/// <summary>
/// Returns IHashedUser object, with hashed passowrd and salt.
/// Takes Salt lenght as int - Default 32.
/// </summary>
/// <param name="username">Username string</param>
/// <param name="password">Password string</param>
/// <param name="saltSize">Salt lenght as int - default 32</param>
/// <returns></returns>
public IHashedUser CreateHashedUser(string username, string password)
{
// Check if user input is valid.
if (username == string.Empty || username == "")
{
throw new ArgumentNullException("Username");
}
if (password == string.Empty || password == "")
{
throw new ArgumentNullException("Password");
}
// Generate secure salt.
ISaltGenerator saltGenerator = SaltGeneratorFactory.GetSaltGenerator();
byte[] salt = saltGenerator.GenerateSalt(this._settings.SaltSize);
// Create return object.
IHashedUser hashedUser = new HashedUser();
hashedUser.Username = username; // Set username from user input.
hashedUser.Password = password;
hashedUser.Salt = Convert.ToBase64String(salt); // Set SaltByteArray with value generated above.
// Instanziate hashing class - Select hashing method.
hashedUser = this._hashingMethod.HashUserObject(hashedUser); // Returns hashed user - inlcuding password.
return(hashedUser);
}
public virtual void initialize()
{
runtimeService = engineRule.RuntimeService;
identityService = engineRule.IdentityService;
processEngineConfiguration = engineRule.ProcessEngineConfiguration;
camundaDefaultEncryptor = processEngineConfiguration.PasswordEncryptor;
camundaDefaultPasswordChecker = processEngineConfiguration.CustomPasswordChecker;
camundaDefaultSaltGenerator = processEngineConfiguration.SaltGenerator;
}
public AccountController(IAuthenticationProvider<CustomPrincipal> authenticationProvider,
Context context,
ISaltGenerator saltGenerator,
IPasswordSalter passwordSalter)
{
_authenticationProvider = authenticationProvider;
this._context = context;
_saltGenerator = saltGenerator;
_passwordSalter = passwordSalter;
}
/// <summary>
/// Initializes an instance of the <see cref="UserService"/> class.
/// </summary>
/// <param name="userRepository">The user repository.</param>
/// <param name="credentialRepository">The credential repository.</param>
/// <param name="credentialTypeRepository">The credential type repository.</param>
/// <param name="hasher">The hasher.</param>
/// <param name="saltGenerator">The salt generator.</param>
/// <param name="accessTokenService">The access token service.</param>
public UserService(
IRepository <User> userRepository,
IRepository <Credential> credentialRepository,
IRepository <CredentialType> credentialTypeRepository,
IHasher hasher,
ISaltGenerator saltGenerator,
IAccessTokenService accessTokenService)
{
_userRepository = userRepository;
_credentialRepository = credentialRepository;
_credentialTypeRepository = credentialTypeRepository;
_hasher = hasher;
_saltGenerator = saltGenerator;
_accessTokenService = accessTokenService;
}
private void Init()
{
_hashSHA1Generator = AlgorithmFactory.GetHasher(EHashType.SHA_1);
_hashSHA256Generator = AlgorithmFactory.GetHasher(EHashType.SHA_256);
hashSHA512Generator = AlgorithmFactory.GetHasher(EHashType.SHA_512);
defaultHashGenerator = hashSHA512Generator;
signHMACSHA1Generator = AlgorithmFactory.GetSigner(ESignType.HMAC_SHA1);
signHMACSHA256Generator = AlgorithmFactory.GetSigner(ESignType.HMAC_SHA256);
_saltGenerator = new SecureRNGAdapter();
_asymmetricCryptGenerator = new RSAAdapter();
Encoder = Encoding.UTF8;
aes128 = AlgorithmFactory.GetSymmetricTransformCrypt(ESymmetricTransformCryptType.AES_128);
aes256 = AlgorithmFactory.GetSymmetricTransformCrypt(ESymmetricTransformCryptType.AES_256);
}
public Pbes2KeyWrapper(PasswordBasedJwk key, EncryptionAlgorithm encryptionAlgorithm, KeyManagementAlgorithm algorithm, uint iterationCount, uint saltSizeInBytes, ISaltGenerator saltGenerator)
: base(encryptionAlgorithm, algorithm)
{
Debug.Assert(key.SupportKeyManagement(algorithm));
Debug.Assert(algorithm.Category == AlgorithmCategory.Pbkdf2);
Debug.Assert(algorithm.WrappedAlgorithm != null);
Debug.Assert(algorithm.HashAlgorithm != null);
_algorithm = algorithm.Name;
_keySizeInBytes = algorithm.WrappedAlgorithm.RequiredKeySizeInBits >> 3;
_algorithmNameLength = _algorithm.EncodedUtf8Bytes.Length;
_hashAlgorithm = algorithm.HashAlgorithm;
_keyManagementAlgorithm = algorithm.WrappedAlgorithm;
_password = key.ToArray();
_iterationCount = iterationCount;
_saltSizeInBytes = (int)saltSizeInBytes;
_saltGenerator = saltGenerator;
}
public UserManager(
IRepository <ApplicationUser> applicationUserRepository,
IRepository <CredentialType> credentialTypeRepository,
IRepository <Credential> credentialRepository,
IRepository <Role> roleRepository,
IRepository <UserRole> userRoleRepository,
IRepository <RolePermission> rolePermissionRepository,
IRepository <Permission> permissionRepository,
IHttpContextAccessor contextAccessor,
IHasher hasher,
ISaltGenerator saltGenerator)
{
_applicationUserRepository = applicationUserRepository;
_credentialTypeRepository = credentialTypeRepository;
_credentialRepository = credentialRepository;
_roleRepository = roleRepository;
_userRoleRepository = userRoleRepository;
_rolePermissionRepository = rolePermissionRepository;
_permissionRepository = permissionRepository;
_contextAccessor = contextAccessor;
_hasher = hasher;
_saltGenerator = saltGenerator;
}
/// <summary>
/// Instantiate a new instance of the UserManager class.
/// </summary>
/// <param name="saltGenerator">Salt generator used to salt user passwords.</param>
/// <param name="passwordHasher">Password hasher used to salt and hash user passwords.</param>
public UserManager(ISaltGenerator saltGenerator, IPasswordHasher passwordHasher)
{
_saltGenerator = saltGenerator;
_passwordHasher = passwordHasher;
}
/// <summary>
/// Initializes a new hash generator with specified options and salt generator.
/// </summary>
/// <param name="options">Hashing options to use.</param>
/// <param name="saltGenerator">Salt generator to use.</param>
public HashGenerator(HashGeneratorOptions options, ISaltGenerator saltGenerator)
{
_options = options;
_saltGenerator = saltGenerator;
}
public static IServiceCollection AddApplicationServices(this IServiceCollection serviceCollection)
{
serviceCollection.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
serviceCollection.AddSingleton <IFactory <AppDbContext>, ApplicationDbFactory>();
serviceCollection.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.ExpireTimeSpan = TimeSpan.FromDays(7);
}
);
#region Cryptography
serviceCollection.AddSingleton <IHasher, Pbkdf2Hasher>();
serviceCollection.AddSingleton <ISaltGenerator, RandomSaltGenerator>();
#endregion Cryptography
#region Validators
serviceCollection.AddTransient <IEntityValidator <Follower>, FollowerValidator>();
serviceCollection.AddTransient <IEntityValidator <Collection>, CollectionValidator>();
serviceCollection.AddTransient <IEntityValidator <SharedMeme>, SharedMemeValidator>();
serviceCollection.AddTransient <IEntityValidator <Meme>, MemeValidator>();
serviceCollection.AddTransient <IEntityValidator <MemeLike>, MemeLikeValidator>();
serviceCollection.AddTransient <IEntityValidator <CollectionItemDetail>, CollectionItemDetailValidator>();
serviceCollection.AddTransient <IEntityValidator <CollectionSubscriber>, CollectionSubscriberValidator>();
serviceCollection.AddTransient <IEntityValidator <ApplicationUser>, ApplicationUserValidator>();
serviceCollection.AddTransient <IEntityValidator <Comment>, CommentValidator>();
serviceCollection.AddTransient <IEntityValidator <Credential>, CredentialValidator>();
serviceCollection.AddTransient <IEntityValidator <CredentialType>, CredentialTypeValidator>();
serviceCollection.AddTransient <IEntityValidator <Role>, RoleValidator>();
serviceCollection.AddTransient <IEntityValidator <UserRole>, UserRoleValidator>();
serviceCollection.AddTransient <IEntityValidator <RolePermission>, RolePermissionValidator>();
serviceCollection.AddTransient <IEntityValidator <Permission>, PermissionValidator>();
#endregion Validators
#region Repositories
serviceCollection.AddTransient <IRepository <Meme>, MemeRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <Meme> entityValidator = serviceProvider.GetService <IEntityValidator <Meme> >();
return(new MemeRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <Follower>, FollowerRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <Follower> entityValidator = serviceProvider.GetService <IEntityValidator <Follower> >();
return(new FollowerRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <Collection>, CollectionRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <Collection> entityValidator = serviceProvider.GetService <IEntityValidator <Collection> >();
return(new CollectionRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <SharedMeme>, SharedMemeRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <SharedMeme> entityValidator = serviceProvider.GetService <IEntityValidator <SharedMeme> >();
return(new SharedMemeRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <ApplicationUser>, UserRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <ApplicationUser> entityValidator = serviceProvider.GetService <IEntityValidator <ApplicationUser> >();
return(new UserRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <MemeLike>, MemeLikeRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <MemeLike> entityValidator = serviceProvider.GetService <IEntityValidator <MemeLike> >();
return(new MemeLikeRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <CollectionItemDetail>, CollectionItemDetailRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <CollectionItemDetail> entityValidator = serviceProvider.GetService <IEntityValidator <CollectionItemDetail> >();
return(new CollectionItemDetailRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <CollectionSubscriber>, CollectionSubscriberRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <CollectionSubscriber> entityValidator = serviceProvider.GetService <IEntityValidator <CollectionSubscriber> >();
return(new CollectionSubscriberRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <Comment>, CommentRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <Comment> entityValidator = serviceProvider.GetService <IEntityValidator <Comment> >();
return(new CommentRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <Credential>, CredentialRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <Credential> entityValidator = serviceProvider.GetService <IEntityValidator <Credential> >();
return(new CredentialRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <CredentialType>, CredentialTypeRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <CredentialType> entityValidator = serviceProvider.GetService <IEntityValidator <CredentialType> >();
return(new CredentialTypeRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <Role>, RoleRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <Role> entityValidator = serviceProvider.GetService <IEntityValidator <Role> >();
return(new RoleRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <UserRole>, UserRoleRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <UserRole> entityValidator = serviceProvider.GetService <IEntityValidator <UserRole> >();
return(new UserRoleRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <RolePermission>, RolePermissionRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <RolePermission> entityValidator = serviceProvider.GetService <IEntityValidator <RolePermission> >();
return(new RolePermissionRepository(applicationDbFactory.Create(), entityValidator));
});
serviceCollection.AddTransient <IRepository <Permission>, PermissionRepository>(serviceProvider =>
{
IFactory <AppDbContext> applicationDbFactory = serviceProvider.GetService <IFactory <AppDbContext> >();
IEntityValidator <Permission> entityValidator = serviceProvider.GetService <IEntityValidator <Permission> >();
return(new PermissionRepository(applicationDbFactory.Create(), entityValidator));
});
#endregion Repositories
#region Managers
serviceCollection.AddScoped <IUserManager, UserManager>(serviceProvider =>
{
IRepository <ApplicationUser> applicationUserRepository = serviceProvider.GetService <IRepository <ApplicationUser> >();
IRepository <Credential> credentialRepository = serviceProvider.GetService <IRepository <Credential> >();
IRepository <CredentialType> credentialTypeRepository = serviceProvider.GetService <IRepository <CredentialType> >();
IRepository <Role> roleRepository = serviceProvider.GetService <IRepository <Role> >();
IRepository <UserRole> userRoleRepository = serviceProvider.GetService <IRepository <UserRole> >();
IRepository <RolePermission> rolePermissionRepository = serviceProvider.GetService <IRepository <RolePermission> >();
IRepository <Permission> permissionRepository = serviceProvider.GetService <IRepository <Permission> >();
IHttpContextAccessor httpContextAccessor = serviceProvider.GetService <IHttpContextAccessor>();
IHasher hasher = serviceProvider.GetService <IHasher>();
ISaltGenerator saltGenerator = serviceProvider.GetService <ISaltGenerator>();
return(new UserManager(applicationUserRepository, credentialTypeRepository, credentialRepository, roleRepository, userRoleRepository, rolePermissionRepository, permissionRepository, httpContextAccessor, hasher, saltGenerator));
});
#endregion Managers
#region Services
//serviceCollection.AddTransient<IExternalMemeFetcherService, ExternalMemeFetcherService>();
serviceCollection.AddTransient <IMemeFetcherService, LocalMemeFetcherService>();
serviceCollection.AddTransient <IMemeService, MemeService>(serviceProvider =>
{
IRepository <Meme> memeRepository = serviceProvider.GetService <IRepository <Meme> >();
IMemeFetcherService memeFetcherService = serviceProvider.GetService <IMemeFetcherService>();
return(new MemeService(memeFetcherService, memeRepository));
});
serviceCollection.AddTransient <ICollectionService, CollectionService>(serviceProvider =>
{
IRepository <Collection> collectionRepository = serviceProvider.GetService <IRepository <Collection> >();
return(new CollectionService(collectionRepository));
});
serviceCollection.AddTransient <IUserService, UserService>(serviceProvider =>
{
IRepository <ApplicationUser> userRepository = serviceProvider.GetService <IRepository <ApplicationUser> >();
IRepository <Follower> followerRepository = serviceProvider.GetService <IRepository <Follower> >();
IUserManager userManager = serviceProvider.GetService <IUserManager>();
return(new UserService(userManager, userRepository, followerRepository));
});
serviceCollection.AddTransient <IFollowerService, FollowerService>(serviceProvider =>
{
IRepository <Follower> followerRepository = serviceProvider.GetService <IRepository <Follower> >();
IRepository <ApplicationUser> applicationUserRepository = serviceProvider.GetService <IRepository <ApplicationUser> >();
return(new FollowerService(followerRepository, applicationUserRepository));
});
serviceCollection.AddTransient <IMemeSharingService, MemeSharingService>(serviceProvider =>
{
IRepository <SharedMeme> sharedMemeRepository = serviceProvider.GetService <IRepository <SharedMeme> >();
IRepository <ApplicationUser> userRepository = serviceProvider.GetService <IRepository <ApplicationUser> >();
return(new MemeSharingService(sharedMemeRepository, userRepository));
});
serviceCollection.AddTransient <IMemeLikingService, MemeLikingService>(serviceProvider =>
{
IRepository <MemeLike> memeLikeRepository = serviceProvider.GetService <IRepository <MemeLike> >();
return(new MemeLikingService(memeLikeRepository));
});
serviceCollection.AddTransient <ICollectionItemDetailService, CollectionItemDetailService>(serviceProvider =>
{
IRepository <CollectionItemDetail> collectionItemDetailRepository = serviceProvider.GetService <IRepository <CollectionItemDetail> >();
IRepository <Collection> collectionRepository = serviceProvider.GetService <IRepository <Collection> >();
IRepository <Meme> memeRepository = serviceProvider.GetService <IRepository <Meme> >();
return(new CollectionItemDetailService(collectionItemDetailRepository, collectionRepository, memeRepository));
});
serviceCollection.AddTransient <ICollectionSubscriberService, CollectionSubscriberService>(serviceProvider =>
{
IRepository <CollectionSubscriber> collectionSubscriberRepository = serviceProvider.GetService <IRepository <CollectionSubscriber> >();
return(new CollectionSubscriberService(collectionSubscriberRepository));
});
serviceCollection.AddTransient <ITempDataService, TempDataService>(serviceProvider =>
{
ICollectionService collectionService = serviceProvider.GetService <ICollectionService>();
IFollowerService followerService = serviceProvider.GetService <IFollowerService>();
return(new TempDataService(collectionService, followerService));
});
serviceCollection.AddTransient <ICommentService, CommentService>(serviceProvider =>
{
IRepository <Comment> commentRepository = serviceProvider.GetService <IRepository <Comment> >();
IRepository <Meme> memeRepository = serviceProvider.GetService <IRepository <Meme> >();
return(new CommentService(commentRepository, memeRepository));
});
#endregion Services
return(serviceCollection);
}
public static ScryptResult Encode(byte[] password, int iterationCount, int blockSize, int threadCount, ISaltGenerator saltGenerator)
{
var saltBytes = new byte[SaltLength];
saltGenerator.GetSaltBytes(saltBytes);
return(Encode(password, iterationCount, blockSize, threadCount, saltBytes));
}
