Exemple #1
0
        public async Task <AuthenticateResponse> CredentialSignOn(string UserName, string password, bool rememberLogin = true)
        {
            InnerCredentials credentials = new InnerCredentials()
            {
                Username = UserName, Password = password
            };

            if (!credentials.IsValid)
            {
                credentials = DecodeUserCredentials();
            }

            AuthenticateResponse authRes = null;

            if (credentials.IsValid)
            {
                authRes = await AuthClient.PostAsync(new Authenticate { provider = "credentials", UserName = credentials.Username, Password = credentials.Password, RememberMe = rememberLogin });
            }

            if (authRes != null)
            {
                EncodeUserCredentials(credentials);
            }
            return(authRes);
        }
Exemple #2
0
        /// <summary>
        /// Decrypts the credentials saved in the settings of the client user.
        /// </summary>
        /// <returns>it returns the decrypted credentials if they were found</returns>
        private InnerCredentials DecodeUserCredentials()
        {
            InnerCredentials resCredentials = new InnerCredentials();

            //read the file as bytes
            try
            {
                if (UserClientSettings == null || UserClientSettings.Salt.IsNullOrEmpty())
                {
                    return(resCredentials);
                }

                byte[] entropy = Encoding.Default.GetBytes(UserClientSettings.Salt);

                //utf8 breaks things as the check is done in bytes not utf bytes
                byte[] ciphBytes = Encoding.Default.GetBytes(UserClientSettings.Credentials);//.ToUtf8Bytes();

                byte[] credBytes = ProtectedData.Unprotect(ciphBytes, entropy, DataProtectionScope.CurrentUser);

                string credString = Encoding.Default.GetString(credBytes);//.FromUtf8Bytes();
                resCredentials = credString.FromJsv <InnerCredentials>();

                //clear the bytes so they are empty in memory
                Array.Clear(entropy, 0, entropy.Length);
                entropy = null;
                Array.Clear(credBytes, 0, credBytes.Length);
                credBytes = null;
                Array.Clear(ciphBytes, 0, ciphBytes.Length);
                ciphBytes = null;

                return(resCredentials);
            }
            catch (Exception ex)
            {
                Logger.Error("Login credentials not valid.", ex);
                return(new InnerCredentials());
            }
        }
Exemple #3
0
        /// <summary>
        /// Encodes the Credentials passes through the authenticator.
        /// </summary>
        /// <param name="credentials"></param>
        private void EncodeUserCredentials(InnerCredentials credentials)
        {
            if (UserClientSettings == null)
            {
                LoadUserClientSettings();
            }

            // Generate additional entropy (will be used as the Initialization vector)
            byte[] entropy = new byte[24];
            using (RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider())
            { rng.GetBytes(entropy); }

            //set the settings salt value
            UserClientSettings.Salt = Encoding.Default.GetString(entropy);

            // Data to protect. Convert a to string and encrypt.
            string credJson = credentials.ToSafeJsv();

            byte[] credBytes = Encoding.Default.GetBytes(credJson);

            //encrypt
            byte[] cipherCred = ProtectedData.Protect(credBytes, entropy, DataProtectionScope.CurrentUser);

            //string the cipher to save in file
            UserClientSettings.Credentials = Encoding.Default.GetString(cipherCred);

            SaveUserClientSettings();

            //clear the bytes so they are empty in memory
            Array.Clear(entropy, 0, entropy.Length);
            entropy = null;
            Array.Clear(credBytes, 0, credBytes.Length);
            credBytes = null;
            Array.Clear(cipherCred, 0, cipherCred.Length);
            cipherCred = null;
        }