private static UserInfo GetUser(string userName, string password, string provider, string accessToken, out bool viaEmail) { viaEmail = true; var action = MessageAction.LoginFailViaApi; UserInfo user; try { if (string.IsNullOrEmpty(provider) || provider == "email") { userName.ThrowIfNull(new ArgumentException(@"userName empty", "userName")); password.ThrowIfNull(new ArgumentException(@"password empty", "password")); var localization = new LdapLocalization(Resource.ResourceManager); var ldapUserManager = new LdapUserManager(localization); if (!ldapUserManager.TryGetAndSyncLdapUserInfo(userName, password, out user)) { user = CoreContext.UserManager.GetUsers( CoreContext.TenantManager.GetCurrentTenant().TenantId, userName, Hasher.Base64Hash(password, HashAlg.SHA256)); } if (user == null || !CoreContext.UserManager.UserExists(user.ID)) { throw new Exception("user not found"); } } else { viaEmail = false; action = MessageAction.LoginFailViaApiSocialAccount; var thirdPartyProfile = ProviderManager.GetLoginProfile(provider, accessToken); userName = thirdPartyProfile.EMail; user = LoginWithThirdParty.GetUserByThirdParty(thirdPartyProfile); } } catch { MessageService.Send(Request, string.IsNullOrEmpty(userName) ? userName : AuditResource.EmailNotSpecified, action); throw new AuthenticationException("User authentication failed"); } var tenant = CoreContext.TenantManager.GetCurrentTenant(); var settings = IPRestrictionsSettings.Load(); if (settings.Enable && user.ID != tenant.OwnerId && !IPSecurity.IPSecurity.Verify(tenant)) { throw new IPSecurityException(); } return(user); }
private static UserInfo GetUser(string userName, string password, string provider, string accessToken, out bool viaEmail) { viaEmail = true; var action = MessageAction.LoginFailViaApi; try { UserInfo user; if (string.IsNullOrEmpty(provider) || provider == "email") { userName.ThrowIfNull(new ArgumentException("userName empty", "userName")); password.ThrowIfNull(new ArgumentException("password empty", "password")); if (!ActiveDirectoryUserImporter.TryGetLdapUserInfo(userName, password, out user)) { user = CoreContext.UserManager.GetUsers( CoreContext.TenantManager.GetCurrentTenant().TenantId, userName, Hasher.Base64Hash(password, HashAlg.SHA256)); } if (user == null || !CoreContext.UserManager.UserExists(user.ID)) { throw new Exception("user not found"); } return(user); } viaEmail = false; action = MessageAction.LoginFailViaApiSocialAccount; var thirdPartyProfile = ProviderManager.GetLoginProfile(provider, accessToken); userName = thirdPartyProfile.EMail; user = LoginWithThirdParty.GetUserByThirdParty(thirdPartyProfile); return(user); } catch { MessageService.Send(Request, string.IsNullOrEmpty(userName) ? userName : AuditResource.EmailNotSpecified, action); throw new AuthenticationException("User authentication failed"); } }
private static UserInfo GetUserInfo(Token token, out bool isNew) { isNew = false; if (token == null) { Global.Logger.Error("GoogleDriveApp: token is null"); throw new SecurityException("Access token is null"); } LoginProfile loginProfile = null; try { loginProfile = new GoogleLoginProvider().GetLoginProfile(token.ToString()); } catch (Exception ex) { Global.Logger.Error("GoogleDriveApp: userinfo request", ex); } if (loginProfile == null) { Global.Logger.Error("Error in userinfo request"); return(null); } var userInfo = CoreContext.UserManager.GetUserByEmail(loginProfile.EMail); if (Equals(userInfo, Constants.LostUser)) { userInfo = LoginWithThirdParty.ProfileToUserInfo(loginProfile); var cultureName = loginProfile.Locale; if (string.IsNullOrEmpty(cultureName)) { cultureName = Thread.CurrentThread.CurrentUICulture.Name; } var cultureInfo = SetupInfo.EnabledCultures.Find(c => String.Equals(c.Name, cultureName, StringComparison.InvariantCultureIgnoreCase)); if (cultureInfo != null) { userInfo.CultureName = cultureInfo.Name; } else { Global.Logger.DebugFormat("From google app new personal user '{0}' without culture {1}", userInfo.Email, cultureName); } try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); userInfo = UserManagerWrapper.AddUser(userInfo, UserManagerWrapper.GeneratePassword()); } finally { SecurityContext.Logout(); } isNew = true; Global.Logger.Debug("GoogleDriveApp: new user " + userInfo.ID); } return(userInfo); }
private static UserInfo GetUser(string userName, string password, string provider, string accessToken, out bool viaEmail) { viaEmail = true; var action = MessageAction.LoginFailViaApi; UserInfo user; try { if (string.IsNullOrEmpty(provider) || provider == "email") { userName.ThrowIfNull(new ArgumentException(@"userName empty", "userName")); password.ThrowIfNull(new ArgumentException(@"password empty", "password")); int counter; int.TryParse(Cache.Get <String>("loginsec/" + userName), out counter); if (++counter > 5 && !SetupInfo.IsSecretEmail(userName)) { throw new Authorize.BruteForceCredentialException(); } Cache.Insert("loginsec/" + userName, counter.ToString(CultureInfo.InvariantCulture), DateTime.UtcNow.Add(TimeSpan.FromMinutes(1))); var localization = new LdapLocalization(Resource.ResourceManager); var ldapUserManager = new LdapUserManager(localization); if (!ldapUserManager.TryGetAndSyncLdapUserInfo(userName, password, out user)) { user = CoreContext.UserManager.GetUsers( CoreContext.TenantManager.GetCurrentTenant().TenantId, userName, Hasher.Base64Hash(password, HashAlg.SHA256)); } if (user == null || !CoreContext.UserManager.UserExists(user.ID)) { throw new Exception("user not found"); } Cache.Insert("loginsec/" + userName, (--counter).ToString(CultureInfo.InvariantCulture), DateTime.UtcNow.Add(TimeSpan.FromMinutes(1))); } else { viaEmail = false; action = MessageAction.LoginFailViaApiSocialAccount; var thirdPartyProfile = ProviderManager.GetLoginProfile(provider, accessToken); userName = thirdPartyProfile.EMail; user = LoginWithThirdParty.GetUserByThirdParty(thirdPartyProfile); } } catch (Authorize.BruteForceCredentialException) { MessageService.Send(Request, !string.IsNullOrEmpty(userName) ? userName : AuditResource.EmailNotSpecified, MessageAction.LoginFailBruteForce); throw new AuthenticationException("Login Fail. Too many attempts"); } catch { MessageService.Send(Request, !string.IsNullOrEmpty(userName) ? userName : AuditResource.EmailNotSpecified, action); throw new AuthenticationException("User authentication failed"); } var tenant = CoreContext.TenantManager.GetCurrentTenant(); var settings = IPRestrictionsSettings.Load(); if (settings.Enable && user.ID != tenant.OwnerId && !IPSecurity.IPSecurity.Verify(tenant)) { throw new IPSecurityException(); } return(user); }