public async Task <GeneratePasswordResetResponse> Handle(GeneratePasswordResetTokenRequest request, CancellationToken cancellationToken) { var user = await this.Database.PrepareAndExecute(new GetUserByEmailQuery(), request.User); if (user.Id == null) { // no user was found by that email, but we don't want the user to know that. The process still completes, // so it is a success, we just stop here. return(new GeneratePasswordResetResponse() { IsSuccess = true }); } var token = Guid.NewGuid(); var credential = CredentialGenerator.GenerateTokenCredential(token); credential.User = user; credential.CreatedBy = user; await this.Database.PrepareAndExecute(new InsertNewCredentialQuery(), credential); // send email to user var message = EmailMessage.ResetPassword($"{context.Request.Host}/reset/{token}"); Email.SendTo(this.credentials.Value, message, user); return(new GeneratePasswordResetResponse() { IsSuccess = true }); }
public void Setup() { _awsCredentialProvider = A.Fake <IAWSCredentialProvider>(); A.CallTo(() => _awsCredentialProvider.GetCredentials()) .Returns(new AWSCredentials { AccessKey = "access_key", SecretKey = "secret_key" }); _clock = A.Fake <IClock>(); A.CallTo(() => _clock.UtcNow) .Returns(new DateTime(2021, 03, 20, 06, 11, 53, DateTimeKind.Utc)); _generator = new CredentialGenerator(_awsCredentialProvider, _clock); }
public static List <CredentialGenerator> getAllGenerators(bool isMultiUser) { string dataDir = Util.GetEnvironmentVariable("CPP_TESTOUT"); List <CredentialGenerator> generators = new List <CredentialGenerator>(); foreach (CredentialGenerator.ClassCode code in Enum.GetValues( typeof(CredentialGenerator.ClassCode))) { CredentialGenerator gen = CredentialGenerator.Create(code, isMultiUser); if (gen != null) { gen.Init(dataDir, dataDir); generators.Add(gen); } } return(generators); }
private static void InitUsers(IRepository repository) { Console.WriteLine("------------ Initializing users ------------"); var users = Config.GetUsers(); var role = repository.Single <Role>(x => x.Name == "admin"); foreach (var user in users) { var password = CredentialGenerator.GeneratePassword(10); user.RoleId = role.Id; user.Password = BCrypt.Net.BCrypt.HashPassword(password); repository.Add(user); Console.WriteLine("New user added"); Console.WriteLine($"Username: {user.Username}"); Console.WriteLine($"Password: {password}"); Console.WriteLine(""); } }
static void Main(string[] args) { if (args.Length > 0 && args[0] == "get") { var parameters = ReadParameters(); // In case the credential helper is accidentally used for a non-CodeCommit repo, not writing // anything will cause git to fall back. if (!parameters.Host.Contains("amazon.com", StringComparison.OrdinalIgnoreCase) && !parameters.Host.Contains("amazonaws.com", StringComparison.OrdinalIgnoreCase)) { return; } var(username, password) = new CredentialGenerator().GenerateCredentials(parameters); Console.Out.Write($"username={username}\npassword={password}\n"); Console.Out.Flush(); } }
private static void InitClient(IRepository repository) { Console.WriteLine("------------ Initializing clients ------------"); var clients = Config.GetClients(); foreach (var client in clients) { var secret = CredentialGenerator.GenerateClientSecret(40); client.ClientSecrets = new List <Secret> { new Secret(secret.Sha256()) }; repository.Add(client); Console.WriteLine("New client added"); Console.WriteLine($"ClientId: {client.ClientId}"); Console.WriteLine($"ClientSecret: {secret}"); Console.WriteLine(""); } }
void runThinClientWriterExceptionTest() { CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true)) { for (int i = 1; i <= 2; ++i) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); //TODO: its not working for multiuser mode.. need to fix later if (cGen.GetClassCode() == CredentialGenerator.ClassCode.PKCS) { continue; } Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; Util.Log("ThinClientWriterException: Using authinit: " + authInit); Util.Log("ThinClientWriterException: Using authenticator: " + authenticator); Util.Log("ThinClientWriterException: Using accessor: " + accessor); // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); // Start the server. CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); // Start client1 with valid CREATE credentials Properties <string, string> createCredentials = authzGen.GetDisallowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 1); javaProps = cGen.JavaProperties; Util.Log("DisallowPuts: For first client PUT credentials: " + createCredentials); m_client1.Call(SecurityTestUtil.CreateClientR0, RegionName, CacheHelper.Locators, authInit, createCredentials); Util.Log("Creating region in client1 , no-ack, no-cache, with listener and writer"); m_client1.Call(CreateRegion, CacheHelper.Locators, true, true, true); m_client1.Call(RegisterAllKeys, new string[] { RegionName }); try { Util.Log("Trying put Operation"); m_client1.Call(DoPut); Util.Log(" Put Operation Successful"); Assert.Fail("Should have got NotAuthorizedException during put"); } catch (NotAuthorizedException) { Util.Log("NotAuthorizedException Caught"); Util.Log("Success"); } catch (Exception other) { Util.Log("Stack trace: {0} ", other.StackTrace); Util.Log("Got exception : {0}", other.Message); } m_client1.Call(CheckAssert); // Do LocalPut m_client1.Call(DoLocalPut); m_client1.Call(Close); CacheHelper.StopJavaServer(1); } } CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
void runInvalidAccessor() { CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true)) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); Util.Log("NIl:792:Current credential is = {0}", cGen); //if (cGen.GetClassCode() == CredentialGenerator.ClassCode.LDAP) // continue; Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; Util.Log("InvalidAccessor: Using authinit: " + authInit); Util.Log("InvalidAccessor: Using authenticator: " + authenticator); // Start server1 with invalid accessor string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, "com.gemstone.none", null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); // Client creation should throw exceptions Properties <string, string> createCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 3); javaProps = cGen.JavaProperties; Util.Log("InvalidAccessor: For first client PUT credentials: " + createCredentials); m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Now perform some put operations from client1 m_client1.Call(DoPutsMU, 10, createCredentials, true, ExpectedResult.OtherException); Properties <string, string> getCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 7); javaProps = cGen.JavaProperties; Util.Log("InvalidAccessor: For second client GET credentials: " + getCredentials); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Now perform some put operations from client1 m_client2.Call(DoGetsMU, 10, getCredentials, true, ExpectedResult.OtherException); // Now start server2 that has valid accessor Util.Log("InvalidAccessor: Using accessor: " + accessor); serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs); Util.Log("Cacheserver 2 started."); CacheHelper.StopJavaServer(1); // Client creation should be successful now m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Now perform some put operations from client1 m_client1.Call(DoPutsMU, 10, createCredentials, true); // Verify that the gets succeed m_client2.Call(DoGetsMU, 10, getCredentials, true); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(2); } CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
void runDisallowPutsGets() { CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true)) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; Util.Log("DisallowPutsGets: Using authinit: " + authInit); Util.Log("DisallowPutsGets: Using authenticator: " + authenticator); Util.Log("DisallowPutsGets: Using accessor: " + accessor); // Check that we indeed can obtain valid credentials not allowed to do // gets Properties <string, string> createCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 1); Properties <string, string> createJavaProps = cGen.JavaProperties; Properties <string, string> getCredentials = authzGen.GetDisallowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 2); Properties <string, string> getJavaProps = cGen.JavaProperties; if (getCredentials == null || getCredentials.Size == 0) { Util.Log("DisallowPutsGets: Unable to obtain valid credentials " + "with no GET permission; skipping this combination."); continue; } // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); // Start the two servers. CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs); Util.Log("Cacheserver 2 started."); // Start client1 with valid CREATE credentials createCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 1); javaProps = cGen.JavaProperties; Util.Log("DisallowPutsGets: For first client PUT credentials: " + createCredentials); m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Start client2 with invalid GET credentials getCredentials = authzGen.GetDisallowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 2); javaProps = cGen.JavaProperties; Util.Log("DisallowPutsGets: For second client invalid GET " + "credentials: " + getCredentials); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Perform some put operations from client1 m_client1.Call(DoPutsMU, 10, createCredentials, true); // Verify that the gets throw exception m_client2.Call(DoGetsMU, 10, getCredentials, true, ExpectedResult.NotAuthorizedException); // Try to connect client2 with reader credentials getCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 5); javaProps = cGen.JavaProperties; Util.Log("DisallowPutsGets: For second client valid GET " + "credentials: " + getCredentials); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Verify that the gets succeed m_client2.Call(DoGetsMU, 10, getCredentials, true); // Verify that the puts throw exception m_client2.Call(DoPutsMU, 10, getCredentials, true, ExpectedResult.NotAuthorizedException); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaServer(2); } CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
void runAllowPutsGets() { CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true)) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; Util.Log("testAllowPutsGets: Using authinit: " + authInit); Util.Log("testAllowPutsGets: Using authenticator: " + authenticator); Util.Log("testAllowPutsGets: Using accessor: " + accessor); // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); // Start the two servers. CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs); Util.Log("Cacheserver 2 started."); // Start client1 with valid CREATE credentials Properties <string, string> createCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 1); javaProps = cGen.JavaProperties; Util.Log("AllowPutsGets: For first client PUT credentials: " + createCredentials); m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Start client2 with valid GET credentials Properties <string, string> getCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 2); javaProps = cGen.JavaProperties; Util.Log("AllowPutsGets: For second client GET credentials: " + getCredentials); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Perform some put operations from client1 m_client1.Call(DoPutsMU, 10, createCredentials, true); // Verify that the gets succeed m_client2.Call(DoGetsMU, 10, getCredentials, true); m_client1.Call(DoPutsTx, 10, true, ExpectedResult.Success, getCredentials, true); m_client2.Call(DoGets, 10, true, ExpectedResult.Success, getCredentials, true); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaServer(2); } CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
protected void RunOpsWithFailover(OperationWithAction[] opCodes, string testName, bool isMultiUser, bool ssl, bool withPassword) { CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC", null, ssl); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(isMultiUser)) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(authzGen); Util.Log(testName + ": Using authinit: " + authInit); Util.Log(testName + ": Using authenticator: " + authenticator); Util.Log(testName + ": Using accessor: " + accessor); // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); // Perform all the ops on the clients List <OperationWithAction> opBlock = new List <OperationWithAction>(); Random rnd = new Random(); for (int opNum = 0; opNum < opCodes.Length; ++opNum) { // Start client with valid credentials as specified in // OperationWithAction OperationWithAction currentOp = opCodes[opNum]; if (currentOp == OperationWithAction.OpBlockEnd || currentOp == OperationWithAction.OpBlockNoFailover) { // End of current operation block; execute all the operations // on the servers with/without failover if (opBlock.Count > 0) { // Start the first server and execute the operation block CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs, ssl); Util.Log("Cacheserver 1 started."); CacheHelper.StopJavaServer(2, false); ExecuteOpBlock(opBlock, authInit, extraAuthProps, extraAuthzProps, tgen, rnd, isMultiUser, ssl, withPassword); if (currentOp == OperationWithAction.OpBlockNoFailover) { CacheHelper.StopJavaServer(1); } else { // Failover to the second server and run the block again CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs, ssl); Util.Log("Cacheserver 2 started."); CacheHelper.StopJavaServer(1); ExecuteOpBlock(opBlock, authInit, extraAuthProps, extraAuthzProps, tgen, rnd, isMultiUser, ssl, withPassword); } opBlock.Clear(); } } else { currentOp.OpNum = opNum; opBlock.Add(currentOp); } } // Close all clients here since we run multiple iterations for pool and non pool configs foreach (ClientBase client in m_clients) { client.Call(Close); } } CacheHelper.StopJavaLocator(1, true, ssl); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
protected void ExecuteOpBlock(List <OperationWithAction> opBlock, string authInit, Properties <string, string> extraAuthProps, Properties <string, string> extraAuthzProps, TestCredentialGenerator gen, Random rnd, bool isMultiuser, bool ssl, bool withPassword) { foreach (OperationWithAction currentOp in opBlock) { // Start client with valid credentials as specified in // OperationWithAction OperationCode opCode = currentOp.OpCode; OpFlags opFlags = currentOp.Flags; int clientNum = currentOp.ClientNum; if (clientNum > m_clients.Length) { Assert.Fail("ExecuteOpBlock: Unknown client number " + clientNum); } ClientBase client = m_clients[clientNum - 1]; Util.Log("ExecuteOpBlock: performing operation number [" + currentOp.OpNum + "]: " + currentOp); Properties <string, string> clientProps = null; if (!CheckFlags(opFlags, OpFlags.UseOldConn)) { Properties <string, string> opCredentials; int newRnd = rnd.Next(100) + 1; string currentRegionName = '/' + RegionName; if (CheckFlags(opFlags, OpFlags.UseSubRegion)) { currentRegionName += ('/' + SubregionName); } string credentialsTypeStr; OperationCode authOpCode = currentOp.AuthzOperationCode; int[] indices = currentOp.Indices; CredentialGenerator cGen = gen.GetCredentialGenerator(); Properties <string, string> javaProps = null; if (CheckFlags(opFlags, OpFlags.CheckNotAuthz) || CheckFlags(opFlags, OpFlags.UseNotAuthz)) { opCredentials = gen.GetDisallowedCredentials( new OperationCode[] { authOpCode }, new string[] { currentRegionName }, indices, newRnd); credentialsTypeStr = " unauthorized " + authOpCode; } else { opCredentials = gen.GetAllowedCredentials(new OperationCode[] { opCode, authOpCode }, new string[] { currentRegionName }, indices, newRnd); credentialsTypeStr = " authorized " + authOpCode; } if (cGen != null) { javaProps = cGen.JavaProperties; } clientProps = SecurityTestUtil.ConcatProperties( opCredentials, extraAuthProps, extraAuthzProps); // Start the client with valid credentials but allowed or disallowed to // perform an operation Util.Log("ExecuteOpBlock: For client" + clientNum + credentialsTypeStr + " credentials: " + opCredentials); if (!isMultiuser) { client.Call(SecurityTestUtil.CreateClientSSL, RegionName, CacheHelper.Locators, authInit, clientProps, ssl, withPassword); } else { client.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); } } ExpectedResult expectedResult; if (CheckFlags(opFlags, OpFlags.CheckNotAuthz)) { expectedResult = ExpectedResult.NotAuthorizedException; } else if (CheckFlags(opFlags, OpFlags.CheckException)) { expectedResult = ExpectedResult.OtherException; } else { expectedResult = ExpectedResult.Success; } // Perform the operation from selected client if (!isMultiuser) { client.Call(DoOp, opCode, currentOp.Indices, opFlags, expectedResult); } else { client.Call(DoOp, opCode, currentOp.Indices, opFlags, expectedResult, clientProps, true); } } }