/// <summary>
/// Initializes a new instance of the ZentityUserAdmin class
/// only if the credentials are correct and the user is set as an admin user
/// </summary>
/// <param name="adminUserName">LogOnName of an admin user</param>
/// <param name="adminPassword">Password of the admin user</param>
/// <remarks>
/// The Zentity installation provides a built in administrator account, whose credentials are as
/// provided in the code below.
/// It is highly recommended that the admin password should be changed soon after installing Zentity,
/// and at least one alternate admin account should be created.
/// </remarks>
/// <example>
/// <code>
/// //The ZentityUserAdmin constructor initializes an instance only when valid credentials
/// //for a user with admin rights are provided.
/// //Otherwise the constructor throws AuthenticationException.
/// try
/// {
/// ZentityUserAdmin admin = new ZentityUserAdmin("Administrator", "XXXX");//Supply correct password
/// Console.WriteLine("Administrator logged in.");
/// }
/// //AuthenticationException might be thrown in case of errors in connecting to the authentication store
/// //or if admin credentials are incorrect.
/// catch (AuthenticationException ex)
/// {
/// Console.WriteLine(ex.Message);
/// //In case of database errors the AuthenticationException object will wrap the sql exception.
/// if (ex.InnerException != null)
/// {
/// Console.WriteLine(ex.InnerException.Message);
/// }
/// }
///
/// </code>
/// </example>
public ZentityUserAdmin(string adminUserName, string adminPassword)
{
#region Input Validation
if (string.IsNullOrEmpty(adminUserName))
{
throw new ArgumentNullException("adminUserName");
}
if (string.IsNullOrEmpty(adminPassword))
{
throw new ArgumentNullException("adminPassword");
}
#endregion
try
{
ZentityUser user = new ZentityUser(adminUserName, adminPassword);
if (user.VerifyPassword())
{
if (!DataAccessLayer.IsAdmin(adminUserName))
{
throw new AuthenticationException(ConstantStrings.AdminAuthenticationExceptionMessage);
}
}
else
{
throw new AuthenticationException(ConstantStrings.AdminAuthenticationExceptionMessage);
}
}
catch (TypeInitializationException ex)
{
//// thrown in case of incorrect application configuration
throw new AuthenticationException(ConstantStrings.TypeInitializationExceptionMessage, ex);
}
}
/// <summary>
/// Authenticates a user based on the UserNameSecurityToken passed
/// </summary>
/// <param name="credentialToken">This parameter is expected to be a UserNameSecurityToken</param>
/// <returns>AuthenticatedToken instance for the user if authentication succeeds, null otherwise</returns>
public AuthenticatedToken Authenticate(SecurityToken credentialToken)
{
#region Input validation
// Validate input
if (credentialToken == null)
{
throw new ArgumentNullException("credentialToken");
}
UserNameSecurityToken credential = credentialToken as UserNameSecurityToken;
if (credential == null)
{
throw new ArgumentException(ConstantStrings.InvalidTokenTypeMessage, "credentialToken");
}
#endregion
try
{
// Authenticate user
if (!string.IsNullOrEmpty(credential.UserName) && !string.IsNullOrEmpty(credential.Password))
{
ZentityUser user = new ZentityUser(credential.UserName, credential.Password);
bool authenticated = user.VerifyPassword();
if (authenticated)
{
ZentityAuthenticatedToken token = new ZentityAuthenticatedToken(credential.UserName.ToString());
return(token);
}
}
// If username/password are not provided, or are invalid, return a null token.
return(null);
}
catch (TypeInitializationException ex)
{
// thrown in case of incorrect application configuration
throw new AuthenticationException(ConstantStrings.TypeInitializationExceptionMessage, ex);
}
}
