/// <summary> /// Instantiates a ServicePartitionResolver, uses the given security credentials, FabricClient Settings and the connectionEndpoints /// to create a new instance of FabricClient. /// </summary> /// <param name="credential">Security credentials for the fabric client.</param> /// <param name="settings">Fabric client Settings.</param> /// <param name="connectionEndpoints">Array of management endpoints of the cluster.</param> public ServicePartitionResolver( SecurityCredentials credential, FabricClientSettings settings, params string[] connectionEndpoints) : this(() => new FabricClient(credential, settings, connectionEndpoints)) { }
internal IImageStore CreateImageStore(string imageStoreConnectionString, string workingDirectory) { if (!imageStoreConnectionString.StartsWith(Constants.ImageStoreConnectionFileType, StringComparison.OrdinalIgnoreCase) && !imageStoreConnectionString.StartsWith(Constants.ImageStoreConnectionXStoreType, StringComparison.OrdinalIgnoreCase) && !imageStoreConnectionString.StartsWith(Constants.ImageStoreConnectionFabricType, StringComparison.OrdinalIgnoreCase)) { throw new ArgumentException(StringResources.Error_InvalidImageStoreConnectionString); } SecurityCredentials credentials = null; string[] connectionEndpoints = null; var clusterConnection = this.GetClusterConnection(); if (clusterConnection != null) { credentials = clusterConnection.SecurityCredentials; connectionEndpoints = clusterConnection.ConnectionEndpoint; } return(ImageStoreFactory.CreateImageStore( imageStoreConnectionString, null, connectionEndpoints, credentials, workingDirectory, false /*isInternal*/)); }
/// <summary> /// Verifies the provided credentials against the stored user password. /// </summary> /// <param name="username">The username.</param> /// <param name="password">The password in plaintext.</param> /// <returns>An awaitable task that returns the <see cref="Account"/>.</returns> /// <remarks>If the user does not exist, a new one will be created.</remarks> public async Task <Account> LoginAsync(string username, string password) { if (string.IsNullOrWhiteSpace(username)) { throw new ArgumentNullException(nameof(username)); } if (string.IsNullOrWhiteSpace(password)) { throw new ArgumentNullException(nameof(password)); } // Get user by username var account = await accountRepository.GetAccountAsync(username); if (account == null) { // Create new account account = await accountRepository.CreateAccountAsync(username, password); } else { // Check password var credentials = new SecurityCredentials { PasswordHash = account.PasswordHash, SaltValue = account.Salt }; var comparisonResult = PasswordSecurity.VerifyPassword(credentials, password); if (!comparisonResult) { return(null); } } return(account); }
internal void SetSecurityCredentialsWrapper(SecurityCredentials credentials) { using (var pin = new PinCollection()) { this.nativeClient.SetSecurityCredentials(credentials.ToNative(pin)); } }
/// <summary> /// This is used by Kvs and Volatile actor state provider. /// </summary> /// <param name="codePackage"></param> /// <param name="actorImplType"></param> /// <returns></returns> internal static ReplicatorSettings GetActorReplicatorSettings(CodePackageActivationContext codePackage, Type actorImplType) { var settings = ReplicatorSettings.LoadFrom( codePackage, ActorNameFormat.GetConfigPackageName(actorImplType), ActorNameFormat.GetFabricServiceReplicatorConfigSectionName(actorImplType)); settings.SecurityCredentials = SecurityCredentials.LoadFrom( codePackage, ActorNameFormat.GetConfigPackageName(actorImplType), ActorNameFormat.GetFabricServiceReplicatorSecurityConfigSectionName(actorImplType)); var nodeContext = FabricRuntime.GetNodeContext(); var endpoint = codePackage.GetEndpoint(ActorNameFormat.GetFabricServiceReplicatorEndpointName(actorImplType)); settings.ReplicatorAddress = string.Format( CultureInfo.InvariantCulture, "{0}:{1}", nodeContext.IPAddressOrFQDN, endpoint.Port); if (!settings.MaxPrimaryReplicationQueueSize.HasValue) { settings.MaxPrimaryReplicationQueueSize = DefaultMaxPrimaryReplicationQueueSize; } if (!settings.MaxSecondaryReplicationQueueSize.HasValue) { settings.MaxSecondaryReplicationQueueSize = DefaultMaxSecondaryReplicationQueueSize; } return(settings); }
protected override CredentialsRefreshState GenerateNewCredentials() { SecurityCredentials credentials = null; Uri ecsEndpointUri = Uri; JitteredDelay retry = new JitteredDelay(new TimeSpan(0, 0, 0, 0, 200), new TimeSpan(0, 0, 0, 0, 50)); // Attempt to get the credentials 4 times ignoring null return/exceptions and on the 5th try, escalate the exception if there is one. for (int i = 1; ; i++) { try { // AWS_CONTAINER_AUTHORIZATION_TOKEN is optional environment variable // If this variable is set the SDK will set the Authorization header on the HTTP request with the environment variable's value. var headers = CreateAuthorizationHeader(); credentials = GetObjectFromResponse <SecurityCredentials>(ecsEndpointUri, Proxy, headers); if (credentials != null) { break; } } catch (Exception e) { if (i == MaxRetries) { throw new AmazonServiceException(string.Format(CultureInfo.InvariantCulture, "Unable to retrieve credentials. Message = \"{0}\".", e.Message)); } }; Util.AWSSDKUtils.Sleep(retry.Next()); } return(new CredentialsRefreshState(new ImmutableCredentials(credentials.AccessKeyId, credentials.SecretAccessKey, credentials.Token), credentials.Expiration)); }
public FabricClientHelperInfo(string name, string[] gatewayAddresses, string[] httpGatewayAddresses, SecurityCredentials securityCredentials, FabricClientSettings clientSettings, FabricClientTypes type) { ThrowIf.NullOrEmpty(name, "name"); this.Name = name; if (gatewayAddresses != null && gatewayAddresses.Length > 0) { this.GatewayAddresses = gatewayAddresses; } if (httpGatewayAddresses != null && httpGatewayAddresses.Length > 0) { this.HttpGatewayAddresses = httpGatewayAddresses; } this.SecurityCredentials = securityCredentials; this.ClientSettings = clientSettings; this.ClientTypes = type; }
public void EnsurePermissionTestSimpleScenario() { int groupId = 12; GroupStorageView[] groups = new GroupStorageView[1]; groups[0] = new GroupStorageView(groupId, "test1"); UserStorageView[] users = new UserStorageView[1]; users[0] = new UserStorageView("username1", "password1", groupId); _managerStorage.AddGroups(groups); _managerStorage.AddUsers(users); _managerStorage.AddGroupPermission(groupId, Permission.ExecuteThread); SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5)); EnsurePermission(sc, Permission.ExecuteThread); // the above throws an exception if something is wrong so we are doing OK if we get this far Assert.IsTrue(true); }
protected override CredentialsRefreshState GenerateNewCredentials() { SecurityCredentials securityCredentials = null; Uri uri = new Uri(Server + Uri); JitteredDelay jitteredDelay = new JitteredDelay(new TimeSpan(0, 0, 0, 0, 200), new TimeSpan(0, 0, 0, 0, 50)); int num = 1; while (true) { try { securityCredentials = URIBasedRefreshingCredentialHelper.GetObjectFromResponse <SecurityCredentials>(uri); if (securityCredentials != null) { break; } } catch (Exception ex) { if (num == MaxRetries) { throw new AmazonServiceException(string.Format(CultureInfo.InvariantCulture, "Unable to retrieve credentials. Message = \"{0}\".", ex.Message)); } } AWSSDKUtils.Sleep(jitteredDelay.Next()); num++; } return(new CredentialsRefreshState { Credentials = new ImmutableCredentials(securityCredentials.AccessKeyId, securityCredentials.SecretAccessKey, securityCredentials.Token), Expiration = securityCredentials.Expiration }); }
public bool CheckPermission(SecurityCredentials sc, Permission perm) { // get the user's groupId int groupId = -1; foreach (UserStorageView user in _users) { if (String.Compare(user.Username, sc.Username, true) == 0 && user.PasswordMd5Hash == sc.Password) { groupId = user.GroupId; break; } } if (groupId == -1) { return(false); } foreach (Permission permission in GetGroupPermissions(groupId)) { // in the SQL implementation the higher leverl permissions are considered to // include the lower leverl permissions if ((int)permission >= (int)perm) { return(true); } } return(false); }
private void SetupApplicationsGroupsAndUsers(Permission permission) { // add permissions int groupId = 12; GroupStorageView[] groups = new GroupStorageView[1]; groups[0] = new GroupStorageView(groupId, "test1"); UserStorageView[] users = new UserStorageView[1]; users[0] = new UserStorageView("username1", "password1", groupId); _managerStorage.AddGroups(groups); _managerStorage.AddUsers(users); _managerStorage.AddGroupPermission(groupId, permission); SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5)); // add applications, only one assigned to this user _managerStorage.AddApplication(new ApplicationStorageView("username1")); _managerStorage.AddApplication(new ApplicationStorageView("username2")); _managerStorage.AddApplication(new ApplicationStorageView("username3")); }
/// <summary> /// Modifica password per l'utente /// </summary> /// <param name="credentials"></param> /// <returns></returns> private static void InternalChangePassword(ChangePwdSecurityCredentials credentials) { Dpa.DataAccess.Database db = RubricaDatabase.CreateDatabase(); using (IDbConnection connection = db.GetConnection()) { connection.Open(); using (IDbTransaction transaction = connection.BeginTransaction()) { using (Dpa.DataAccess.DBCommandWrapper cw = db.GetStoredProcCommandWrapper(RubricaDatabase.GetSpNameForPackage(SP_CHANGE_PWD))) { cw.AddInParameter("pNomeUtente", DbType.String, credentials.UserName); cw.AddInParameter("pPassword", DbType.String, SecurityCredentials.GetPasswordHash(credentials.UserName, credentials.Password)); cw.AddInParameter("pNewPassword", DbType.String, SecurityCredentials.GetPasswordHash(credentials.UserName, credentials.NewPassword)); db.ExecuteNonQuery(cw); if (cw.RowsAffected == 0) { throw new ApplicationException(Properties.Resources.ConcurrencyException); } else { transaction.Commit(); } } } } }
protected override CredentialsRefreshState GenerateNewCredentials() { SecurityCredentials credentials = null; Uri ecsEndpointUri = new Uri(Server + Uri); JitteredDelay retry = new JitteredDelay(new TimeSpan(0, 0, 0, 0, 200), new TimeSpan(0, 0, 0, 0, 50)); // Attempt to get the credentials 4 times ignoring null return/exceptions and on the 5th try, escalate the exception if there is one. for (int i = 1; ; i++) { try { credentials = GetObjectFromResponse <SecurityCredentials>(ecsEndpointUri, Proxy); if (credentials != null) { break; } } catch (Exception e) { if (i == MaxRetries) { throw new AmazonServiceException(string.Format(CultureInfo.InvariantCulture, "Unable to retrieve credentials. Message = \"{0}\".", e.Message)); } }; Util.AWSSDKUtils.Sleep(retry.Next()); } return(new CredentialsRefreshState(new ImmutableCredentials(credentials.AccessKeyId, credentials.SecretAccessKey, credentials.Token), credentials.Expiration)); }
protected override string GetUserCountSqlQuery(SecurityCredentials sc) { return(String.Format( "select cast(count(*) as int4) as authenticated from usr where usr_name = '{0}' and password = '******'" , Utils.MakeSqlSafe(sc.Username) , Utils.MakeSqlSafe(sc.Password) )); }
private SecurityCredentials GetRoleCredentials() { string json = GetContents(CurrentRoleUri); SecurityCredentials credentials = JsonMapper.ToObject <SecurityCredentials>(json); ValidateResponse(credentials); return(credentials); }
public AddUserForm(ConsoleNode consoleNode) { InitializeComponent(); _ConsoleNode = consoleNode; SecurityCredentials sc = _ConsoleNode.Credentials; _AllGroups = _ConsoleNode.Manager.Admon_GetGroups(sc); }
private static ReliableStateManagerReplicatorSettings GetReplicatorSettings(string endpoint) { var replicatorSettings = new ReliableStateManagerReplicatorSettings() { ReplicatorAddress = endpoint, SecurityCredentials = SecurityCredentials.LoadClusterSettings() }; return(replicatorSettings); }
public void Admon_GetUserApplicationListTestNotEnoughPermissions() { SetupApplicationsGroupsAndUsers(Permission.ManageOwnApp); SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5)); ApplicationStorageView[] result = Admon_GetLiveApplicationList(sc); Assert.AreEqual(1, result.Length); }
internal static IImageStore CreateImageStore( string imageStoreUri, string localRoot, string[] connectionStrings, SecurityCredentials credentials, string workingDirectory, bool isInternal) { if (imageStoreUri == null) { throw new ArgumentException(StringResources.Error_InvalidImageStoreConnectionString); } if (FileImageStore.IsFileStoreUri(imageStoreUri)) { string rootUri; string accountName, accountPassword; bool isManagedServiceAccount; ImageStoreFactory.ParseFileImageStoreConnectionString( imageStoreUri, out rootUri, out accountName, out accountPassword, out isManagedServiceAccount); ImageStoreAccessDescription accessDescription = null; #if !DotNetCoreClrLinux WindowsIdentity windowsIdentity = null; windowsIdentity = GetWindowsIdentity(accountName, accountPassword, isManagedServiceAccount); if (windowsIdentity != null) { accessDescription = new ImageStoreAccessDescription(windowsIdentity, localRoot); } #endif return(new FileImageStore(rootUri, localRoot, accessDescription)); } else if (XStoreProxy.IsXStoreUri(imageStoreUri)) { return(new XStoreProxy(imageStoreUri, localRoot)); } else if (NativeImageStoreClient.IsNativeImageStoreUri(imageStoreUri)) { return(new NativeImageStoreClient(connectionStrings, isInternal, workingDirectory, credentials)); } else { throw new ArgumentException(StringResources.ImageStoreError_InvalidImageStoreUriScheme); } }
public void IsApplicationCreatorTestFalseCreator() { ApplicationStorageView application = new ApplicationStorageView("username1"); string applicationId = _managerStorage.AddApplication(application); SecurityCredentials sc = new SecurityCredentials("username2", HashUtil.GetHash("password1", HashType.MD5)); bool result = IsApplicationCreator(sc, applicationId); Assert.IsFalse(result); }
public void IsApplicationCreatorTestInvalidApplication() { ApplicationStorageView application = new ApplicationStorageView("username1"); String applicationId = m_managerStorage.AddApplication(application); String invalidApplicationId = Guid.NewGuid().ToString(); SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashUtil.HashType.MD5)); bool result = IsApplicationCreator(sc, invalidApplicationId); Assert.IsFalse(result); }
/// <summary> /// Create a new image store. /// </summary> /// <param name="imageStoreUri">The uri of the image store.</param> /// <param name="workingDirectory">The temporary working directory.</param> /// <param name="localRoot">The local path of the working folder.</param> /// <param name="isInternal">Indicates whether or not it's for internal use.</param> /// <returns>An object of Image Store pointing to the given uri.</returns> internal static IImageStore CreateImageStore( string imageStoreUri, string localRoot = null, string workingDirectory = null, bool isInternal = false) { if (imageStoreUri == null) { throw new ArgumentException(StringResources.Error_InvalidImageStoreConnectionString); } string[] connectionStrings = null; SecurityCredentials credentials = null; return(CreateImageStore(imageStoreUri, localRoot, connectionStrings, credentials, workingDirectory, isInternal)); }
private CredentialsRefreshState GetRefreshState(string token) { SecurityInfo info = GetServiceInfo(_proxy, token); if (!string.IsNullOrEmpty(info.Message)) { throw new AmazonServiceException(string.Format(CultureInfo.InvariantCulture, "Unable to retrieve credentials. Message = \"{0}\".", info.Message)); } SecurityCredentials credentials = GetRoleCredentials(token); CredentialsRefreshState refreshState = new CredentialsRefreshState(new ImmutableCredentials(credentials.AccessKeyId, credentials.SecretAccessKey, credentials.Token), credentials.Expiration); return(refreshState); }
public void AuthenticateUserTestNoUsers() { SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5)); try { AuthenticateUser(sc); } catch (AuthenticationException) { Assert.IsTrue(true); return; } Assert.IsFalse(true, "The authorization should fail"); }
public void EnsurePermissionTestNoPermission() { SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5)); try { EnsurePermission(sc, Permission.ExecuteThread); } catch (AuthorizationException) { Assert.IsTrue(true); return; } Assert.IsFalse(true, "The authorization should fail"); }
private CredentialsRefreshState GetRefreshState() { SecurityInfo serviceInfo = GetServiceInfo(); if (!string.IsNullOrEmpty(serviceInfo.Message)) { throw new AmazonServiceException(string.Format(CultureInfo.InvariantCulture, "Unable to retrieve credentials. Message = \"{0}\".", serviceInfo.Message)); } SecurityCredentials roleCredentials = GetRoleCredentials(); return(new CredentialsRefreshState { Credentials = new ImmutableCredentials(roleCredentials.AccessKeyId, roleCredentials.SecretAccessKey, roleCredentials.Token), Expiration = roleCredentials.Expiration }); }
private ReplicatorSettings GetReplicatorSettings() { Trace.WriteInfo(TraceType, "Replicator address = {0}", this.replicatorAddress); SecurityCredentials securityCredentials = null; if (this.enableEndpointV2) { securityCredentials = SecurityCredentials.LoadClusterSettings(); } return(new ReplicatorSettings { ReplicatorAddress = this.replicatorAddress, SecurityCredentials = securityCredentials }); }
public bool CheckPermission(SecurityCredentials sc, Permission perm) { if (sc == null) { return(false); } UserStorageView user = null; IObjectContainer container = GetStorage(); int groupId = -1; try { IList <UserStorageView> users = container.Query <UserStorageView>(delegate(UserStorageView userFinder) { return(String.Compare(userFinder.Username, sc.Username, true) == 0 && userFinder.PasswordMd5Hash == sc.Password); }); if (users.Count > 0) { user = users[0]; } if (user == null) { return(false); } else { groupId = user.GroupId; } } finally { container.Close(); } foreach (Permission permission in GetGroupPermissions(groupId)) { // in the SQL implementation the higher leverl permissions are considered to // include the lower leverl permissions if ((int)permission >= (int)perm) { return(true); } } return(false); }
public void AuthenticateUserTestSimpleScenario() { int groupId = 12; UserStorageView[] users = new UserStorageView[1]; users[0] = new UserStorageView("username1", "password1", groupId); _managerStorage.AddUsers(users); SecurityCredentials sc = new SecurityCredentials("username1", HashUtil.GetHash("password1", HashType.MD5)); AuthenticateUser(sc); // the above throws an exception if something is wrong so we are doing OK if we get this far Assert.IsTrue(true); }
public static void Main(string[] args) { Program appel = new Program(); SecurityCredentials credentials = new SecurityCredentials() { AccessKeyId = _awsAccessKeyID, SecretAccessKey = _awsSecretAccessKey, Token = _awsSecretToken }; AwsSignedWebRequest request = AwsSignedWebRequest.Create(_myUri); request.Region = _awsRegionName; request.Method = "POST"; request.ContentType = "application/json"; String jsonPayload = "SOME_PAYLOAD"; var sw = new StreamWriter(request.GetRequestStream(), new ASCIIEncoding()); sw.Write(jsonPayload); //WebProxy proxy = new WebProxy(); //proxy.Address = new Uri("http://185.132.178.204:8080"); // Public proxy //request.Proxy = proxy; try { HttpWebResponse response = (HttpWebResponse)request.GetResponse(credentials); Console.WriteLine("{0} {1}", (int)response.StatusCode, response.StatusDescription); Console.WriteLine(); using (StreamReader responseReader = new StreamReader(response.GetResponseStream())) { Console.WriteLine(responseReader.ReadToEnd()); } } catch (WebException e) { Console.WriteLine(e.Message); using (StreamReader responseReader = new StreamReader(e.Response.GetResponseStream())) { Console.WriteLine(responseReader.ReadToEnd()); } } }
public bool ValidateCredentials(SecurityCredentials credentials) { // sure, any user is valid! why not? return true; }