public virtual async Task <AuthenticatedUser> Authenticate(string userNameOrEmail, string password)
        {
            using (_trace.Activity("Authenticate:" + userNameOrEmail))
            {
                var user = FindByUserNameOrEmail(userNameOrEmail);

                // Check if the user exists
                if (user == null)
                {
                    _trace.Information("No such user: "******"Password validation failed: " + userNameOrEmail);
                    return(null);
                }

                var passwordCredentials = user
                                          .Credentials
                                          .Where(c => c.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase))
                                          .ToList();
                if (passwordCredentials.Count > 1 || !passwordCredentials.Any(c => String.Equals(c.Type, CredentialTypes.Password.Pbkdf2, StringComparison.OrdinalIgnoreCase)))
                {
                    await MigrateCredentials(user, passwordCredentials, password);
                }

                // Return the result
                _trace.Verbose("Successfully authenticated '" + user.Username + "' with '" + matched.Type + "' credential");
                return(new AuthenticatedUser(user, matched));
            }
        }
        public async Task <PackageStatus> StartValidationAsync(Package package)
        {
            if (_appConfiguration.ReadOnlyMode)
            {
                throw new ReadOnlyModeException(Strings.CannotEnqueueDueToReadOnly);
            }

            var data = new PackageValidationMessageData(
                package.PackageRegistration.Id,
                package.Version,
                Guid.NewGuid());

            var activityName = $"Enqueuing asynchronous package validation: " +
                               $"{data.PackageId} {data.PackageVersion} ({data.ValidationTrackingId})";

            using (_diagnosticsSource.Activity(activityName))
            {
                await _enqueuer.StartValidationAsync(data);
            }

            if (_appConfiguration.BlockingAsynchronousPackageValidationEnabled)
            {
                return(PackageStatus.Validating);
            }

            return(PackageStatus.Available);
        }
        public async Task <PackageStatus> StartValidationAsync(TPackageEntity package)
        {
            var validatingType = ValidateAndGetType(package);

            var entityKey = package.Key == default(int) ? (int?)null : package.Key;
            var data      = PackageValidationMessageData.NewProcessValidationSet(
                package.Id,
                package.Version,
                Guid.NewGuid(),
                validatingType,
                entityKey: entityKey);

            var activityName = $"Enqueuing asynchronous package validation: " +
                               $"{data.ProcessValidationSet.PackageId} {data.ProcessValidationSet.PackageVersion} " +
                               $"{data.ProcessValidationSet.ValidatingType} ({data.ProcessValidationSet.ValidationTrackingId})";

            using (_diagnosticsSource.Activity(activityName))
            {
                var postponeProcessingTill = DateTimeOffset.UtcNow + _appConfiguration.AsynchronousPackageValidationDelay;

                await _validationEnqueuer.SendMessageAsync(data, postponeProcessingTill);
            }

            return(TargetPackageStatus);
        }
        public async Task <PackageStatus> StartValidationAsync(TPackageEntity package)
        {
            if (_appConfiguration.ReadOnlyMode)
            {
                throw new ReadOnlyModeException(Strings.CannotEnqueueDueToReadOnly);
            }

            ValidatingType validatingType;
            var            entityKey = package.Key == default(int) ? (int?)null : package.Key;

            if (package is Package)
            {
                validatingType = ValidatingType.Package;
            }
            else if (package is SymbolPackage)
            {
                validatingType = ValidatingType.SymbolPackage;
            }
            else
            {
                throw new ArgumentException($"Unknown IPackageEntity type: {nameof(package)}");
            }

            var data = new PackageValidationMessageData(
                package.Id,
                package.Version,
                Guid.NewGuid(),
                validatingType,
                entityKey: entityKey);

            var activityName = $"Enqueuing asynchronous package validation: " +
                               $"{data.PackageId} {data.PackageVersion} {data.ValidatingType} ({data.ValidationTrackingId})";

            using (_diagnosticsSource.Activity(activityName))
            {
                var postponeProcessingTill = DateTimeOffset.UtcNow + _appConfiguration.AsynchronousPackageValidationDelay;

                await _validationEnqueuer.StartValidationAsync(data, postponeProcessingTill);
            }

            if (_appConfiguration.BlockingAsynchronousPackageValidationEnabled)
            {
                return(PackageStatus.Validating);
            }

            return(PackageStatus.Available);
        }
        public async Task <PackageStatus> StartValidationAsync(Package package)
        {
            if (_appConfiguration.ReadOnlyMode)
            {
                throw new ReadOnlyModeException(Strings.CannotEnqueueDueToReadOnly);
            }

            var data = new PackageValidationMessageData(
                package.PackageRegistration.Id,
                package.Version,
                Guid.NewGuid());

            var activityName = $"Enqueuing asynchronous package validation: " +
                               $"{data.PackageId} {data.PackageVersion} ({data.ValidationTrackingId})";

            using (_diagnosticsSource.Activity(activityName))
            {
                await _enqueuer.StartValidationAsync(data);
            }

            // For now, don't require asynchronous validation before the package is available for consumption.
            // Related: https://github.com/NuGet/NuGetGallery/issues/4744
            return(PackageStatus.Available);
        }
Esempio n. 6
0
        public virtual async Task <PasswordAuthenticationResult> Authenticate(string userNameOrEmail, string password)
        {
            using (_trace.Activity("Authenticate"))
            {
                var user = FindByUserNameOrEmail(userNameOrEmail);

                // Check if the user exists
                if (user == null)
                {
                    _trace.Information("No such user.");

                    await Auditing.SaveAuditRecordAsync(
                        new FailedAuthenticatedOperationAuditRecord(
                            userNameOrEmail, AuditedAuthenticatedOperationAction.FailedLoginNoSuchUser));

                    return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.BadCredentials));
                }

                if (user is Organization)
                {
                    _trace.Information("Cannot authenticate organization account.");

                    await Auditing.SaveAuditRecordAsync(
                        new FailedAuthenticatedOperationAuditRecord(
                            userNameOrEmail, AuditedAuthenticatedOperationAction.FailedLoginUserIsOrganization));

                    return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.BadCredentials));
                }

                int remainingMinutes;

                if (IsAccountLocked(user, out remainingMinutes))
                {
                    _trace.Information($"Login failed. User account is locked for the next {remainingMinutes} minutes.");

                    return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.AccountLocked,
                                                            authenticatedUser: null, lockTimeRemainingMinutes: remainingMinutes));
                }

                // Validate the password
                Credential matched;
                if (!ValidatePasswordCredential(user.Credentials, password, out matched))
                {
                    _trace.Information("Password validation failed.");

                    await UpdateFailedLoginAttempt(user);

                    await Auditing.SaveAuditRecordAsync(
                        new FailedAuthenticatedOperationAuditRecord(
                            userNameOrEmail, AuditedAuthenticatedOperationAction.FailedLoginInvalidPassword));

                    return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.BadCredentials));
                }

                var passwordCredentials = user
                                          .Credentials
                                          .Where(c => c.IsPassword())
                                          .ToList();

                if (passwordCredentials.Count > 1 ||
                    !passwordCredentials.Any(c => string.Equals(c.Type, CredentialBuilder.LatestPasswordType, StringComparison.OrdinalIgnoreCase)))
                {
                    await MigrateCredentials(user, passwordCredentials, password);
                }

                // Reset failed login count upon successful login
                await UpdateSuccessfulLoginAttempt(user);

                // Return the result
                _trace.Verbose("User successfully authenticated with '" + matched.Type + "' credential");
                return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.Success, new AuthenticatedUser(user, matched)));
            }
        }
Esempio n. 7
0
        public virtual async Task <PasswordAuthenticationResult> Authenticate(string userNameOrEmail, string password)
        {
            using (_trace.Activity("Authenticate:" + userNameOrEmail))
            {
                var user = FindByUserNameOrEmail(userNameOrEmail);

                // Check if the user exists
                if (user == null)
                {
                    var ldapUser = this.Ldap.ValidateUsernameAndPassword(userNameOrEmail, password);

                    if (ldapUser != null)
                    {
                        _trace.Information($"Creating user from LDAP credentials: {userNameOrEmail}");
                        var ldapCredential = _credentialBuilder.CreateExternalCredential(AuthenticationTypes.LdapUser, ldapUser.Username, ldapUser.Identity);

                        var authUser = await this.Register(ldapUser.Username, ldapUser.Email, ldapCredential);

                        return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.Success, authUser));
                    }

                    _trace.Information("No such user: "******"Login failed. User account {userNameOrEmail} is locked for the next {remainingMinutes} minutes.");

                    return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.AccountLocked,
                                                            authenticatedUser: null, lockTimeRemainingMinutes: remainingMinutes));
                }

                // Validate the password
                Credential matched;
                if (!ValidatePasswordCredential(user.Credentials, password, out matched))
                {
                    var isValid = this.Ldap.ValidateCredentials(user.Credentials, password, out matched);
                    if (isValid)
                    {
                        _trace.Verbose($"Successfully authenticated '{user.Username}' with '{matched.Type}' credential");
                        return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.Success, new AuthenticatedUser(user, matched)));
                    }

                    _trace.Information($"Password validation failed: {userNameOrEmail}");

                    await UpdateFailedLoginAttempt(user);

                    await Auditing.SaveAuditRecordAsync(
                        new FailedAuthenticatedOperationAuditRecord(
                            userNameOrEmail, AuditedAuthenticatedOperationAction.FailedLoginInvalidPassword));

                    return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.BadCredentials));
                }

                var passwordCredentials = user
                                          .Credentials
                                          .Where(c => CredentialTypes.IsPassword(c.Type))
                                          .ToList();

                if (passwordCredentials.Count > 1 ||
                    !passwordCredentials.Any(c => string.Equals(c.Type, CredentialBuilder.LatestPasswordType, StringComparison.OrdinalIgnoreCase)))
                {
                    await MigrateCredentials(user, passwordCredentials, password);
                }

                // Reset failed login count upon successful login
                await UpdateSuccessfulLoginAttempt(user);

                // Return the result
                _trace.Verbose("Successfully authenticated '" + user.Username + "' with '" + matched.Type + "' credential");
                return(new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.Success, new AuthenticatedUser(user, matched)));
            }
        }