private async Task <LoginUserDetails> AssociateCredential(AuthenticatedUser user) { var result = await _authService.ReadExternalLoginCredential(OwinContext); if (result.ExternalIdentity == null) { // User got here without an external login cookie (or an expired one) // Send them to the logon action return(null); } await _authService.AddCredential(user.User, result.Credential); await RemovePasswordCredential(user.User); // Notify the user of the change var emailMessage = new CredentialAddedMessage( _messageServiceConfiguration, user.User, _authService.DescribeCredential(result.Credential).GetCredentialTypeInfo()); await _messageService.SendMessageAsync(emailMessage); return(new LoginUserDetails { AuthenticatedUser = new AuthenticatedUser(user.User, result.Credential), UsedMultiFactorAuthentication = result.LoginDetails?.WasMultiFactorAuthenticated ?? false }); }
public virtual async Task <JsonResult> GenerateApiKey(string description, string owner, string[] scopes = null, string[] subjects = null, int?expirationInDays = null) { if (string.IsNullOrWhiteSpace(description)) { Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(Strings.ApiKeyDescriptionRequired)); } if (string.IsNullOrWhiteSpace(owner)) { Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(Strings.ApiKeyOwnerRequired)); } // Get the owner scope User scopeOwner = UserService.FindByUsername(owner); if (scopeOwner == null) { Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(Strings.UserNotFound)); } var resolvedScopes = BuildScopes(scopeOwner, scopes, subjects); if (!VerifyScopes(resolvedScopes)) { Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(Strings.ApiKeyScopesNotAllowed)); } // Set expiration var expiration = TimeSpan.Zero; if (_config.ExpirationInDaysForApiKeyV1 > 0) { expiration = TimeSpan.FromDays(_config.ExpirationInDaysForApiKeyV1); if (expirationInDays.HasValue && expirationInDays.Value > 0) { expiration = TimeSpan.FromDays(Math.Min(expirationInDays.Value, _config.ExpirationInDaysForApiKeyV1)); } } var newCredentialViewModel = await GenerateApiKeyInternal(description, resolvedScopes, expiration); var emailMessage = new CredentialAddedMessage( _config, GetCurrentUser(), newCredentialViewModel.GetCredentialTypeInfo()); await MessageService.SendMessageAsync(emailMessage); return(Json(new ApiKeyViewModel(newCredentialViewModel))); }
public virtual async Task <ActionResult> ResetPassword(string username, string token, PasswordResetViewModel model, bool forgot) { // We don't want Login to have us as a return URL // By having this value present in the dictionary BUT null, we don't put "returnUrl" on the Login link at all ViewData[GalleryConstants.ReturnUrlViewDataKey] = null; if (!ModelState.IsValid) { return(ResetPassword(forgot)); } ViewBag.ForgotPassword = forgot; Credential credential = null; try { credential = await AuthenticationService.ResetPasswordWithToken(username, token, model.NewPassword); } catch (InvalidOperationException ex) { ModelState.AddModelError(string.Empty, ex.Message); return(View(model)); } ViewBag.ResetTokenValid = credential != null; if (!ViewBag.ResetTokenValid) { ModelState.AddModelError(string.Empty, Strings.InvalidOrExpiredPasswordResetToken); return(View(model)); } if (credential != null && !forgot) { // Setting a password, so notify the user var emailMessage = new CredentialAddedMessage( _config, credential.User, AuthenticationService.DescribeCredential(credential).GetCredentialTypeInfo()); await MessageService.SendMessageAsync(emailMessage); } return(RedirectToAction("PasswordChanged")); }