private void Channel_OnOpen(object sender, ChannelOpenEventArgs e) { try { session.IsAuthenticated = Channel.IsAuthenticated; if (session.IsAuthenticated) { IdentityDecoder decoder = new IdentityDecoder(session.Config.IdentityClaimType, context, session.Config.Indexes); session.Identity = decoder.Id; session.Indexes = decoder.Indexes; UserAuditRecord record = new UserAuditRecord(Channel.Id, session.Identity, session.Config.IdentityClaimType, Channel.TypeId, "MQTT", "Granted", DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); } adapter = new OrleansAdapter(session.Identity, Channel.TypeId, "MQTT", graphManager, logger); adapter.OnObserve += Adapter_OnObserve; } catch (Exception ex) { logger?.LogErrorAsync(ex, $"MQTT adapter Channel_OnOpen error on channel '{Channel.Id}'.").GetAwaiter(); OnError?.Invoke(this, new ProtocolAdapterErrorEventArgs(Channel.Id, ex)); } }
private void Channel_OnOpen(object sender, ChannelOpenEventArgs e) { AuditRecord record = new UserAuditRecord(Channel.Id, identity, config.ClientIdentityNameClaimType, Channel.TypeId, $"REST-{method}", "Granted", DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); logger?.LogDebugAsync("REST adapter channel is open.").GetAwaiter(); }
private void Adapter_OnObserve(object sender, ObserveMessageEventArgs e) { logger?.LogDebugAsync("REST adapter received observed message"); OnObserve?.Invoke(this, new ChannelObserverEventArgs(channel.Id, e.Message.ResourceUri, e.Message.ContentType, e.Message.Message)); AuditRecord record = new UserAuditRecord(channel.Id, identity, DateTime.UtcNow); userAuditor?.UpdateAuditRecordAsync(record).Ignore(); AuditRecord messageRecord = new MessageAuditRecord(e.Message.MessageId, identity, channel.TypeId, protocolType.ToString(), e.Message.Message.Length, MessageDirectionType.Out, true, DateTime.UtcNow); messageAuditor?.WriteAuditRecordAsync(messageRecord); }
private void Channel_OnClose(object sender, ChannelCloseEventArgs e) { if (!closing) { closing = true; AuditRecord record = new UserAuditRecord(Channel.Id, DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); OnClose?.Invoke(this, new ProtocolAdapterCloseEventArgs(Channel.Id)); } }
private void Channel_OnClose(object sender, ChannelCloseEventArgs e) { if (!closing) { closing = true; Trace.TraceInformation("{0} - Channel {1} closing.", DateTime.UtcNow.ToString("yyyy-MM-ddTHH-MM-ss.fffff"), Channel.Id); UserAuditRecord record = new UserAuditRecord(Channel.Id, DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); OnClose?.Invoke(this, new ProtocolAdapterCloseEventArgs(Channel.Id)); } }
private void Channel_OnClose(object sender, ChannelCloseEventArgs e) { if (!closing) { closing = true; logger?.LogWarningAsync("CoAP adapter closing channel."); UserAuditRecord record = new UserAuditRecord(Channel.Id, session.Identity, DateTime.UtcNow); userAuditor?.UpdateAuditRecordAsync(record).Ignore(); OnClose?.Invoke(this, new ProtocolAdapterCloseEventArgs(Channel.Id)); } }
private void Channel_OnOpen(object sender, ChannelOpenEventArgs e) { session.IsAuthenticated = Channel.IsAuthenticated; logger?.LogDebugAsync( $"CoAP protocol channel opening with session authenticated '{session.IsAuthenticated}'.").GetAwaiter(); try { if (!Channel.IsAuthenticated && e.Message != null) { CoapMessage msg = CoapMessage.DecodeMessage(e.Message); CoapUri coapUri = new CoapUri(msg.ResourceUri.ToString()); session.IsAuthenticated = session.Authenticate(coapUri.TokenType, coapUri.SecurityToken); logger?.LogDebugAsync( $"CoAP protocol channel opening session authenticated '{session.IsAuthenticated}' by authenticator.") .GetAwaiter(); } if (session.IsAuthenticated) { IdentityDecoder decoder = new IdentityDecoder(session.Config.IdentityClaimType, context, session.Config.Indexes); session.Identity = decoder.Id; session.Indexes = decoder.Indexes; logger?.LogDebugAsync($"CoAP protocol channel opening with session identity '{session.Identity}'.") .GetAwaiter(); UserAuditRecord record = new UserAuditRecord(Channel.Id, session.Identity, session.Config.IdentityClaimType, Channel.TypeId, "COAP", "Granted", DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); } } catch (Exception ex) { logger?.LogErrorAsync(ex, $"CoAP adapter opening channel '{Channel.Id}'.").GetAwaiter(); OnError?.Invoke(this, new ProtocolAdapterErrorEventArgs(Channel.Id, ex)); } if (!session.IsAuthenticated && e.Message != null) { logger?.LogWarningAsync("CoAP adpater closing due to unauthenticated user."); Channel.CloseAsync().Ignore(); } else { dispatcher = new CoapRequestDispatcher(session, Channel, config, graphManager, logger); } }
private void Channel_OnReceive(object sender, ChannelReceivedEventArgs e) { try { MqttMessage msg = MqttMessage.DecodeMessage(e.Message); OnObserve?.Invoke(this, new ChannelObserverEventArgs(Channel.Id, null, null, e.Message)); if (!session.IsAuthenticated) { if (!(msg is ConnectMessage message)) { throw new SecurityException("Connect message not first message"); } if (session.Authenticate(message.Username, message.Password)) { IdentityDecoder decoder = new IdentityDecoder(session.Config.IdentityClaimType, context, session.Config.Indexes); session.Identity = decoder.Id; session.Indexes = decoder.Indexes; adapter.Identity = decoder.Id; UserAuditRecord record = new UserAuditRecord(Channel.Id, session.Identity, session.Config.IdentityClaimType, Channel.TypeId, "MQTT", "Granted", DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); } else { throw new SecurityException("Session could not be authenticated."); } } else if (forcePerReceiveAuthn) { if (!session.Authenticate()) { throw new SecurityException("Per receive authentication failed."); } } ProcessMessageAsync(msg).GetAwaiter(); } catch (Exception ex) { logger?.LogErrorAsync(ex, $"MQTT adapter Channel_OnReceive error on channel '{Channel.Id}'.") .GetAwaiter(); OnError?.Invoke(this, new ProtocolAdapterErrorEventArgs(Channel.Id, ex)); } }
private void Channel_OnClose(object sender, ChannelCloseEventArgs e) { try { if (!closing) { closing = true; UserAuditRecord record = new UserAuditRecord(Channel.Id, identity, DateTime.UtcNow); userAuditor?.UpdateAuditRecordAsync(record).IgnoreException(); } OnClose?.Invoke(this, new ProtocolAdapterCloseEventArgs(e.ChannelId)); } catch { } }
public virtual async Task <PasswordResetResultType> GeneratePasswordResetToken(User user, int expirationInMinutes) { if (user == null) { throw new ArgumentNullException(nameof(user)); } if (expirationInMinutes < 1) { throw new ArgumentException( Strings.TokenExpirationShouldGiveUser1MinuteToChangePassword, nameof(expirationInMinutes)); } if (!user.Confirmed) { return(PasswordResetResultType.UserNotConfirmed); } if (!string.IsNullOrEmpty(user.PasswordResetToken) && !user.PasswordResetTokenExpirationDate.IsInThePast()) { return(PasswordResetResultType.Success); } user.PasswordResetToken = CryptographyService.GenerateToken(); user.PasswordResetTokenExpirationDate = _dateTimeProvider.UtcNow.AddMinutes(expirationInMinutes); var passwordCredential = user.Credentials.FirstOrDefault( credential => credential.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase)); UserAuditRecord auditRecord; if (passwordCredential == null) { auditRecord = new UserAuditRecord(user, AuditedUserAction.RequestPasswordReset); } else { auditRecord = new UserAuditRecord(user, AuditedUserAction.RequestPasswordReset, passwordCredential); } await Auditing.SaveAuditRecordAsync(auditRecord); await Entities.SaveChangesAsync(); return(PasswordResetResultType.Success); }
private void Channel_OnOpen(object sender, ChannelOpenEventArgs e) { session.IsAuthenticated = Channel.IsAuthenticated; try { if (!Channel.IsAuthenticated && e.Message != null) { CoapMessage msg = CoapMessage.DecodeMessage(e.Message); CoapUri coapUri = new CoapUri(msg.ResourceUri.ToString()); session.IsAuthenticated = session.Authenticate(coapUri.TokenType, coapUri.SecurityToken); } if (session.IsAuthenticated) { IdentityDecoder decoder = new IdentityDecoder(session.Config.IdentityClaimType, context, session.Config.Indexes); session.Identity = decoder.Id; session.Indexes = decoder.Indexes; UserAuditRecord record = new UserAuditRecord(Channel.Id, session.Identity, session.Config.IdentityClaimType, Channel.TypeId, "COAP", "Granted", DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); } } catch (Exception ex) { logger?.LogError(ex, $"CoAP adapter opening channel '{Channel.Id}'."); OnError?.Invoke(this, new ProtocolAdapterErrorEventArgs(Channel.Id, ex)); } if (!session.IsAuthenticated && e.Message != null) { //close the channel logger?.LogInformation($"CoAP adapter user not authenticated; must close channel '{Channel.Id}'."); Channel.CloseAsync().Ignore(); } else { dispatcher = new CoapRequestDispatcher(session, Channel); } }
private void Channel_OnReceive(object sender, ChannelReceivedEventArgs e) { try { CoapMessage message = CoapMessage.DecodeMessage(e.Message); if (!session.IsAuthenticated || forcePerReceiveAuthn) { session.EnsureAuthentication(message, forcePerReceiveAuthn); UserAuditRecord record = new UserAuditRecord(Channel.Id, session.Identity, session.Config.IdentityClaimType, Channel.TypeId, "COAP", "Granted", DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); } OnObserve?.Invoke(this, new ChannelObserverEventArgs(Channel.Id, message.ResourceUri.ToString(), MediaTypeConverter.ConvertFromMediaType(message.ContentType), message.Payload)); Task task = Task.Factory.StartNew(async() => { CoapMessageHandler handler = CoapMessageHandler.Create(session, message, dispatcher); CoapMessage msg = await handler.ProcessAsync(); if (msg != null) { byte[] payload = msg.Encode(); await Channel.SendAsync(payload); } }); task.LogExceptions(); } catch (Exception ex) { logger?.LogErrorAsync(ex, $"CoAP adapter receiveing on channel '{Channel.Id}'.").GetAwaiter(); OnError?.Invoke(this, new ProtocolAdapterErrorEventArgs(Channel.Id, ex)); Channel.CloseAsync().Ignore(); } }
public void FiltersOutUnsupportedCredentials() { // Arrange var credentialBuilder = new CredentialBuilder(); var credentials = new List <Credential> { credentialBuilder.CreatePasswordCredential("v3"), TestCredentialHelper.CreatePbkdf2Password("pbkdf2"), TestCredentialHelper.CreateSha1Password("sha1"), TestCredentialHelper.CreateV1ApiKey(Guid.NewGuid(), Fakes.ExpirationForApiKeyV1), TestCredentialHelper.CreateV2ApiKey(Guid.NewGuid(), Fakes.ExpirationForApiKeyV1), TestCredentialHelper.CreateV2VerificationApiKey(Guid.NewGuid()), credentialBuilder.CreateExternalCredential("MicrosoftAccount", "blarg", "Bloog"), new Credential { Type = "unsupported" } }; var user = new User { Username = "******", Credentials = credentials }; // Act var userAuditRecord = new UserAuditRecord(user, AuditedUserAction.AddCredential); // Assert var auditRecords = userAuditRecord.Credentials.ToDictionary(c => c.Type); Assert.Equal(7, auditRecords.Count); Assert.True(auditRecords.ContainsKey(credentials[0].Type)); Assert.True(auditRecords.ContainsKey(credentials[1].Type)); Assert.True(auditRecords.ContainsKey(credentials[2].Type)); Assert.True(auditRecords.ContainsKey(credentials[3].Type)); Assert.True(auditRecords.ContainsKey(credentials[4].Type)); Assert.True(auditRecords.ContainsKey(credentials[5].Type)); Assert.True(auditRecords.ContainsKey(credentials[6].Type)); }
private async Task DeleteUser(dynamic user, SqlConnection conn) { var userRecord = await conn.QueryDatatable( "SELECT * FROM [Users] WHERE [Key] = @key", new SqlParameter("@key", user.Key)); var auditRecord = new UserAuditRecord( user.Username, user.EmailAddress ?? user.UnconfirmedEmailAddress + " (unconfirmed)", userRecord, UserAuditAction.Deleted, Reason); await Console.WriteInfoLine(Strings.User_WritingAuditRecord, auditRecord.GetPath()); if (!WhatIf) { await auditRecord.WriteAuditRecord("user", StorageAccount); } await DeleteUserData(user, conn); await Console.WriteInfoLine(Strings.User_DeleteCommand_DeletionCompleted); }
private void Channel_OnOpen(object sender, ChannelOpenEventArgs e) { if (!Channel.IsAuthenticated) //requires channel authentication { OnError?.Invoke(this, new ProtocolAdapterErrorEventArgs(Channel.Id, new SecurityException("Not authenticated."))); Channel.CloseAsync().Ignore(); return; } if (e.Message.Method != HttpMethod.Post && e.Message.Method != HttpMethod.Get) { Channel.CloseAsync().Ignore(); OnError?.Invoke(this, new ProtocolAdapterErrorEventArgs(Channel.Id, new SecurityException("Rest protocol adapter requires GET or POST only."))); } MessageUri uri = new MessageUri(e.Message); IdentityDecoder decoder = new IdentityDecoder(config.ClientIdentityNameClaimType, context, config.GetClientIndexes()); identity = decoder.Id; adapter = new OrleansAdapter(decoder.Id, "HTTP", "REST"); adapter.OnObserve += Adapter_OnObserve; HttpRequestMessage request = (HttpRequestMessage)e.Message; AuditRecord record = new UserAuditRecord(Channel.Id, identity, config.ClientIdentityNameClaimType, Channel.TypeId, String.Format("REST-{0}", request.Method.ToString()), "Granted", DateTime.UtcNow); userAuditor?.WriteAuditRecordAsync(record).Ignore(); if (request.Method == HttpMethod.Get) { foreach (var item in uri.Subscriptions) { Task t = Task.Factory.StartNew(async() => { await SubscribeAsync(item, decoder.Id, decoder.Indexes); }); t.LogExceptions(); } } if (request.Method == HttpMethod.Post) { byte[] buffer = request.Content.ReadAsByteArrayAsync().Result; Task t = Task.Factory.StartNew(async() => { EventMetadata metadata = await GraphManager.GetPiSystemMetadataAsync(uri.Resource); EventMessage message = new EventMessage(uri.ContentType, uri.Resource, ProtocolType.REST, buffer, DateTime.UtcNow, metadata.Audit); if (!string.IsNullOrEmpty(uri.CacheKey)) { message.CacheKey = uri.CacheKey; } List <KeyValuePair <string, string> > indexList = uri.Indexes == null ? null : new List <KeyValuePair <string, string> >(uri.Indexes); await PublishAsync(decoder.Id, message, indexList); await Channel.CloseAsync(); }); t.LogExceptions(); } }