Exemple #1
0
        public static string GetDocKey(object fileId, int fileVersion, DateTime modified)
        {
            var str = String.Format("teamlab_{0}_{1}_{2}_{3}",
                                    fileId,
                                    fileVersion,
                                    modified.GetHashCode(),
                                    Global.GetDocDbKey());

            var keyDoc = Encoding.UTF8.GetBytes(str)
                         .ToList()
                         .Concat(MachinePseudoKeys.GetMachineConstant())
                         .ToArray();

            return(DocumentServiceConnector.GenerateRevisionId(Hasher.Base64Hash(keyDoc, HashAlg.SHA256)));
        }
Exemple #2
0
        public OnlyoShortener(
            IConfiguration configuration,
            CommonLinkUtility commonLinkUtility,
            MachinePseudoKeys machinePseudoKeys)
        {
            url         = configuration["web:url-shortener:value"];
            internalUrl = configuration["web:url-shortener:internal"];
            sKey        = machinePseudoKeys.GetMachineConstant();

            if (!url.EndsWith("/"))
            {
                url += '/';
            }
            CommonLinkUtility = commonLinkUtility;
        }
Exemple #3
0
        public static string GetDocKey(object fileId, int fileVersion, DateTime modified)
        {
            var str = string.Format("teamlab_{0}_{1}_{2}_{3}",
                                    fileId,
                                    fileVersion,
                                    modified.GetHashCode(),
                                    GetDocDbKey());

            var keyDoc = Encoding.UTF8.GetBytes(str)
                         .ToList()
                         .Concat(MachinePseudoKeys.GetMachineConstant())
                         .ToArray();

            return(Global.InvalidTitleChars.Replace(Hasher.Base64Hash(keyDoc, HashAlg.SHA256), "_"));
        }
Exemple #4
0
 public TfaManager(
     SettingsManager settingsManager,
     SecurityContext securityContext,
     CookiesManager cookiesManager,
     SetupInfo setupInfo,
     Signature signature,
     InstanceCrypto instanceCrypto,
     MachinePseudoKeys machinePseudoKeys)
 {
     SettingsManager   = settingsManager;
     SecurityContext   = securityContext;
     CookiesManager    = cookiesManager;
     SetupInfo         = setupInfo;
     Signature         = signature;
     InstanceCrypto    = instanceCrypto;
     MachinePseudoKeys = machinePseudoKeys;
 }
Exemple #5
0
        public AuthHandler(
            IOptionsMonitor <AuthenticationSchemeOptions> options,
            ILoggerFactory logger,
            UrlEncoder encoder,
            ISystemClock clock,
            IConfiguration configuration,
            IOptionsMonitor <ILog> option,
            ApiSystemHelper apiSystemHelper,
            MachinePseudoKeys machinePseudoKeys) :
            base(options, logger, encoder, clock)
        {
            Configuration = configuration;

            Log = option.Get("ASC.ApiSystem");

            ApiSystemHelper   = apiSystemHelper;
            MachinePseudoKeys = machinePseudoKeys;
        }
Exemple #6
0
        protected override Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            if (Convert.ToBoolean(Configuration[Scheme.Name] ?? "false"))
            {
                Log.DebugFormat("Auth for {0} skipped", Scheme.Name);

                return(Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name))));
            }

            try
            {
                Context.Request.Headers.TryGetValue("Authorization", out var headers);

                var header = headers.FirstOrDefault();

                if (string.IsNullOrEmpty(header))
                {
                    Log.Debug("Auth header is NULL");

                    return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Unauthorized.ToString()))));
                }

                var substring = "ASC";

                if (header.StartsWith(substring, StringComparison.InvariantCultureIgnoreCase))
                {
                    var splitted = header.Substring(substring.Length).Trim().Split(':', StringSplitOptions.RemoveEmptyEntries);

                    if (splitted.Length < 3)
                    {
                        Log.DebugFormat("Auth failed: invalid token {0}.", header);

                        return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Unauthorized.ToString()))));
                    }

                    var pkey     = splitted[0];
                    var date     = splitted[1];
                    var orighash = splitted[2];

                    Log.Debug("Variant of correct auth:" + ApiSystemHelper.CreateAuthToken(pkey));

                    if (!string.IsNullOrWhiteSpace(date))
                    {
                        var timestamp = DateTime.ParseExact(date, "yyyyMMddHHmmss", CultureInfo.InvariantCulture);

                        var trustInterval = TimeSpan.FromMinutes(Convert.ToDouble(Configuration["auth:trust-interval"] ?? "5"));

                        if (DateTime.UtcNow > timestamp.Add(trustInterval))
                        {
                            Log.DebugFormat("Auth failed: invalid timesatmp {0}, now {1}.", timestamp, DateTime.UtcNow);

                            return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Forbidden.ToString()))));
                        }
                    }

                    var skey = MachinePseudoKeys.GetMachineConstant();
                    using var hasher = new HMACSHA1(skey);
                    var data = string.Join("\n", date, pkey);
                    var hash = hasher.ComputeHash(Encoding.UTF8.GetBytes(data));

                    if (WebEncoders.Base64UrlEncode(hash) != orighash && Convert.ToBase64String(hash) != orighash)
                    {
                        Log.DebugFormat("Auth failed: invalid token {0}, expect {1} or {2}.", orighash, WebEncoders.Base64UrlEncode(hash), Convert.ToBase64String(hash));

                        return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Forbidden.ToString()))));
                    }
                }
                else
                {
                    Log.DebugFormat("Auth failed: invalid auth header. Sheme: {0}, parameter: {1}.", Scheme.Name, header);

                    return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.Forbidden.ToString()))));
                }
            }
            catch (Exception ex)
            {
                Log.Error(ex);

                return(Task.FromResult(AuthenticateResult.Fail(new AuthenticationException(HttpStatusCode.InternalServerError.ToString()))));
            }
            var identity = new ClaimsIdentity(Scheme.Name);

            Log.InfoFormat("Auth success {0}", Scheme.Name);
            if (HttpContextAccessor?.HttpContext != null)
            {
                HttpContextAccessor.HttpContext.User = new CustomClaimsPrincipal(new ClaimsIdentity(Scheme.Name), identity);
            }
            return(Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(Context.User, new AuthenticationProperties(), Scheme.Name))));
        }
Exemple #7
0
 public static T Read <T>(string signature)
 {
     return(Read <T>(signature, Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant())));
 }
Exemple #8
0
 public static string Create <T>(T obj)
 {
     return(Create(obj, Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant())));
 }
Exemple #9
0
 public Signature(MachinePseudoKeys machinePseudoKeys)
 {
     MachinePseudoKeys = machinePseudoKeys;
 }
Exemple #10
0
 public ApiSystemHelper(IConfiguration configuration, CommonLinkUtility commonLinkUtility, MachinePseudoKeys machinePseudoKeys)
 {
     ApiSystemUrl      = configuration["web:api-system"];
     ApiCacheUrl       = configuration["web:api-cache"];
     CommonLinkUtility = commonLinkUtility;
     Skey = machinePseudoKeys.GetMachineConstant();
 }
 protected static string GetPasswordHash(Guid userId, string password)
 {
     return(Hasher.Base64Hash(password + userId + Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant()), HashAlg.SHA512));
 }
Exemple #12
0
 static ApiSystemHelper()
 {
     ApiSystemUrl = ConfigurationManagerExtension.AppSettings["web.api-system"];
     ApiCacheUrl  = ConfigurationManagerExtension.AppSettings["web.api-cache"];
     Skey         = MachinePseudoKeys.GetMachineConstant();
 }
Exemple #13
0
 public EFUserService(DbContextManager <UserDbContext> userDbContextManager, PasswordHasher passwordHasher, MachinePseudoKeys machinePseudoKeys) : this()
 {
     UserDbContextManager = userDbContextManager;
     PasswordHasher       = passwordHasher;
     MachinePseudoKeys    = machinePseudoKeys;
     UserDbContext        = UserDbContextManager.Value;
 }