/// <summary> /// Add a new user account into the database return ACCOUNT_CREATION_SUCCEEDED if succeeded, /// otherwise an error code. /// </summary> public override string CreateAccount(string userName, object pwd, PasswordFormat format, IDictionary options, bool isImplicitPassword) { if (userName == null) throw new ArgumentNullException("userName"); string password = pwd as string; if (password == null) throw new ArgumentNullException("password"); if (format == null) throw new ArgumentNullException("format"); if (options == null) throw new ArgumentNullException("options"); if ((userName.Length < MIN_USERNAME_LENGTH) || (password.Length < MIN_PASSWORD_LENGTH) || (userName.Length > MAX_USERNAME_LENGTH) || (password.Length > MAX_PASSWORD_LENGTH)) return AccountCreationResult.INVALID_PARAMETERS.ToString(); // first test if the account already exists if (GetPassword(userName, format, options) != null) return AccountCreationResult.ACCOUNT_ALREADY_EXISTS.ToString(); bool bClear = true; if (PasswordFormat.DigestAuthA1.Equals(format)) { bClear = false; } else { if (!PasswordFormat.ClearText.Equals(format)) return AccountCreationResult.INVALID_PARAMETERS.ToString(); } string shortUserName = SettingsHelper.PopString(options, IGMADAM_USERSHORTNAME); if ((shortUserName == null) || (shortUserName.Length == 0)) { int nIdxOfAr = userName.IndexOf('@'); if (nIdxOfAr < 0) shortUserName = userName; else shortUserName = userName.Substring(0, nIdxOfAr); } else if (shortUserName.Contains("@")) shortUserName = shortUserName.Split('@')[0]; string userRights = SettingsHelper.PopString(options, IGMADAM_USERPRIVILEGE); if ((userRights == null) || (userRights.Length == 0)) return AccountCreationResult.INVALID_PARAMETERS.ToString(); if (userRights == DatabaseUserSecurityAuthority.IGMADAM_USERPRIVILEGE_GUEST){ if (isImplicitPassword) { string hash = UserSecurityAuthority.GetPasswordDigest(shortUserName, RealmName, DatabaseUserSecurityAuthority.IGMADAM_PUBLICKEY + userName.Split('@')[0]); if (password != hash) return AccountCreationResult.INVALID_PARAMETERS.ToString(); } else password = UserSecurityAuthority.GetPasswordDigest(shortUserName, RealmName, DatabaseUserSecurityAuthority.IGMADAM_PUBLICKEY + password); } try { using (IDbConnection connection = (IDbConnection)Activator.CreateInstance(_connectionType)) { connection.ConnectionString = ConnectionString; IDbCommand command = connection.CreateCommand(); command.CommandText = "INSERT INTO Users(" + IGMADAM_USERNAME + ", [" + IGMADAM_PASSWORD + "], [" + IGMADAM_USERSHORTNAME + "], [" + IGMADAM_PASSWORDFORMAT + "], [" + IGMADAM_USERPRIVILEGE + "], [" + IGMADAM_ACTIVATIONSTATUS + "]) VALUES("; command.CommandText += "'" + userName + "', "; command.CommandText += "'" + password + "', "; command.CommandText += "'" + shortUserName + "', "; command.CommandText += "'" + (bClear ? PasswordFormat.ClearText.ToString() : PasswordFormat.DigestAuthA1.ToString()) + "', "; command.CommandText += "'" + userRights + "',"; command.CommandText += "'" + IGMADAM_ACTIVATIONSTATUS_PENDING + "');"; command.CommandType = _commandType; command.Connection.Open(); command.ExecuteScalar(); } } catch (Exception exc) { return exc.ToString(); } return AccountCreationResult.ACCOUNT_CREATION_SUCCEEDED.ToString(); }
/// <summary> /// Determines whether a particular password format is supported /// or not. /// </summary> bool IUserPasswordProvider.SupportsFormat(PasswordFormat format) { if (format == null) throw new ArgumentNullException("format"); if (PasswordFormat.ClearText.Equals(format)) return _exposeClearTextPasswords; return format.Equals(PasswordFormat.DigestAuthA1); }
/// <summary> /// Create an account for the specified username and password, given the format of the /// password and the authentication scheme. Account details are specified in the options. /// </summary> /// <remarks> /// The password may be either in a ClearText or a DigestAuthA1 format. /// return ACCOUNT_CREATION_SUCCEEDED if succeeded, /// otherwise an error code. /// </remarks> public virtual string CreateAccount(string userName, object password, PasswordFormat format, IDictionary options, bool isImplicitPassword) { return AccountCreationResult.CANNOT_ACCESS_DATABASE.ToString(); }
/// <summary> /// Retrieves the password of the user in the desired format /// or null if the user does not exist. /// </summary> public object GetPassword(string userName, PasswordFormat format, IDictionary options) { if (format == null) throw new ArgumentNullException("format"); if (PasswordFormat.ClearText.Equals(format)) return GetClearTextPassword(userName); if (PasswordFormat.DigestAuthA1.Equals(format)) return GetDigestPassword(userName, options); throw new PasswordFormatNotSupportedException(); }
public string CreateAccount(string userName, object password, PasswordFormat format, IDictionary options, bool isImplicitPassword) { return AccountCreationResult.FAILED_FOR_UNKNOWN_REASON.ToString(); }