered '" + email + "'"); //return Register(type, email, password); } else if (objs.Count > 1) { // Multiple matches throw new UserErrorException("auth.ambigious", "Ambigous match for email '" + email + "'"); // HACK: Need to manage race condition } // Load object var obj = objs[0]; // Check if we can logon var attempt = GenerateAuthHash(email, password, obj.GetProp("salt", "system").ToString()); if (attempt != obj.GetProp("authhash", "system").ToString()) throw new UserErrorException("auth.badpassword", "password mismatch"); // Invalid password // Logon success return obj; }
public override object GetProgress(Instance instance, string type, object rawauthdata) { throw new NotImplementedException(); }
public MP(Instance instance) { this.instance = instance; }
public static bool Creatable(Instance instance, string srcuid, string type) { // Allow system full access if (srcuid == "system") return true; // Allow DBAs full access if (instance.Configuration.DBAs.Contains(srcuid)) return true; // Load SchemaType var st = instance.Configuration.Schema.Types[type]; // Calculate level required var targetlevel = st.Security.Default.Create; // Try and access with base level if (st.Security.BaseUserLevel(null != srcuid, true) <= targetlevel) return true; // No access return false; }
public abstract object GetProgress(Instance instance, string type, object rawauthdata);
public abstract DbxObject GetObject(Instance instance, string type, object rawauthdata);
public override DbxObject GetObject(Instance instance, string type, object rawauthdata) { DbxObject obj; string access_token; string partner = null; bool tos = false; try { var authdata = (Dictionary<string, object>)rawauthdata; // Get access_token access_token = (string)authdata["access_token"]; // Try and get partneruid if (authdata.ContainsKey("partner")) partner = (string)authdata["partner"]; // Try and get TOS if (authdata.ContainsKey("tos")) tos = (bool)authdata["tos"]; } catch { throw new UserErrorException("parameter.invalid", "auth; Invalid form"); } // Perform FB query string result; try { result = Facebook.WebGet("https://graph.facebook.com/me?fields=id,name,first_name,last_name,link,email,timezone,locale,verified,updated_time&access_token=" + Common.Util.UrlEncode(access_token)); } catch (OAuthException) { throw new ObjectNotExistException(); } // Convert response to objects var ret = new Dictionary<string, object>(); try { ret = Common.Util.JsonDeserialize<Dictionary<string, object>>(result); } catch (Exception) { throw new UserErrorException("upstream", "Unexpected response from Facebook"); } // Extract key values if (ret["id"].ToString() == "0" || ret["id"].ToString() == "") throw new UserErrorException("upstream", "Invalid FBID returned from Facebook"); var fbid = Util.ParseNumber(ret["id"]); string email = ""; if (ret.ContainsKey("email")) email = ((string)ret["email"]).ToLowerInvariant(); // Calculate properties var props = new Dictionary<string, object>(); props["email"] = email; props["fbid"] = fbid; props["creatorModule"] = "auth"; if (ret.ContainsKey("name")) props["dname"] = ret["name"]; if (ret.ContainsKey("name")) props["aname"] = ret["name"]; if (ret.ContainsKey("fbLink")) props["fbLink"] = ret["link"]; if (ret.ContainsKey("fbTimezone")) props["fbTimezone"] = ret["timezone"]; if (ret.ContainsKey("fbLocale")) props["fbLocale"] = ret["locale"]; if (ret.ContainsKey("fbVerified")) props["fbVerified"] = ret["verified"]; if (ret.ContainsKey("fbUpdated")) props["fbUpdated"] = ret["updated_time"]; if (tos) props["tos"] = true; if (null != partner) { // Check object exists try { obj = instance.Uid("partner$" + partner); } catch (ObjectNotExistException) { throw new UserErrorException("parameter.invalid", "Invalid partner reference in 'partner'"); } // Set property props["partner"] = "partner$" + partner; } // Plan A: Try search by ID var objs = instance.LocateEq("user", Locate.GenerateSimple("fbid", fbid)); if (objs.Count == 0) { // User not found, create obj = instance.Create("user", "system", props); } else { // User found, update // Find oldest record (HACK: To handle ambigious matches) obj = objs[0]; foreach (var item in objs) { if (item.Predecessor > 0 && item.Predecessor < obj.Predecessor) obj = item; }; obj = obj.GetWritableInstance(); obj.Set(props, "system"); } // Enforce TOS if (!((bool)obj.GetProp("tos", "system"))) throw new UserErrorException("auth.prerequisite.tos", "Terms of Service has not yet been accepted"); return obj; }
public override object GetProgress(Instance instance, string type, object rawauthdata) { return "reauthenticate"; }