string GetCookieValue(UserAccount account)
 {
     return(CryptoHelper.Hash(account.ID.ToString(), account.HashedPassword));
 }
Example #2
0
 void SetMobileCode(MobileCodePurpose purpose)
 {
     this.MobileCode     = CryptoHelper.GenerateNumericCode(MobileCodeLength);
     this.MobileCodeSent = UtcNow;
     this.MobilePurpose  = purpose;
 }
        public void SignInWithLinkedAccount(
            string tenant,
            string providerName,
            string providerAccountID,
            IEnumerable <Claim> claims)
        {
            if (!UserAccountService.Configuration.SecuritySettings.MultiTenant)
            {
                tenant = UserAccountService.Configuration.SecuritySettings.DefaultTenant;
            }

            if (String.IsNullOrWhiteSpace(tenant))
            {
                throw new ArgumentException("tenant");
            }
            if (String.IsNullOrWhiteSpace(providerName))
            {
                throw new ArgumentException("providerName");
            }
            if (String.IsNullOrWhiteSpace(providerAccountID))
            {
                throw new ArgumentException("providerAccountID");
            }
            if (claims == null)
            {
                throw new ArgumentNullException("claims");
            }

            UserAccount account = null;
            var         user    = ClaimsPrincipal.Current;

            if (user.Identity.IsAuthenticated)
            {
                // already logged in, so use the current user's account
                account = this.UserAccountService.GetByID(user.GetUserID());
            }
            else
            {
                // see if there's already an account mapped to this provider
                account = this.UserAccountService.GetByLinkedAccount(tenant, providerName, providerAccountID);
                if (account == null)
                {
                    // no account associated, so create one
                    // we need email
                    var email = claims.GetValue(ClaimTypes.Email);
                    if (String.IsNullOrWhiteSpace(email))
                    {
                        throw new ValidationException("Can't create an account because there was no email from the identity provider.");
                    }

                    // guess at a name to use
                    var name = claims.GetValue(ClaimTypes.Name);
                    if (name == null ||
                        this.UserAccountService.UsernameExists(tenant, name))
                    {
                        name = email;
                    }

                    // check to see if email already exists
                    if (this.UserAccountService.EmailExists(tenant, email))
                    {
                        throw new ValidationException("Can't login with this provider because the email is already associated with another account. Please login with your local account and then associate the provider.");
                    }

                    // auto-gen a password, they can always reset it later if they want to use the password feature
                    // this is slightly dangerous if we don't do email account verification, so if email account
                    // verification is disabled then we need to be very confident that the external provider has
                    // provided us with a verified email
                    var pwd = CryptoHelper.GenerateSalt();
                    account = this.UserAccountService.CreateAccount(tenant, name, pwd, email);
                }
            }

            if (account == null)
            {
                throw new Exception("Failed to locate account");
            }

            // add/update the provider with this account
            account.AddOrUpdateLinkedAccount(providerName, providerAccountID, claims);
            this.UserAccountService.Update(account);

            // signin from the account
            // if we want to include the provider's claims, then perhaps this
            // should be done in the claims transformer
            this.SignIn(account, providerName);
        }
Example #4
0
 protected internal virtual bool VerifyHashedPassword(string password)
 {
     return(CryptoHelper.VerifyHashedPassword(HashedPassword, password));
 }
Example #5
0
 protected internal virtual string HashPassword(string password)
 {
     return(CryptoHelper.HashPassword(password));
 }
Example #6
0
 protected internal virtual string GenerateSalt()
 {
     return(CryptoHelper.GenerateSalt());
 }
Example #7
0
 protected internal virtual string Hash(string value)
 {
     return(CryptoHelper.Hash(value));
 }
Example #8
0
 void IssueMobileCode()
 {
     this.MobileCode     = CryptoHelper.GenerateNumericCode(MembershipRebootConstants.UserAccount.MobileCodeLength);
     this.MobileCodeSent = UtcNow;
 }