public virtual IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password)
{
newUser.ValidateNewUser(password);
return(Exec(db =>
{
AssertNoExistingUser(db, newUser, existingUser);
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
HostContext.Resolve <IHashProvider>().GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHa1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
digestHash = new DigestAuthFunctions().CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.DigestHa1Hash = digestHash;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
db.Save((TUserAuth)newUser);
return newUser;
}));
}
private static void PopulateDigestAuthHash(this IUserAuth newUser, string password, IUserAuth existingUser = null)
{
var createDigestAuthHashes = HostContext.GetPlugin <AuthFeature>()?.CreateDigestAuthHashes;
if (createDigestAuthHashes == true)
{
if (existingUser == null)
{
var digestHelper = new DigestAuthFunctions();
newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
else
{
newUser.DigestHa1Hash = existingUser.DigestHa1Hash;
// If either one changes the digest hash has to be recalculated
if (password != null || existingUser.UserName != newUser.UserName)
{
newUser.DigestHa1Hash = new DigestAuthFunctions().CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
}
}
else if (createDigestAuthHashes == false)
{
newUser.DigestHa1Hash = null;
}
}
public IUserAuth CreateUserAuth(IUserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
AssertNoExistingUser(newUser);
var saltedHash = new SaltedHash();
string salt;
string hash;
saltedHash.GetHashAndSaltString(password, out hash, out salt);
var digestHelper = new DigestAuthFunctions();
newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
using (var session = _documentStore.OpenSession())
{
session.Store(newUser);
session.SaveChanges();
}
return newUser;
}
public override Task OnFailedAuthentication(IAuthSession session, IRequest httpReq, IResponse httpRes)
{
var digestHelper = new DigestAuthFunctions();
httpRes.StatusCode = (int)HttpStatusCode.Unauthorized;
httpRes.AddHeader(HttpHeaders.WwwAuthenticate,
$"{Provider} realm=\"{AuthRealm}\", nonce=\"{digestHelper.GetNonce(httpReq.UserHostAddress, PrivateKey)}\", qop=\"auth\"");
return(HostContext.AppHost.HandleShortCircuitedErrors(httpReq, httpRes, httpReq.Dto));
}
public override void OnFailedAuthentication(IAuthSession session, IRequest httpReq, IResponse httpRes)
{
var digestHelper = new DigestAuthFunctions();
httpRes.StatusCode = (int)HttpStatusCode.Unauthorized;
httpRes.AddHeader(
HttpHeaders.WwwAuthenticate,
"{0} realm=\"{1}\", nonce=\"{2}\", qop=\"auth\"".Fmt(Provider, AuthRealm, digestHelper.GetNonce(httpReq.UserHostAddress, PrivateKey)));
httpRes.EndRequest();
}
public virtual bool TryAuthenticate(Dictionary <string, string> digestHeaders, string privateKey, int nonceTimeOut, string sequence, out IUserAuth userAuth)
{
userAuth = GetUserAuthByUserName(digestHeaders["username"]);
if (userAuth == null)
{
return(false);
}
var digestHelper = new DigestAuthFunctions();
if (digestHelper.ValidateResponse(digestHeaders, privateKey, nonceTimeOut, userAuth.DigestHa1Hash, sequence))
{
this.RecordSuccessfulLogin(userAuth);
return(true);
}
this.RecordInvalidLoginAttempt(userAuth);
userAuth = null;
return(false);
}
public IUserAuth CreateUserAuth(IUserAuth newUser, string password)
{
UserEntry user = newUser as UserEntry;
ValidateNewUser(user, password);
AssertNoExistingUser(user);
var saltedHash = HostContext.Resolve<IHashProvider>();
string salt;
string hash;
saltedHash.GetHashAndSaltString(password, out hash, out salt);
user.PartitionKey = Guid.NewGuid().ToString();
user.RowKey = newUser.UserName;
user.RowKey = TableEntityHelper.RemoveDiacritics(user.RowKey);
user.RowKey = TableEntityHelper.ToAzureKeyString(user.RowKey);
//user.Id = 0;
user.PasswordHash = hash;
user.Salt = salt;
var digestHelper = new DigestAuthFunctions();
user.DigestHa1Hash = digestHelper.CreateHa1(user.UserName, DigestAuthProvider.Realm, password);
user.CreatedDate = DateTime.UtcNow;
user.ModifiedDate = user.CreatedDate;
//var userId = user.Id.ToString(CultureInfo.InvariantCulture);
//if (!newUser.UserName.IsNullOrEmpty())
//{
// redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId);
//}
//if (!newUser.Email.IsNullOrEmpty())
//{
// redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId);
//}
SaveUserAuth(user);
return user;
}
public virtual IUserAuth CreateUserAuth(IUserAuth newUser, string password)
{
newUser.ValidateNewUser(password);
return(Exec(db =>
{
AssertNoExistingUser(db, newUser);
string salt;
string hash;
HostContext.Resolve <IHashProvider>().GetHashAndSaltString(password, out hash, out salt);
var digestHelper = new DigestAuthFunctions();
newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
db.Save((TUserAuth)newUser);
newUser = db.SingleById <TUserAuth>(newUser.Id);
return newUser;
}));
}
public UserAuth CreateUserAuth(UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
using (var db = dbFactory.Open())
{
AssertNoExistingUser(db, newUser);
string salt;
string hash;
passwordHasher.GetHashAndSaltString(password, out hash, out salt);
var digestHelper = new DigestAuthFunctions();
newUser.DigestHA1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
db.Insert(newUser);
newUser = db.GetById<UserAuth>(db.GetLastInsertId());
return newUser;
};
}
public bool TryAuthenticate(Dictionary<string, string> digestHeaders, string privateKey, int nonceTimeOut, string sequence, out IUserAuth userAuth)
{
//userId = null;
userAuth = GetUserAuthByUserName(digestHeaders["username"]);
if (userAuth == null) return false;
var digestHelper = new DigestAuthFunctions();
return digestHelper.ValidateResponse(digestHeaders, privateKey, nonceTimeOut, userAuth.DigestHa1Hash, sequence);
}
public bool TryAuthenticate(Dictionary<string, string> digestHeaders, string privateKey, int nonceTimeOut, string sequence, out IUserAuth userAuth)
{
//userId = null;
userAuth = GetUserAuthByUserName(digestHeaders["username"]);
if (userAuth == null)
return false;
var digestHelper = new DigestAuthFunctions();
if (digestHelper.ValidateResponse(digestHeaders, privateKey, nonceTimeOut, userAuth.DigestHa1Hash, sequence))
{
this.RecordSuccessfulLogin(userAuth);
return true;
}
this.RecordInvalidLoginAttempt(userAuth);
userAuth = null;
return false;
}
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
using (var redis = factory.GetClient())
{
AssertNoExistingUser(redis, newUser, existingUser);
if (existingUser.UserName != newUser.UserName && existingUser.UserName != null)
{
redis.RemoveEntryFromHash(IndexUserNameToUserId, existingUser.UserName);
}
if (existingUser.Email != newUser.Email && existingUser.Email != null)
{
redis.RemoveEntryFromHash(IndexEmailToUserId, existingUser.Email);
}
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
var saltedHash = new SaltedHash();
saltedHash.GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHA1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
var digestHelper = new DigestAuthFunctions();
digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
var userId = newUser.Id.ToString(CultureInfo.InvariantCulture);
if (!newUser.UserName.IsNullOrEmpty())
redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId);
if (!newUser.Email.IsNullOrEmpty())
redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId);
redis.Store(newUser);
return newUser;
}
}
public bool TryAuthenticate(Dictionary<string, string> digestHeaders, string PrivateKey, int NonceTimeOut, string sequence, out IUserAuth userAuth)
{
//userId = null;
userAuth = GetUserAuthByUserName(digestHeaders["username"]);
if (userAuth == null) return false;
var digestHelper = new DigestAuthFunctions();
if (digestHelper.ValidateResponse(digestHeaders, PrivateKey, NonceTimeOut, userAuth.DigestHa1Hash, sequence))
{
//userId = userAuth.Id.ToString(CultureInfo.InvariantCulture);
return true;
}
userAuth = null;
return false;
}
public IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password = null)
{
ValidateNewUserWithoutPassword(newUser);
AssertNoExistingUser(newUser, existingUser);
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
var saltedHash = new SaltedHash();
saltedHash.GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHa1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
var digestHelper = new DigestAuthFunctions();
digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.DigestHa1Hash = digestHash;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
using (var session = _documentStore.OpenSession())
{
session.Store(newUser);
session.SaveChanges();
}
return newUser;
}
public UserAuth UpdateUserAuth(UserAuth existingUser, UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
using (var db = dbFactory.Open())
{
AssertNoExistingUser(db, newUser, existingUser);
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
passwordHasher.GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHA1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
var digestHelper = new DigestAuthFunctions();
digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.DigestHA1Hash = digestHash;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
db.Save(newUser);
return newUser;
}
}
public override void OnFailedAuthentication(IAuthSession session, IRequest httpReq, IResponse httpRes)
{
var digestHelper = new DigestAuthFunctions();
httpRes.StatusCode = (int) HttpStatusCode.Unauthorized;
httpRes.AddHeader(
HttpHeaders.WwwAuthenticate,
"{0} realm=\"{1}\", nonce=\"{2}\", qop=\"auth\"".Fmt(Provider, AuthRealm, digestHelper.GetNonce(httpReq.UserHostAddress, PrivateKey)));
httpRes.EndRequest();
}
public IUserAuth UpdateUserAuth(IUserAuth existingUser, IUserAuth newUser, string password)
{
newUser.ValidateNewUser(password);
AssertNoExistingUser(mongoDatabase, newUser, existingUser);
var hash = existingUser.PasswordHash;
var salt = existingUser.Salt;
if (password != null)
{
var saltedHash = HostContext.Resolve<IHashProvider>();
saltedHash.GetHashAndSaltString(password, out hash, out salt);
}
// If either one changes the digest hash has to be recalculated
var digestHash = existingUser.DigestHa1Hash;
if (password != null || existingUser.UserName != newUser.UserName)
{
var digestHelper = new DigestAuthFunctions();
digestHash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
}
newUser.Id = existingUser.Id;
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.DigestHa1Hash = digestHash;
newUser.CreatedDate = existingUser.CreatedDate;
newUser.ModifiedDate = DateTime.UtcNow;
SaveUser(newUser);
return newUser;
}
public bool TryAuthenticate (Dictionary<string, string> digestHeaders, string PrivateKey, int NonceTimeOut, string sequence, out UserAuth userAuth)
{
userAuth = GetUserAuthByUserName(digestHeaders["username"]);
if (userAuth == null) return false;
var digestHelper = new DigestAuthFunctions();
if (digestHelper.ValidateResponse(digestHeaders, PrivateKey, NonceTimeOut, userAuth.DigestHA1Hash,sequence))
{
return true;
}
userAuth = null;
return false;
}
public IUserAuth CreateUserAuth(IUserAuth newUser, string password)
{
newUser.ValidateNewUser(password);
AssertNoExistingUser(mongoDatabase, newUser);
var saltedHash = HostContext.Resolve<IHashProvider>();
string salt;
string hash;
saltedHash.GetHashAndSaltString(password, out hash, out salt);
var digestHelper = new DigestAuthFunctions();
newUser.DigestHa1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.PasswordHash = hash;
newUser.Salt = salt;
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
SaveUser(newUser);
return newUser;
}
public virtual UserAuth CreateUserAuth(UserAuth newUser, string password)
{
ValidateNewUser(newUser, password);
using (var redis = factory.GetClient())
{
AssertNoExistingUser(redis, newUser);
var saltedHash = new SaltedHash();
string salt;
string hash;
saltedHash.GetHashAndSaltString(password, out hash, out salt);
newUser.Id = redis.As<UserAuth>().GetNextSequence();
newUser.PasswordHash = hash;
newUser.Salt = salt;
var digestHelper = new DigestAuthFunctions();
newUser.DigestHA1Hash = digestHelper.CreateHa1(newUser.UserName, DigestAuthProvider.Realm, password);
newUser.CreatedDate = DateTime.UtcNow;
newUser.ModifiedDate = newUser.CreatedDate;
var userId = newUser.Id.ToString(CultureInfo.InvariantCulture);
if (!newUser.UserName.IsNullOrEmpty())
redis.SetEntryInHash(IndexUserNameToUserId, newUser.UserName, userId);
if (!newUser.Email.IsNullOrEmpty())
redis.SetEntryInHash(IndexEmailToUserId, newUser.Email, userId);
redis.Store(newUser);
return newUser;
}
}
