Exemple #1
0
 public bool ChangePass(Guid sid, string user, Guid token, string newPass)
 {
     if (!Guid.Empty.Equals(sid))
     {
         if (resetTokens.ContainsKey(token))
         {
             ModuleRuntimeSession sess = Session.Prov.Get(sid);
             if (sess != null)
             {
                 IIdentityProvider idProv = IdentityManager.Instance.GetProvider(ctx);
                 UserIdentityBase  userId = idProv.Get(resetTokens[token].Token);
                 if (userId != null && userId.UserState != UserState.Dead)
                 {
                     IAuthenticationProvider authProv = AuthenticationManager.Instance.GetProvider(ctx);
                     if (authProv.AddCredential(userId, new UserPasswordCredential(user, newPass)))
                     {
                         resetTokens.Remove(token);
                         sess.SetUserBinding(userId.Uid, sess.Binding);
                         Session.Prov.Update(sess);
                         return(true);
                     }
                 }
             }
         }
     }
     return(false);
 }
Exemple #2
0
        private void SignUp(HttpContext context, CancellationToken cancel)
        {
            string url = this.ActivateUrl;

            if (!string.IsNullOrEmpty(url))
            {
                IQueryCollection qry = context.Request.Query;
                string           ty  = qry[type];
                if (knownType.Equals(ty))
                {
                    string u = qry[user];
                    if (!string.IsNullOrEmpty(u))
                    {
                        string p = qry[pass];
                        if (!string.IsNullOrEmpty(p))
                        {
                            if (ValidUserEmail(u))
                            {
                                IIdentityProvider idProv = IdentityManager.Instance.GetProvider(ctx);
                                if (!idProv.Exists(u))
                                {
                                    IAuthenticationProvider authProv = AuthenticationManager.Instance.GetProvider(ctx);
                                    UserIdentityBase        user     = idProv.CreateUser(u);
                                    user.UserState = UserState.Pending;
                                    idProv.Update(user);
                                    UserPasswordCredential cred = new UserPasswordCredential(u, p);
                                    if (authProv.AddCredential(user, cred))
                                    {
                                        Guid token = Authenticator.Instance.Reset(u, false); //create a reset token
                                        //notice we create a url with the token at the end, this COULD map to the REST api directly - but is expected instead not to
                                        //we instead expect this to be a simple page that makes the rest request and "looks pretty" to confirm and perhaps send the user then back to the signin page.
                                        if (url.EndsWith("?"))
                                        {
                                            url = url + token.ToString();
                                        }
                                        else
                                        {
                                            url = url + "?" + token.ToString();
                                        }

                                        if (SendEmail(u, url, false))
                                        {
                                            RestUtils.Push(context.Response, JsonOpStatus.Ok);
                                            return;
                                        }
                                        else
                                        {
                                            idProv.Delete(user.Uid);
                                            authProv.DeleteCredential(user, cred);
                                            RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"Couldn't send email\"");
                                            return;
                                        }
                                    }
                                    else
                                    {
                                        idProv.Delete(user.Uid);
                                        authProv.DeleteCredential(user, cred);
                                        RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"Couldn't set credential\"");
                                        return;
                                    }
                                }
                                else
                                {
                                    RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"UserExists\"");
                                    return;
                                }
                            }
                            else
                            {
                                RestUtils.Push(context.Response, JsonOpStatus.Failed, "\"InvalidEmail\"");
                                return;
                            }
                        }
                    }
                }
            }
            RestUtils.Push(context.Response, JsonOpStatus.Failed);
        }
Exemple #3
0
        static void DoWork(string[] args)
        {
            AuthenticationManager.Instance.Bootstrap();
            Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State);
            if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Bootstrapped)
            {
                return;
            }

            AuthenticationManager.Instance.Initialize();
            Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State);
            if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Initialized)
            {
                return;
            }

            AuthenticationManager.Instance.Start();
            Console.WriteLine("Authent state: " + AuthenticationManager.Instance.State);
            if (AuthenticationManager.Instance.State != Osrs.Runtime.RunState.Running)
            {
                return;
            }

            LocalSystemUser     u   = new LocalSystemUser(SecurityUtils.AdminIdentity, "Admin", UserState.Active);
            UserSecurityContext ctx = new UserSecurityContext(u);

            string            myUname = "*****@*****.**";
            IIdentityProvider accts   = IdentityManager.Instance.GetProvider(ctx);
            UserIdentityBase  user    = null;

            if (!accts.Exists(myUname))
            {
                Console.WriteLine("Creating user account");
                user = accts.CreateUser(myUname);
            }
            else
            {
                Console.WriteLine("Fetching user account");
                IEnumerable <UserIdentityBase> users = accts.Get(myUname, UserType.Person);
                if (users != null)
                {
                    foreach (UserIdentityBase cur in users)
                    {
                        user = cur;
                        break;
                    }
                }
            }

            if (user == null)
            {
                Console.WriteLine("Failed to get/create user");
                return;
            }


            IAuthenticationProvider provider = AuthenticationManager.Instance.GetProvider(ctx);
            UserPasswordCredential  cred     = new UserPasswordCredential(myUname, "Hello World");
            IUserIdentity           u2       = provider.Authenticate(cred);

            if (u2 == null)
            {
                Console.WriteLine("Didn't authenticate -- adding credential");
                if (!provider.AddCredential(user, cred))
                {
                    Console.WriteLine("Failed to add credential");
                    return;
                }

                u2 = provider.Authenticate(cred);
                if (u2 == null)
                {
                    Console.WriteLine("Didn't authenticate -- giving up");
                    return;
                }
                else
                {
                    Console.WriteLine("Authenticated second try");
                }
            }
            else
            {
                Console.WriteLine("Authenticated first try");
            }

            Console.WriteLine("Replacing credential with same (should fail)");
            if (provider.ReplaceCredential(u2, cred, cred))
            {
                Console.WriteLine("Replace credential succeeded -- a failing result");
                return;
            }
            else
            {
                Console.WriteLine("Replace credential failed -- a successful result");
            }

            UserPasswordCredential cred2 = new UserPasswordCredential(myUname, "Alabaster Barkers 123");

            Console.WriteLine("Replacing credential with different (should succeed)");
            if (provider.ReplaceCredential(u2, cred, cred2))
            {
                Console.WriteLine("Replace credential succeeded -- a successful result");
            }
            else
            {
                Console.WriteLine("Replace credential failed -- a failing result");
                return;
            }

            u2 = provider.Authenticate(cred);
            if (u2 == null)
            {
                Console.WriteLine("Didn't authenticate with old credential -- successful");
                u2 = provider.Authenticate(cred2);
                if (u2 != null)
                {
                    Console.WriteLine("Authenticated with new credential -- successful");
                    return;
                }
            }
            Console.WriteLine("Password change didn't work out");
        }