/// <summary>
/// Init Login Data with the current Authentication Request
/// </summary>
public Login(CswWebSvcSessionAuthenticateData.Authentication.Request Request, CswNbtObjClassUser User = null)
{
AuthenticationRequest = Request;
Username = AuthenticationRequest.UserName;
IPAddress = AuthenticationRequest.IpAddress;
setStatus(Request.AuthenticationStatus, User);
}
public CswNbtWebServiceSession.CswNbtAuthReturn SessionInit(CswWebSvcSessionAuthenticateData.Authentication.Request Request)
{
Request.Parameters = Request.Parameters ?? new CswWebSvcSessionAuthenticateData.Authentication.Parameters();
Request.Parameters.IsIncludedInLoginData = false;
Session Session = new Session();
return(Session.Init(Request));
}
private CswAuthorizationToken _authenticate(CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest)
{
CswAuthorizationToken Token = null;
BasicHttpBinding AuthorizationBinding = new BasicHttpBinding();
EndpointAddress AuthorizationEndpoint = new EndpointAddress(_CswNbtResources.SetupVbls[CswEnumSetupVariableNames.WebSvcAuthorizationPath]);
var AuthorizationChannelFactory = new ChannelFactory <ICswAuthorizationWebSvc>(AuthorizationBinding, AuthorizationEndpoint);
ICswAuthorizationWebSvc Service = AuthorizationChannelFactory.CreateChannel();
Token = Service.Get(AuthenticationRequest);
return(Token);
}
public CswNbtWebServiceSession.CswNbtAuthReturn Init(CswWebSvcSessionAuthenticateData.Authentication.Request Request)
{
//delegate has to be static because you can't create an instance yet: you don't have resources until the delegate is actually called
CswNbtWebServiceSession.CswNbtAuthReturn Ret = new CswNbtWebServiceSession.CswNbtAuthReturn();
var InitDriverType = new CswWebSvcDriver <CswNbtWebServiceSession.CswNbtAuthReturn, CswWebSvcSessionAuthenticateData.Authentication.Request>(
CswWebSvcResourceInitializer: new CswWebSvcResourceInitializerNbt(_Context, Request),
ReturnObj: Ret,
WebSvcMethodPtr: CswNbtWebServiceSession.getDefaults,
ParamObj: Request
);
InitDriverType.run();
return(Ret);
}
public void AuthenticateWithSchemaTest_AuthenticatedMixedCase()
{
CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest = new CswWebSvcSessionAuthenticateData.Authentication.Request();
AuthenticationRequest.UserName = "******";
AuthenticationRequest.Password = "******";
AuthenticationRequest.IpAddress = "127.0.0.1";
TestData.Nodes.createUserNode("GooDuseR", "goodpw1!");
CswEnumAuthenticationStatus Expected = CswEnumAuthenticationStatus.Authenticated;
ICswUser User;
AuthenticationRequest.AuthenticationStatus = CswEnumAuthenticationStatus.Failed;
AuthenticationRequest.AuthenticationStatus = _SchemaAuthenticator.AuthenticateWithSchema(_CswEncryption, AuthenticationRequest, out User);
Assert.AreEqual(Expected.ToString(), AuthenticationRequest.AuthenticationStatus.ToString(), "User was not authenticated.");
}
public void AuthenticateWithSchemaTest_FailedArchived()
{
CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest = new CswWebSvcSessionAuthenticateData.Authentication.Request {
UserName = "******", Password = "******", IpAddress = "127.0.0.1"
};
TestData.Nodes.createUserNode("gooduser", "goodpw1!", isArchived: CswEnumTristate.True);
CswEnumAuthenticationStatus Expected = CswEnumAuthenticationStatus.Archived;
ICswUser User;
AuthenticationRequest.AuthenticationStatus = CswEnumAuthenticationStatus.Failed;
AuthenticationRequest.AuthenticationStatus = _SchemaAuthenticator.AuthenticateWithSchema(_CswEncryption, AuthenticationRequest, out User);
Assert.AreEqual(Expected.ToString(), AuthenticationRequest.AuthenticationStatus.ToString(), "User was not archived.");
}
public void LogAuthenticationAttempt(CswNbtObjClassUser UserNode, CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest)
{
if (false == AuthenticationRequest.SuppressLog)
{
Int32 FailedLoginCount = null != UserNode?UserNode.getFailedLoginCount() : 0;
LoginData.Login LoginRecord = new LoginData.Login(AuthenticationRequest, UserNode)
{
LoginDate = DateTime.Now.ToString(),
FailedLoginCount = FailedLoginCount
};
CswNbtActLoginData _CswNbtActLoginData = new CswNbtActLoginData(_CswNbtResources);
_CswNbtActLoginData.postLoginData(LoginRecord);
}
}
public void AuthenticateWithSchemaTest_FailedBadPasswordMixedCase()
{
CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest = new CswWebSvcSessionAuthenticateData.Authentication.Request {
UserName = "******", Password = "******", IpAddress = "127.0.0.1"
};
TestData.Nodes.createUserNode("gooduser", "goodpw1!");
CswEnumAuthenticationStatus Expected = CswEnumAuthenticationStatus.Failed;
ICswUser User;
AuthenticationRequest.AuthenticationStatus = CswEnumAuthenticationStatus.Failed;
AuthenticationRequest.AuthenticationStatus = _SchemaAuthenticator.AuthenticateWithSchema(_CswEncryption, AuthenticationRequest, out User);
Assert.AreEqual(Expected.ToString(), AuthenticationRequest.AuthenticationStatus.ToString(), "User did not fail authentication as expected.");
}
private CswNbtObjClassUser _authorizeUser(CswEncryption CswEncryption, CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest)
{
CswNbtObjClassUser ret = null;
CswNbtObjClassUser UserNode = _CswNbtResources.Nodes.makeUserNodeFromUsername(AuthenticationRequest.UserName, RequireViewPermissions: false);
if (UserNode != null && false == UserNode.IsArchived() && false == UserNode.IsAccountLocked())
{
CswAuthorizationToken token = _authenticate(AuthenticationRequest);
if (null != token)
{
if (token.Authorized)
{
UserNode.clearFailedLoginCount(); //We don't keep track of this when using WebSvc Authentication, but if this gets set ot something other than 0 this user won't be able to log in
UserNode.LastLogin.DateTimeValue = DateTime.Now;
if (null != token.UserId)
{
UserNode.EmployeeId.Text = token.UserId;
}
if (null != token.FirstName)
{
UserNode.FirstNameProperty.Text = token.FirstName;
}
if (null != token.LastName)
{
UserNode.LastNameProperty.Text = token.LastName;
}
if (null != token.Email)
{
UserNode.EmailProperty.Text = token.Email;
}
if (null != token.CostCode)
{
UserNode.CostCode.Text = token.CostCode;
}
UserNode.postChanges(false);
ret = UserNode;
}
else if (false == string.IsNullOrEmpty(token.ErrorMsg))
{
_CswNbtResources.logMessage(token.ErrorMsg);
}
}
}
return(ret);
}
public CswNbtWebServiceLocations.CswNbtLocationReturn list(bool IsMobile = true)
{
//delegate has to be static because you can't create an instance yet: you don't have resources until the delegate is actually called
CswNbtWebServiceLocations.CswNbtLocationReturn Ret = new CswNbtWebServiceLocations.CswNbtLocationReturn();
CswWebSvcSessionAuthenticateData.Authentication.Request AuthRequest = new CswWebSvcSessionAuthenticateData.Authentication.Request();
AuthRequest.RequiredModules.Add(CswEnumNbtModuleName.SI);
var SvcDriver = new CswWebSvcDriver <CswNbtWebServiceLocations.CswNbtLocationReturn, bool>(
CswWebSvcResourceInitializer: new CswWebSvcResourceInitializerNbt(_Context),
ReturnObj: Ret,
WebSvcMethodPtr: CswNbtWebServiceLocations.getLocationsListMobile,
ParamObj: IsMobile
);
SvcDriver.run();
return(Ret);
}
private CswNbtObjClassUser _authorizeUser(CswEncryption CswEncryption, CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest)
{
CswNbtObjClassUser UserNode = _CswNbtResources.Nodes.makeUserNodeFromUsername(AuthenticationRequest.UserName, RequireViewPermissions: false);
if (UserNode != null)
{
string encryptedpassword = CswEncryption.getMd5Hash(AuthenticationRequest.Password);
if (UserNode.EncryptedPassword == encryptedpassword)
{
UserNode.clearFailedLoginCount();
UserNode.LastLogin.DateTimeValue = DateTime.Now;
}
else
{
UserNode.incFailedLoginCount();
}
UserNode.postChanges(false);
}
return(UserNode);
}
public CswEnumAuthenticationStatus AuthenticateWithSchema(CswEncryption CswEncryption, CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest, out ICswUser AuthenticatedUser)
{
CswNbtSchemaAuthenticationLogic AuthenticationLogic = new CswNbtSchemaAuthenticationLogic(_CswNbtResources);
CswNbtObjClassUser UserNode = null;
if (AuthenticationRequest.AuthenticationStatus != CswEnumAuthenticationStatus.TooManyUsers)
{
UserNode = _authorizeUser(CswEncryption, AuthenticationRequest);
AuthenticationRequest.AuthenticationStatus = AuthenticationLogic.GetAuthStatus(UserNode);
}
AuthenticationLogic.LogAuthenticationAttempt(UserNode, AuthenticationRequest);
AuthenticatedUser = UserNode;
return(AuthenticationRequest.AuthenticationStatus);
}
public static void getDefaults(ICswResources CswResources, CswNbtAuthReturn Ret, CswWebSvcSessionAuthenticateData.Authentication.Request Request)
{
getUserDefaults(CswResources, Ret, Request);
SchemaDetails SchemaDetails = _checkSchemaVersion((CswNbtResources)CswResources);
Ret.Data.SchemaData = SchemaDetails;
}
public CswNbtSessionAuthenticate(CswNbtResources Resources, CswSessionManager SessionManager, CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest)
{
_CswNbtResources = Resources;
_CswSessionManager = SessionManager;
_AuthenticationRequest = AuthenticationRequest;
} // constructor
public CswWebSvcResourceInitializerNbt(HttpContext HttpContext, CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest = null) //TODO: add Username/Password
{
_HttpContext = HttpContext;
_AuthenticationRequest = AuthenticationRequest ?? new CswWebSvcSessionAuthenticateData.Authentication.Request();
_setHttpContextOnRequest();
}
public CswEnumAuthenticationStatus Authenticate(CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest)
{
return(Master.Authenticate(AuthenticationRequest));
}
public CswEnumAuthenticationStatus Authenticate(CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest)
{
AuthenticationRequest.IpAddress = CswWebSvcCommonMethods.getIpAddress();
return(CswSessionManager.beginSession(AuthenticationRequest));
}//Authenticate()
